Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a623a3a2f34382d3438203d3e20323135373435.roa
File: 326131343a373538303a623a3a2f34382d3438203d3e20323135373435.roa (raw, json)
Hash identifier: VsH60DCnUd+opnMooBvT50zICXorxTLjDxD6fhQgHXk=
Subject key identifier: AB:FF:42:C3:38:D3:FD:3F:61:71:D3:E2:E5:44:77:E1:A2:AF:FF:4D
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 441F0CC546033422732FCB9CD500BBEB55B68ADF
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a623a3a2f34382d3438203d3e20323135373435.roa
Signing time: Sat 20 Jan 2024 02:50:54 +0000
ROA not before: Sat 20 Jan 2024 02:45:54 +0000
ROA not after: Sat 18 Jan 2025 02:50:54 +0000
asID: 215745
IP address blocks: 2a14:7580:b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Jun 2024 20:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:1f:0c:c5:46:03:34:22:73:2f:cb:9c:d5:00:bb:eb:55:b6:8a:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jan 20 02:45:54 2024 GMT
Not After : Jan 18 02:50:54 2025 GMT
Subject: CN=ABFF42C338D3FD3F6171D3E2E54477E1A2AFFF4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f4:07:37:71:6a:80:c6:29:24:4f:7e:27:87:
93:f8:f0:2a:57:84:51:f5:2a:a3:15:62:c2:98:53:
d8:d2:2e:20:ee:14:36:f1:8b:09:aa:ae:df:de:16:
64:44:8b:60:70:44:93:ff:04:36:95:3d:4d:7b:a6:
7f:90:27:be:c7:d7:9d:ef:5e:f2:80:4d:ca:77:ce:
dc:aa:dc:3b:77:6b:76:4d:60:d7:e3:30:b9:38:dd:
db:0a:75:9f:71:d7:84:65:20:b1:c7:7a:c8:55:1f:
9c:48:59:b2:68:8f:f5:a3:bd:cf:d2:fd:1d:d8:b0:
af:bf:06:6f:4d:2f:a5:71:71:02:17:ce:53:50:61:
48:05:cd:74:b4:50:54:19:7f:08:ec:4e:bc:44:0b:
2f:ac:f5:d2:50:71:a6:aa:42:c5:b0:94:2d:93:24:
c2:34:c2:e6:2d:db:71:49:c8:a4:ba:a2:91:d8:5f:
2b:e2:d3:df:c9:f4:d9:73:2a:e2:20:ce:4e:7a:a6:
1c:d4:25:b3:b9:d9:29:58:4d:58:1a:c5:88:66:98:
22:d7:77:5f:ad:6d:52:38:d0:8c:60:b7:b6:10:ba:
04:c2:04:45:70:3d:96:56:d8:91:4d:79:5a:5b:1a:
c3:af:6f:07:e7:74:f1:5f:00:e9:57:64:ac:f5:4e:
7f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:FF:42:C3:38:D3:FD:3F:61:71:D3:E2:E5:44:77:E1:A2:AF:FF:4D
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a623a3a2f34382d3438203d3e20323135373435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:b::/48
Signature Algorithm: sha256WithRSAEncryption
9d:d1:b7:2e:a8:18:90:ee:4e:ca:8b:f2:f3:f2:d4:7e:25:91:
21:27:64:47:60:ad:f0:b7:ac:da:4d:60:39:dc:4f:69:a6:50:
2c:8b:fa:ae:d3:b7:a3:c6:12:6f:2d:7e:a6:a9:a5:c7:7b:64:
98:0c:a0:30:33:35:b3:02:eb:ca:2d:32:9c:5c:b5:01:44:dc:
23:5f:bd:1e:e5:d3:cf:1a:06:be:39:a4:e4:18:c8:27:a4:1d:
63:16:3f:b9:ff:7d:7c:41:d8:6c:18:06:01:f5:21:e7:0b:55:
f8:6c:0f:9b:00:d4:74:01:1d:5e:fb:14:82:22:85:0a:28:0d:
87:3e:c1:49:49:cf:fd:66:f3:38:4f:a5:57:5e:af:87:8e:80:
9d:dc:7f:01:f9:17:3a:b8:62:43:a4:25:a7:2b:18:dd:97:5c:
ba:cb:12:7c:63:4d:0f:12:6e:4e:b8:93:eb:8b:97:6e:94:2a:
05:df:46:30:5d:cc:35:45:4a:52:36:d6:1b:ce:26:04:51:f1:
77:db:e6:e4:33:a1:98:a7:2a:89:5a:2a:c5:9e:ff:70:15:fb:
a1:c8:65:05:c3:cd:c9:50:a3:9f:8d:5f:b5:98:fa:ee:1e:73:
84:3d:4c:15:88:47:1b:e9:80:0f:c0:ef:6a:d3:ca:f0:1b:06:
0e:ac:7a:4a
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIURB8MxUYDNCJzL8uc1QC761W2it8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDAxMjAwMjQ1NTRaFw0yNTAxMTgwMjUwNTRaMDMxMTAvBgNV
BAMTKEFCRkY0MkMzMzhEM0ZEM0Y2MTcxRDNFMkU1NDQ3N0UxQTJBRkZGNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy9Ac3cWqAxikkT34nh5P48CpX
hFH1KqMVYsKYU9jSLiDuFDbxiwmqrt/eFmREi2BwRJP/BDaVPU17pn+QJ77H153v
XvKATcp3ztyq3Dt3a3ZNYNfjMLk43dsKdZ9x14RlILHHeshVH5xIWbJoj/Wjvc/S
/R3YsK+/Bm9NL6VxcQIXzlNQYUgFzXS0UFQZfwjsTrxECy+s9dJQcaaqQsWwlC2T
JMI0wuYt23FJyKS6opHYXyvi09/J9NlzKuIgzk56phzUJbO52SlYTVgaxYhmmCLX
d1+tbVI40Ixgt7YQugTCBEVwPZZW2JFNeVpbGsOvbwfndPFfAOlXZKz1Tn8fAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUq/9CwzjT/T9hcdPi5UR34aKv/00wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMw
M2E2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNTM3MzQzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoUdYAACzANBgkqhkiG9w0BAQsFAAOCAQEAndG3LqgYkO5Oyovy8/LUfiWR
ISdkR2Ct8Les2k1gOdxPaaZQLIv6rtO3o8YSby1+pqmlx3tkmAygMDM1swLryi0y
nFy1AUTcI1+9HuXTzxoGvjmk5BjIJ6QdYxY/uf99fEHYbBgGAfUh5wtV+GwPmwDU
dAEdXvsUgiKFCigNhz7BSUnP/WbzOE+lV16vh46Andx/AfkXOrhiQ6QlpysY3Zdc
ussSfGNNDxJuTriT64uXbpQqBd9GMF3MNUVKUjbWG84mBFHxd9vm5DOhmKcqiVoq
xZ7/cBX7ochlBcPNyVCjn41ftZj67h5zhD1MFYhHG+mAD8DvatPK8BsGDqx6Sg==
-----END CERTIFICATE-----
Generated at Sat Jun 15 05:39:13 2024 by rpki-client on console-ams.rpki-client.org