Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a633030303a3a2f33362d3438203d3e20323135383332.roa
File: 326131343a373538303a633030303a3a2f33362d3438203d3e20323135383332.roa (raw, json)
Hash identifier: leGHObTV9I54XMW1m2JfVcFxr743eYFmUL4jBs3tgNQ=
Subject key identifier: CD:84:30:18:1A:9A:4B:FB:0B:C5:16:27:4C:17:50:94:B5:5A:94:7E
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 69DF3305EA7EA225681B64524D1D55C0168CA901
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a633030303a3a2f33362d3438203d3e20323135383332.roa
Signing time: Thu 07 Nov 2024 12:48:19 +0000
ROA not before: Thu 07 Nov 2024 12:43:19 +0000
ROA not after: Thu 06 Nov 2025 12:48:19 +0000
asID: 215832
IP address blocks: 2a14:7580:c000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:df:33:05:ea:7e:a2:25:68:1b:64:52:4d:1d:55:c0:16:8c:a9:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Nov 7 12:43:19 2024 GMT
Not After : Nov 6 12:48:19 2025 GMT
Subject: CN=CD8430181A9A4BFB0BC516274C175094B55A947E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:dd:ae:56:4e:2c:68:16:5f:74:b6:62:1e:2c:
1b:88:22:23:c7:b6:04:cd:91:6c:79:0f:a3:f7:bf:
00:39:dc:4d:09:42:6f:77:8b:aa:39:56:cd:30:3d:
4b:34:6d:c5:6e:99:ca:eb:03:33:84:4b:20:b9:3b:
25:21:76:99:a8:18:bc:6a:27:80:30:7f:ba:6c:ad:
4b:38:b0:18:ac:b2:06:96:42:f2:27:7e:49:f6:43:
83:6d:95:1f:85:40:86:ef:06:02:3d:55:97:42:a3:
bf:8a:44:00:c5:67:68:87:13:c3:49:73:6f:21:4d:
fe:1d:11:1f:fd:22:d8:4f:c9:fc:a0:e9:07:00:18:
9d:b2:51:d7:57:d9:e4:61:f2:68:d0:89:00:8f:13:
f5:6f:e0:f2:fe:70:47:68:4b:9d:64:6a:1d:fb:72:
31:35:7a:bd:5a:a3:5b:51:9b:04:2f:d9:8c:47:3f:
d0:73:3d:08:f5:23:4c:75:de:87:bb:b0:02:66:18:
cf:79:89:e2:8b:6e:60:77:56:d1:7c:bd:77:fc:ad:
c7:e0:e7:fa:3a:9a:cd:86:14:84:cf:bc:97:33:8a:
83:96:da:88:32:7f:a3:ef:a2:c5:58:9f:f4:53:23:
c9:35:96:0e:90:06:8d:8d:4d:56:6d:8d:e8:cf:1c:
57:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:84:30:18:1A:9A:4B:FB:0B:C5:16:27:4C:17:50:94:B5:5A:94:7E
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a633030303a3a2f33362d3438203d3e20323135383332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:c000::/36
Signature Algorithm: sha256WithRSAEncryption
5d:87:03:2b:d7:60:5c:00:67:a2:bc:09:4f:90:14:61:a8:62:
7c:c6:fd:e9:c2:dc:6b:c0:ca:0d:d4:76:40:31:87:df:d0:47:
e9:7a:39:fb:87:8b:f1:2b:5a:82:10:d5:8e:2a:1d:d7:f2:45:
e2:40:ba:44:4d:96:23:68:da:29:5f:9d:8f:6f:d1:76:d3:44:
f1:4a:d4:b3:41:d2:1b:01:22:ea:bb:8e:bb:27:73:cd:60:ca:
6b:d6:f8:4b:07:fa:8d:eb:8f:2a:d2:eb:30:df:ee:f1:f5:99:
13:25:2f:3d:1f:3d:75:5a:be:b6:da:da:83:eb:f3:28:8d:b0:
f8:1b:22:d5:96:48:07:7b:4b:a3:f5:ac:2a:21:90:84:31:6c:
4c:d5:5f:b9:ae:da:f8:b3:3c:e8:5d:d5:de:7d:91:9d:55:2d:
8b:96:74:d4:d1:78:84:ed:33:70:24:1b:a8:77:e4:82:00:63:
b7:a6:3d:90:da:67:44:af:b6:f1:8b:e5:e1:2c:9a:ac:15:2e:
3d:17:5d:49:39:61:41:d6:37:4b:52:fd:55:b1:5f:0f:a5:0c:
11:03:ea:2a:44:fe:6b:fc:5f:2d:7f:ec:c9:f9:59:59:f1:24:
c5:c2:67:6d:2f:f8:b4:e7:1f:4e:3e:e5:f6:72:63:b1:96:98:
b4:9f:01:af
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUad8zBep+oiVoG2RSTR1VwBaMqQEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDExMDcxMjQzMTlaFw0yNTExMDYxMjQ4MTlaMDMxMTAvBgNV
BAMTKENEODQzMDE4MUE5QTRCRkIwQkM1MTYyNzRDMTc1MDk0QjU1QTk0N0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD03a5WTixoFl90tmIeLBuIIiPH
tgTNkWx5D6P3vwA53E0JQm93i6o5Vs0wPUs0bcVumcrrAzOESyC5OyUhdpmoGLxq
J4Awf7psrUs4sBissgaWQvInfkn2Q4NtlR+FQIbvBgI9VZdCo7+KRADFZ2iHE8NJ
c28hTf4dER/9IthPyfyg6QcAGJ2yUddX2eRh8mjQiQCPE/Vv4PL+cEdoS51kah37
cjE1er1ao1tRmwQv2YxHP9BzPQj1I0x13oe7sAJmGM95ieKLbmB3VtF8vXf8rcfg
5/o6ms2GFITPvJczioOW2ogyf6PvosVYn/RTI8k1lg6QBo2NTVZtjejPHFctAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUzYQwGBqaS/sLxRYnTBdQlLValH4wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMw
M2E2MzMwMzAzMDNhM2EyZjMzMzYyZDM0MzgyMDNkM2UyMDMyMzEzNTM4MzMzMi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGBCoUdYDAMA0GCSqGSIb3DQEBCwUAA4IBAQBdhwMr12BcAGeivAlP
kBRhqGJ8xv3pwtxrwMoN1HZAMYff0Efpejn7h4vxK1qCENWOKh3X8kXiQLpETZYj
aNopX52Pb9F200TxStSzQdIbASLqu467J3PNYMpr1vhLB/qN648q0usw3+7x9ZkT
JS89Hz11Wr622tqD6/MojbD4GyLVlkgHe0uj9awqIZCEMWxM1V+5rtr4szzoXdXe
fZGdVS2LlnTU0XiE7TNwJBuod+SCAGO3pj2Q2mdEr7bxi+XhLJqsFS49F11JOWFB
1jdLUv1VsV8PpQwRA+oqRP5r/F8tf+zJ+VlZ8STFwmdtL/i05x9OPuX2cmOxlpi0
nwGv
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:20 2024 by rpki-client on console-ams.rpki-client.org