Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a663330303a3a2f34302d3438203d3e20323135343730.roa
File: 326131343a373538303a663330303a3a2f34302d3438203d3e20323135343730.roa (raw, json)
Hash identifier: ONUJHSJPnsK/ZSmESExUFAO3e2pLJceZ29B119W/7iw=
Subject key identifier: DB:43:4D:A0:C5:6B:CD:85:46:99:95:D8:7A:4B:3D:1C:EE:84:36:CE
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 1883412412719C0722FD7F44175814770A15D791
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a663330303a3a2f34302d3438203d3e20323135343730.roa
Signing time: Sun 13 Oct 2024 10:40:49 +0000
ROA not before: Sun 13 Oct 2024 10:35:49 +0000
ROA not after: Sun 12 Oct 2025 10:40:49 +0000
asID: 215470
IP address blocks: 2a14:7580:f300::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:83:41:24:12:71:9c:07:22:fd:7f:44:17:58:14:77:0a:15:d7:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Oct 13 10:35:49 2024 GMT
Not After : Oct 12 10:40:49 2025 GMT
Subject: CN=DB434DA0C56BCD85469995D87A4B3D1CEE8436CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:c0:d2:bf:cd:20:63:48:b3:7d:64:b7:7d:40:
0b:52:b2:d5:fe:4e:59:e7:c7:30:e4:8c:94:d7:63:
97:e6:60:97:11:fe:8e:99:85:fd:6f:04:e4:40:c4:
b0:4a:ed:0b:59:2b:34:f9:18:c4:92:7e:0c:81:7e:
c4:8a:00:c5:4e:b3:0e:df:82:47:2f:b2:7e:55:33:
8b:49:7f:b4:bf:21:b0:ca:49:94:0a:1f:a3:91:fd:
8a:ab:af:8f:a4:b2:98:eb:87:cb:bd:cb:0a:66:4a:
04:a1:98:70:d6:77:c8:fd:cc:b6:62:e6:cd:b5:01:
a5:0e:66:89:dc:d7:74:0c:b1:23:a2:f6:d0:36:bd:
6a:c8:55:6e:d6:32:a7:b0:4a:68:d8:41:30:74:56:
f3:4d:31:fc:95:d6:2f:e3:01:16:61:62:21:1b:ed:
4e:da:e9:2d:ea:73:b9:15:f9:ff:44:bf:89:09:2c:
5e:b9:c0:e6:32:9e:26:1b:35:ef:9a:14:5f:eb:56:
c7:d7:f7:e1:49:1e:b5:96:4c:5f:31:4e:30:cc:7b:
b0:aa:3b:97:91:81:45:3b:05:d8:c3:e8:5a:42:c8:
e4:54:a9:c9:19:be:2f:b3:7c:3f:01:46:3e:20:9e:
a3:8b:9c:d0:d9:33:ef:32:6d:c8:fc:fa:77:cd:ff:
82:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:43:4D:A0:C5:6B:CD:85:46:99:95:D8:7A:4B:3D:1C:EE:84:36:CE
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a663330303a3a2f34302d3438203d3e20323135343730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:f300::/40
Signature Algorithm: sha256WithRSAEncryption
48:2f:68:1c:84:6a:ab:1c:6e:a1:15:95:c0:54:ef:46:2a:06:
ec:a6:fc:2d:b5:9a:81:68:e4:07:43:04:32:2b:a6:e4:d9:ba:
45:6e:f7:ee:1e:ba:fd:39:fc:7a:35:95:6a:06:ed:fa:12:f1:
88:ee:fe:a2:c9:1b:ed:f3:b3:56:2b:84:ce:6f:52:6e:b4:82:
c6:60:a6:7b:ce:3b:53:1d:3f:f7:b6:d6:79:8c:54:5a:78:15:
fe:f1:5d:a9:5e:fd:87:89:66:28:d9:32:4f:d5:ab:b9:77:05:
f0:d4:9f:f7:18:20:98:4a:1b:30:89:73:42:50:c6:0d:d4:b5:
26:0d:99:9e:54:82:32:28:8c:ae:92:78:2c:af:90:02:f6:14:
d6:4c:d6:99:27:e1:29:c8:04:6f:dd:85:64:83:ab:1e:50:be:
ff:f0:d1:ba:cd:1c:2c:30:fe:ab:3f:bf:96:b6:be:63:ff:8c:
c2:ff:62:e9:e8:0d:69:e5:cc:79:79:6d:d4:0c:0f:f8:97:0d:
5e:8c:ba:48:23:e8:e9:b2:8e:4e:97:54:f8:87:f6:68:ee:d4:
41:7c:65:72:4b:2c:b7:12:7a:ba:25:71:92:20:b0:41:7d:95:
ee:9a:a4:63:1e:38:50:5b:7e:49:8a:53:1b:69:6c:83:46:1f:
12:66:df:8e
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUGINBJBJxnAci/X9EF1gUdwoV15EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDEwMTMxMDM1NDlaFw0yNTEwMTIxMDQwNDlaMDMxMTAvBgNV
BAMTKERCNDM0REEwQzU2QkNEODU0Njk5OTVEODdBNEIzRDFDRUU4NDM2Q0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDywNK/zSBjSLN9ZLd9QAtSstX+
TlnnxzDkjJTXY5fmYJcR/o6Zhf1vBORAxLBK7QtZKzT5GMSSfgyBfsSKAMVOsw7f
gkcvsn5VM4tJf7S/IbDKSZQKH6OR/Yqrr4+kspjrh8u9ywpmSgShmHDWd8j9zLZi
5s21AaUOZonc13QMsSOi9tA2vWrIVW7WMqewSmjYQTB0VvNNMfyV1i/jARZhYiEb
7U7a6S3qc7kV+f9Ev4kJLF65wOYyniYbNe+aFF/rVsfX9+FJHrWWTF8xTjDMe7Cq
O5eRgUU7BdjD6FpCyORUqckZvi+zfD8BRj4gnqOLnNDZM+8ybcj8+nfN/4J5AgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQU20NNoMVrzYVGmZXYeks9HO6ENs4wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMw
M2E2NjMzMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNTM0MzczMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUdYDzMA0GCSqGSIb3DQEBCwUAA4IBAQBIL2gchGqrHG6hFZXA
VO9GKgbspvwttZqBaOQHQwQyK6bk2bpFbvfuHrr9Ofx6NZVqBu36EvGI7v6iyRvt
87NWK4TOb1JutILGYKZ7zjtTHT/3ttZ5jFRaeBX+8V2pXv2HiWYo2TJP1au5dwXw
1J/3GCCYShswiXNCUMYN1LUmDZmeVIIyKIyukngsr5AC9hTWTNaZJ+EpyARv3YVk
g6seUL7/8NG6zRwsMP6rP7+Wtr5j/4zC/2Lp6A1p5cx5eW3UDA/4lw1ejLpII+jp
so5Ol1T4h/Zo7tRBfGVySyy3Enq6JXGSILBBfZXumqRjHjhQW35JilMbaWyDRh8S
Zt+O
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org