Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a666230303a3a2f34302d3438203d3e203539383935.roa
File: 326131343a373538303a666230303a3a2f34302d3438203d3e203539383935.roa (raw, json)
Hash identifier: Nkaly1NhC/uFe2bRPvL+ebfnTT8/AHdE68WTGb/Cyck=
Subject key identifier: 41:1D:2C:CE:03:CF:FA:CC:36:FB:D4:23:F2:58:B1:75:28:37:42:43
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 2FB5D932A985D99CDE42202D8D0CEA7B93B79569
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a666230303a3a2f34302d3438203d3e203539383935.roa
Signing time: Sun 03 Nov 2024 11:18:02 +0000
ROA not before: Sun 03 Nov 2024 11:13:02 +0000
ROA not after: Sun 02 Nov 2025 11:18:02 +0000
asID: 59895
IP address blocks: 2a14:7580:fb00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:b5:d9:32:a9:85:d9:9c:de:42:20:2d:8d:0c:ea:7b:93:b7:95:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Nov 3 11:13:02 2024 GMT
Not After : Nov 2 11:18:02 2025 GMT
Subject: CN=411D2CCE03CFFACC36FBD423F258B17528374243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:03:fc:d9:0d:01:3a:85:a9:4a:71:b3:18:b3:
05:47:e3:de:f1:90:fc:f4:52:d1:ea:af:7c:9b:42:
d5:09:4a:38:7c:c4:a6:a5:a1:5a:7d:4f:34:30:ec:
90:3c:d9:4e:0b:ab:e6:e5:04:a6:9f:e3:1b:7c:cc:
cb:70:7d:25:94:d5:87:11:18:58:7d:60:78:2a:5e:
f8:f4:f4:2d:ab:c5:fb:76:ff:09:ac:ee:12:fa:05:
09:48:10:ae:87:d4:a0:19:83:fb:48:fd:9e:8a:cf:
ac:96:3b:16:79:bc:3b:17:dd:67:30:e1:02:f5:36:
96:ca:96:99:45:79:bb:f5:b7:9c:8f:d3:ce:02:64:
59:1c:30:04:06:3e:46:bf:d0:c1:46:82:fe:8a:1b:
b7:f7:fa:71:b6:b3:76:0b:37:1b:ba:74:7c:5b:5a:
01:e4:ac:65:76:bc:2a:b0:60:e7:cd:6b:b6:01:d8:
05:5d:0b:90:76:fb:1f:90:5a:42:f8:42:e8:df:0d:
3d:ab:f1:c0:ec:d5:94:f9:f4:e6:ea:5a:3e:cd:aa:
2d:55:d0:69:52:ed:29:ed:96:70:c7:fc:98:dc:ac:
b1:3d:e3:43:e7:6b:3c:ac:23:e2:9c:d7:64:6d:e9:
24:c6:29:03:12:7f:e8:ec:84:c6:18:11:2f:75:8c:
43:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:1D:2C:CE:03:CF:FA:CC:36:FB:D4:23:F2:58:B1:75:28:37:42:43
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a666230303a3a2f34302d3438203d3e203539383935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:fb00::/40
Signature Algorithm: sha256WithRSAEncryption
96:99:01:ca:d5:84:79:1f:fd:68:75:8a:72:99:9f:f5:ac:79:
49:d2:40:4b:fa:11:d8:8c:33:7c:8a:86:78:92:ce:d7:75:e5:
d5:ea:64:c9:c3:b7:98:ce:87:d7:a0:e1:a6:80:c7:7f:b6:88:
09:0b:22:9d:3f:ab:79:5c:13:c1:90:e1:f6:4c:04:9c:be:da:
28:eb:dd:33:2a:68:33:32:9b:43:99:f1:61:8b:ab:5b:dc:17:
f1:5f:b8:20:e2:68:ae:49:f0:ac:43:62:35:94:af:df:7d:1b:
b8:a3:fa:a5:40:e9:0c:30:2b:e0:70:41:5d:86:45:35:79:59:
36:99:bd:e0:6d:8c:2d:9a:96:77:28:82:f9:b9:b9:65:4f:ba:
84:17:13:09:67:e0:aa:f4:43:5c:a4:b9:0c:c9:fb:4d:ae:0a:
7f:b8:8e:3d:9d:6b:68:d2:49:d4:47:63:9f:e7:5b:38:b5:4e:
3b:33:6c:ee:79:ea:58:1a:e1:37:b4:8d:fd:54:f7:67:45:e9:
cc:7f:92:1f:2f:c8:93:93:fe:0f:1a:88:94:64:c0:df:29:6d:
6c:dd:41:d5:49:c5:2d:c6:66:f9:01:5a:89:d2:f6:06:17:79:
73:0e:91:d1:c3:28:74:f6:87:cc:61:d9:71:c6:0d:9e:1e:74:
78:0c:9c:d9
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUL7XZMqmF2ZzeQiAtjQzqe5O3lWkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDExMDMxMTEzMDJaFw0yNTExMDIxMTE4MDJaMDMxMTAvBgNV
BAMTKDQxMUQyQ0NFMDNDRkZBQ0MzNkZCRDQyM0YyNThCMTc1MjgzNzQyNDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkA/zZDQE6halKcbMYswVH497x
kPz0UtHqr3ybQtUJSjh8xKaloVp9TzQw7JA82U4Lq+blBKaf4xt8zMtwfSWU1YcR
GFh9YHgqXvj09C2rxft2/wms7hL6BQlIEK6H1KAZg/tI/Z6Kz6yWOxZ5vDsX3Wcw
4QL1NpbKlplFebv1t5yP084CZFkcMAQGPka/0MFGgv6KG7f3+nG2s3YLNxu6dHxb
WgHkrGV2vCqwYOfNa7YB2AVdC5B2+x+QWkL4QujfDT2r8cDs1ZT59ObqWj7Nqi1V
0GlS7SntlnDH/JjcrLE940PnazysI+Kc12Rt6STGKQMSf+jshMYYES91jENxAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUQR0szgPP+sw2+9Qj8lixdSg3QkMwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMw
M2E2NjYyMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDM1MzkzODM5MzUucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqFHWA+zANBgkqhkiG9w0BAQsFAAOCAQEAlpkBytWEeR/9aHWKcpmf
9ax5SdJAS/oR2IwzfIqGeJLO13Xl1epkycO3mM6H16DhpoDHf7aICQsinT+reVwT
wZDh9kwEnL7aKOvdMypoMzKbQ5nxYYurW9wX8V+4IOJorknwrENiNZSv330buKP6
pUDpDDAr4HBBXYZFNXlZNpm94G2MLZqWdyiC+bm5ZU+6hBcTCWfgqvRDXKS5DMn7
Ta4Kf7iOPZ1raNJJ1Edjn+dbOLVOOzNs7nnqWBrhN7SN/VT3Z0XpzH+SHy/Ik5P+
DxqIlGTA3yltbN1B1UnFLcZm+QFaidL2Bhd5cw6R0cModPaHzGHZccYNnh50eAyc
2Q==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org