Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a666330303a3a2f34302d3438203d3e203434343836.roa
File: 326131343a373538303a666330303a3a2f34302d3438203d3e203434343836.roa (raw, json)
Hash identifier: 26mRRJCNHxxirm9WcBnHyqTIz7Bs03+JvPDReFQCkAU=
Subject key identifier: 4D:A3:EA:B8:CF:D1:6E:59:1F:0E:AC:85:98:1C:73:E2:E1:A4:E6:87
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 620BEE0FC9D4485D5D6E55E23B42CBE132197681
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a666330303a3a2f34302d3438203d3e203434343836.roa
Signing time: Sun 03 Nov 2024 12:21:49 +0000
ROA not before: Sun 03 Nov 2024 12:16:49 +0000
ROA not after: Sun 02 Nov 2025 12:21:49 +0000
asID: 44486
IP address blocks: 2a14:7580:fc00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:0b:ee:0f:c9:d4:48:5d:5d:6e:55:e2:3b:42:cb:e1:32:19:76:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Nov 3 12:16:49 2024 GMT
Not After : Nov 2 12:21:49 2025 GMT
Subject: CN=4DA3EAB8CFD16E591F0EAC85981C73E2E1A4E687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:57:3f:01:21:08:60:28:e5:cd:43:da:cc:19:
10:a1:7e:4c:09:bf:f4:5b:c6:f3:66:5b:5d:b1:89:
43:6a:6d:74:0a:09:9e:1b:fc:f0:f4:c5:94:4b:62:
77:6b:47:53:1f:a7:5b:8f:90:4e:e9:85:68:5d:9b:
0c:03:63:26:ab:20:05:57:7d:7e:ae:46:7f:ab:ad:
31:40:02:da:ff:e3:7c:76:6e:6a:59:a9:9b:19:8b:
5a:3e:a4:0b:ac:3c:a7:91:dd:60:37:66:1b:42:43:
66:c9:e9:af:1a:81:eb:27:64:c2:9b:16:76:93:6e:
58:8d:96:0d:e2:c8:07:32:2e:37:7f:8b:58:f8:d5:
5e:6e:c7:e7:2f:52:bf:42:99:91:d5:10:e9:35:c7:
e0:09:7c:29:e3:bd:94:cb:57:ef:25:92:b9:52:51:
5b:73:52:93:36:8f:ba:2b:38:7b:60:c4:9e:80:74:
3e:5d:3e:5e:4e:f5:bb:81:91:89:6d:de:52:ed:26:
f7:67:b0:7f:23:66:cf:43:9e:44:0c:66:c7:be:10:
5e:78:31:93:bd:e2:78:9b:c2:e9:3d:3b:73:8f:0f:
a5:f5:fb:ae:10:ad:8a:c0:a6:a8:c8:0f:cc:24:12:
08:39:0c:a9:2c:ee:f0:20:a0:b1:40:71:89:8d:32:
a1:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A3:EA:B8:CF:D1:6E:59:1F:0E:AC:85:98:1C:73:E2:E1:A4:E6:87
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a666330303a3a2f34302d3438203d3e203434343836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:fc00::/40
Signature Algorithm: sha256WithRSAEncryption
71:c1:73:52:02:07:61:6b:19:d9:f6:a5:c6:d7:b2:33:4f:38:
bf:a7:fb:bb:d4:22:14:c6:f9:ab:ac:f9:5f:ce:38:fb:04:9d:
75:1d:79:58:48:e0:37:4b:85:0f:3e:45:88:f3:11:00:71:46:
f9:ed:d5:07:19:e2:dc:3c:c0:77:32:77:de:58:4f:58:86:e5:
a4:7f:81:5a:40:75:df:39:7f:f1:00:31:e9:13:7f:c2:82:1c:
d4:3f:d3:ec:d8:8b:92:26:b1:cf:56:78:ea:da:da:fa:81:f2:
6e:ac:2a:6c:1f:91:97:2e:2b:68:17:c8:f6:53:8e:e0:22:0c:
d8:ee:1e:3a:ba:5b:1c:51:af:8d:7e:e6:88:fa:3b:79:22:7d:
d7:f7:29:aa:62:f8:f9:94:19:3f:00:ed:24:4e:0e:62:0c:68:
8c:04:ce:cc:ea:58:25:c9:c6:66:2f:d9:83:19:6a:a4:48:ac:
62:82:53:4b:ce:5a:68:6a:10:77:0b:ca:97:1b:fe:8f:b8:71:
97:7b:b5:38:d0:86:4b:d1:68:6f:d5:d1:d6:79:49:79:a7:20:
79:bb:2f:d1:11:34:dd:ff:ac:c6:b1:d1:fd:b1:08:a2:5d:c5:
c7:72:46:74:6a:b3:ff:c7:a6:e0:b0:81:83:00:03:e8:99:d9:
ab:8d:3f:62
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUYgvuD8nUSF1dblXiO0LL4TIZdoEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDExMDMxMjE2NDlaFw0yNTExMDIxMjIxNDlaMDMxMTAvBgNV
BAMTKDREQTNFQUI4Q0ZEMTZFNTkxRjBFQUM4NTk4MUM3M0UyRTFBNEU2ODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2Vz8BIQhgKOXNQ9rMGRChfkwJ
v/RbxvNmW12xiUNqbXQKCZ4b/PD0xZRLYndrR1Mfp1uPkE7phWhdmwwDYyarIAVX
fX6uRn+rrTFAAtr/43x2bmpZqZsZi1o+pAusPKeR3WA3ZhtCQ2bJ6a8agesnZMKb
FnaTbliNlg3iyAcyLjd/i1j41V5ux+cvUr9CmZHVEOk1x+AJfCnjvZTLV+8lkrlS
UVtzUpM2j7orOHtgxJ6AdD5dPl5O9buBkYlt3lLtJvdnsH8jZs9DnkQMZse+EF54
MZO94nibwuk9O3OPD6X1+64QrYrApqjID8wkEgg5DKks7vAgoLFAcYmNMqHPAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUTaPquM/RblkfDqyFmBxz4uGk5ocwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMw
M2E2NjYzMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDM0MzQzNDM4MzYucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqFHWA/DANBgkqhkiG9w0BAQsFAAOCAQEAccFzUgIHYWsZ2falxtey
M084v6f7u9QiFMb5q6z5X844+wSddR15WEjgN0uFDz5FiPMRAHFG+e3VBxni3DzA
dzJ33lhPWIblpH+BWkB13zl/8QAx6RN/woIc1D/T7NiLkiaxz1Z46tra+oHybqwq
bB+Rly4raBfI9lOO4CIM2O4eOrpbHFGvjX7miPo7eSJ91/cpqmL4+ZQZPwDtJE4O
YgxojATOzOpYJcnGZi/ZgxlqpEisYoJTS85aaGoQdwvKlxv+j7hxl3u1ONCGS9Fo
b9XR1nlJeacgebsv0RE03f+sxrHR/bEIol3Fx3JGdGqz/8em4LCBgwAD6JnZq40/
Yg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:20 2024 by rpki-client on console-ams.rpki-client.org