Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a666630303a3a2f34342d3438203d3e20323038393538.roa
File: 326131343a373538303a666630303a3a2f34342d3438203d3e20323038393538.roa (raw, json)
Hash identifier: y2sXEEEdgugncq4uRa4zfJWyNg3JsmbnNRUC0qdyLyg=
Subject key identifier: 73:C6:F2:73:4F:59:4F:8D:52:0C:3E:AA:11:12:A7:5B:03:33:A0:D0
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 79B3694BC9FADBAB634F6DFAF47AEDDD2615E892
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a666630303a3a2f34342d3438203d3e20323038393538.roa
Signing time: Fri 08 Nov 2024 15:25:01 +0000
ROA not before: Fri 08 Nov 2024 15:20:01 +0000
ROA not after: Fri 07 Nov 2025 15:25:01 +0000
asID: 208958
IP address blocks: 2a14:7580:ff00::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:b3:69:4b:c9:fa:db:ab:63:4f:6d:fa:f4:7a:ed:dd:26:15:e8:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Nov 8 15:20:01 2024 GMT
Not After : Nov 7 15:25:01 2025 GMT
Subject: CN=73C6F2734F594F8D520C3EAA1112A75B0333A0D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a7:00:69:bc:f9:f7:1a:b4:6e:74:38:7c:43:
c9:8b:3b:73:ce:4a:0a:30:fa:b1:0e:3b:d6:68:24:
65:11:1f:df:25:d1:f1:3a:5d:02:e6:48:01:cc:bf:
5d:1f:6e:46:2c:81:b7:fc:73:1c:35:2b:d7:13:c6:
ce:5d:aa:d9:49:5a:75:c1:85:be:b6:84:2a:c4:74:
28:ce:c8:24:a9:6c:4e:57:4e:cb:86:b4:89:c6:98:
da:58:e8:b4:15:9d:fe:f7:85:be:88:ce:47:b7:f9:
3d:ad:e5:81:b0:c3:4e:33:66:e2:b6:9f:80:09:f6:
fe:53:25:81:3e:8a:51:ef:17:57:a2:01:28:63:65:
dd:10:14:d9:39:cc:04:a9:cf:21:ad:cd:32:ce:bb:
51:d9:d6:3d:7c:f1:a4:44:d7:52:d6:4a:ac:53:b7:
14:77:df:cf:c4:48:ff:fe:12:47:ac:68:17:fc:a2:
5d:28:06:0a:8d:33:d5:33:0b:ff:58:bb:91:39:0a:
b0:7d:e8:5a:0c:ca:65:da:39:13:64:45:e7:a0:4f:
cf:5a:6a:39:59:1a:0c:1b:e0:bf:6c:82:80:30:bc:
f8:35:17:2b:65:f1:8f:d3:17:b8:d7:85:63:18:ea:
5a:d0:36:c2:21:70:d4:4f:0e:78:5c:f9:2b:47:2c:
fc:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:C6:F2:73:4F:59:4F:8D:52:0C:3E:AA:11:12:A7:5B:03:33:A0:D0
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a666630303a3a2f34342d3438203d3e20323038393538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:ff00::/44
Signature Algorithm: sha256WithRSAEncryption
35:9f:50:f1:d0:5b:bf:27:5c:58:8e:19:29:61:d9:48:18:ae:
28:b0:1d:80:6b:24:4d:8f:cb:dd:02:44:75:b3:1e:32:29:68:
14:88:f7:cb:5e:08:e2:09:3b:a5:43:dd:3d:98:e9:35:b7:62:
31:1c:3b:b5:d5:80:4d:e1:9c:53:eb:8f:dd:53:bd:22:55:08:
a1:06:43:85:7e:6e:31:d9:83:03:9b:25:4e:9b:c7:9f:6f:1a:
51:fc:9a:6f:a6:4f:d4:be:00:37:bb:03:54:21:02:61:f2:10:
f3:fb:9c:f1:b4:45:26:ee:9f:2d:40:3b:ce:0f:d9:36:2a:18:
9b:06:4a:04:12:43:f3:7a:c3:bf:16:16:3a:28:9a:98:01:fb:
d0:8d:58:2e:02:2e:ac:91:65:1c:47:45:b8:80:af:e0:f3:1b:
b6:d7:d9:f8:e2:40:5c:f1:51:20:fb:b3:04:f3:87:15:d6:16:
82:b9:4e:33:59:43:ff:1b:5f:8f:61:91:80:cc:57:e4:f9:0a:
16:c3:7a:21:af:bf:b6:25:fd:91:36:f1:93:26:e5:2d:ab:80:
ee:64:e3:ce:8e:4b:27:38:45:8f:df:5a:79:3e:d3:34:8e:73:
5e:8f:ce:e6:41:aa:97:91:90:f8:3e:c5:b4:ee:a5:f7:ba:df:
95:b8:c2:cb
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUebNpS8n626tjT2369Hrt3SYV6JIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDExMDgxNTIwMDFaFw0yNTExMDcxNTI1MDFaMDMxMTAvBgNV
BAMTKDczQzZGMjczNEY1OTRGOEQ1MjBDM0VBQTExMTJBNzVCMDMzM0EwRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCppwBpvPn3GrRudDh8Q8mLO3PO
Sgow+rEOO9ZoJGURH98l0fE6XQLmSAHMv10fbkYsgbf8cxw1K9cTxs5dqtlJWnXB
hb62hCrEdCjOyCSpbE5XTsuGtInGmNpY6LQVnf73hb6Izke3+T2t5YGww04zZuK2
n4AJ9v5TJYE+ilHvF1eiAShjZd0QFNk5zASpzyGtzTLOu1HZ1j188aRE11LWSqxT
txR338/ESP/+EkesaBf8ol0oBgqNM9UzC/9Yu5E5CrB96FoMymXaORNkReegT89a
ajlZGgwb4L9sgoAwvPg1Fytl8Y/TF7jXhWMY6lrQNsIhcNRPDnhc+StHLPwzAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUc8byc09ZT41SDD6qERKnWwMzoNAwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMw
M2E2NjY2MzAzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMyMzAzODM5MzUzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoUdYD/ADANBgkqhkiG9w0BAQsFAAOCAQEANZ9Q8dBbvydcWI4Z
KWHZSBiuKLAdgGskTY/L3QJEdbMeMiloFIj3y14I4gk7pUPdPZjpNbdiMRw7tdWA
TeGcU+uP3VO9IlUIoQZDhX5uMdmDA5slTpvHn28aUfyab6ZP1L4AN7sDVCECYfIQ
8/uc8bRFJu6fLUA7zg/ZNioYmwZKBBJD83rDvxYWOiiamAH70I1YLgIurJFlHEdF
uICv4PMbttfZ+OJAXPFRIPuzBPOHFdYWgrlOM1lD/xtfj2GRgMxX5PkKFsN6Ia+/
tiX9kTbxkyblLauA7mTjzo5LJzhFj99aeT7TNI5zXo/O5kGql5GQ+D7FtO6l97rf
lbjCyw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org