Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a3530303a3a2f34302d3438203d3e20323132303835.roa
File: 326131343a373538313a3530303a3a2f34302d3438203d3e20323132303835.roa (raw, json)
Hash identifier: haTv370XEUo2QrU1cAUVN8c4n8WHlm4Tf0GBNtEIiNA=
Subject key identifier: 7D:DC:81:BD:F7:2C:A2:16:CE:CD:B9:F5:BF:72:98:E8:29:50:33:CD
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 1F27FB96B692E5E919209928AA7565DA39F6DF21
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a3530303a3a2f34302d3438203d3e20323132303835.roa
Signing time: Mon 08 Apr 2024 08:55:56 +0000
ROA not before: Mon 08 Apr 2024 08:50:56 +0000
ROA not after: Mon 07 Apr 2025 08:55:56 +0000
asID: 212085
IP address blocks: 2a14:7581:500::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:27:fb:96:b6:92:e5:e9:19:20:99:28:aa:75:65:da:39:f6:df:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Apr 8 08:50:56 2024 GMT
Not After : Apr 7 08:55:56 2025 GMT
Subject: CN=7DDC81BDF72CA216CECDB9F5BF7298E8295033CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ec:93:ae:a9:a1:be:37:39:57:b9:d7:02:06:
21:19:fc:f7:5d:79:5b:92:f7:c9:6c:b4:38:4b:ad:
3d:18:93:95:a5:ee:d7:0b:77:13:b8:a6:10:da:98:
f4:fb:b4:ad:7a:21:43:70:d2:1b:4f:a0:0b:0a:dc:
d8:bd:66:d0:85:e1:e8:f0:fd:1e:8c:0a:2b:e9:22:
85:3b:af:79:0d:04:17:38:84:6e:f0:89:bf:88:a9:
d7:c8:f9:56:24:29:e7:40:45:e1:4d:83:14:c1:9a:
56:20:84:68:45:6a:2f:1c:84:5f:bd:14:28:22:ed:
52:97:0b:88:59:3c:5d:f7:3c:29:39:1c:a5:27:e8:
9a:7c:3e:e2:65:c0:ed:ba:ad:3e:94:6a:96:eb:ca:
6e:8f:1c:df:58:3d:e4:b9:1d:f7:c0:c8:52:f5:7e:
14:27:29:61:64:49:d4:ed:d3:7f:ce:0e:a1:47:78:
17:e4:70:f2:89:27:3e:d9:fe:de:06:2a:2b:1c:2f:
b9:99:21:d9:82:ce:47:01:9d:98:26:67:43:44:02:
c1:56:71:e0:1d:ff:6a:5f:fc:b7:5e:7c:d3:03:b7:
46:1d:75:26:98:93:07:00:a8:e2:1b:15:8a:88:a5:
bd:45:1d:f9:68:fb:66:c8:c3:c6:20:44:0a:6b:ed:
58:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:DC:81:BD:F7:2C:A2:16:CE:CD:B9:F5:BF:72:98:E8:29:50:33:CD
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a3530303a3a2f34302d3438203d3e20323132303835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:500::/40
Signature Algorithm: sha256WithRSAEncryption
40:3f:8b:c8:58:62:dc:10:80:e8:7c:13:0b:fa:12:2e:95:63:
73:83:b3:9a:d0:f5:c4:14:8a:ee:68:06:b5:71:31:ae:87:5d:
b3:95:f0:5f:c3:a1:fe:a7:d6:96:7f:87:49:90:cd:d3:07:d3:
02:95:d7:ba:80:00:11:2c:4e:6c:1d:4e:e3:d4:cd:e7:78:ea:
ba:74:83:e4:68:28:df:b0:a3:68:8d:ab:6a:83:6b:14:72:90:
45:30:1a:6e:a9:87:d8:84:2d:8a:8c:26:22:11:70:c6:6c:e6:
eb:a0:2f:ea:cc:fc:ef:29:8b:c1:f4:77:e3:7c:49:a5:71:7e:
f9:4f:f6:5e:85:a5:03:13:f1:5e:53:c8:3f:bf:22:07:ed:a4:
ce:36:9e:6b:20:c2:67:b9:fb:ce:79:80:31:94:c9:72:1d:f4:
e4:54:6c:3d:0a:71:da:9a:47:af:1e:bd:3c:b9:77:c7:29:9c:
84:e9:54:2e:c1:91:53:82:b5:91:2d:51:a0:4a:bd:74:38:10:
d2:e9:3f:99:b1:e8:77:7c:fb:09:fc:e7:22:3e:1f:79:70:18:
22:b0:24:bc:72:df:91:8c:93:71:fb:2a:51:3c:fb:2e:bc:e4:
26:40:a4:76:92:b7:47:1d:d2:5c:20:09:1e:92:fb:8d:36:a3:
58:8d:e3:50
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUHyf7lraS5ekZIJkoqnVl2jn23yEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDA0MDgwODUwNTZaFw0yNTA0MDcwODU1NTZaMDMxMTAvBgNV
BAMTKDdEREM4MUJERjcyQ0EyMTZDRUNEQjlGNUJGNzI5OEU4Mjk1MDMzQ0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDg7JOuqaG+NzlXudcCBiEZ/Pdd
eVuS98lstDhLrT0Yk5Wl7tcLdxO4phDamPT7tK16IUNw0htPoAsK3Ni9ZtCF4ejw
/R6MCivpIoU7r3kNBBc4hG7wib+IqdfI+VYkKedAReFNgxTBmlYghGhFai8chF+9
FCgi7VKXC4hZPF33PCk5HKUn6Jp8PuJlwO26rT6Uapbrym6PHN9YPeS5HffAyFL1
fhQnKWFkSdTt03/ODqFHeBfkcPKJJz7Z/t4GKiscL7mZIdmCzkcBnZgmZ0NEAsFW
ceAd/2pf/LdefNMDt0YddSaYkwcAqOIbFYqIpb1FHflo+2bIw8YgRApr7VgPAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUfdyBvfcsohbOzbn1v3KY6ClQM80wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2EzNTMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMxMzIzMDM4MzUucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqFHWBBTANBgkqhkiG9w0BAQsFAAOCAQEAQD+LyFhi3BCA6HwTC/oS
LpVjc4OzmtD1xBSK7mgGtXExrodds5XwX8Oh/qfWln+HSZDN0wfTApXXuoAAESxO
bB1O49TN53jqunSD5Ggo37CjaI2raoNrFHKQRTAabqmH2IQtiowmIhFwxmzm66Av
6sz87ymLwfR343xJpXF++U/2XoWlAxPxXlPIP78iB+2kzjaeayDCZ7n7znmAMZTJ
ch305FRsPQpx2ppHrx69PLl3xymchOlULsGRU4K1kS1RoEq9dDgQ0uk/mbHod3z7
CfznIj4feXAYIrAkvHLfkYyTcfsqUTz7LrzkJkCkdpK3Rx3SXCAJHpL7jTajWI3j
UA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org