Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a393730303a3a2f34302d3438203d3e20323135303530.roa
File: 326131343a373538313a393730303a3a2f34302d3438203d3e20323135303530.roa (raw, json)
Hash identifier: B0GMfuHfwjiTnRpWUYcxl5PkE0VX9UvcfkkhbynYdqQ=
Subject key identifier: 7F:97:BC:20:E8:68:B5:44:DF:A1:EE:1D:8A:79:8F:A3:02:82:51:89
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 5D602FCB131B878D86F4CA8E44EA861993DCA9BB
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a393730303a3a2f34302d3438203d3e20323135303530.roa
Signing time: Tue 13 Aug 2024 07:29:01 +0000
ROA not before: Tue 13 Aug 2024 07:24:01 +0000
ROA not after: Tue 12 Aug 2025 07:29:01 +0000
asID: 215050
IP address blocks: 2a14:7581:9700::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:60:2f:cb:13:1b:87:8d:86:f4:ca:8e:44:ea:86:19:93:dc:a9:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Aug 13 07:24:01 2024 GMT
Not After : Aug 12 07:29:01 2025 GMT
Subject: CN=7F97BC20E868B544DFA1EE1D8A798FA302825189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f4:6e:89:2e:ac:5d:00:7b:b9:91:e4:46:c0:
36:90:e3:8e:34:e8:12:ed:be:d6:b6:f9:84:b4:45:
0a:a6:99:49:73:3a:92:0f:68:91:af:d4:77:18:51:
56:d2:bc:94:58:05:52:83:77:83:dd:70:a4:d6:24:
6d:d5:99:14:d6:a2:b1:3f:63:bc:f0:51:63:c7:ee:
4a:aa:81:bc:f0:f3:c4:17:18:ec:45:d0:a5:77:07:
99:9c:fb:bc:f9:d7:f8:96:cf:1d:c6:94:4f:ae:60:
f4:f0:13:4b:7d:80:45:94:74:6d:bc:df:27:39:64:
f9:42:48:4e:d9:ca:9f:19:e4:c9:d0:df:ee:79:97:
68:53:c5:03:22:c0:e8:c1:6c:34:25:c3:eb:bc:01:
a2:4c:a3:c7:97:77:3e:95:b5:83:de:09:1c:37:11:
9c:81:4a:e6:ed:ac:96:c5:49:04:4f:9c:13:02:78:
a0:b1:99:82:81:09:ae:9c:d4:84:a6:d2:e0:98:73:
f0:a6:50:35:4f:c1:73:9c:d9:a1:01:9f:28:13:85:
d3:06:ce:b3:46:0c:a3:bb:3b:f1:26:18:4a:d7:5e:
75:5c:9a:8e:1b:51:22:18:13:38:d7:b6:ef:74:f3:
13:0d:df:b3:df:3d:ce:79:a3:61:52:8a:0b:0e:ee:
9a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:97:BC:20:E8:68:B5:44:DF:A1:EE:1D:8A:79:8F:A3:02:82:51:89
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a393730303a3a2f34302d3438203d3e20323135303530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:9700::/40
Signature Algorithm: sha256WithRSAEncryption
15:55:03:2c:a4:2b:0c:46:c1:95:8a:3d:a5:fa:24:71:ad:65:
53:8f:31:42:87:02:14:f2:7c:90:3b:63:69:4d:d3:b5:eb:cb:
9f:a9:3f:61:68:f5:c7:4d:87:17:e5:74:e5:6f:aa:52:bd:c5:
48:89:19:54:2a:2f:f7:03:69:8b:fc:9a:5b:db:94:d3:d0:ee:
53:b8:fc:d8:6d:f1:92:27:c2:d5:26:b2:8c:12:74:ea:8b:3d:
be:78:40:1f:ac:f7:9a:00:00:ba:75:97:21:33:a9:77:3b:45:
67:3b:64:c3:c4:b3:43:33:75:b2:e0:82:9d:d3:34:c4:d2:63:
95:68:32:da:7c:99:d1:1e:b1:bb:2e:cf:33:cf:94:66:82:3c:
67:f8:c4:73:a0:73:9a:80:f3:df:c6:63:81:6d:24:fd:a2:59:
ff:df:78:ee:83:03:3b:57:aa:91:50:3d:da:9d:b0:9e:3e:58:
77:ef:29:73:b0:88:52:f5:c7:07:73:24:fa:bf:6b:8b:a6:ee:
38:0d:83:4d:f6:e8:30:88:67:87:a0:6d:8b:46:76:9f:d4:90:
f6:2e:70:e5:a5:3a:3e:de:a2:bb:81:3d:04:ad:d2:48:66:4b:
1c:53:1f:b3:6b:ba:93:3f:e1:51:db:d9:dd:fc:4e:71:8a:24:
8d:2b:46:1a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUXWAvyxMbh42G9MqOROqGGZPcqbswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDA4MTMwNzI0MDFaFw0yNTA4MTIwNzI5MDFaMDMxMTAvBgNV
BAMTKDdGOTdCQzIwRTg2OEI1NDRERkExRUUxRDhBNzk4RkEzMDI4MjUxODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn9G6JLqxdAHu5keRGwDaQ4440
6BLtvta2+YS0RQqmmUlzOpIPaJGv1HcYUVbSvJRYBVKDd4PdcKTWJG3VmRTWorE/
Y7zwUWPH7kqqgbzw88QXGOxF0KV3B5mc+7z51/iWzx3GlE+uYPTwE0t9gEWUdG28
3yc5ZPlCSE7Zyp8Z5MnQ3+55l2hTxQMiwOjBbDQlw+u8AaJMo8eXdz6VtYPeCRw3
EZyBSubtrJbFSQRPnBMCeKCxmYKBCa6c1ISm0uCYc/CmUDVPwXOc2aEBnygThdMG
zrNGDKO7O/EmGErXXnVcmo4bUSIYEzjXtu908xMN37PfPc55o2FSigsO7prHAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUf5e8IOhotUTfoe4dinmPowKCUYkwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2EzOTM3MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNTMwMzUzMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUdYGXMA0GCSqGSIb3DQEBCwUAA4IBAQAVVQMspCsMRsGVij2l
+iRxrWVTjzFChwIU8nyQO2NpTdO168ufqT9haPXHTYcX5XTlb6pSvcVIiRlUKi/3
A2mL/Jpb25TT0O5TuPzYbfGSJ8LVJrKMEnTqiz2+eEAfrPeaAAC6dZchM6l3O0Vn
O2TDxLNDM3Wy4IKd0zTE0mOVaDLafJnRHrG7Ls8zz5Rmgjxn+MRzoHOagPPfxmOB
bST9oln/33jugwM7V6qRUD3anbCePlh37ylzsIhS9ccHcyT6v2uLpu44DYNN9ugw
iGeHoG2LRnaf1JD2LnDlpTo+3qK7gT0ErdJIZkscUx+za7qTP+FR29nd/E5xiiSN
K0Ya
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org