Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a396130303a3a2f34302d3438203d3e20323134343936.roa
File: 326131343a373538313a396130303a3a2f34302d3438203d3e20323134343936.roa (raw, json)
Hash identifier: YFBNlAuR1bsd5lyaWfQsiPB84WKDi/XmGf+7Z6xy/Xg=
Subject key identifier: AC:78:D7:7E:4A:BF:17:07:9B:8C:E7:92:37:F6:42:38:CA:91:45:B8
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 3077457224DA425AE30408457AAD7DA7A9068D8A
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a396130303a3a2f34302d3438203d3e20323134343936.roa
Signing time: Thu 29 Aug 2024 02:01:27 +0000
ROA not before: Thu 29 Aug 2024 01:56:27 +0000
ROA not after: Thu 28 Aug 2025 02:01:27 +0000
asID: 214496
IP address blocks: 2a14:7581:9a00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:77:45:72:24:da:42:5a:e3:04:08:45:7a:ad:7d:a7:a9:06:8d:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Aug 29 01:56:27 2024 GMT
Not After : Aug 28 02:01:27 2025 GMT
Subject: CN=AC78D77E4ABF17079B8CE79237F64238CA9145B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:75:79:3f:0a:b1:9b:a3:2c:b2:2a:07:f7:88:
e6:91:e0:c4:93:40:1b:8d:70:69:6c:a8:89:d2:bc:
80:4b:24:9f:56:3c:9a:a7:56:13:f0:42:ec:fb:ff:
fa:87:59:c0:73:e7:37:99:65:4e:d9:44:6f:80:aa:
9d:c1:2b:d7:eb:55:3c:c7:f0:17:e2:8d:1f:e3:f0:
af:a9:35:c6:0b:ad:6d:31:ca:f7:4f:97:e6:b0:8f:
0c:06:1c:16:5c:fb:6e:22:6b:d0:1f:5b:3a:1d:a8:
34:7a:e2:e5:94:9c:a9:13:93:28:62:fb:b2:fb:73:
e4:07:8f:17:19:ac:58:3a:da:9a:8e:47:f8:b3:9a:
9f:fa:f7:b1:e8:ea:fe:03:70:5f:12:e8:7d:b8:52:
91:d5:1f:f1:c3:ea:ee:b5:f3:3d:a3:0f:cc:40:ab:
29:94:cb:2b:46:98:3f:a8:6b:0d:63:51:9c:c0:23:
d7:83:d9:3f:bf:25:57:55:d2:94:fc:cd:ef:b0:ca:
63:9d:3c:91:d0:90:86:2d:10:36:f8:43:90:7f:75:
18:0f:95:19:b5:cc:e6:6e:ae:4a:0c:a1:45:fa:ad:
ff:e0:3d:02:02:05:65:24:25:99:c0:08:30:91:89:
59:db:1d:18:0d:2d:32:15:52:d9:d1:de:5d:b8:da:
c6:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:78:D7:7E:4A:BF:17:07:9B:8C:E7:92:37:F6:42:38:CA:91:45:B8
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a396130303a3a2f34302d3438203d3e20323134343936.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:9a00::/40
Signature Algorithm: sha256WithRSAEncryption
6c:9c:18:a7:bd:a9:88:e6:1c:b2:4a:ec:c4:85:2b:2b:76:84:
62:19:0e:36:75:ec:05:ee:92:de:c4:ef:75:9b:7f:0c:d9:80:
61:91:c5:86:34:69:03:5e:cb:cc:ea:90:51:5b:ef:f1:d8:3d:
a5:78:af:3b:97:8f:ac:6f:df:8f:06:5b:e5:15:69:24:83:3b:
d3:84:fa:ce:b1:4a:81:7f:0a:88:03:ab:72:ca:5b:64:57:7d:
f1:31:4f:29:87:68:70:21:01:04:c6:2e:24:bd:1b:1d:55:1d:
18:cd:09:75:96:96:07:91:73:7d:7d:4a:1a:0f:af:90:01:3c:
7c:ef:a2:36:0f:cf:85:a4:0f:43:15:7e:98:e7:ef:62:ec:c4:
5f:ea:cd:b6:a4:91:ee:43:51:d8:e3:b2:68:f7:09:3f:79:a0:
20:0f:23:54:cb:5d:06:2f:df:48:83:98:7d:21:17:f8:64:78:
0f:8a:fc:f5:77:83:c1:39:46:49:81:44:e1:15:e3:05:e0:45:
11:d9:95:bc:bf:dc:b4:3d:63:56:b7:aa:19:97:06:84:e3:bf:
03:6d:25:9b:33:ed:04:07:e7:b9:0c:12:e8:92:e5:f5:1c:de:
f2:20:96:85:af:2d:33:6c:5f:b7:df:04:13:d4:42:bc:a5:0d:
60:14:81:28
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUMHdFciTaQlrjBAhFeq19p6kGjYowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDA4MjkwMTU2MjdaFw0yNTA4MjgwMjAxMjdaMDMxMTAvBgNV
BAMTKEFDNzhENzdFNEFCRjE3MDc5QjhDRTc5MjM3RjY0MjM4Q0E5MTQ1QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/dXk/CrGboyyyKgf3iOaR4MST
QBuNcGlsqInSvIBLJJ9WPJqnVhPwQuz7//qHWcBz5zeZZU7ZRG+Aqp3BK9frVTzH
8BfijR/j8K+pNcYLrW0xyvdPl+awjwwGHBZc+24ia9AfWzodqDR64uWUnKkTkyhi
+7L7c+QHjxcZrFg62pqOR/izmp/697Ho6v4DcF8S6H24UpHVH/HD6u618z2jD8xA
qymUyytGmD+oaw1jUZzAI9eD2T+/JVdV0pT8ze+wymOdPJHQkIYtEDb4Q5B/dRgP
lRm1zOZurkoMoUX6rf/gPQICBWUkJZnACDCRiVnbHRgNLTIVUtnR3l242sbhAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUrHjXfkq/FwebjOeSN/ZCOMqRRbgwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2EzOTYxMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNDM0MzkzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUdYGaMA0GCSqGSIb3DQEBCwUAA4IBAQBsnBinvamI5hyySuzE
hSsrdoRiGQ42dewF7pLexO91m38M2YBhkcWGNGkDXsvM6pBRW+/x2D2leK87l4+s
b9+PBlvlFWkkgzvThPrOsUqBfwqIA6tyyltkV33xMU8ph2hwIQEExi4kvRsdVR0Y
zQl1lpYHkXN9fUoaD6+QATx876I2D8+FpA9DFX6Y5+9i7MRf6s22pJHuQ1HY47Jo
9wk/eaAgDyNUy10GL99Ig5h9IRf4ZHgPivz1d4PBOUZJgUThFeMF4EUR2ZW8v9y0
PWNWt6oZlwaE478DbSWbM+0EB+e5DBLokuX1HN7yIJaFry0zbF+33wQT1EK8pQ1g
FIEo
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:20 2024 by rpki-client on console-ams.rpki-client.org