Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a396230303a3a2f34302d3438203d3e20323134323538.roa
File: 326131343a373538313a396230303a3a2f34302d3438203d3e20323134323538.roa (raw, json)
Hash identifier: w4gfI1AcJd030peTH2/Ep8toX4XliwQzqzjWlulLmtA=
Subject key identifier: 88:7A:45:FA:40:46:6B:40:D0:CB:89:21:5B:91:17:25:D3:E1:B6:58
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 31898F2B71BB9801A65E384B65D1D6F80B7F45A6
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a396230303a3a2f34302d3438203d3e20323134323538.roa
Signing time: Thu 19 Sep 2024 09:56:14 +0000
ROA not before: Thu 19 Sep 2024 09:51:14 +0000
ROA not after: Thu 18 Sep 2025 09:56:14 +0000
asID: 214258
IP address blocks: 2a14:7581:9b00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 13:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:89:8f:2b:71:bb:98:01:a6:5e:38:4b:65:d1:d6:f8:0b:7f:45:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Sep 19 09:51:14 2024 GMT
Not After : Sep 18 09:56:14 2025 GMT
Subject: CN=887A45FA40466B40D0CB89215B911725D3E1B658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:94:8d:de:2e:a7:56:a8:5e:df:8d:73:0f:6c:
2d:6c:df:08:ed:50:69:70:69:ba:b4:21:40:c1:5d:
a7:e0:91:0e:16:13:e5:5a:7a:72:af:22:e9:ba:fb:
a5:c6:ab:1a:c4:1f:03:89:87:c7:8c:93:14:1b:f1:
4f:05:0b:95:47:da:2a:21:01:94:fd:66:92:ac:5c:
1d:b1:d6:94:4b:e1:af:88:e5:2b:6e:36:45:bf:1c:
a1:c5:38:4b:d3:c6:3e:76:86:ef:f1:37:3d:bb:4c:
f2:2d:0a:0c:15:9b:ae:68:d1:6a:dd:29:de:42:7f:
3a:9e:1f:83:e5:c0:ca:9e:f8:9c:76:d5:54:7d:db:
ed:00:1f:05:77:dd:eb:39:d7:28:22:e3:31:c0:99:
b8:e8:4f:bf:3d:bc:b2:5c:e7:cc:07:42:ba:e5:dd:
dc:7c:a5:90:ca:9c:97:93:62:9e:50:d0:19:6d:9e:
36:b9:ec:cc:c0:92:c7:9d:fa:b9:40:03:15:dd:40:
04:c3:22:61:0a:09:6f:73:10:dc:c6:a7:20:30:f9:
cc:28:b7:5d:9e:62:d3:ea:c4:8a:ba:72:d2:52:cc:
68:83:7f:df:d0:74:be:ee:70:91:1c:c0:46:7d:b2:
6f:03:e2:70:6c:42:3c:bd:39:89:a6:5c:a3:83:11:
9a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:7A:45:FA:40:46:6B:40:D0:CB:89:21:5B:91:17:25:D3:E1:B6:58
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a396230303a3a2f34302d3438203d3e20323134323538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:9b00::/40
Signature Algorithm: sha256WithRSAEncryption
5d:b9:b0:2b:f7:a0:14:63:c1:07:ae:7a:48:46:e7:18:82:fd:
bc:36:a6:b6:69:2d:6d:82:2e:74:8a:d0:c4:d0:f1:26:49:b7:
a6:21:2a:df:1d:fd:3e:e4:1d:ba:19:2f:9c:7e:5a:29:7c:ae:
f2:a7:56:e4:62:74:fa:72:6f:80:34:e3:66:bb:3d:bf:40:54:
c7:ee:30:3a:82:18:fd:d9:13:3a:dc:25:43:89:70:3b:f8:b7:
6f:79:13:2e:57:89:a7:1c:19:1d:ce:49:6e:1e:63:15:ce:04:
e6:dc:f2:86:12:25:0e:d9:72:33:0b:cc:35:fe:bf:d0:d1:97:
61:5e:7e:8a:eb:97:13:b4:f2:78:0d:ea:c2:da:9f:ba:bc:9a:
9a:55:7d:c3:f2:64:13:85:39:38:02:fc:a2:31:41:13:87:06:
26:c2:e1:26:ff:e0:f2:4c:f6:6d:e5:8c:a7:54:8e:ee:a6:44:
5e:3d:4e:6d:fb:dd:05:9c:6e:c5:1b:7d:6f:40:49:c7:a7:f8:
03:3b:8c:97:21:71:0b:ae:47:f5:a4:52:4a:03:35:97:97:9e:
6a:02:27:15:92:2c:22:02:eb:3a:38:ab:f7:fb:40:57:7e:31:
d6:91:16:06:fb:c4:fc:4b:f9:aa:5e:d3:c7:e3:77:37:7c:70:
aa:ae:f2:06
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUMYmPK3G7mAGmXjhLZdHW+At/RaYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDA5MTkwOTUxMTRaFw0yNTA5MTgwOTU2MTRaMDMxMTAvBgNV
BAMTKDg4N0E0NUZBNDA0NjZCNDBEMENCODkyMTVCOTExNzI1RDNFMUI2NTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCalI3eLqdWqF7fjXMPbC1s3wjt
UGlwabq0IUDBXafgkQ4WE+VaenKvIum6+6XGqxrEHwOJh8eMkxQb8U8FC5VH2ioh
AZT9ZpKsXB2x1pRL4a+I5StuNkW/HKHFOEvTxj52hu/xNz27TPItCgwVm65o0Wrd
Kd5CfzqeH4PlwMqe+Jx21VR92+0AHwV33es51ygi4zHAmbjoT789vLJc58wHQrrl
3dx8pZDKnJeTYp5Q0Bltnja57MzAksed+rlAAxXdQATDImEKCW9zENzGpyAw+cwo
t12eYtPqxIq6ctJSzGiDf9/QdL7ucJEcwEZ9sm8D4nBsQjy9OYmmXKODEZqZAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUiHpF+kBGa0DQy4khW5EXJdPhtlgwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2EzOTYyMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNDMyMzUzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUdYGbMA0GCSqGSIb3DQEBCwUAA4IBAQBdubAr96AUY8EHrnpI
RucYgv28Nqa2aS1tgi50itDE0PEmSbemISrfHf0+5B26GS+cflopfK7yp1bkYnT6
cm+ANONmuz2/QFTH7jA6ghj92RM63CVDiXA7+LdveRMuV4mnHBkdzkluHmMVzgTm
3PKGEiUO2XIzC8w1/r/Q0ZdhXn6K65cTtPJ4DerC2p+6vJqaVX3D8mQThTk4Avyi
MUEThwYmwuEm/+DyTPZt5YynVI7upkRePU5t+90FnG7FG31vQEnHp/gDO4yXIXEL
rkf1pFJKAzWXl55qAicVkiwiAus6OKv3+0BXfjHWkRYG+8T8S/mqXtPH43c3fHCq
rvIG
-----END CERTIFICATE-----
Generated at Tue Oct 22 16:10:16 2024 by rpki-client on console-fra.rpki-client.org