Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a396330303a3a2f34302d3438203d3e20323134313638.roa
File: 326131343a373538313a396330303a3a2f34302d3438203d3e20323134313638.roa (raw, json)
Hash identifier: JO3B7TwJo3HPnojy4fxh3Uhxg3NRPe3kvpVZur1uxww=
Subject key identifier: 4A:A9:F3:F1:26:60:AC:17:9A:D2:FE:BB:5D:CE:4E:A2:86:DA:11:7F
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 6FF5E9A8B5EC751C05EA39A469783335EC91C7CF
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a396330303a3a2f34302d3438203d3e20323134313638.roa
Signing time: Wed 25 Sep 2024 14:13:01 +0000
ROA not before: Wed 25 Sep 2024 14:08:01 +0000
ROA not after: Wed 24 Sep 2025 14:13:01 +0000
asID: 214168
IP address blocks: 2a14:7581:9c00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:f5:e9:a8:b5:ec:75:1c:05:ea:39:a4:69:78:33:35:ec:91:c7:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Sep 25 14:08:01 2024 GMT
Not After : Sep 24 14:13:01 2025 GMT
Subject: CN=4AA9F3F12660AC179AD2FEBB5DCE4EA286DA117F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:40:42:ac:d4:fe:e8:6b:fa:97:64:99:8d:d5:
65:3c:60:48:90:2f:30:1f:97:68:2e:c3:f1:27:08:
36:de:32:06:37:6b:de:f6:da:b5:e7:12:02:88:97:
9e:78:26:52:95:2c:b6:8b:a3:fa:ae:04:f0:02:23:
b2:8a:cc:2a:d8:3d:aa:ba:c5:fc:9f:f2:0a:e7:9c:
35:09:11:30:be:ad:57:76:13:7d:05:eb:34:cd:2a:
71:55:dc:1a:d9:8f:f7:00:8c:3b:2d:e9:66:2c:3b:
04:81:dd:43:3f:e8:7c:6d:db:59:a0:67:55:e9:91:
d6:41:42:5f:f9:cf:90:75:30:ff:c8:3d:ee:32:a4:
6e:e3:a4:99:eb:b3:5d:56:f3:41:bb:43:c6:24:13:
ff:9f:31:38:ec:e9:78:54:4e:db:11:4b:85:e8:c6:
fd:43:ce:58:c7:6d:57:10:e0:08:7d:da:ef:1a:e8:
3d:f3:e6:a1:67:1a:7b:93:a2:34:9f:1b:5a:a5:c0:
a9:60:bb:95:c9:43:42:a0:c6:1b:f3:17:33:8c:4a:
a1:0c:3a:a1:74:3b:db:2b:63:b4:5e:a9:65:15:40:
f3:bc:ab:c1:d8:df:31:75:af:45:7a:bf:b8:13:d2:
ac:59:9b:bf:a7:0d:f3:fc:31:b3:53:72:74:c0:31:
76:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:A9:F3:F1:26:60:AC:17:9A:D2:FE:BB:5D:CE:4E:A2:86:DA:11:7F
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a396330303a3a2f34302d3438203d3e20323134313638.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:9c00::/40
Signature Algorithm: sha256WithRSAEncryption
1f:1a:12:28:8c:8d:87:5a:ea:a1:4c:d0:61:90:08:5c:a4:4a:
9a:f9:ab:8a:44:5a:f2:7a:38:cd:69:ca:f2:9e:c2:df:5b:84:
df:49:17:df:9c:20:f0:9c:10:78:71:26:12:bd:ef:c5:3e:61:
fd:a5:04:c6:73:8b:79:76:11:8a:79:fb:5b:fe:3e:04:f8:70:
4f:47:d5:83:19:ce:cf:32:9e:c7:4c:95:cc:12:38:43:86:0c:
c4:9b:a8:ee:51:c2:31:d2:af:66:9d:d0:a3:2e:65:e8:f0:76:
a5:0f:72:f0:ec:59:10:d8:d8:36:8d:94:36:b4:e1:4d:14:e2:
4d:dd:96:22:4b:f2:d9:e1:bc:91:ca:1e:81:48:6d:94:23:af:
40:a2:b6:ac:40:e9:1a:d2:e5:df:77:21:2e:7f:e8:d9:69:0e:
98:36:5c:ec:d9:63:1d:91:8a:7d:bd:1d:2c:a2:73:6a:86:12:
71:c7:36:55:21:74:17:b7:8c:7e:b9:79:6a:d3:8c:b6:e8:53:
1b:74:2a:fb:1f:35:b8:f0:cd:18:af:c0:e9:5a:b7:6d:dc:6f:
2f:bd:5d:e8:13:ac:df:6e:bd:ee:76:f9:f9:b6:e2:0b:63:67:
33:93:0b:34:b9:cf:eb:83:06:97:b8:2c:0b:95:1a:38:bb:ab:
41:55:f1:c4
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUb/XpqLXsdRwF6jmkaXgzNeyRx88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDA5MjUxNDA4MDFaFw0yNTA5MjQxNDEzMDFaMDMxMTAvBgNV
BAMTKDRBQTlGM0YxMjY2MEFDMTc5QUQyRkVCQjVEQ0U0RUEyODZEQTExN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1QEKs1P7oa/qXZJmN1WU8YEiQ
LzAfl2guw/EnCDbeMgY3a9722rXnEgKIl554JlKVLLaLo/quBPACI7KKzCrYPaq6
xfyf8grnnDUJETC+rVd2E30F6zTNKnFV3BrZj/cAjDst6WYsOwSB3UM/6Hxt21mg
Z1XpkdZBQl/5z5B1MP/IPe4ypG7jpJnrs11W80G7Q8YkE/+fMTjs6XhUTtsRS4Xo
xv1DzljHbVcQ4Ah92u8a6D3z5qFnGnuTojSfG1qlwKlgu5XJQ0KgxhvzFzOMSqEM
OqF0O9srY7ReqWUVQPO8q8HY3zF1r0V6v7gT0qxZm7+nDfP8MbNTcnTAMXZJAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUSqnz8SZgrBea0v67Xc5OoobaEX8wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2EzOTYzMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNDMxMzYzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUdYGcMA0GCSqGSIb3DQEBCwUAA4IBAQAfGhIojI2HWuqhTNBh
kAhcpEqa+auKRFryejjNacrynsLfW4TfSRffnCDwnBB4cSYSve/FPmH9pQTGc4t5
dhGKeftb/j4E+HBPR9WDGc7PMp7HTJXMEjhDhgzEm6juUcIx0q9mndCjLmXo8Hal
D3Lw7FkQ2Ng2jZQ2tOFNFOJN3ZYiS/LZ4byRyh6BSG2UI69AorasQOka0uXfdyEu
f+jZaQ6YNlzs2WMdkYp9vR0sonNqhhJxxzZVIXQXt4x+uXlq04y26FMbdCr7HzW4
8M0Yr8DpWrdt3G8vvV3oE6zfbr3udvn5tuILY2czkws0uc/rgwaXuCwLlRo4u6tB
VfHE
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org