Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a396632303a3a2f34342d3438203d3e20323135323838.roa
File: 326131343a373538313a396632303a3a2f34342d3438203d3e20323135323838.roa (raw, json)
Hash identifier: o8UoWaASzTqXcnZPDoXUeLpMz7/uGxZ988wsb8ameic=
Subject key identifier: 97:C0:EC:27:29:CE:1A:F5:5F:D9:25:17:90:69:E3:16:CE:25:A8:C7
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 7767CD5A9646C1E060C700162B8AF902772E251B
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a396632303a3a2f34342d3438203d3e20323135323838.roa
Signing time: Thu 21 Nov 2024 13:22:40 +0000
ROA not before: Thu 21 Nov 2024 13:17:40 +0000
ROA not after: Thu 20 Nov 2025 13:22:40 +0000
asID: 215288
IP address blocks: 2a14:7581:9f20::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:67:cd:5a:96:46:c1:e0:60:c7:00:16:2b:8a:f9:02:77:2e:25:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Nov 21 13:17:40 2024 GMT
Not After : Nov 20 13:22:40 2025 GMT
Subject: CN=97C0EC2729CE1AF55FD925179069E316CE25A8C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:59:5c:5e:3f:ad:38:ac:91:5f:18:fc:81:a9:
3c:5a:af:d9:56:b1:29:4e:9e:88:56:30:cf:bb:9e:
cb:8e:6a:1c:11:43:01:60:82:dc:3f:8c:c4:a5:33:
d6:8d:97:a9:49:5f:2f:3e:25:96:73:cb:58:bf:ca:
42:fc:81:5d:e9:ef:e6:6e:4b:5c:97:30:f3:28:49:
81:45:07:2c:af:89:ac:04:e6:7d:0e:22:a8:70:90:
66:5f:56:5b:ce:52:0c:76:f0:db:37:f8:1f:e3:5e:
07:ad:1e:cc:1a:ee:48:f9:18:91:1b:01:8e:f0:57:
3e:97:1e:4e:f2:36:33:2b:54:04:c1:4d:33:c4:a7:
da:b9:f8:51:7a:17:8d:30:ef:18:9a:be:8a:bf:01:
e6:0c:98:12:70:7d:71:a0:6d:c4:d3:e3:08:fd:6b:
73:21:44:cc:7e:99:1e:9e:f7:b1:6c:bc:37:5f:8c:
74:04:bf:e0:e5:a5:28:0e:4d:4b:44:08:ab:e0:ce:
7f:48:60:0c:f2:50:ab:dc:8b:be:1f:36:ed:b5:8c:
fa:2e:12:7c:f5:c1:13:ef:82:f4:ba:72:03:18:d0:
58:fd:f4:97:13:16:76:f2:48:9f:e1:ec:09:8d:47:
00:ba:84:71:5d:ff:17:5e:8d:6c:a1:71:78:ef:23:
49:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C0:EC:27:29:CE:1A:F5:5F:D9:25:17:90:69:E3:16:CE:25:A8:C7
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a396632303a3a2f34342d3438203d3e20323135323838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:9f20::/44
Signature Algorithm: sha256WithRSAEncryption
7a:db:e1:7c:c9:52:2b:c1:7e:f9:c1:26:25:fd:7d:ea:e7:4a:
5a:d1:57:88:4f:19:37:97:80:53:54:87:b4:8a:ab:df:89:8d:
25:c3:26:c9:8c:13:9f:9c:02:a2:0b:ca:13:b0:f6:9b:6f:43:
fd:49:a4:23:47:52:d1:16:06:66:f8:2c:16:43:84:49:30:ee:
da:4e:38:53:3e:00:bf:2e:f6:16:17:93:a6:b7:cf:85:dc:99:
50:e6:56:cf:05:df:32:68:52:59:4a:cb:a1:92:1b:72:9d:01:
9d:92:11:3c:07:43:ad:94:57:51:6e:3b:1e:0a:ce:4a:53:d2:
79:25:17:9b:81:d0:8b:7a:3a:55:8c:e9:81:04:3c:0e:dd:ab:
4e:4d:6e:6b:f8:13:f4:de:cc:38:4d:a9:17:92:e5:1f:22:58:
5c:f5:d7:a7:67:0f:34:c8:5a:bb:a3:90:54:3c:c5:da:eb:e1:
ef:66:a5:62:d9:23:90:f9:07:cf:3f:45:6b:bb:8f:fa:70:86:
a1:90:60:a9:ea:32:20:65:9c:e0:b3:a9:06:0f:de:a0:80:50:
df:0d:17:aa:cd:c8:60:d4:21:4f:4a:56:4e:5b:0f:88:59:f3:
c3:69:f8:d8:32:cb:09:c0:71:a2:ea:a0:f0:37:f1:05:08:95:
c6:81:14:88
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUd2fNWpZGweBgxwAWK4r5AncuJRswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDExMjExMzE3NDBaFw0yNTExMjAxMzIyNDBaMDMxMTAvBgNV
BAMTKDk3QzBFQzI3MjlDRTFBRjU1RkQ5MjUxNzkwNjlFMzE2Q0UyNUE4QzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsWVxeP604rJFfGPyBqTxar9lW
sSlOnohWMM+7nsuOahwRQwFggtw/jMSlM9aNl6lJXy8+JZZzy1i/ykL8gV3p7+Zu
S1yXMPMoSYFFByyviawE5n0OIqhwkGZfVlvOUgx28Ns3+B/jXgetHswa7kj5GJEb
AY7wVz6XHk7yNjMrVATBTTPEp9q5+FF6F40w7xiavoq/AeYMmBJwfXGgbcTT4wj9
a3MhRMx+mR6e97FsvDdfjHQEv+DlpSgOTUtECKvgzn9IYAzyUKvci74fNu21jPou
Enz1wRPvgvS6cgMY0Fj99JcTFnbySJ/h7AmNRwC6hHFd/xdejWyhcXjvI0nnAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUl8DsJynOGvVf2SUXkGnjFs4lqMcwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2EzOTY2MzIzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMyMzEzNTMyMzgzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoUdYGfIDANBgkqhkiG9w0BAQsFAAOCAQEAetvhfMlSK8F++cEm
Jf196udKWtFXiE8ZN5eAU1SHtIqr34mNJcMmyYwTn5wCogvKE7D2m29D/UmkI0dS
0RYGZvgsFkOESTDu2k44Uz4Avy72FheTprfPhdyZUOZWzwXfMmhSWUrLoZIbcp0B
nZIRPAdDrZRXUW47HgrOSlPSeSUXm4HQi3o6VYzpgQQ8Dt2rTk1ua/gT9N7MOE2p
F5LlHyJYXPXXp2cPNMhau6OQVDzF2uvh72alYtkjkPkHzz9Fa7uP+nCGoZBgqeoy
IGWc4LOpBg/eoIBQ3w0Xqs3IYNQhT0pWTlsPiFnzw2n42DLLCcBxouqg8DfxBQiV
xoEUiA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org