Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a613030303a3a2f33362d3438203d3e20323134373236.roa
File: 326131343a373538313a613030303a3a2f33362d3438203d3e20323134373236.roa (raw, json)
Hash identifier: WVaJ85SfBXeJmbLcmmCJbhuarRN7aGfjhXCYvuQ/iZk=
Subject key identifier: 81:2C:9E:14:15:95:10:61:FC:8F:4D:6D:85:DD:1B:10:6E:5F:EF:26
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 3BD626B731B76353D02F19D98CEB24DAD369A399
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a613030303a3a2f33362d3438203d3e20323134373236.roa
Signing time: Wed 12 Jun 2024 02:51:34 +0000
ROA not before: Wed 12 Jun 2024 02:46:34 +0000
ROA not after: Wed 11 Jun 2025 02:51:34 +0000
asID: 214726
IP address blocks: 2a14:7581:a000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:d6:26:b7:31:b7:63:53:d0:2f:19:d9:8c:eb:24:da:d3:69:a3:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jun 12 02:46:34 2024 GMT
Not After : Jun 11 02:51:34 2025 GMT
Subject: CN=812C9E1415951061FC8F4D6D85DD1B106E5FEF26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e4:9b:2b:01:94:ec:6e:2a:8b:27:d0:80:ba:
b3:77:da:f4:97:d0:b9:e9:0c:5e:3b:61:af:b5:9f:
22:88:f4:99:bc:e3:5c:70:a8:43:b1:90:48:ee:25:
20:b3:26:e5:78:4c:18:a4:51:b4:6d:73:24:16:d4:
b8:83:0b:cd:ad:70:78:53:a9:33:05:c4:bc:ff:6f:
22:bb:6a:3e:b0:ed:da:40:4d:73:5d:57:b0:f4:dd:
a8:b7:4e:93:5e:88:fe:68:ff:ef:23:42:5a:af:97:
0b:72:92:bc:9e:2b:cd:18:ec:6d:9d:a1:37:eb:f2:
2c:1e:6d:a9:4a:ff:4c:ba:de:83:69:4d:c8:ca:e9:
32:b7:6a:79:65:a3:bc:e4:fd:03:17:1e:c5:9b:ef:
04:91:1c:39:8d:1a:76:87:2c:fa:d6:9e:99:93:e3:
57:fe:33:a7:01:61:6c:d5:ce:ce:92:9c:ce:e2:af:
57:a6:a8:1c:e4:60:0e:bf:97:26:c6:36:d3:cc:a9:
a4:6b:11:92:45:51:8d:19:29:ec:6a:05:f3:16:a0:
a1:54:05:a8:d8:2e:13:4c:87:42:55:02:9f:aa:8b:
7b:62:c5:71:38:6b:00:4b:1d:89:85:2e:7b:0b:59:
1d:cf:98:9e:9c:5c:3c:4d:80:ab:34:52:05:df:f0:
b4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:2C:9E:14:15:95:10:61:FC:8F:4D:6D:85:DD:1B:10:6E:5F:EF:26
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a613030303a3a2f33362d3438203d3e20323134373236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:a000::/36
Signature Algorithm: sha256WithRSAEncryption
6f:f9:7e:45:17:dd:26:79:9d:84:9e:75:16:e7:de:4f:83:80:
3f:11:9d:0d:d4:6a:c8:95:2d:ab:9b:25:70:73:2f:39:73:03:
39:41:32:c6:ae:9f:47:00:9f:37:ce:fb:92:cd:48:e9:b3:30:
4b:fc:55:ca:e8:88:22:5d:db:9e:63:9b:6a:18:96:7a:c5:cb:
bf:e7:1e:17:29:0d:31:af:fa:fc:0b:bc:86:9d:a2:3e:5c:41:
da:8d:1a:26:e3:f3:3a:e3:2f:76:46:53:d5:03:b4:a8:10:de:
00:f8:e3:00:b5:47:40:ea:5a:45:98:0a:a4:fc:af:c0:92:1b:
a6:e7:50:8f:03:76:be:df:c7:09:06:cc:bb:b6:94:d0:8a:a2:
24:97:f0:a5:02:b0:eb:34:23:96:e9:80:db:b6:35:93:12:a3:
d7:08:59:c1:a9:60:cd:e0:f1:4a:a7:83:8e:a4:2c:17:7d:f0:
79:e9:66:8c:df:8a:cf:9a:f4:a1:25:90:b2:92:04:aa:2f:89:
ac:83:76:c0:98:c2:20:c9:cc:c6:a5:98:40:e6:ac:04:f3:8d:
c6:b9:1a:b7:ce:b1:52:d6:a3:da:1a:d3:d9:00:56:e7:a5:4c:
3d:5c:56:ff:ed:f7:15:9d:ee:98:b2:aa:1e:64:d4:88:74:8b:
5a:fb:c9:9c
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUO9YmtzG3Y1PQLxnZjOsk2tNpo5kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDA2MTIwMjQ2MzRaFw0yNTA2MTEwMjUxMzRaMDMxMTAvBgNV
BAMTKDgxMkM5RTE0MTU5NTEwNjFGQzhGNEQ2RDg1REQxQjEwNkU1RkVGMjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCa5JsrAZTsbiqLJ9CAurN32vSX
0LnpDF47Ya+1nyKI9Jm841xwqEOxkEjuJSCzJuV4TBikUbRtcyQW1LiDC82tcHhT
qTMFxLz/byK7aj6w7dpATXNdV7D03ai3TpNeiP5o/+8jQlqvlwtykryeK80Y7G2d
oTfr8iwebalK/0y63oNpTcjK6TK3anllo7zk/QMXHsWb7wSRHDmNGnaHLPrWnpmT
41f+M6cBYWzVzs6SnM7ir1emqBzkYA6/lybGNtPMqaRrEZJFUY0ZKexqBfMWoKFU
BajYLhNMh0JVAp+qi3tixXE4awBLHYmFLnsLWR3PmJ6cXDxNgKs0UgXf8LRLAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUgSyeFBWVEGH8j01thd0bEG5f7yYwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2E2MTMwMzAzMDNhM2EyZjMzMzYyZDM0MzgyMDNkM2UyMDMyMzEzNDM3MzIzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGBCoUdYGgMA0GCSqGSIb3DQEBCwUAA4IBAQBv+X5FF90meZ2EnnUW
595Pg4A/EZ0N1GrIlS2rmyVwcy85cwM5QTLGrp9HAJ83zvuSzUjpszBL/FXK6Igi
XdueY5tqGJZ6xcu/5x4XKQ0xr/r8C7yGnaI+XEHajRom4/M64y92RlPVA7SoEN4A
+OMAtUdA6lpFmAqk/K/Akhum51CPA3a+38cJBsy7tpTQiqIkl/ClArDrNCOW6YDb
tjWTEqPXCFnBqWDN4PFKp4OOpCwXffB56WaM34rPmvShJZCykgSqL4msg3bAmMIg
yczGpZhA5qwE843GuRq3zrFS1qPaGtPZAFbnpUw9XFb/7fcVne6YsqoeZNSIdIta
+8mc
-----END CERTIFICATE-----
Generated at Sun Nov 24 11:56:51 2024 by rpki-client on console-ams.rpki-client.org