Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6330303a3a2f34302d3438203d3e20323134343536.roa
File: 326131343a373538313a6330303a3a2f34302d3438203d3e20323134343536.roa (raw, json)
Hash identifier: CHyEk54OnzQwgxZP3ksmvFQAlQvy/tUS1c9Rqtw5ag8=
Subject key identifier: A1:1B:C1:9C:4F:B8:53:8D:E3:8C:0C:52:23:1C:A8:35:ED:F0:D1:8C
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 5B9A1962C853D22AE558B8FC5A8879FD1BE632ED
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6330303a3a2f34302d3438203d3e20323134343536.roa
Signing time: Tue 30 Jul 2024 03:29:35 +0000
ROA not before: Tue 30 Jul 2024 03:24:35 +0000
ROA not after: Tue 29 Jul 2025 03:29:35 +0000
asID: 214456
IP address blocks: 2a14:7581:c00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:9a:19:62:c8:53:d2:2a:e5:58:b8:fc:5a:88:79:fd:1b:e6:32:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jul 30 03:24:35 2024 GMT
Not After : Jul 29 03:29:35 2025 GMT
Subject: CN=A11BC19C4FB8538DE38C0C52231CA835EDF0D18C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:40:d6:a1:55:97:68:a6:b9:7b:3a:4d:44:d6:
cc:de:4e:c7:2d:10:d9:98:b2:92:20:bf:8e:47:95:
1e:d3:cc:5c:75:01:f4:bc:7b:e9:ef:b0:c2:0a:5e:
48:42:b1:10:93:e2:50:e5:f5:a0:04:56:63:5c:d3:
aa:37:80:74:a4:47:d9:28:0c:c7:21:fd:ea:48:e8:
48:10:8e:62:88:25:32:ca:c2:97:eb:17:cc:f5:02:
fc:3f:ac:87:6b:42:5e:74:6d:80:be:00:f8:9a:13:
d6:ef:3c:ed:90:b1:12:7d:c0:c4:45:03:6a:ef:69:
8f:a8:10:ad:a6:8c:60:81:8c:c4:34:2a:c5:d0:e0:
fc:f5:30:11:3b:32:61:b4:81:1b:62:fc:9d:f8:9c:
ea:f4:06:ac:61:26:8e:21:ae:6a:7e:91:e9:81:c5:
92:60:c7:f1:7c:eb:57:93:13:a8:35:fe:f2:32:60:
20:73:92:70:41:6e:ae:97:b3:50:14:a9:8d:64:7a:
df:8d:50:b5:d0:cb:b6:44:fb:35:90:0c:bb:f8:76:
a5:6b:62:7d:4c:ef:b4:3e:25:bf:62:5c:25:d7:a2:
13:ab:f5:ee:26:73:4d:bc:fd:89:19:fa:13:5a:d1:
30:9d:18:4e:d7:44:77:2b:87:f2:45:61:ce:65:bc:
ae:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:1B:C1:9C:4F:B8:53:8D:E3:8C:0C:52:23:1C:A8:35:ED:F0:D1:8C
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6330303a3a2f34302d3438203d3e20323134343536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:c00::/40
Signature Algorithm: sha256WithRSAEncryption
8d:55:b3:51:46:e3:61:5e:c9:81:ed:92:17:50:16:f7:04:b6:
cd:bf:2b:9a:92:d9:7b:3a:e5:0e:e5:21:00:6a:ed:6f:f3:48:
e9:a2:5c:a0:d2:90:f8:cb:d0:55:90:18:56:e5:60:da:a1:9f:
fc:c8:f1:ee:20:71:a4:f1:24:27:dd:f1:b6:87:d0:d9:bf:e5:
3f:07:d8:14:5d:87:64:ff:5d:9a:42:8d:33:33:89:bb:78:ef:
6a:f6:98:76:2c:7b:53:0a:4d:20:43:fb:66:60:ea:a3:6c:d5:
d7:ec:18:f9:50:60:8f:d1:7d:36:bd:ce:53:4b:ec:70:09:8d:
90:64:12:61:82:35:22:37:af:7c:c1:bf:8d:b9:db:55:1e:0c:
0b:27:cd:ca:05:e0:9f:19:2d:a6:74:98:6e:ec:7c:6f:e1:5b:
4b:ce:5f:91:8e:11:3d:6a:e7:df:8c:97:d8:de:41:80:03:33:
ba:79:e0:d7:6a:ff:59:ef:40:99:14:23:87:df:26:f8:0b:c4:
67:ea:d8:95:04:2d:e1:13:eb:46:4b:d9:0e:da:32:a3:55:99:
07:ce:79:28:fa:ee:5f:02:1e:19:f9:dc:bc:83:5c:99:f2:a3:
24:44:27:53:04:fb:8a:ac:00:3a:2a:d5:ce:14:a8:60:ed:7a:
56:c1:14:07
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUW5oZYshT0irlWLj8Woh5/RvmMu0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDA3MzAwMzI0MzVaFw0yNTA3MjkwMzI5MzVaMDMxMTAvBgNV
BAMTKEExMUJDMTlDNEZCODUzOERFMzhDMEM1MjIzMUNBODM1RURGMEQxOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLQNahVZdoprl7Ok1E1szeTsct
ENmYspIgv45HlR7TzFx1AfS8e+nvsMIKXkhCsRCT4lDl9aAEVmNc06o3gHSkR9ko
DMch/epI6EgQjmKIJTLKwpfrF8z1Avw/rIdrQl50bYC+APiaE9bvPO2QsRJ9wMRF
A2rvaY+oEK2mjGCBjMQ0KsXQ4Pz1MBE7MmG0gRti/J34nOr0BqxhJo4hrmp+kemB
xZJgx/F861eTE6g1/vIyYCBzknBBbq6Xs1AUqY1ket+NULXQy7ZE+zWQDLv4dqVr
Yn1M77Q+Jb9iXCXXohOr9e4mc028/YkZ+hNa0TCdGE7XRHcrh/JFYc5lvK49AgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUoRvBnE+4U43jjAxSIxyoNe3w0YwwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2E2MzMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMxMzQzNDM1MzYucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqFHWBDDANBgkqhkiG9w0BAQsFAAOCAQEAjVWzUUbjYV7Jge2SF1AW
9wS2zb8rmpLZezrlDuUhAGrtb/NI6aJcoNKQ+MvQVZAYVuVg2qGf/Mjx7iBxpPEk
J93xtofQ2b/lPwfYFF2HZP9dmkKNMzOJu3jvavaYdix7UwpNIEP7ZmDqo2zV1+wY
+VBgj9F9Nr3OU0vscAmNkGQSYYI1IjevfMG/jbnbVR4MCyfNygXgnxktpnSYbux8
b+FbS85fkY4RPWrn34yX2N5BgAMzunng12r/We9AmRQjh98m+AvEZ+rYlQQt4RPr
RkvZDtoyo1WZB855KPruXwIeGfncvINcmfKjJEQnUwT7iqwAOirVzhSoYO16VsEU
Bw==
-----END CERTIFICATE-----
Generated at Sun Nov 24 11:56:51 2024 by rpki-client on console-ams.rpki-client.org