Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6636303a3a2f34342d3438203d3e20313939333130.roa
File: 326131343a373538313a6636303a3a2f34342d3438203d3e20313939333130.roa (raw, json)
Hash identifier: KmS7GNWe7Fcjv6EXC0HdhwnqlfuyfB0p0o9r2pnZ1jQ=
Subject key identifier: 34:89:8A:87:AC:85:A3:29:26:9A:B6:31:60:9E:8E:7D:50:4A:DF:AD
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 43D4D24BA7A1C543516690A92266037BFB6870B9
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6636303a3a2f34342d3438203d3e20313939333130.roa
Signing time: Fri 30 Aug 2024 03:15:34 +0000
ROA not before: Fri 30 Aug 2024 03:10:34 +0000
ROA not after: Fri 29 Aug 2025 03:15:34 +0000
asID: 199310
IP address blocks: 2a14:7581:f60::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:d4:d2:4b:a7:a1:c5:43:51:66:90:a9:22:66:03:7b:fb:68:70:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Aug 30 03:10:34 2024 GMT
Not After : Aug 29 03:15:34 2025 GMT
Subject: CN=34898A87AC85A329269AB631609E8E7D504ADFAD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:af:6e:2e:0c:cf:90:10:e3:0b:e8:a8:fa:41:
e1:38:ab:31:c4:14:b4:5c:a5:83:1f:04:1a:b3:57:
ef:b6:5f:a7:97:2b:bf:ef:ee:64:fc:fe:52:51:62:
04:af:7f:9f:2a:ef:f3:09:b0:cf:2c:2e:7b:7e:67:
2f:6c:db:eb:ee:ed:4b:30:e6:00:b0:1a:0c:ed:9d:
be:9d:06:50:77:be:ce:8c:bf:65:92:d8:0e:78:20:
84:b6:43:8d:7d:b3:b8:e4:2b:63:6c:de:af:c1:76:
a3:5d:f8:73:c9:7c:5b:c3:5c:1f:1c:f2:8f:23:2e:
84:bb:b4:38:aa:0b:c8:8e:8c:7c:4c:27:3b:ad:13:
8e:b5:cf:b0:06:d7:2a:7f:ce:8b:7e:bf:e5:e5:0e:
50:cd:9e:11:13:75:64:72:5f:cf:de:ff:a0:ea:66:
31:61:11:cb:66:e7:fd:9f:d9:aa:f4:9a:50:73:ff:
33:37:d9:c9:ef:99:ee:e7:90:ad:ca:dc:0f:c1:67:
9c:b1:50:33:eb:a6:ee:76:f8:03:a2:1b:ac:22:26:
e1:9e:52:6f:26:95:53:1c:db:c9:62:98:2f:40:7f:
7e:a5:57:3e:84:89:0f:91:54:8e:ca:a1:5c:7f:72:
c1:0c:10:f7:67:62:6f:47:71:f0:68:0a:25:fb:1c:
64:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:89:8A:87:AC:85:A3:29:26:9A:B6:31:60:9E:8E:7D:50:4A:DF:AD
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6636303a3a2f34342d3438203d3e20313939333130.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:f60::/44
Signature Algorithm: sha256WithRSAEncryption
5e:0a:6f:2a:55:8b:ef:3d:d7:96:76:17:58:ce:59:50:1a:a1:
9d:73:e7:d1:16:16:4b:08:e6:d6:c5:4b:7a:2b:4b:f6:63:8e:
b2:34:4f:a6:16:01:cc:5e:d7:10:cc:12:b1:f7:1b:22:ec:70:
c9:7f:f0:41:60:9a:e1:76:48:b7:d2:62:d5:20:13:cc:27:2e:
df:eb:f3:c3:3b:bf:a7:7d:fa:ff:cb:8e:63:0d:57:b4:66:aa:
2d:b9:40:07:4d:3a:ff:4f:15:85:8b:41:25:b1:91:87:0e:fc:
d0:fc:f9:5a:ba:cd:93:93:8b:90:5b:93:a8:f5:a1:df:be:3f:
73:61:9e:09:6e:13:c0:14:f4:2d:8c:dc:4d:68:de:a0:33:e0:
d9:bf:f3:36:ec:c4:ce:9b:b2:45:6d:e5:7a:52:a7:66:91:11:
02:5d:3f:0c:a3:16:6b:50:61:0d:7f:e1:69:d7:76:05:fe:56:
79:17:60:b0:6b:c5:db:b4:71:d8:4b:b8:13:48:f0:cf:0f:41:
d9:8a:18:eb:25:ed:9f:02:30:10:40:31:d7:70:6b:d7:db:78:
04:e1:89:eb:1c:50:44:1b:19:31:23:4a:64:b0:14:49:a0:c9:
ca:1a:6b:f6:34:63:6b:e5:7c:f3:b0:a0:81:67:70:7d:38:ce:
04:09:8d:4b
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUQ9TSS6ehxUNRZpCpImYDe/tocLkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDA4MzAwMzEwMzRaFw0yNTA4MjkwMzE1MzRaMDMxMTAvBgNV
BAMTKDM0ODk4QTg3QUM4NUEzMjkyNjlBQjYzMTYwOUU4RTdENTA0QURGQUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpr24uDM+QEOML6Kj6QeE4qzHE
FLRcpYMfBBqzV++2X6eXK7/v7mT8/lJRYgSvf58q7/MJsM8sLnt+Zy9s2+vu7Usw
5gCwGgztnb6dBlB3vs6Mv2WS2A54IIS2Q419s7jkK2Ns3q/BdqNd+HPJfFvDXB8c
8o8jLoS7tDiqC8iOjHxMJzutE461z7AG1yp/zot+v+XlDlDNnhETdWRyX8/e/6Dq
ZjFhEctm5/2f2ar0mlBz/zM32cnvme7nkK3K3A/BZ5yxUDPrpu52+AOiG6wiJuGe
Um8mlVMc28limC9Af36lVz6EiQ+RVI7KoVx/csEMEPdnYm9HcfBoCiX7HGR1AgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUNImKh6yFoykmmrYxYJ6OfVBK360wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2E2NjM2MzAzYTNhMmYzNDM0MmQzNDM4MjAzZDNlMjAzMTM5MzkzMzMxMzAucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwQqFHWBD2AwDQYJKoZIhvcNAQELBQADggEBAF4KbypVi+8915Z2F1jO
WVAaoZ1z59EWFksI5tbFS3orS/ZjjrI0T6YWAcxe1xDMErH3GyLscMl/8EFgmuF2
SLfSYtUgE8wnLt/r88M7v6d9+v/LjmMNV7Rmqi25QAdNOv9PFYWLQSWxkYcO/ND8
+Vq6zZOTi5Bbk6j1od++P3NhngluE8AU9C2M3E1o3qAz4Nm/8zbsxM6bskVt5XpS
p2aREQJdPwyjFmtQYQ1/4WnXdgX+VnkXYLBrxdu0cdhLuBNI8M8PQdmKGOsl7Z8C
MBBAMddwa9fbeAThiescUEQbGTEjSmSwFEmgycoaa/Y0Y2vlfPOwoIFncH04zgQJ
jUs=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:20 2024 by rpki-client on console-ams.rpki-client.org