Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6637303a3a2f34382d3438203d3e203230343733.roa
File: 326131343a373538313a6637303a3a2f34382d3438203d3e203230343733.roa (raw, json)
Hash identifier: Yv40+pjoETK19SctKF8htRvmG0N9/RUW3tMB3i27kbQ=
Subject key identifier: 87:BB:59:D6:4C:79:54:68:FD:B4:14:5D:40:C1:07:F0:0B:47:F3:C2
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 683E5AEDED5908FF6B34C5659875D78E6AEBD85C
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6637303a3a2f34382d3438203d3e203230343733.roa
Signing time: Wed 14 Aug 2024 15:02:30 +0000
ROA not before: Wed 14 Aug 2024 14:57:30 +0000
ROA not after: Wed 13 Aug 2025 15:02:30 +0000
asID: 20473
IP address blocks: 2a14:7581:f70::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:3e:5a:ed:ed:59:08:ff:6b:34:c5:65:98:75:d7:8e:6a:eb:d8:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Aug 14 14:57:30 2024 GMT
Not After : Aug 13 15:02:30 2025 GMT
Subject: CN=87BB59D64C795468FDB4145D40C107F00B47F3C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:95:cd:aa:7d:53:95:18:0a:07:97:e0:32:04:
68:f6:dc:f6:48:f1:bb:7e:70:2b:87:40:a6:b3:4f:
eb:27:cd:6a:cb:68:05:55:38:7e:b9:c8:1a:0b:86:
a6:c0:e9:fd:03:b8:ae:07:ef:34:5e:1e:1f:7e:d8:
74:7b:a9:d6:ae:1f:f6:5d:54:63:0a:0f:45:68:52:
a4:d3:e6:ff:dc:ed:bd:48:bd:4e:b8:e7:2a:68:73:
1c:da:e9:a5:fd:25:20:91:31:3f:3c:07:74:25:42:
c4:90:38:b4:e9:58:d6:00:b0:10:2b:1a:35:f1:47:
2e:b1:ef:af:72:57:65:cf:21:59:58:0d:c4:0d:ef:
cd:97:bf:88:ae:02:56:64:e2:d9:2f:3d:2b:ad:e8:
46:0f:49:8e:6b:38:1c:32:1e:56:f5:9a:bb:60:99:
c8:70:d3:e6:99:0d:70:21:59:9e:08:20:b3:54:da:
2f:f8:61:d4:f7:45:94:82:62:a1:f4:74:a9:08:f2:
77:eb:9e:e8:5c:63:db:b6:19:aa:f4:da:94:c6:d8:
b6:f2:91:a0:0a:b0:a6:31:e4:d5:a1:b9:a8:87:c1:
24:f1:1b:f8:f4:6b:56:f7:03:62:0a:f2:9f:22:d6:
d2:ed:57:09:31:9b:e4:82:18:69:88:52:24:67:0b:
d5:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:BB:59:D6:4C:79:54:68:FD:B4:14:5D:40:C1:07:F0:0B:47:F3:C2
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6637303a3a2f34382d3438203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:f70::/48
Signature Algorithm: sha256WithRSAEncryption
91:77:a6:39:9e:fb:77:ea:f5:d7:bb:a9:7c:72:cc:5b:70:c3:
b3:f3:be:d1:da:8b:35:ed:9c:d5:04:31:3a:e8:a6:51:02:d3:
8a:15:2d:1c:d2:48:e7:26:aa:5a:41:5f:ba:af:20:0a:da:99:
66:88:10:49:44:22:1f:9a:75:45:cf:74:95:70:bd:2b:55:c9:
c3:c5:96:f3:7a:d6:c6:85:ea:96:84:40:64:c1:ec:ca:65:03:
41:9d:97:bd:d3:00:80:1c:4c:c5:93:d1:ed:a4:b1:b9:d9:f4:
b3:9f:d3:c5:6a:11:c9:0d:43:bd:af:b2:fe:e5:22:d5:83:87:
e1:aa:a5:59:23:c4:52:98:a9:72:dd:14:4f:8b:85:99:8d:e0:
17:f4:7d:71:a6:e1:44:6c:c6:14:5e:b8:de:10:9b:e3:78:23:
d2:20:c6:55:2c:01:62:8e:2f:66:2d:92:5e:10:27:ce:d6:d2:
0f:2b:a5:a9:b6:34:c3:64:f0:c9:5d:95:6e:3a:4d:be:26:b0:
b7:fb:81:d4:43:76:0a:4f:8c:f0:64:c4:cf:80:22:aa:8b:f0:
ca:93:83:83:f9:19:33:76:3b:18:09:79:f2:94:9e:bb:2e:39:
64:7f:cf:1b:32:78:d9:5c:ce:13:48:36:4d:a9:91:b5:f0:30:
7b:7f:a5:d4
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUaD5a7e1ZCP9rNMVlmHXXjmrr2FwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDA4MTQxNDU3MzBaFw0yNTA4MTMxNTAyMzBaMDMxMTAvBgNV
BAMTKDg3QkI1OUQ2NEM3OTU0NjhGREI0MTQ1RDQwQzEwN0YwMEI0N0YzQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCflc2qfVOVGAoHl+AyBGj23PZI
8bt+cCuHQKazT+snzWrLaAVVOH65yBoLhqbA6f0DuK4H7zReHh9+2HR7qdauH/Zd
VGMKD0VoUqTT5v/c7b1IvU645ypocxza6aX9JSCRMT88B3QlQsSQOLTpWNYAsBAr
GjXxRy6x769yV2XPIVlYDcQN782Xv4iuAlZk4tkvPSut6EYPSY5rOBwyHlb1mrtg
mchw0+aZDXAhWZ4IILNU2i/4YdT3RZSCYqH0dKkI8nfrnuhcY9u2Gar02pTG2Lby
kaAKsKYx5NWhuaiHwSTxG/j0a1b3A2IK8p8i1tLtVwkxm+SCGGmIUiRnC9W1AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUh7tZ1kx5VGj9tBRdQMEH8AtH88IwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2E2NjM3MzAzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhR1gQ9wMA0GCSqGSIb3DQEBCwUAA4IBAQCRd6Y5nvt36vXXu6l8csxb
cMOz877R2os17ZzVBDE66KZRAtOKFS0c0kjnJqpaQV+6ryAK2plmiBBJRCIfmnVF
z3SVcL0rVcnDxZbzetbGheqWhEBkwezKZQNBnZe90wCAHEzFk9HtpLG52fSzn9PF
ahHJDUO9r7L+5SLVg4fhqqVZI8RSmKly3RRPi4WZjeAX9H1xpuFEbMYUXrjeEJvj
eCPSIMZVLAFiji9mLZJeECfO1tIPK6WptjTDZPDJXZVuOk2+JrC3+4HUQ3YKT4zw
ZMTPgCKqi/DKk4OD+RkzdjsYCXnylJ67Ljlkf88bMnjZXM4TSDZNqZG18DB7f6XU
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org