Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6637313a3a2f34382d3438203d3e203230343733.roa
File: 326131343a373538313a6637313a3a2f34382d3438203d3e203230343733.roa (raw, json)
Hash identifier: QFQnxKncyIst9Dt0NNWOmeInWv+pDfMGVdYxlbs4OIc=
Subject key identifier: 4D:0D:DF:48:1E:35:B9:B9:05:1C:09:EC:8B:DE:A9:DF:E5:A8:D8:C2
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 7C80C4CBD5C9F254CC964B0156A5BFCD121A72F7
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6637313a3a2f34382d3438203d3e203230343733.roa
Signing time: Wed 14 Aug 2024 15:04:24 +0000
ROA not before: Wed 14 Aug 2024 14:59:24 +0000
ROA not after: Wed 13 Aug 2025 15:04:24 +0000
asID: 20473
IP address blocks: 2a14:7581:f71::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:80:c4:cb:d5:c9:f2:54:cc:96:4b:01:56:a5:bf:cd:12:1a:72:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Aug 14 14:59:24 2024 GMT
Not After : Aug 13 15:04:24 2025 GMT
Subject: CN=4D0DDF481E35B9B9051C09EC8BDEA9DFE5A8D8C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:78:02:bf:a0:d3:7e:7f:74:fc:67:b5:ef:ee:
22:a4:50:ef:a4:41:8e:31:71:6e:80:82:f0:46:b1:
c1:2a:79:f8:ca:82:2d:55:c9:d8:be:0f:b3:75:39:
84:45:c0:66:10:e6:05:35:5e:28:de:4c:01:89:c8:
d7:c4:25:3b:49:33:c3:d7:2f:cb:b7:23:b5:a4:28:
91:b7:42:69:12:a3:f9:3a:cf:80:66:5d:f2:f4:fb:
8e:da:b6:07:aa:42:2e:05:33:2c:3f:f4:f0:6e:94:
31:92:12:82:87:0d:17:56:85:c1:b1:1d:60:a2:ea:
e6:ad:7c:c3:d1:78:1a:54:80:42:6a:b1:fc:59:ec:
b6:bc:1b:e8:56:1b:d1:fc:e5:a1:72:a4:c7:9c:25:
ef:a8:64:9c:1e:83:e6:96:69:45:4d:a4:f2:95:60:
a6:be:10:01:2d:8b:97:33:d3:18:15:f9:88:cf:30:
83:75:4a:d8:d7:86:43:e4:d0:93:ae:38:c3:b5:05:
b0:b6:62:48:93:50:21:c3:bd:0e:85:60:f2:55:df:
07:20:6b:47:62:45:96:ea:de:c7:be:fc:48:d3:42:
c1:8b:4b:8a:05:98:3c:6b:0d:6d:de:48:28:f2:de:
d5:27:87:97:9c:de:bb:da:80:c7:46:cb:5a:7a:9d:
3a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:0D:DF:48:1E:35:B9:B9:05:1C:09:EC:8B:DE:A9:DF:E5:A8:D8:C2
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6637313a3a2f34382d3438203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:f71::/48
Signature Algorithm: sha256WithRSAEncryption
97:ea:f5:8a:f6:bd:e3:4b:28:c9:23:20:d8:f5:a6:82:41:60:
d0:63:3b:48:18:8f:c4:36:6a:13:2f:1c:53:ff:d9:94:ac:fa:
98:99:dd:c4:3d:27:3c:5b:95:45:ac:5b:1d:98:27:bc:1c:49:
7f:7f:a0:a9:aa:37:bc:e8:e7:74:6c:fd:e9:49:1f:50:81:ff:
12:e4:85:67:ae:4a:c0:f6:01:e6:03:74:e8:9f:69:5e:da:22:
82:ad:3f:9d:07:78:2d:57:a8:88:ba:0d:d9:ab:3c:2e:38:55:
06:61:8d:4c:65:1c:bf:9a:97:88:28:fe:c6:f4:b1:0e:24:a7:
1a:46:25:b1:ac:0a:b9:2a:99:cc:5d:19:65:32:0a:62:f1:93:
c0:cf:e2:fd:57:e0:19:06:13:c2:2f:2c:50:5c:34:c1:bf:00:
17:85:c2:5a:9c:8c:38:57:a9:b5:1a:74:4c:58:d1:f4:de:81:
94:a2:0f:3e:bb:32:2d:96:e0:b6:58:69:58:3c:a1:dc:2a:c0:
7f:3f:ba:c4:21:99:72:6c:31:78:c5:6f:89:77:ed:09:5c:26:
ac:c1:88:64:93:72:b2:1c:82:66:73:86:06:5a:ea:99:02:f0:
83:60:00:95:33:bb:0e:63:d2:24:f6:c2:97:b2:6f:ee:9f:33:
52:59:f8:17
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUfIDEy9XJ8lTMlksBVqW/zRIacvcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDA4MTQxNDU5MjRaFw0yNTA4MTMxNTA0MjRaMDMxMTAvBgNV
BAMTKDREMERERjQ4MUUzNUI5QjkwNTFDMDlFQzhCREVBOURGRTVBOEQ4QzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCweAK/oNN+f3T8Z7Xv7iKkUO+k
QY4xcW6AgvBGscEqefjKgi1Vydi+D7N1OYRFwGYQ5gU1XijeTAGJyNfEJTtJM8PX
L8u3I7WkKJG3QmkSo/k6z4BmXfL0+47atgeqQi4FMyw/9PBulDGSEoKHDRdWhcGx
HWCi6uatfMPReBpUgEJqsfxZ7La8G+hWG9H85aFypMecJe+oZJweg+aWaUVNpPKV
YKa+EAEti5cz0xgV+YjPMIN1StjXhkPk0JOuOMO1BbC2YkiTUCHDvQ6FYPJV3wcg
a0diRZbq3se+/EjTQsGLS4oFmDxrDW3eSCjy3tUnh5ec3rvagMdGy1p6nTp9AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUTQ3fSB41ubkFHAnsi96p3+Wo2MIwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2E2NjM3MzEzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhR1gQ9xMA0GCSqGSIb3DQEBCwUAA4IBAQCX6vWK9r3jSyjJIyDY9aaC
QWDQYztIGI/ENmoTLxxT/9mUrPqYmd3EPSc8W5VFrFsdmCe8HEl/f6Cpqje86Od0
bP3pSR9Qgf8S5IVnrkrA9gHmA3Ton2le2iKCrT+dB3gtV6iIug3ZqzwuOFUGYY1M
ZRy/mpeIKP7G9LEOJKcaRiWxrAq5KpnMXRllMgpi8ZPAz+L9V+AZBhPCLyxQXDTB
vwAXhcJanIw4V6m1GnRMWNH03oGUog8+uzItluC2WGlYPKHcKsB/P7rEIZlybDF4
xW+Jd+0JXCaswYhkk3KyHIJmc4YGWuqZAvCDYACVM7sOY9Ik9sKXsm/unzNSWfgX
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org