Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6639303a3a2f34342d3438203d3e203533363637.roa
File: 326131343a373538313a6639303a3a2f34342d3438203d3e203533363637.roa (raw, json)
Hash identifier: 6mSDiOV7ga4z64bSqYXgfdTX7sqiMdwmujWwZ0ByohQ=
Subject key identifier: B4:94:C4:06:37:C4:2B:5D:9D:6A:24:4A:F6:6B:F8:67:44:CA:9C:05
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 24CF60AC5E710BE2A5FF86C94F69FFA671CB1510
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6639303a3a2f34342d3438203d3e203533363637.roa
Signing time: Wed 28 Aug 2024 03:48:46 +0000
ROA not before: Wed 28 Aug 2024 03:43:46 +0000
ROA not after: Wed 27 Aug 2025 03:48:46 +0000
asID: 53667
IP address blocks: 2a14:7581:f90::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:cf:60:ac:5e:71:0b:e2:a5:ff:86:c9:4f:69:ff:a6:71:cb:15:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Aug 28 03:43:46 2024 GMT
Not After : Aug 27 03:48:46 2025 GMT
Subject: CN=B494C40637C42B5D9D6A244AF66BF86744CA9C05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:71:c8:cd:9a:7b:ca:95:49:7d:0e:ab:f2:f4:
23:62:00:70:04:c7:59:13:e1:1f:15:54:79:e1:26:
16:97:03:fe:0a:cf:88:ff:ce:7e:7f:10:9a:60:04:
f3:24:7c:8e:03:6f:0f:20:68:01:fa:b9:64:83:de:
1a:97:4f:7d:b7:76:66:bc:f4:72:5e:d7:7c:a8:7e:
5e:13:29:ac:af:3f:e5:0c:36:a5:f6:f9:6d:34:d4:
24:58:8a:71:8a:b2:82:00:7b:93:32:67:72:31:54:
18:39:14:1c:e9:4f:e9:68:7f:42:70:5b:a8:20:77:
62:72:dd:32:b4:65:9f:6b:22:1b:3d:8d:b4:c6:ca:
5c:81:58:8e:6b:68:e8:fe:5f:d0:5f:92:94:3d:23:
47:1c:c3:e1:65:40:c7:5e:bc:03:e0:58:7f:ac:26:
e9:14:e1:de:ab:37:3f:9b:86:8c:fc:08:eb:75:7f:
c2:e0:08:cd:18:0d:77:44:38:b4:dd:0d:f2:9d:a6:
04:a3:c5:79:96:4c:ab:f0:ca:ea:a8:a6:b8:01:2f:
32:71:d6:c4:fe:bb:01:3f:92:82:70:58:f8:ba:bd:
27:52:3d:0d:24:b2:98:78:a9:fc:90:94:b5:19:6a:
85:6d:f5:16:ca:71:5b:6f:4a:4d:4b:6c:0d:85:d3:
12:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:94:C4:06:37:C4:2B:5D:9D:6A:24:4A:F6:6B:F8:67:44:CA:9C:05
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6639303a3a2f34342d3438203d3e203533363637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:f90::/44
Signature Algorithm: sha256WithRSAEncryption
20:06:56:81:ae:10:60:62:ad:34:81:f1:fa:b5:75:6c:a9:8c:
35:d3:45:1f:e9:d8:cf:40:b9:23:44:4d:07:99:88:62:e8:ae:
04:5d:01:18:9c:4f:8e:d6:3e:ad:2c:fe:0d:e8:83:64:91:27:
78:ad:3a:4e:10:61:c2:2f:bb:d6:38:f4:28:05:f6:e3:fb:60:
07:a6:3e:35:33:4f:7a:1a:a5:4e:72:4a:ca:b8:97:6d:d7:3e:
0a:19:3b:f0:38:43:15:02:c9:30:d3:a0:51:04:8c:e7:51:83:
c1:de:b7:fe:fe:82:a0:20:56:98:e2:d1:a7:b3:75:54:94:d0:
08:36:bc:d5:8d:b4:67:46:16:4a:e5:be:cf:02:e4:f0:44:b2:
4a:37:77:54:1d:89:00:d5:f3:e9:74:46:f8:ea:4e:34:3a:92:
f2:bb:bb:ce:00:a0:86:aa:a4:c6:4c:2b:ff:26:ad:85:e3:8d:
6f:3c:d6:92:90:98:f7:b2:4e:e1:92:6a:36:7a:07:68:39:c1:
0e:65:09:82:17:ed:7f:b9:a3:a7:49:c7:d5:13:9b:5b:36:b5:
92:45:57:4b:2b:2d:ee:8c:1c:67:2e:9b:1e:f0:9e:5f:6c:20:
38:ba:a7:af:cc:c3:9e:26:09:38:6a:e9:bb:27:20:e1:f0:6f:
ea:6f:b1:df
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUJM9grF5xC+Kl/4bJT2n/pnHLFRAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDA4MjgwMzQzNDZaFw0yNTA4MjcwMzQ4NDZaMDMxMTAvBgNV
BAMTKEI0OTRDNDA2MzdDNDJCNUQ5RDZBMjQ0QUY2NkJGODY3NDRDQTlDMDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqccjNmnvKlUl9Dqvy9CNiAHAE
x1kT4R8VVHnhJhaXA/4Kz4j/zn5/EJpgBPMkfI4Dbw8gaAH6uWSD3hqXT323dma8
9HJe13yofl4TKayvP+UMNqX2+W001CRYinGKsoIAe5MyZ3IxVBg5FBzpT+lof0Jw
W6ggd2Jy3TK0ZZ9rIhs9jbTGylyBWI5raOj+X9BfkpQ9I0ccw+FlQMdevAPgWH+s
JukU4d6rNz+bhoz8COt1f8LgCM0YDXdEOLTdDfKdpgSjxXmWTKvwyuqoprgBLzJx
1sT+uwE/koJwWPi6vSdSPQ0ksph4qfyQlLUZaoVt9RbKcVtvSk1LbA2F0xKxAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUtJTEBjfEK12daiRK9mv4Z0TKnAUwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2E2NjM5MzAzYTNhMmYzNDM0MmQzNDM4MjAzZDNlMjAzNTMzMzYzNjM3LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcEKhR1gQ+QMA0GCSqGSIb3DQEBCwUAA4IBAQAgBlaBrhBgYq00gfH6tXVs
qYw100Uf6djPQLkjRE0HmYhi6K4EXQEYnE+O1j6tLP4N6INkkSd4rTpOEGHCL7vW
OPQoBfbj+2AHpj41M096GqVOckrKuJdt1z4KGTvwOEMVAskw06BRBIznUYPB3rf+
/oKgIFaY4tGns3VUlNAINrzVjbRnRhZK5b7PAuTwRLJKN3dUHYkA1fPpdEb46k40
OpLyu7vOAKCGqqTGTCv/Jq2F441vPNaSkJj3sk7hkmo2egdoOcEOZQmCF+1/uaOn
ScfVE5tbNrWSRVdLKy3ujBxnLpse8J5fbCA4uqevzMOeJgk4aum7JyDh8G/qb7Hf
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org