Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6663303a3a2f34342d3438203d3e20323134323538.roa
File: 326131343a373538313a6663303a3a2f34342d3438203d3e20323134323538.roa (raw, json)
Hash identifier: gDMW7hjjTqVkux+Munr3gvxPFUMyeoRWl/il83afxwo=
Subject key identifier: 82:A2:6E:B8:62:FB:08:79:15:02:24:80:3B:06:FF:50:A1:2A:07:13
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 5108E3123550932B2822D463CB89699D93010AF6
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6663303a3a2f34342d3438203d3e20323134323538.roa
Signing time: Fri 06 Sep 2024 02:57:32 +0000
ROA not before: Fri 06 Sep 2024 02:52:32 +0000
ROA not after: Fri 05 Sep 2025 02:57:32 +0000
asID: 214258
IP address blocks: 2a14:7581:fc0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:08:e3:12:35:50:93:2b:28:22:d4:63:cb:89:69:9d:93:01:0a:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Sep 6 02:52:32 2024 GMT
Not After : Sep 5 02:57:32 2025 GMT
Subject: CN=82A26EB862FB0879150224803B06FF50A12A0713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e4:8d:36:6e:a2:b9:6d:bc:aa:9b:ca:6b:c1:
a9:a3:16:54:90:4e:ce:ae:8f:6c:7c:ba:65:11:8b:
8f:16:fe:ed:10:af:f2:5b:9f:29:fa:71:34:d0:6f:
e1:2c:0b:dc:7a:37:10:b6:75:0d:c8:8b:38:bc:a4:
e0:a1:b3:11:0b:d9:6d:5c:cd:bd:41:88:7a:21:f8:
4e:f8:29:df:1d:77:2c:a8:7d:b6:eb:5b:e8:6c:8f:
52:e9:5c:be:68:7a:2d:b9:94:c8:49:2b:c3:98:ae:
86:86:93:d5:6a:81:e3:be:aa:3d:89:b8:19:08:bd:
8f:a7:c2:83:bc:1f:49:1f:3b:c4:91:4e:1d:fc:54:
a4:f2:a7:59:86:1c:a9:6e:84:7e:18:07:9a:4a:be:
58:cf:8b:af:86:d6:c5:db:ea:a0:70:48:21:9d:36:
9b:fe:e9:5b:22:91:2d:f8:cf:12:60:65:5c:ee:d8:
d8:66:77:b2:7d:ea:69:b8:7e:1a:7e:b0:32:ed:b1:
e4:90:da:5f:16:34:11:5e:6b:a6:8f:94:50:84:55:
c1:e8:93:34:e9:17:23:ff:c1:a2:30:f1:0b:5f:82:
83:2b:17:38:e5:6f:ba:f4:9a:a7:7c:17:1a:95:d2:
f8:ef:e4:b8:d8:fa:29:84:89:b3:1f:41:53:14:bc:
78:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:A2:6E:B8:62:FB:08:79:15:02:24:80:3B:06:FF:50:A1:2A:07:13
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6663303a3a2f34342d3438203d3e20323134323538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:fc0::/44
Signature Algorithm: sha256WithRSAEncryption
7f:4c:18:b3:21:36:40:1d:8a:43:e6:0e:c8:20:8f:0e:a3:4e:
76:83:72:7b:ed:f7:24:31:8e:f1:20:5a:03:38:9d:cc:ff:84:
79:06:e3:76:21:f5:67:93:a4:70:f7:62:90:76:20:34:cd:de:
ce:c6:48:3f:80:4c:6f:c2:3e:b4:b5:7f:29:f8:a3:2e:3b:06:
62:ee:59:27:23:fe:92:48:90:18:5e:44:6b:7c:33:34:bc:a7:
a3:fd:a7:db:6f:e4:9d:4b:8c:f5:20:d9:f3:71:40:ee:01:c2:
79:95:59:15:56:9d:52:64:dc:e2:1d:90:4f:44:ca:c6:86:df:
6b:f3:83:ac:47:a3:20:46:f0:02:10:06:6f:bf:12:ca:c4:52:
9d:82:33:6d:68:d8:a0:1e:bd:10:34:58:53:bf:07:ce:96:13:
49:8c:22:ac:59:6f:d9:d7:0d:84:97:42:ef:ba:ff:32:21:7c:
40:f9:b0:ee:03:f4:b0:db:44:d7:3c:ff:73:44:8a:c7:97:74:
c9:d7:d1:99:26:7a:f1:9f:48:de:bd:be:3e:d9:c2:b3:1e:09:
da:88:8a:fb:09:6b:94:bf:b9:83:33:08:23:78:9e:39:6e:85:
95:ba:62:47:fc:8c:c2:37:3d:42:48:05:47:92:d9:cd:08:e6:
5f:52:d8:ce
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUUQjjEjVQkysoItRjy4lpnZMBCvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDA5MDYwMjUyMzJaFw0yNTA5MDUwMjU3MzJaMDMxMTAvBgNV
BAMTKDgyQTI2RUI4NjJGQjA4NzkxNTAyMjQ4MDNCMDZGRjUwQTEyQTA3MTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC35I02bqK5bbyqm8prwamjFlSQ
Ts6uj2x8umURi48W/u0Qr/Jbnyn6cTTQb+EsC9x6NxC2dQ3Iizi8pOChsxEL2W1c
zb1BiHoh+E74Kd8ddyyofbbrW+hsj1LpXL5oei25lMhJK8OYroaGk9VqgeO+qj2J
uBkIvY+nwoO8H0kfO8SRTh38VKTyp1mGHKluhH4YB5pKvljPi6+G1sXb6qBwSCGd
Npv+6VsikS34zxJgZVzu2Nhmd7J96mm4fhp+sDLtseSQ2l8WNBFea6aPlFCEVcHo
kzTpFyP/waIw8QtfgoMrFzjlb7r0mqd8FxqV0vjv5LjY+imEibMfQVMUvHi9AgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUgqJuuGL7CHkVAiSAOwb/UKEqBxMwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2E2NjYzMzAzYTNhMmYzNDM0MmQzNDM4MjAzZDNlMjAzMjMxMzQzMjM1Mzgucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwQqFHWBD8AwDQYJKoZIhvcNAQELBQADggEBAH9MGLMhNkAdikPmDsgg
jw6jTnaDcnvt9yQxjvEgWgM4ncz/hHkG43Yh9WeTpHD3YpB2IDTN3s7GSD+ATG/C
PrS1fyn4oy47BmLuWScj/pJIkBheRGt8MzS8p6P9p9tv5J1LjPUg2fNxQO4BwnmV
WRVWnVJk3OIdkE9EysaG32vzg6xHoyBG8AIQBm+/EsrEUp2CM21o2KAevRA0WFO/
B86WE0mMIqxZb9nXDYSXQu+6/zIhfED5sO4D9LDbRNc8/3NEiseXdMnX0ZkmevGf
SN69vj7ZwrMeCdqIivsJa5S/uYMzCCN4njluhZW6Ykf8jMI3PUJIBUeS2c0I5l9S
2M4=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org