Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6666623a3a2f34382d3438203d3e20323134373733.roa
File: 326131343a373538313a6666623a3a2f34382d3438203d3e20323134373733.roa (raw, json)
Hash identifier: wV6nZrznQS1GXiR3F70wKWTxNNz4EH++1sIeD8KKU+M=
Subject key identifier: 97:7F:74:1D:42:9C:8B:69:51:61:89:F8:12:B0:40:1B:63:C3:B5:68
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 79B6CD9524C4A630C5EFF0E5F290C3FBA84D0D94
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6666623a3a2f34382d3438203d3e20323134373733.roa
Signing time: Wed 05 Jun 2024 03:30:36 +0000
ROA not before: Wed 05 Jun 2024 03:25:36 +0000
ROA not after: Wed 04 Jun 2025 03:30:36 +0000
asID: 214773
IP address blocks: 2a14:7581:ffb::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:b6:cd:95:24:c4:a6:30:c5:ef:f0:e5:f2:90:c3:fb:a8:4d:0d:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jun 5 03:25:36 2024 GMT
Not After : Jun 4 03:30:36 2025 GMT
Subject: CN=977F741D429C8B69516189F812B0401B63C3B568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a7:39:9f:33:d2:1e:88:93:50:a0:9d:7d:83:
68:20:7e:c5:ef:34:35:70:68:0c:70:33:0e:87:44:
ff:62:0d:b6:cc:31:3e:dd:9e:6a:6a:43:9d:4c:9e:
ae:23:c9:c9:79:6f:7b:fc:4e:3b:b9:19:51:c8:3d:
5f:af:ce:c1:18:95:b9:bf:fd:87:90:c4:cd:67:b1:
98:4e:86:16:e6:6e:10:f6:e1:f9:7e:ab:56:1a:f5:
9d:05:ca:d1:dc:3d:b4:f8:b3:98:9e:41:57:37:b5:
47:2d:02:bc:d0:1f:87:2d:45:1c:c5:ce:39:e3:61:
34:61:a5:57:68:7c:d1:fd:0f:17:39:31:2b:87:91:
5a:a8:53:ae:cb:9d:67:a1:d6:60:19:d9:43:8d:f9:
dc:75:b0:8b:15:9b:fc:a9:93:a8:c4:92:00:5b:e3:
7a:fd:37:07:60:7d:35:47:90:ac:fe:08:64:a6:72:
1f:5d:27:ff:fa:cc:20:8a:50:22:1d:14:4c:16:21:
ed:2e:aa:8a:bc:3d:4d:c6:a7:6f:dd:6e:14:55:c1:
3b:d1:58:ee:60:83:db:88:8d:0f:f8:40:9b:b3:c5:
63:f3:de:c0:6b:0d:ed:c6:07:c5:e6:f0:9e:72:a9:
93:c3:28:d5:51:d1:64:26:cf:d0:49:a8:36:33:22:
a2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:7F:74:1D:42:9C:8B:69:51:61:89:F8:12:B0:40:1B:63:C3:B5:68
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6666623a3a2f34382d3438203d3e20323134373733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:ffb::/48
Signature Algorithm: sha256WithRSAEncryption
6e:e7:a1:97:6a:3d:d8:2b:a6:60:ff:2b:e1:99:db:2a:ea:45:
9d:cf:fa:4b:a9:f3:6c:79:10:72:c1:6b:0d:de:77:10:db:3e:
28:cf:98:26:5c:9e:6e:0d:2c:7f:85:2b:8b:91:c7:a3:5a:05:
ff:0c:c6:9c:91:6f:15:bc:be:b2:e3:fe:ae:23:f5:e5:b2:95:
c2:28:f3:4a:5c:a9:62:3d:c4:90:e5:5b:d1:55:de:14:ae:42:
be:bd:30:27:86:3b:c8:15:75:88:b9:e2:2a:60:78:bc:79:46:
bf:4d:a7:9e:fd:d4:70:b6:3d:5c:04:71:ab:cf:e4:86:7b:1e:
d3:9e:9f:16:35:46:0d:a6:d9:1f:01:bc:98:2e:fc:76:73:ac:
ff:01:78:d3:75:f3:e3:ab:e6:30:a7:20:ad:65:62:72:ec:85:
56:a9:2c:14:54:13:fb:7b:38:50:bc:cb:1b:bd:ba:f1:55:1c:
51:0e:e6:e5:db:b2:d8:7e:21:d8:85:9a:71:1d:6d:12:6e:a7:
8b:c4:fa:0d:cc:7a:08:df:0c:0a:20:f3:f4:f4:7f:02:9c:44:
23:e1:97:3d:c2:c4:38:e3:ad:5d:e9:52:f6:df:2b:a6:95:78:
4c:ca:20:37:aa:3b:2d:17:c6:19:7d:b4:fc:40:16:de:47:c9:
8d:9f:18:8b
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUebbNlSTEpjDF7/Dl8pDD+6hNDZQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDA2MDUwMzI1MzZaFw0yNTA2MDQwMzMwMzZaMDMxMTAvBgNV
BAMTKDk3N0Y3NDFENDI5QzhCNjk1MTYxODlGODEyQjA0MDFCNjNDM0I1NjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+pzmfM9IeiJNQoJ19g2ggfsXv
NDVwaAxwMw6HRP9iDbbMMT7dnmpqQ51Mnq4jycl5b3v8Tju5GVHIPV+vzsEYlbm/
/YeQxM1nsZhOhhbmbhD24fl+q1Ya9Z0FytHcPbT4s5ieQVc3tUctArzQH4ctRRzF
zjnjYTRhpVdofNH9Dxc5MSuHkVqoU67LnWeh1mAZ2UON+dx1sIsVm/ypk6jEkgBb
43r9NwdgfTVHkKz+CGSmch9dJ//6zCCKUCIdFEwWIe0uqoq8PU3Gp2/dbhRVwTvR
WO5gg9uIjQ/4QJuzxWPz3sBrDe3GB8Xm8J5yqZPDKNVR0WQmz9BJqDYzIqKtAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUl390HUKci2lRYYn4ErBAG2PDtWgwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2E2NjY2NjIzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzQzNzM3MzMucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqFHWBD/swDQYJKoZIhvcNAQELBQADggEBAG7noZdqPdgrpmD/K+GZ
2yrqRZ3P+kup82x5EHLBaw3edxDbPijPmCZcnm4NLH+FK4uRx6NaBf8MxpyRbxW8
vrLj/q4j9eWylcIo80pcqWI9xJDlW9FV3hSuQr69MCeGO8gVdYi54ipgeLx5Rr9N
p5791HC2PVwEcavP5IZ7HtOenxY1Rg2m2R8BvJgu/HZzrP8BeNN18+Or5jCnIK1l
YnLshVapLBRUE/t7OFC8yxu9uvFVHFEO5uXbsth+IdiFmnEdbRJup4vE+g3Megjf
DAog8/T0fwKcRCPhlz3CxDjjrV3pUvbfK6aVeEzKIDeqOy0Xxhl9tPxAFt5HyY2f
GIs=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:20 2024 by rpki-client on console-ams.rpki-client.org