Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538333a3a2f33322d3438203d3e2030.roa
File: 326131343a373538333a3a2f33322d3438203d3e2030.roa (raw, json)
Hash identifier: pg0MYCd3Z6SEnda9Bz4VyXkiCAk2xBlWSrfwPvObo7A=
Subject key identifier: 4B:36:CD:49:86:12:45:78:42:3F:5D:7B:17:AF:03:3C:E7:AC:C7:9E
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 630A3606B2C91B145D5CFC8B90F2877E39120FFC
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538333a3a2f33322d3438203d3e2030.roa
Signing time: Sun 20 Oct 2024 01:40:01 +0000
ROA not before: Sun 20 Oct 2024 01:35:01 +0000
ROA not after: Sun 19 Oct 2025 01:40:01 +0000
asID: 0
IP address blocks: 2a14:7583::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:0a:36:06:b2:c9:1b:14:5d:5c:fc:8b:90:f2:87:7e:39:12:0f:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Oct 20 01:35:01 2024 GMT
Not After : Oct 19 01:40:01 2025 GMT
Subject: CN=4B36CD4986124578423F5D7B17AF033CE7ACC79E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0b:95:6a:6a:df:d4:9d:c3:d9:7f:a9:1f:2f:
b8:65:45:75:55:5f:e6:ea:e1:c1:38:1a:1e:bd:ca:
a3:d4:08:63:15:cd:b5:da:70:3c:68:90:64:59:3c:
91:70:db:1d:36:28:1d:08:0c:32:30:60:6c:83:33:
21:75:1e:cd:1a:fb:55:ee:8f:d5:55:75:b2:94:3d:
51:ac:fe:74:80:66:ce:34:c2:d3:ea:9d:10:89:ef:
1d:f8:ca:15:d6:f5:48:3f:3f:89:52:85:53:ee:54:
2f:0b:73:9c:f8:e8:3a:71:ce:05:68:75:1d:3f:33:
5b:96:e5:b0:0a:0c:f1:d7:f2:c7:ba:a4:d3:5f:4a:
06:87:49:d1:69:2a:31:e5:28:dc:31:a6:22:5b:a5:
03:20:1d:bd:25:d0:7a:a8:1d:c5:d2:8f:a6:ed:04:
db:22:da:32:c4:6b:f8:a0:be:a8:3b:53:39:be:c1:
d9:7d:b6:62:f4:1c:1b:0b:c1:32:04:13:e8:72:d1:
72:42:20:29:9a:7c:11:b6:23:e0:5f:c2:a0:4d:bb:
37:63:c0:ed:14:7a:1d:55:c2:4d:0d:f0:1a:9c:3f:
d7:03:f2:1e:77:ba:c2:b1:09:d0:2b:96:c8:a8:ca:
7f:b0:8b:0b:62:27:b6:22:e7:82:ee:49:5b:1b:83:
3a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:36:CD:49:86:12:45:78:42:3F:5D:7B:17:AF:03:3C:E7:AC:C7:9E
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538333a3a2f33322d3438203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7583::/32
Signature Algorithm: sha256WithRSAEncryption
9d:aa:67:fe:2e:aa:e6:95:51:75:2f:b9:23:97:6e:a8:61:31:
f3:04:ec:fb:5b:76:9a:c7:10:66:f6:f0:e6:69:30:d1:49:14:
f6:87:f0:13:bc:24:3f:6e:9b:31:96:8f:a4:2a:c1:ac:e3:c5:
26:99:09:42:2e:c9:b2:3f:d8:67:13:50:2e:4d:0c:f4:2d:2b:
3b:30:8d:5f:f0:01:ac:91:8a:fe:52:ff:54:81:2e:28:33:37:
4b:dc:d9:5e:59:c7:d6:f7:90:dc:45:31:b8:f8:ab:c0:d9:37:
38:36:19:ac:13:f7:87:8d:30:8e:34:ef:33:4e:93:71:3d:a4:
00:70:21:a6:7d:41:9f:c1:03:a8:47:9c:d6:1e:b1:1b:89:86:
7f:ae:4c:5a:ed:2c:e0:de:a6:2f:48:e9:e4:78:a3:dc:75:94:
f4:11:a6:85:39:96:54:bf:84:eb:09:97:d6:06:7f:bb:36:90:
ff:1e:c4:af:89:65:b4:3e:c4:73:93:f7:76:9c:52:69:c4:b6:
fc:12:00:63:13:48:36:61:c6:be:a7:70:fb:a3:13:0f:2e:d9:
19:75:38:31:18:43:5d:76:b4:53:33:f8:b3:0a:62:91:a9:c5:
19:15:88:b3:4d:70:f3:23:56:cd:f2:60:a5:8a:f7:78:7a:1d:
40:b0:c0:30
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUYwo2BrLJGxRdXPyLkPKHfjkSD/wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDEwMjAwMTM1MDFaFw0yNTEwMTkwMTQwMDFaMDMxMTAvBgNV
BAMTKDRCMzZDRDQ5ODYxMjQ1Nzg0MjNGNUQ3QjE3QUYwMzNDRTdBQ0M3OUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtC5Vqat/UncPZf6kfL7hlRXVV
X+bq4cE4Gh69yqPUCGMVzbXacDxokGRZPJFw2x02KB0IDDIwYGyDMyF1Hs0a+1Xu
j9VVdbKUPVGs/nSAZs40wtPqnRCJ7x34yhXW9Ug/P4lShVPuVC8Lc5z46DpxzgVo
dR0/M1uW5bAKDPHX8se6pNNfSgaHSdFpKjHlKNwxpiJbpQMgHb0l0HqoHcXSj6bt
BNsi2jLEa/igvqg7Uzm+wdl9tmL0HBsLwTIEE+hy0XJCICmafBG2I+BfwqBNuzdj
wO0Ueh1Vwk0N8BqcP9cD8h53usKxCdArlsioyn+wiwtiJ7Yi54LuSVsbgzoLAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUSzbNSYYSRXhCP117F68DPOesx54wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMz
M2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAqFHWDMA0GCSqG
SIb3DQEBCwUAA4IBAQCdqmf+LqrmlVF1L7kjl26oYTHzBOz7W3aaxxBm9vDmaTDR
SRT2h/ATvCQ/bpsxlo+kKsGs48UmmQlCLsmyP9hnE1AuTQz0LSs7MI1f8AGskYr+
Uv9UgS4oMzdL3NleWcfW95DcRTG4+KvA2Tc4NhmsE/eHjTCONO8zTpNxPaQAcCGm
fUGfwQOoR5zWHrEbiYZ/rkxa7Szg3qYvSOnkeKPcdZT0EaaFOZZUv4TrCZfWBn+7
NpD/HsSviWW0PsRzk/d2nFJpxLb8EgBjE0g2Yca+p3D7oxMPLtkZdTgxGENddrRT
M/izCmKRqcUZFYizTXDzI1bN8mClivd4eh1AsMAw
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org