Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538343a313030303a3a2f33362d3438203d3e203230343733.roa
File: 326131343a373538343a313030303a3a2f33362d3438203d3e203230343733.roa (raw, json)
Hash identifier: ZG01wEawPiBjN+zHc6bOLtfdrnVX6oyiI/yF5swGIdI=
Subject key identifier: 30:A7:76:64:48:B1:89:A9:AA:3B:E4:5D:6D:12:0D:0B:62:89:66:7C
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 761824D00472AD4AE46442724C09B2A502E68167
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538343a313030303a3a2f33362d3438203d3e203230343733.roa
Signing time: Sun 17 Nov 2024 15:07:39 +0000
ROA not before: Sun 17 Nov 2024 15:02:39 +0000
ROA not after: Sun 16 Nov 2025 15:07:39 +0000
asID: 20473
IP address blocks: 2a14:7584:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:18:24:d0:04:72:ad:4a:e4:64:42:72:4c:09:b2:a5:02:e6:81:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Nov 17 15:02:39 2024 GMT
Not After : Nov 16 15:07:39 2025 GMT
Subject: CN=30A7766448B189A9AA3BE45D6D120D0B6289667C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1a:d8:ac:04:92:f3:1f:cf:c3:ee:79:c6:67:
e2:4b:59:19:df:b9:bc:98:e5:43:6a:b9:9c:e3:9b:
14:28:cd:12:55:1b:fe:ac:35:dd:c4:83:40:fc:01:
52:7d:9f:4c:9b:b0:54:b1:28:de:e9:48:18:f7:83:
18:6d:2b:41:1a:3d:73:3c:e1:c7:fa:6f:d2:6d:53:
9c:89:7f:8b:08:41:6e:72:f2:c5:42:32:a1:b4:31:
97:95:9c:ef:35:f4:03:a2:3c:28:fe:40:dd:9b:a6:
10:4c:fe:f7:0a:5a:e0:5c:15:79:a0:0a:03:e4:38:
ad:a4:bf:4a:b5:5a:d6:0f:44:91:8d:f2:8f:3a:a8:
2d:d9:85:af:22:02:73:ea:7f:76:da:5f:43:df:b8:
2d:6e:53:8c:ae:c8:89:e4:1c:5d:18:cd:00:04:c9:
83:58:15:a7:cd:e2:ca:cf:1c:e9:30:8d:60:b5:6a:
61:a2:f2:60:8d:06:cb:44:02:5a:da:b7:64:3f:b0:
c2:5f:00:02:1c:6e:78:db:f7:e5:a1:3e:7a:04:d2:
54:2a:2a:bb:8e:ad:a6:f4:be:d4:81:d6:42:f8:19:
e6:66:97:8f:1f:ee:1e:d3:9b:48:93:99:e0:a4:23:
57:0e:20:1b:f4:e1:04:ea:3c:00:af:94:4e:15:09:
c4:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:A7:76:64:48:B1:89:A9:AA:3B:E4:5D:6D:12:0D:0B:62:89:66:7C
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538343a313030303a3a2f33362d3438203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7584:1000::/36
Signature Algorithm: sha256WithRSAEncryption
43:c7:a3:88:c6:22:0f:ee:00:86:91:c0:db:a6:da:ed:2d:a6:
e6:aa:ed:66:7a:9d:ba:97:2d:13:d9:50:fe:7e:14:42:62:66:
ab:9a:80:5f:2a:07:74:2c:a5:6a:d8:93:ab:31:f6:32:aa:7c:
e7:e3:2d:cf:1e:6d:49:dc:15:bf:1a:14:67:ff:71:7e:5b:e3:
90:50:5d:fe:f2:6a:84:b2:3e:60:54:07:e8:e8:08:ef:27:10:
54:19:5e:88:21:1b:8b:80:8d:ee:5b:c0:0f:ec:87:e8:92:5d:
bc:fe:67:f5:f0:d3:0a:22:ed:83:0c:43:e1:80:8e:29:2c:d0:
0b:91:d2:f0:5e:ad:c5:ae:6e:b6:87:46:b1:c4:ac:89:8d:be:
c6:00:49:3a:78:d0:d4:b7:de:d0:8e:f7:f0:35:2c:ac:74:d3:
c1:64:eb:62:28:0b:17:c7:4d:60:88:b2:35:69:0a:4d:dd:f7:
ba:b4:b8:bd:dd:73:bf:12:0d:58:61:12:b7:0e:4b:a7:45:c5:
a2:dd:4f:1f:26:25:a0:a0:7e:11:2c:23:91:a5:22:94:e9:89:
e6:90:4b:bb:e6:9a:c6:8d:2b:7c:b0:04:d5:7f:b7:3f:ca:5b:
87:da:01:4f:ab:ff:15:1b:0f:0f:9f:62:aa:29:f9:7e:df:1c:
85:e8:75:24
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUdhgk0ARyrUrkZEJyTAmypQLmgWcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDExMTcxNTAyMzlaFw0yNTExMTYxNTA3MzlaMDMxMTAvBgNV
BAMTKDMwQTc3NjY0NDhCMTg5QTlBQTNCRTQ1RDZEMTIwRDBCNjI4OTY2N0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0GtisBJLzH8/D7nnGZ+JLWRnf
ubyY5UNquZzjmxQozRJVG/6sNd3Eg0D8AVJ9n0ybsFSxKN7pSBj3gxhtK0EaPXM8
4cf6b9JtU5yJf4sIQW5y8sVCMqG0MZeVnO819AOiPCj+QN2bphBM/vcKWuBcFXmg
CgPkOK2kv0q1WtYPRJGN8o86qC3Zha8iAnPqf3baX0PfuC1uU4yuyInkHF0YzQAE
yYNYFafN4srPHOkwjWC1amGi8mCNBstEAlrat2Q/sMJfAAIcbnjb9+WhPnoE0lQq
KruOrab0vtSB1kL4GeZml48f7h7Tm0iTmeCkI1cOIBv04QTqPACvlE4VCcRxAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUMKd2ZEixiamqO+RdbRINC2KJZnwwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODM0
M2EzMTMwMzAzMDNhM2EyZjMzMzYyZDM0MzgyMDNkM2UyMDMyMzAzNDM3MzMucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgQqFHWEEDANBgkqhkiG9w0BAQsFAAOCAQEAQ8ejiMYiD+4AhpHA26ba
7S2m5qrtZnqdupctE9lQ/n4UQmJmq5qAXyoHdCylatiTqzH2Mqp85+Mtzx5tSdwV
vxoUZ/9xflvjkFBd/vJqhLI+YFQH6OgI7ycQVBleiCEbi4CN7lvAD+yH6JJdvP5n
9fDTCiLtgwxD4YCOKSzQC5HS8F6txa5utodGscSsiY2+xgBJOnjQ1Lfe0I738DUs
rHTTwWTrYigLF8dNYIiyNWkKTd33urS4vd1zvxINWGEStw5Lp0XFot1PHyYloKB+
ESwjkaUilOmJ5pBLu+aaxo0rfLAE1X+3P8pbh9oBT6v/FRsPD59iqin5ft8cheh1
JA==
-----END CERTIFICATE-----
Generated at Sun Nov 24 10:22:12 2024 by rpki-client on console-fra.rpki-client.org