Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538353a3a2f33322d3438203d3e2030.roa
File: 326131343a373538353a3a2f33322d3438203d3e2030.roa (raw, json)
Hash identifier: /yKqjPd9OhVmkTT0Ve7wvQq9jhp4n/0SKhuIoqln07o=
Subject key identifier: 21:1B:FA:22:03:68:27:79:AA:54:9E:AC:A7:E2:74:D3:42:61:47:AB
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 61E491789B3823B9434552E8A571AE38AE6C3786
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538353a3a2f33322d3438203d3e2030.roa
Signing time: Sun 20 Oct 2024 01:36:19 +0000
ROA not before: Sun 20 Oct 2024 01:31:19 +0000
ROA not after: Sun 19 Oct 2025 01:36:19 +0000
asID: 0
IP address blocks: 2a14:7585::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 13:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:e4:91:78:9b:38:23:b9:43:45:52:e8:a5:71:ae:38:ae:6c:37:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Oct 20 01:31:19 2024 GMT
Not After : Oct 19 01:36:19 2025 GMT
Subject: CN=211BFA2203682779AA549EACA7E274D3426147AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:79:d9:21:f2:63:2b:3c:ea:e8:25:e1:fc:75:
c0:f5:40:08:11:25:28:89:23:e9:6c:06:0c:e5:d3:
5c:5f:42:1d:5d:8c:7f:c5:82:f9:65:a1:19:b2:0c:
37:e6:95:47:66:e8:d6:f5:ba:0a:2a:e6:de:cd:f7:
c9:e4:af:cc:ed:df:92:4a:87:22:06:29:25:db:c4:
26:f1:42:32:ad:ba:33:05:10:a8:ee:ac:14:18:ca:
54:e6:58:c6:73:5b:c8:9c:28:88:73:a9:98:6f:19:
e3:56:f7:d3:4b:28:e3:cb:7c:32:cf:71:40:cb:ec:
06:8c:4a:51:86:c2:cc:94:3f:ab:f2:0c:cb:4a:c8:
be:9f:f6:a5:83:56:0f:8c:4b:4d:3e:68:1f:c2:3f:
f4:fe:f7:57:5f:d8:02:5d:34:c0:96:2e:4a:78:bf:
e8:9b:50:fb:01:3a:b8:0c:2f:9f:71:b2:83:02:3a:
ab:2e:0b:c2:96:4e:90:4e:4e:1c:93:f2:8e:9f:97:
9d:0e:9b:68:ec:65:c7:e2:ae:86:88:28:d8:b8:42:
5c:65:20:19:0a:ab:aa:b2:f2:11:ec:63:ba:ff:a0:
f9:47:a4:bd:98:48:69:3c:34:c0:8b:9e:30:ed:a6:
c3:63:81:5d:62:43:67:7d:95:91:61:d1:7e:93:13:
3c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:1B:FA:22:03:68:27:79:AA:54:9E:AC:A7:E2:74:D3:42:61:47:AB
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538353a3a2f33322d3438203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7585::/32
Signature Algorithm: sha256WithRSAEncryption
0e:0f:c3:fc:34:2e:09:ee:4b:3f:ef:22:79:95:d1:5a:44:32:
c2:61:98:09:97:c6:cc:ef:6c:8d:cf:87:dd:4a:4d:67:df:ed:
b7:22:cc:01:09:6d:4a:ab:e6:55:65:c9:a3:be:fc:4c:db:b1:
ec:07:18:92:85:ba:9c:87:61:03:2e:c4:7c:6d:51:0d:c4:a5:
78:7e:2f:a5:10:4a:24:32:fa:26:df:3e:86:1b:06:82:d8:29:
95:04:15:c3:81:bb:26:20:f0:fa:13:f4:34:3c:00:db:10:f5:
9f:6f:c2:b0:e8:b0:a4:8c:17:70:e6:2c:96:18:83:d9:f7:90:
b3:ac:2b:c3:b0:a0:a8:a5:40:44:f0:27:70:be:52:8f:33:3f:
bf:cd:9b:0d:12:29:1d:bb:1b:11:e8:e9:d4:d0:16:92:f0:5a:
c6:b8:16:d2:b8:a5:90:c0:30:47:73:bc:80:c8:63:fb:12:0f:
d4:b3:29:f0:73:5c:eb:fe:f7:91:ae:22:fc:ef:fa:14:e5:71:
f3:73:ac:dc:e1:e0:79:58:48:38:98:95:ab:5c:be:43:ab:a8:
77:52:ef:e6:74:20:93:bd:1b:57:d2:ce:36:da:27:70:47:8c:
20:58:dd:59:61:84:7c:b8:71:4b:28:e2:9a:bd:90:c9:aa:9b:
be:3c:f1:55
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUYeSReJs4I7lDRVLopXGuOK5sN4YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDEwMjAwMTMxMTlaFw0yNTEwMTkwMTM2MTlaMDMxMTAvBgNV
BAMTKDIxMUJGQTIyMDM2ODI3NzlBQTU0OUVBQ0E3RTI3NEQzNDI2MTQ3QUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5edkh8mMrPOroJeH8dcD1QAgR
JSiJI+lsBgzl01xfQh1djH/FgvlloRmyDDfmlUdm6Nb1ugoq5t7N98nkr8zt35JK
hyIGKSXbxCbxQjKtujMFEKjurBQYylTmWMZzW8icKIhzqZhvGeNW99NLKOPLfDLP
cUDL7AaMSlGGwsyUP6vyDMtKyL6f9qWDVg+MS00+aB/CP/T+91df2AJdNMCWLkp4
v+ibUPsBOrgML59xsoMCOqsuC8KWTpBOThyT8o6fl50Om2jsZcfiroaIKNi4Qlxl
IBkKq6qy8hHsY7r/oPlHpL2YSGk8NMCLnjDtpsNjgV1iQ2d9lZFh0X6TEzx5AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUIRv6IgNoJ3mqVJ6sp+J000JhR6swHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODM1
M2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAqFHWFMA0GCSqG
SIb3DQEBCwUAA4IBAQAOD8P8NC4J7ks/7yJ5ldFaRDLCYZgJl8bM72yNz4fdSk1n
3+23IswBCW1Kq+ZVZcmjvvxM27HsBxiShbqch2EDLsR8bVENxKV4fi+lEEokMvom
3z6GGwaC2CmVBBXDgbsmIPD6E/Q0PADbEPWfb8Kw6LCkjBdw5iyWGIPZ95CzrCvD
sKCopUBE8CdwvlKPMz+/zZsNEikduxsR6OnU0BaS8FrGuBbSuKWQwDBHc7yAyGP7
Eg/Usynwc1zr/veRriL87/oU5XHzc6zc4eB5WEg4mJWrXL5Dq6h3Uu/mdCCTvRtX
0s422idwR4wgWN1ZYYR8uHFLKOKavZDJqpu+PPFV
-----END CERTIFICATE-----
Generated at Tue Oct 22 16:58:19 2024 by rpki-client on console-ams.rpki-client.org