Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538363a3a2f33322d3438203d3e20323134323538.roa
File: 326131343a373538363a3a2f33322d3438203d3e20323134323538.roa (raw, json)
Hash identifier: dXoGht7SY1wb/TcEu9e5/32xvnAruJM7rlXSDsvofmA=
Subject key identifier: CA:D6:C1:43:8B:C2:75:0A:12:18:03:21:99:84:C2:13:BA:A8:85:FE
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 5E80E0A24EE5281F14D8241E90EBF76162FCD9D3
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538363a3a2f33322d3438203d3e20323134323538.roa
Signing time: Fri 27 Sep 2024 02:26:07 +0000
ROA not before: Fri 27 Sep 2024 02:21:07 +0000
ROA not after: Fri 26 Sep 2025 02:26:07 +0000
asID: 214258
IP address blocks: 2a14:7586::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 13:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:80:e0:a2:4e:e5:28:1f:14:d8:24:1e:90:eb:f7:61:62:fc:d9:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Sep 27 02:21:07 2024 GMT
Not After : Sep 26 02:26:07 2025 GMT
Subject: CN=CAD6C1438BC2750A121803219984C213BAA885FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1a:11:b9:a6:f4:63:10:80:f6:31:29:00:0e:
0f:c3:95:ac:66:4c:46:1b:a8:95:bd:ff:63:00:04:
41:0c:6a:ed:83:de:9d:9f:a1:13:dd:b3:3b:ff:cb:
36:16:94:be:f1:c5:21:3c:1a:6b:44:53:6a:0f:b0:
61:b2:91:7e:f3:64:b0:f9:f2:ac:a4:54:5f:bb:62:
93:ed:33:22:b3:90:bf:33:68:fe:9b:a8:d5:9c:09:
23:90:a7:6a:31:76:c1:86:ea:6b:65:47:45:c9:1f:
44:0e:ce:f5:f0:bf:59:e4:98:a4:8f:33:06:ca:84:
8f:68:9b:e9:db:25:1c:6e:96:f4:82:fd:0f:0f:b1:
9d:fa:78:a6:a9:06:51:9f:9b:fc:b2:8a:db:c6:54:
f7:46:50:e9:2f:6c:a5:a9:58:c9:b2:ba:83:e8:93:
9c:0b:5a:c7:9d:1c:ee:9b:72:53:10:e5:fd:b6:e5:
48:a8:1a:9a:bd:ee:58:05:6f:e2:ec:31:09:67:8a:
7a:f5:59:22:e5:e6:13:f8:b5:4d:cd:e4:42:e4:99:
9e:f8:06:13:32:72:2d:16:f9:26:05:90:fb:31:d1:
9c:95:a7:6a:79:b7:6b:ee:8f:3c:ca:d5:3b:5e:87:
ae:62:8a:34:bf:a3:d9:54:40:bb:d3:dd:20:f2:9a:
66:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D6:C1:43:8B:C2:75:0A:12:18:03:21:99:84:C2:13:BA:A8:85:FE
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538363a3a2f33322d3438203d3e20323134323538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7586::/32
Signature Algorithm: sha256WithRSAEncryption
65:37:10:e4:15:eb:19:59:46:da:f1:f6:8d:30:51:de:17:a9:
ed:ee:5e:41:da:b4:4e:7d:5a:64:03:78:48:b6:c4:f1:fb:f4:
21:8c:31:93:b3:d0:46:fe:44:8f:68:dc:b6:22:2c:91:ad:5e:
f9:7a:00:69:f5:4b:84:21:12:41:59:ae:a2:76:cf:96:86:63:
f5:a0:4f:4d:be:1b:3c:82:cf:18:b9:77:7d:69:d9:a6:04:a8:
ec:3c:da:56:ab:e3:79:a5:cd:34:bf:9e:d9:83:1f:88:24:1d:
bc:0e:79:e1:63:2f:1d:4c:a2:d3:b7:64:ce:3c:f6:d3:5c:bc:
40:1d:69:2a:75:e4:d1:f4:da:d1:a2:b7:fa:87:f2:4e:19:87:
a8:b8:b4:71:de:e6:73:4b:40:a9:48:cc:66:46:10:0d:92:2e:
e1:15:a5:ab:9b:2b:3b:f1:98:ab:1a:ca:a9:ee:6b:fb:4e:10:
10:76:a4:99:13:d4:11:67:e0:c8:7f:3d:b5:99:82:45:ce:17:
a7:d8:06:80:9c:d9:52:fb:be:15:43:6a:6c:c2:33:1c:30:28:
d0:9a:3c:17:ae:f1:21:c2:76:be:74:a8:92:3d:04:59:ca:11:
5c:7c:1c:e0:ff:61:66:f4:5a:dd:c1:84:2f:fe:40:b3:06:ca:
c0:08:fd:0d
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUXoDgok7lKB8U2CQekOv3YWL82dMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDA5MjcwMjIxMDdaFw0yNTA5MjYwMjI2MDdaMDMxMTAvBgNV
BAMTKENBRDZDMTQzOEJDMjc1MEExMjE4MDMyMTk5ODRDMjEzQkFBODg1RkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgGhG5pvRjEID2MSkADg/Dlaxm
TEYbqJW9/2MABEEMau2D3p2foRPdszv/yzYWlL7xxSE8GmtEU2oPsGGykX7zZLD5
8qykVF+7YpPtMyKzkL8zaP6bqNWcCSOQp2oxdsGG6mtlR0XJH0QOzvXwv1nkmKSP
MwbKhI9om+nbJRxulvSC/Q8PsZ36eKapBlGfm/yyitvGVPdGUOkvbKWpWMmyuoPo
k5wLWsedHO6bclMQ5f225UioGpq97lgFb+LsMQlninr1WSLl5hP4tU3N5ELkmZ74
BhMyci0W+SYFkPsx0ZyVp2p5t2vujzzK1Tteh65iijS/o9lUQLvT3SDymmbJAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUytbBQ4vCdQoSGAMhmYTCE7qohf4wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODM2
M2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzIzMTM0MzIzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhR1hjANBgkqhkiG9w0BAQsFAAOCAQEAZTcQ5BXrGVlG2vH2jTBR3hep7e5eQdq0
Tn1aZAN4SLbE8fv0IYwxk7PQRv5Ej2jctiIska1e+XoAafVLhCESQVmuonbPloZj
9aBPTb4bPILPGLl3fWnZpgSo7DzaVqvjeaXNNL+e2YMfiCQdvA554WMvHUyi07dk
zjz201y8QB1pKnXk0fTa0aK3+ofyThmHqLi0cd7mc0tAqUjMZkYQDZIu4RWlq5sr
O/GYqxrKqe5r+04QEHakmRPUEWfgyH89tZmCRc4Xp9gGgJzZUvu+FUNqbMIzHDAo
0Jo8F67xIcJ2vnSokj0EWcoRXHwc4P9hZvRa3cGEL/5AswbKwAj9DQ==
-----END CERTIFICATE-----
Generated at Tue Oct 22 16:10:16 2024 by rpki-client on console-fra.rpki-client.org