Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538373a3a2f33322d3438203d3e20323134353432.roa
File: 326131343a373538373a3a2f33322d3438203d3e20323134353432.roa (raw, json)
Hash identifier: yZ507prnxgvWUM5xB8Qg/F0kCiE9XAeHGSW+lv5oaOI=
Subject key identifier: 06:E6:0F:DC:9D:8B:15:9A:8E:1D:DA:0B:1F:55:19:77:88:8E:D4:59
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 12845F6379CF0CC8D3209B36ECB63B9D6E990B4A
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538373a3a2f33322d3438203d3e20323134353432.roa
Signing time: Thu 19 Sep 2024 23:38:12 +0000
ROA not before: Thu 19 Sep 2024 23:33:12 +0000
ROA not after: Thu 18 Sep 2025 23:38:12 +0000
asID: 214542
IP address blocks: 2a14:7587::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:84:5f:63:79:cf:0c:c8:d3:20:9b:36:ec:b6:3b:9d:6e:99:0b:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Sep 19 23:33:12 2024 GMT
Not After : Sep 18 23:38:12 2025 GMT
Subject: CN=06E60FDC9D8B159A8E1DDA0B1F551977888ED459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8c:ee:64:59:31:47:a5:f4:e4:c5:a8:2c:e0:
f2:b6:f7:ff:30:23:d3:d0:53:40:eb:74:de:d9:f2:
bf:67:26:f6:5a:f0:74:f2:1f:9b:50:17:f0:18:c7:
7f:ce:2b:81:6f:20:c8:62:54:89:48:19:8b:14:70:
38:d0:a3:0f:58:51:cc:07:6e:d6:58:58:0d:ae:73:
03:7d:06:ce:bd:ac:43:e5:d8:46:e0:d3:8e:f9:c9:
63:bd:6b:48:35:24:3f:e8:d5:d7:b3:6c:17:f6:b7:
2e:dd:4b:09:9c:18:33:2f:01:cc:17:37:1c:10:e2:
41:de:83:22:70:d1:ba:83:de:9a:b7:87:d1:d4:8e:
69:a7:e9:fb:69:86:08:b8:cf:3e:72:63:99:77:39:
c8:28:05:1a:10:db:7b:a5:c0:81:1b:e3:26:cf:74:
9f:86:64:21:7f:fb:34:bf:89:b2:b7:91:76:06:a2:
c0:90:b8:43:9c:a0:92:9c:4e:54:24:ee:0e:79:88:
4e:12:2e:94:ab:42:4c:18:8e:fb:0b:70:f4:b2:db:
09:5a:44:5a:48:7a:3e:0b:bb:9c:35:6a:b2:e0:20:
6a:ed:4f:00:f0:7e:21:6d:ac:a7:a7:37:5e:cc:6f:
43:50:80:00:84:35:14:1b:4d:5e:27:77:e1:e1:28:
91:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:E6:0F:DC:9D:8B:15:9A:8E:1D:DA:0B:1F:55:19:77:88:8E:D4:59
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538373a3a2f33322d3438203d3e20323134353432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7587::/32
Signature Algorithm: sha256WithRSAEncryption
34:d0:84:33:69:90:5b:8e:2b:e7:fa:66:e2:3c:13:b2:89:d7:
b0:36:42:eb:fd:1b:30:bd:b3:22:13:8d:f7:e3:ae:a1:68:ce:
cb:6a:28:e9:41:d4:d5:5c:4e:22:bc:98:47:b4:a5:e8:be:0d:
e6:f9:f7:8c:17:4c:7d:34:3f:30:8c:8a:1e:d7:89:d4:62:81:
21:81:95:9c:7b:64:2b:03:60:3c:ee:63:04:e9:be:16:dc:05:
ca:30:cd:2a:54:1a:f5:77:e4:83:75:0a:f9:a0:f7:cc:b9:65:
ce:86:fd:38:21:85:23:b7:e8:b0:ae:e9:81:1c:96:89:db:e3:
87:0c:a1:e9:1c:7a:dd:73:18:62:f0:68:18:12:b9:2f:fa:3e:
5f:a0:48:f1:d3:60:e2:36:70:a5:0d:4d:66:0f:c4:77:23:bd:
ea:d7:09:35:0b:e8:b8:e4:fb:42:9b:8a:43:8d:d4:b5:ab:d1:
86:a3:63:95:44:e1:8d:a8:51:ad:b6:e4:bf:77:2c:97:db:30:
df:77:77:bd:ff:65:94:0a:00:7f:8c:48:97:06:7b:b7:98:f1:
d5:38:4a:93:9e:d2:95:ef:e0:89:78:6b:e7:dc:74:c1:71:fa:
fd:30:84:9f:6c:8d:a2:00:38:e2:18:2a:d8:f2:9b:e3:b5:c1:
84:5d:5d:8b
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUEoRfY3nPDMjTIJs27LY7nW6ZC0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDA5MTkyMzMzMTJaFw0yNTA5MTgyMzM4MTJaMDMxMTAvBgNV
BAMTKDA2RTYwRkRDOUQ4QjE1OUE4RTFEREEwQjFGNTUxOTc3ODg4RUQ0NTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7jO5kWTFHpfTkxags4PK29/8w
I9PQU0DrdN7Z8r9nJvZa8HTyH5tQF/AYx3/OK4FvIMhiVIlIGYsUcDjQow9YUcwH
btZYWA2ucwN9Bs69rEPl2Ebg0475yWO9a0g1JD/o1dezbBf2ty7dSwmcGDMvAcwX
NxwQ4kHegyJw0bqD3pq3h9HUjmmn6ftphgi4zz5yY5l3OcgoBRoQ23ulwIEb4ybP
dJ+GZCF/+zS/ibK3kXYGosCQuEOcoJKcTlQk7g55iE4SLpSrQkwYjvsLcPSy2wla
RFpIej4Lu5w1arLgIGrtTwDwfiFtrKenN17Mb0NQgACENRQbTV4nd+HhKJGFAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUBuYP3J2LFZqOHdoLH1UZd4iO1FkwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODM3
M2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzIzMTM0MzUzNDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhR1hzANBgkqhkiG9w0BAQsFAAOCAQEANNCEM2mQW44r5/pm4jwTsonXsDZC6/0b
ML2zIhON9+OuoWjOy2oo6UHU1VxOIryYR7Sl6L4N5vn3jBdMfTQ/MIyKHteJ1GKB
IYGVnHtkKwNgPO5jBOm+FtwFyjDNKlQa9Xfkg3UK+aD3zLllzob9OCGFI7fosK7p
gRyWidvjhwyh6Rx63XMYYvBoGBK5L/o+X6BI8dNg4jZwpQ1NZg/EdyO96tcJNQvo
uOT7QpuKQ43UtavRhqNjlUThjahRrbbkv3csl9sw33d3vf9llAoAf4xIlwZ7t5jx
1ThKk57Sle/giXhr59x0wXH6/TCEn2yNogA44hgq2PKb47XBhF1diw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org