Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/326130643a643734323a34303a3a2f34342d3434203d3e20323130343030.roa
File: 326130643a643734323a34303a3a2f34342d3434203d3e20323130343030.roa (raw, json)
Hash identifier: 5wlWDOI+hegdinJUw7EOjr5btG7SYdI8EPjEVY7fLjQ=
Subject key identifier: 40:7B:F2:89:ED:45:16:8A:C5:03:7B:04:20:EB:63:36:6F:97:81:84
Certificate issuer: /CN=87d48146623246673056151f64abb8d1ee6b7727
Certificate serial: 3E1DDDAFC84E61FABCF944D703130EEB662C3D29
Authority key identifier: 87:D4:81:46:62:32:46:67:30:56:15:1F:64:AB:B8:D1:EE:6B:77:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9SBRmIyRmcwVhUfZKu40e5rdyc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/326130643a643734323a34303a3a2f34342d3434203d3e20323130343030.roa
Signing time: Mon 15 Jan 2024 15:37:27 +0000
ROA not before: Mon 15 Jan 2024 15:32:27 +0000
ROA not after: Mon 13 Jan 2025 15:37:27 +0000
asID: 210400
IP address blocks: 2a0d:d742:40::/44 maxlen: 44
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/87D48146623246673056151F64ABB8D1EE6B7727.crl
rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/87D48146623246673056151F64ABB8D1EE6B7727.mft
rsync://rpki.ripe.net/repository/DEFAULT/h9SBRmIyRmcwVhUfZKu40e5rdyc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:1d:dd:af:c8:4e:61:fa:bc:f9:44:d7:03:13:0e:eb:66:2c:3d:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d48146623246673056151f64abb8d1ee6b7727
Validity
Not Before: Jan 15 15:32:27 2024 GMT
Not After : Jan 13 15:37:27 2025 GMT
Subject: CN=407BF289ED45168AC5037B0420EB63366F978184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e6:34:ab:eb:db:e4:92:d6:e9:3e:6d:af:70:
a9:e4:d4:88:ab:bb:26:1f:02:22:e4:93:14:b5:44:
a7:65:27:91:5c:18:dc:d1:5e:c0:25:fd:2f:9d:96:
fd:83:fb:0c:bd:40:9d:2d:87:c1:6a:88:92:b2:e1:
60:04:7c:3c:e9:6e:4b:3b:74:d3:e3:a6:34:19:23:
39:cc:2b:ce:07:f9:bd:af:34:c1:42:72:89:85:8f:
87:c6:46:b4:16:48:2e:19:bc:8c:e4:db:8f:9a:c0:
aa:d6:f5:b5:88:d3:3c:7d:ca:91:6c:56:11:59:9e:
a9:6f:1f:45:b9:7f:6c:e4:97:36:8d:14:76:55:67:
50:e9:69:15:4a:38:d6:fc:ec:33:59:05:42:48:0c:
29:83:21:6b:4c:33:5b:1c:d3:5f:fa:83:af:62:f3:
a7:44:e9:33:c2:9f:cc:cc:87:58:dc:94:db:02:24:
c2:8c:2a:14:2f:ff:2c:3e:45:d5:31:74:ab:70:ee:
f5:a4:c0:56:eb:c8:d5:75:a9:3b:d2:2d:74:b4:ab:
4e:0d:06:37:bb:16:6b:52:3a:c8:e2:97:96:68:5c:
63:d2:c0:5c:ce:74:0d:99:73:9c:c7:89:20:8d:b1:
f9:68:a7:1a:72:7a:cc:2c:1d:8c:31:12:78:63:97:
9f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7B:F2:89:ED:45:16:8A:C5:03:7B:04:20:EB:63:36:6F:97:81:84
X509v3 Authority Key Identifier:
keyid:87:D4:81:46:62:32:46:67:30:56:15:1F:64:AB:B8:D1:EE:6B:77:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/87D48146623246673056151F64ABB8D1EE6B7727.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9SBRmIyRmcwVhUfZKu40e5rdyc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/326130643a643734323a34303a3a2f34342d3434203d3e20323130343030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d742:40::/44
Signature Algorithm: sha256WithRSAEncryption
3e:b0:66:c4:71:41:88:d6:50:51:a3:39:50:39:b7:5f:ac:4b:
bb:50:8f:88:b9:8d:8e:e2:9a:98:b7:c2:ec:22:62:e8:ed:cd:
5c:6f:c6:77:c0:2d:af:28:bd:d2:f4:65:85:7e:29:a8:7a:95:
10:40:4e:95:4f:7a:b8:a6:4d:14:5f:31:6c:cc:0a:43:79:5f:
17:99:89:04:76:3d:08:2e:b4:58:f8:02:4b:28:dc:36:36:81:
d7:30:d0:10:81:c1:ea:01:1e:0c:23:a0:66:a5:9f:ed:03:63:
5b:17:64:95:2c:46:1b:d6:d1:9b:3e:2e:fd:ff:9b:b7:58:4e:
52:00:3d:01:40:b5:d3:ab:39:b0:c6:da:c5:10:63:07:df:0d:
a8:1d:f4:d9:bf:7c:c2:13:86:82:c6:5c:98:37:7e:f5:1e:86:
11:ad:24:43:47:6b:c5:ac:6a:21:72:5c:d8:05:ef:81:26:a5:
a6:76:fd:ba:67:28:af:f1:cc:88:c0:dd:27:33:e1:09:c7:ca:
03:15:c0:93:88:8f:35:f9:a6:2d:07:dd:d2:7c:8f:c6:b4:33:
bd:17:ed:70:ed:b5:d5:19:27:c3:8b:8a:ec:37:a5:6e:1b:ab:
72:58:26:04:6f:1c:9a:ce:0a:1b:15:49:ae:a1:1c:ba:f4:ee:
5b:4a:0f:d0
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUPh3dr8hOYfq8+UTXAxMO62YsPSkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODdkNDgxNDY2MjMyNDY2NzMwNTYxNTFmNjRhYmI4ZDFl
ZTZiNzcyNzAeFw0yNDAxMTUxNTMyMjdaFw0yNTAxMTMxNTM3MjdaMDMxMTAvBgNV
BAMTKDQwN0JGMjg5RUQ0NTE2OEFDNTAzN0IwNDIwRUI2MzM2NkY5NzgxODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDS5jSr69vkktbpPm2vcKnk1Iir
uyYfAiLkkxS1RKdlJ5FcGNzRXsAl/S+dlv2D+wy9QJ0th8FqiJKy4WAEfDzpbks7
dNPjpjQZIznMK84H+b2vNMFCcomFj4fGRrQWSC4ZvIzk24+awKrW9bWI0zx9ypFs
VhFZnqlvH0W5f2zklzaNFHZVZ1DpaRVKONb87DNZBUJIDCmDIWtMM1sc01/6g69i
86dE6TPCn8zMh1jclNsCJMKMKhQv/yw+RdUxdKtw7vWkwFbryNV1qTvSLXS0q04N
Bje7FmtSOsjil5ZoXGPSwFzOdA2Zc5zHiSCNsflopxpyeswsHYwxEnhjl5/fAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUQHvyie1FForFA3sEIOtjNm+XgYQwHwYDVR0j
BBgwFoAUh9SBRmIyRmcwVhUfZKu40e5rdycwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTg0YjU0OGMtMjc1YS00NzZlLWJmYmUtNTQwZTczZTYy
MzgzLzAvODdENDgxNDY2MjMyNDY2NzMwNTYxNTFGNjRBQkI4RDFFRTZCNzcyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2g5U0JSbUl5Um1jd1ZoVWZaS3U0MGU1
cmR5Yy5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTg0YjU0OGMt
Mjc1YS00NzZlLWJmYmUtNTQwZTczZTYyMzgzLzAvMzI2MTMwNjQzYTY0MzczNDMy
M2EzNDMwM2EzYTJmMzQzNDJkMzQzNDIwM2QzZTIwMzIzMTMwMzQzMDMwLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcEKg3XQgBAMA0GCSqGSIb3DQEBCwUAA4IBAQA+sGbEcUGI1lBRozlQObdf
rEu7UI+IuY2O4pqYt8LsImLo7c1cb8Z3wC2vKL3S9GWFfimoepUQQE6VT3q4pk0U
XzFszApDeV8XmYkEdj0ILrRY+AJLKNw2NoHXMNAQgcHqAR4MI6BmpZ/tA2NbF2SV
LEYb1tGbPi79/5u3WE5SAD0BQLXTqzmwxtrFEGMH3w2oHfTZv3zCE4aCxlyYN371
HoYRrSRDR2vFrGohclzYBe+BJqWmdv26Zyiv8cyIwN0nM+EJx8oDFcCTiI81+aYt
B93SfI/GtDO9F+1w7bXVGSfDi4rsN6VuG6tyWCYEbxyazgobFUmuoRy69O5bSg/Q
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:28:06 2024 by rpki-client on console-ams.rpki-client.org