Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/326130643a643734323a3a2f34352d3435203d3e20323130303336.roa
File: 326130643a643734323a3a2f34352d3435203d3e20323130303336.roa (raw, json)
Hash identifier: aqI3iId8xDivuUW2DyGTBLcnPzstt996Di4KdwwOrC0=
Subject key identifier: F1:38:A0:11:3E:95:53:BD:B4:F0:47:90:E6:74:88:F9:77:E2:AF:BA
Certificate issuer: /CN=87d48146623246673056151f64abb8d1ee6b7727
Certificate serial: 30760FEE1A2F18963BAA6352E3EDC887F3D730EF
Authority key identifier: 87:D4:81:46:62:32:46:67:30:56:15:1F:64:AB:B8:D1:EE:6B:77:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9SBRmIyRmcwVhUfZKu40e5rdyc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/326130643a643734323a3a2f34352d3435203d3e20323130303336.roa
Signing time: Mon 15 Jan 2024 15:37:27 +0000
ROA not before: Mon 15 Jan 2024 15:32:27 +0000
ROA not after: Mon 13 Jan 2025 15:37:27 +0000
asID: 210036
IP address blocks: 2a0d:d742::/45 maxlen: 45
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/87D48146623246673056151F64ABB8D1EE6B7727.crl
rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/87D48146623246673056151F64ABB8D1EE6B7727.mft
rsync://rpki.ripe.net/repository/DEFAULT/h9SBRmIyRmcwVhUfZKu40e5rdyc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 30 Jun 2024 02:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:76:0f:ee:1a:2f:18:96:3b:aa:63:52:e3:ed:c8:87:f3:d7:30:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d48146623246673056151f64abb8d1ee6b7727
Validity
Not Before: Jan 15 15:32:27 2024 GMT
Not After : Jan 13 15:37:27 2025 GMT
Subject: CN=F138A0113E9553BDB4F04790E67488F977E2AFBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4f:e9:5e:52:4a:3d:d4:a4:c3:d0:0c:01:bd:
1a:6e:8c:f3:74:d2:2b:ff:b0:f6:f6:c5:a1:8d:57:
c6:4a:99:85:63:34:ec:39:f6:fa:0b:aa:96:ca:54:
7f:59:60:ee:17:4b:2d:b5:ee:77:42:58:60:90:13:
47:3e:be:2f:5f:ec:a2:17:c5:bc:6f:96:8f:73:fe:
98:3f:c3:34:d9:7b:10:0d:cb:61:65:3b:37:58:89:
93:e4:10:5c:dc:1f:1a:e7:5d:73:ed:3b:68:7a:8c:
73:ae:53:57:2b:61:84:d7:f7:23:6a:3c:98:38:9a:
96:f3:6b:89:79:fc:84:ed:08:a5:3f:0f:42:91:77:
36:8b:2d:34:f2:32:ef:4f:0c:f0:cf:3c:0e:75:33:
f8:5a:56:43:5e:97:2c:33:f9:3e:9b:68:aa:1c:7f:
20:9c:30:a5:af:ef:64:ba:29:b5:36:9a:c0:b3:71:
a3:35:27:33:f6:2c:37:40:7d:fd:2c:0b:4d:35:36:
3c:78:5e:3a:25:9c:dc:ea:fe:79:2b:97:7b:0e:6f:
29:70:1f:22:11:34:a1:e0:b3:72:b2:0c:21:74:df:
35:b2:88:e4:bc:0e:d2:1e:db:e1:70:90:80:79:39:
ce:73:ed:7f:9f:c9:a1:94:3c:c1:3c:4f:cc:a2:72:
ea:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:38:A0:11:3E:95:53:BD:B4:F0:47:90:E6:74:88:F9:77:E2:AF:BA
X509v3 Authority Key Identifier:
keyid:87:D4:81:46:62:32:46:67:30:56:15:1F:64:AB:B8:D1:EE:6B:77:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/87D48146623246673056151F64ABB8D1EE6B7727.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9SBRmIyRmcwVhUfZKu40e5rdyc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/326130643a643734323a3a2f34352d3435203d3e20323130303336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d742::/45
Signature Algorithm: sha256WithRSAEncryption
9a:54:70:9c:53:a8:9b:e4:4c:fb:01:f2:35:5b:77:7f:90:a5:
b1:51:98:70:12:11:de:8a:16:60:e5:a4:7e:df:a5:73:4c:ff:
c4:25:ff:8e:7f:12:cb:a4:9c:f4:4e:6e:cf:b5:dd:57:d6:5b:
53:98:f3:83:b1:ae:76:f8:e8:92:0b:72:0c:89:ec:99:d1:b1:
72:8b:e4:af:24:85:33:51:9e:04:5c:0f:3d:e2:09:e6:43:19:
dc:ac:07:44:ed:6b:84:03:99:ff:4f:af:59:7e:0f:e7:e4:a6:
97:01:dc:9c:ec:e4:bf:a5:05:56:02:ba:b2:50:33:4c:29:7e:
8d:1f:d9:2f:00:12:34:86:21:01:e9:c9:ac:79:13:fa:2b:6b:
88:6e:34:b7:b4:1a:fa:1e:84:e5:7b:ba:c1:85:a2:d8:dd:e6:
e6:7d:d6:1b:6f:55:c5:ef:6d:37:8a:60:97:c7:64:9b:6a:3a:
5f:a6:58:43:02:bf:12:d2:13:6c:80:51:d9:88:7d:6c:dd:da:
db:f6:7f:81:cd:84:42:6d:35:93:6f:60:a1:95:d1:b1:5a:43:
32:2d:38:a5:fe:5c:e4:56:be:a9:e2:1d:af:64:55:94:c4:fd:
90:36:dc:1e:15:f0:6f:2a:fa:be:ef:d1:5c:91:7a:7d:80:01:
28:82:c6:cb
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUMHYP7hovGJY7qmNS4+3Ih/PXMO8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODdkNDgxNDY2MjMyNDY2NzMwNTYxNTFmNjRhYmI4ZDFl
ZTZiNzcyNzAeFw0yNDAxMTUxNTMyMjdaFw0yNTAxMTMxNTM3MjdaMDMxMTAvBgNV
BAMTKEYxMzhBMDExM0U5NTUzQkRCNEYwNDc5MEU2NzQ4OEY5NzdFMkFGQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqT+leUko91KTD0AwBvRpujPN0
0iv/sPb2xaGNV8ZKmYVjNOw59voLqpbKVH9ZYO4XSy217ndCWGCQE0c+vi9f7KIX
xbxvlo9z/pg/wzTZexANy2FlOzdYiZPkEFzcHxrnXXPtO2h6jHOuU1crYYTX9yNq
PJg4mpbza4l5/ITtCKU/D0KRdzaLLTTyMu9PDPDPPA51M/haVkNelywz+T6baKoc
fyCcMKWv72S6KbU2msCzcaM1JzP2LDdAff0sC001Njx4XjolnNzq/nkrl3sObylw
HyIRNKHgs3KyDCF03zWyiOS8DtIe2+FwkIB5Oc5z7X+fyaGUPME8T8yicuqrAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQU8TigET6VU7208EeQ5nSI+Xfir7owHwYDVR0j
BBgwFoAUh9SBRmIyRmcwVhUfZKu40e5rdycwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTg0YjU0OGMtMjc1YS00NzZlLWJmYmUtNTQwZTczZTYy
MzgzLzAvODdENDgxNDY2MjMyNDY2NzMwNTYxNTFGNjRBQkI4RDFFRTZCNzcyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2g5U0JSbUl5Um1jd1ZoVWZaS3U0MGU1
cmR5Yy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTg0YjU0OGMt
Mjc1YS00NzZlLWJmYmUtNTQwZTczZTYyMzgzLzAvMzI2MTMwNjQzYTY0MzczNDMy
M2EzYTJmMzQzNTJkMzQzNTIwM2QzZTIwMzIzMTMwMzAzMzM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcD
Kg3XQgAAMA0GCSqGSIb3DQEBCwUAA4IBAQCaVHCcU6ib5Ez7AfI1W3d/kKWxUZhw
EhHeihZg5aR+36VzTP/EJf+OfxLLpJz0Tm7Ptd1X1ltTmPODsa52+OiSC3IMieyZ
0bFyi+SvJIUzUZ4EXA894gnmQxncrAdE7WuEA5n/T69Zfg/n5KaXAdyc7OS/pQVW
ArqyUDNMKX6NH9kvABI0hiEB6cmseRP6K2uIbjS3tBr6HoTle7rBhaLY3ebmfdYb
b1XF7203imCXx2SbajpfplhDAr8S0hNsgFHZiH1s3drb9n+BzYRCbTWTb2ChldGx
WkMyLTil/lzkVr6p4h2vZFWUxP2QNtweFfBvKvq+79FckXp9gAEogsbL
-----END CERTIFICATE-----
Generated at Sat Jun 29 10:07:51 2024 by rpki-client on console-fra.rpki-client.org