Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/323030313a3637633a6264633a3a2f34382d3438203d3e203531303139.roa
File: 323030313a3637633a6264633a3a2f34382d3438203d3e203531303139.roa (raw, json)
Hash identifier: PeKrYlxO9aJzSjjq2GCsehA7RgIXos16I20n9tzXipg=
Subject key identifier: B5:CF:30:F7:44:F1:39:24:79:90:45:17:8E:47:4D:F5:98:A3:A5:D8
Certificate issuer: /CN=d2ff07932c3f4c1b3465ff4f0d96484733e02ead
Certificate serial: 49823956A42BA0365C25405237635ECEDAC0BAF6
Authority key identifier: D2:FF:07:93:2C:3F:4C:1B:34:65:FF:4F:0D:96:48:47:33:E0:2E:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0v8Hkyw_TBs0Zf9PDZZIRzPgLq0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/323030313a3637633a6264633a3a2f34382d3438203d3e203531303139.roa
Signing time: Tue 20 Aug 2024 02:31:52 +0000
ROA not before: Tue 20 Aug 2024 02:26:52 +0000
ROA not after: Tue 19 Aug 2025 02:31:52 +0000
asID: 51019
IP address blocks: 2001:67c:bdc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.mft
rsync://rpki.ripe.net/repository/DEFAULT/0v8Hkyw_TBs0Zf9PDZZIRzPgLq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:82:39:56:a4:2b:a0:36:5c:25:40:52:37:63:5e:ce:da:c0:ba:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2ff07932c3f4c1b3465ff4f0d96484733e02ead
Validity
Not Before: Aug 20 02:26:52 2024 GMT
Not After : Aug 19 02:31:52 2025 GMT
Subject: CN=B5CF30F744F13924799045178E474DF598A3A5D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:48:72:20:bf:06:2e:f3:08:ab:f8:40:1a:d8:
05:5b:27:55:e0:b4:7e:4a:59:46:90:ab:02:e6:ba:
2a:c8:a2:6e:99:6e:c9:a6:01:63:ec:d6:08:ba:78:
39:08:df:41:73:31:67:be:83:f1:ff:94:d5:0d:43:
ab:f2:3c:cc:e6:19:08:7e:85:56:3d:fb:f7:09:d6:
bf:ee:ae:d2:8e:8a:da:2f:1a:6d:ae:fb:a8:b4:06:
74:b4:e2:c4:ce:52:cc:eb:79:17:62:9a:a5:bc:e7:
1e:59:fd:e3:23:4c:19:aa:4e:40:b1:25:70:67:61:
77:f4:78:08:88:fd:c9:a1:fd:7d:1a:06:15:42:3d:
97:58:bc:d4:2e:63:ac:49:84:e2:e6:0c:10:40:a2:
f8:1a:b6:89:a5:5a:5f:0f:76:64:34:d1:81:c3:ec:
aa:18:6b:a5:f0:77:fa:52:04:63:74:b4:bb:7e:b6:
3c:58:17:e7:43:5e:4b:c0:e3:32:cc:21:15:b8:db:
01:14:92:40:41:1a:47:31:51:35:79:09:ac:f3:dd:
10:0b:33:30:12:fa:2d:ad:ac:e7:78:24:51:11:9a:
ac:05:35:2a:70:e7:4c:aa:83:cd:76:00:c2:6e:3e:
3b:13:52:fa:df:fd:f6:ce:0c:5e:97:e0:82:cd:73:
2f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:CF:30:F7:44:F1:39:24:79:90:45:17:8E:47:4D:F5:98:A3:A5:D8
X509v3 Authority Key Identifier:
keyid:D2:FF:07:93:2C:3F:4C:1B:34:65:FF:4F:0D:96:48:47:33:E0:2E:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0v8Hkyw_TBs0Zf9PDZZIRzPgLq0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/323030313a3637633a6264633a3a2f34382d3438203d3e203531303139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:bdc::/48
Signature Algorithm: sha256WithRSAEncryption
27:02:b5:8d:34:ba:ca:19:ba:30:e7:5e:2c:84:ed:f3:f9:8b:
f5:47:cf:83:0b:88:9e:bd:a8:5b:cb:1e:4e:fb:a7:6b:7c:d8:
c6:5b:85:5a:a3:b0:a7:44:31:63:63:9c:5c:44:ba:3b:1a:cd:
55:0f:94:a6:c1:5f:7e:cc:ab:29:67:b0:9d:73:cb:82:d3:cd:
51:7c:bf:03:84:67:04:3c:2b:69:9f:62:f1:83:d6:f7:96:76:
ff:1d:ea:2e:82:0a:5c:2e:ee:d7:79:43:8a:71:f1:4d:7f:33:
9a:7b:64:10:0c:2d:58:13:5e:3b:2b:04:6e:03:a4:c2:61:78:
99:c7:7c:34:a1:08:e2:c7:e9:64:e6:ff:9c:e5:d2:ac:37:c4:
7c:3d:d6:bf:2b:f0:69:d1:ed:5b:bd:ae:20:90:21:f9:ef:4d:
96:bc:4e:b6:57:88:c0:16:47:2b:0f:d8:e1:c9:5f:bd:1c:c5:
db:80:22:8c:d1:ba:83:da:a2:60:ab:ea:cf:d2:40:06:98:a7:
b9:cb:9f:b5:b8:b8:0f:2f:28:09:9c:a0:4e:5b:dd:44:1b:e4:
0d:d4:a1:2f:87:c5:f5:42:27:47:d7:63:51:53:a8:20:80:9f:
f0:30:a5:e0:08:e2:a8:49:5e:16:8d:a3:f6:59:97:01:d7:95:
17:0e:30:6f
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUSYI5VqQroDZcJUBSN2NeztrAuvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDJmZjA3OTMyYzNmNGMxYjM0NjVmZjRmMGQ5NjQ4NDcz
M2UwMmVhZDAeFw0yNDA4MjAwMjI2NTJaFw0yNTA4MTkwMjMxNTJaMDMxMTAvBgNV
BAMTKEI1Q0YzMEY3NDRGMTM5MjQ3OTkwNDUxNzhFNDc0REY1OThBM0E1RDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoSHIgvwYu8wir+EAa2AVbJ1Xg
tH5KWUaQqwLmuirIom6ZbsmmAWPs1gi6eDkI30FzMWe+g/H/lNUNQ6vyPMzmGQh+
hVY9+/cJ1r/urtKOitovGm2u+6i0BnS04sTOUszreRdimqW85x5Z/eMjTBmqTkCx
JXBnYXf0eAiI/cmh/X0aBhVCPZdYvNQuY6xJhOLmDBBAovgatomlWl8PdmQ00YHD
7KoYa6Xwd/pSBGN0tLt+tjxYF+dDXkvA4zLMIRW42wEUkkBBGkcxUTV5Cazz3RAL
MzAS+i2trOd4JFERmqwFNSpw50yqg812AMJuPjsTUvrf/fbODF6X4ILNcy/XAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUtc8w90TxOSR5kEUXjkdN9ZijpdgwHwYDVR0j
BBgwFoAU0v8Hkyw/TBs0Zf9PDZZIRzPgLq0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzIvRDJGRjA3OTMyQzNGNEMxQjM0NjVGRjRGMEQ5NjQ4NDczM0UwMkVBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzB2OEhreXdfVEJzMFpmOVBEWlpJUnpQ
Z0xxMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEt
NDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2NhZTNmLzIvMzIzMDMwMzEzYTM2Mzc2MzNh
NjI2NDYzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzUzMTMwMzEzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACABBnwL3DANBgkqhkiG9w0BAQsFAAOCAQEAJwK1jTS6yhm6MOdeLITt8/mL
9UfPgwuInr2oW8seTvuna3zYxluFWqOwp0QxY2OcXES6OxrNVQ+UpsFffsyrKWew
nXPLgtPNUXy/A4RnBDwraZ9i8YPW95Z2/x3qLoIKXC7u13lDinHxTX8zmntkEAwt
WBNeOysEbgOkwmF4mcd8NKEI4sfpZOb/nOXSrDfEfD3WvyvwadHtW72uIJAh+e9N
lrxOtleIwBZHKw/Y4clfvRzF24AijNG6g9qiYKvqz9JABpinucuftbi4Dy8oCZyg
TlvdRBvkDdShL4fF9UInR9djUVOoIICf8DCl4AjiqEleFo2j9lmXAdeVFw4wbw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:19:06 2024 by rpki-client on console-fra.rpki-client.org