Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/323030313a3637633a6264633a3a2f34382d3438203d3e203531303139.roa
File: 323030313a3637633a6264633a3a2f34382d3438203d3e203531303139.roa (raw, json)
Hash identifier: VouUUFB6MS4keKXGltHm72ixPZaAsmc/lv39TWkZ+Ro=
Subject key identifier: 12:36:74:03:F3:01:73:50:D6:88:5A:55:51:D1:BD:9D:C3:F3:4B:11
Certificate issuer: /CN=d2ff07932c3f4c1b3465ff4f0d96484733e02ead
Certificate serial: 62B4AA24EAB8D76263938A63C1FC2BFE6B07FD11
Authority key identifier: D2:FF:07:93:2C:3F:4C:1B:34:65:FF:4F:0D:96:48:47:33:E0:2E:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0v8Hkyw_TBs0Zf9PDZZIRzPgLq0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/323030313a3637633a6264633a3a2f34382d3438203d3e203531303139.roa
Signing time: Tue 19 Sep 2023 02:15:00 +0000
ROA not before: Tue 19 Sep 2023 02:10:00 +0000
ROA not after: Tue 17 Sep 2024 02:15:00 +0000
asID: 51019
IP address blocks: 2001:67c:bdc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.mft
rsync://rpki.ripe.net/repository/DEFAULT/0v8Hkyw_TBs0Zf9PDZZIRzPgLq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:b4:aa:24:ea:b8:d7:62:63:93:8a:63:c1:fc:2b:fe:6b:07:fd:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2ff07932c3f4c1b3465ff4f0d96484733e02ead
Validity
Not Before: Sep 19 02:10:00 2023 GMT
Not After : Sep 17 02:15:00 2024 GMT
Subject: CN=12367403F3017350D6885A5551D1BD9DC3F34B11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:49:b9:c5:36:9a:dd:8a:6d:cd:67:de:8a:24:
e8:bb:68:37:fa:00:fc:27:9d:ed:cc:d2:ca:8a:d4:
a8:85:9b:a6:5e:19:05:7d:73:a2:5d:67:71:3b:03:
56:68:e0:50:b8:8d:da:a6:b1:66:9b:b3:02:8f:7d:
82:64:8f:ea:bf:bb:e8:bd:ff:d9:14:ca:f3:d5:63:
3c:4f:c3:d5:5d:95:66:b4:4a:4b:d5:a6:75:68:1f:
62:87:82:d3:48:12:b9:75:98:82:13:36:72:8c:a0:
c7:6f:87:01:b7:da:30:02:ba:d0:fd:de:26:de:93:
96:fd:4a:0f:f7:1e:d9:d9:cc:d9:23:ba:57:91:ec:
c0:08:e0:d6:ba:4d:5c:ae:0a:eb:de:4d:39:46:54:
86:cc:07:b7:75:92:94:e7:1d:1a:2a:cd:00:74:3d:
e4:e7:70:54:13:e6:f9:71:9c:62:a6:52:cd:21:96:
7e:ed:8b:1a:f6:a3:dc:c8:fc:61:45:77:4f:c8:8c:
ad:98:40:2a:77:3f:bb:05:e5:d1:13:df:53:14:cc:
7f:aa:da:a8:d6:75:fb:23:a3:1c:be:87:41:9f:76:
75:d9:23:87:df:db:0b:dc:24:18:c7:73:2e:69:57:
62:73:e5:f9:b1:c1:9b:3e:40:99:a7:f3:52:d3:7b:
02:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:36:74:03:F3:01:73:50:D6:88:5A:55:51:D1:BD:9D:C3:F3:4B:11
X509v3 Authority Key Identifier:
keyid:D2:FF:07:93:2C:3F:4C:1B:34:65:FF:4F:0D:96:48:47:33:E0:2E:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0v8Hkyw_TBs0Zf9PDZZIRzPgLq0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/323030313a3637633a6264633a3a2f34382d3438203d3e203531303139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:bdc::/48
Signature Algorithm: sha256WithRSAEncryption
58:b1:e4:89:f4:32:e7:ff:f1:5a:36:cd:19:8f:2d:51:8b:cd:
87:b9:6e:0d:05:1f:4e:75:86:13:77:4b:b8:f5:ba:7e:d9:b8:
1f:35:93:3b:09:ee:ee:30:1a:79:14:19:3e:2e:1c:e1:ff:82:
a2:6b:21:68:d0:19:42:7f:31:ca:88:60:bc:bc:13:64:db:6c:
70:ba:dd:41:ac:cd:24:55:2a:9e:1a:4e:1f:06:05:29:08:ff:
de:1a:e8:89:07:a9:da:ef:1a:40:77:cd:a8:c4:7e:90:08:79:
56:92:5f:4d:5f:09:09:4e:cb:64:6b:b0:0f:d5:04:0a:69:e5:
d4:48:42:c8:0a:09:12:0a:29:a4:f4:5b:e9:ec:78:79:11:3f:
35:6b:fc:72:1d:14:7a:0b:4f:c6:ed:61:4c:d8:3a:85:91:7d:
0c:7a:de:58:a9:97:c0:ec:25:e6:9d:29:3f:7f:01:14:41:cf:
d1:06:94:64:ee:d3:dd:87:ca:fa:48:d7:39:c6:a8:d8:2a:74:
f2:56:11:4e:2b:09:12:6a:1f:35:63:ce:1e:8d:bb:3f:ec:b5:
f2:19:ea:d1:d2:bd:35:f3:79:42:55:89:48:83:54:f5:e4:99:
c9:78:4f:51:b3:df:fd:9d:29:fc:af:1b:90:22:02:66:11:ef:
a9:98:64:5b
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUYrSqJOq412Jjk4pjwfwr/msH/REwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDJmZjA3OTMyYzNmNGMxYjM0NjVmZjRmMGQ5NjQ4NDcz
M2UwMmVhZDAeFw0yMzA5MTkwMjEwMDBaFw0yNDA5MTcwMjE1MDBaMDMxMTAvBgNV
BAMTKDEyMzY3NDAzRjMwMTczNTBENjg4NUE1NTUxRDFCRDlEQzNGMzRCMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjSbnFNprdim3NZ96KJOi7aDf6
APwnne3M0sqK1KiFm6ZeGQV9c6JdZ3E7A1Zo4FC4jdqmsWabswKPfYJkj+q/u+i9
/9kUyvPVYzxPw9VdlWa0SkvVpnVoH2KHgtNIErl1mIITNnKMoMdvhwG32jACutD9
3ibek5b9Sg/3HtnZzNkjuleR7MAI4Na6TVyuCuveTTlGVIbMB7d1kpTnHRoqzQB0
PeTncFQT5vlxnGKmUs0hln7tixr2o9zI/GFFd0/IjK2YQCp3P7sF5dET31MUzH+q
2qjWdfsjoxy+h0GfdnXZI4ff2wvcJBjHcy5pV2Jz5fmxwZs+QJmn81LTewIZAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUEjZ0A/MBc1DWiFpVUdG9ncPzSxEwHwYDVR0j
BBgwFoAU0v8Hkyw/TBs0Zf9PDZZIRzPgLq0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzIvRDJGRjA3OTMyQzNGNEMxQjM0NjVGRjRGMEQ5NjQ4NDczM0UwMkVBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzB2OEhreXdfVEJzMFpmOVBEWlpJUnpQ
Z0xxMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEt
NDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2NhZTNmLzIvMzIzMDMwMzEzYTM2Mzc2MzNh
NjI2NDYzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzUzMTMwMzEzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACABBnwL3DANBgkqhkiG9w0BAQsFAAOCAQEAWLHkifQy5//xWjbNGY8tUYvN
h7luDQUfTnWGE3dLuPW6ftm4HzWTOwnu7jAaeRQZPi4c4f+ComshaNAZQn8xyohg
vLwTZNtscLrdQazNJFUqnhpOHwYFKQj/3hroiQep2u8aQHfNqMR+kAh5VpJfTV8J
CU7LZGuwD9UECmnl1EhCyAoJEgoppPRb6ex4eRE/NWv8ch0UegtPxu1hTNg6hZF9
DHreWKmXwOwl5p0pP38BFEHP0QaUZO7T3YfK+kjXOcao2Cp08lYRTisJEmofNWPO
Ho27P+y18hnq0dK9NfN5QlWJSINU9eSZyXhPUbPf/Z0p/K8bkCICZhHvqZhkWw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 00:49:43 2024 by rpki-client on console-ams.rpki-client.org