Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/326130303a386530303a313a3a2f34382d3438203d3e203230373132.roa
File: 326130303a386530303a313a3a2f34382d3438203d3e203230373132.roa (raw, json)
Hash identifier: jAOxURrHtZvlqdFVdBr3F4ACmPO4DT4L5AmOtZPktVY=
Subject key identifier: 64:89:81:B6:DE:C9:03:90:81:18:2A:3A:81:B3:AF:DC:C8:E5:8C:C2
Certificate issuer: /CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Certificate serial: 4F8734C5609E3F860C65FC0CFA62330CB372600D
Authority key identifier: F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/326130303a386530303a313a3a2f34382d3438203d3e203230373132.roa
Signing time: Sat 12 Oct 2024 18:43:25 +0000
ROA not before: Sat 12 Oct 2024 18:38:25 +0000
ROA not after: Sat 11 Oct 2025 18:43:25 +0000
asID: 20712
IP address blocks: 2a00:8e00:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.mft
rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:87:34:c5:60:9e:3f:86:0c:65:fc:0c:fa:62:33:0c:b3:72:60:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Validity
Not Before: Oct 12 18:38:25 2024 GMT
Not After : Oct 11 18:43:25 2025 GMT
Subject: CN=648981B6DEC9039081182A3A81B3AFDCC8E58CC2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:0e:4d:3a:66:b0:b1:fe:1a:1f:e4:2d:4e:ac:
e9:e7:75:81:02:71:51:5d:f1:db:b1:f4:1b:52:d0:
0a:55:02:bf:45:af:85:f6:04:09:a9:7c:61:84:c2:
73:7f:5e:7b:bf:5b:3e:37:c3:13:ab:2b:e3:65:f6:
25:bf:b2:93:36:b8:3a:0c:0f:03:45:5a:b6:7c:2e:
48:f7:db:52:6c:10:38:53:03:67:15:f0:be:64:3f:
ea:11:60:26:ee:4c:46:3c:ca:f8:91:1d:c1:8f:2e:
58:32:41:b4:ce:ff:94:d6:77:97:40:bf:96:9f:a3:
c2:01:8f:d3:e0:fe:45:6d:a2:4c:3b:41:bf:a8:04:
79:90:dc:66:bb:b0:b3:02:3e:46:be:e4:5d:01:84:
35:05:21:02:13:b6:ca:24:ad:7d:f0:85:57:53:f7:
a8:6a:74:b4:72:5c:3c:4c:3a:12:ae:06:48:e9:2e:
9c:12:e6:33:bd:4e:6f:af:8e:e6:cd:d9:2f:f6:38:
57:f7:06:85:d1:2a:a7:cc:13:10:f8:14:be:70:95:
89:25:63:82:b6:e6:f4:1f:d3:95:2c:92:ac:ed:c6:
ca:e0:dc:f9:a0:41:c9:58:76:72:97:26:4a:bc:b0:
8d:aa:6f:72:7e:42:e1:01:35:a5:65:4b:8f:58:2a:
23:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:89:81:B6:DE:C9:03:90:81:18:2A:3A:81:B3:AF:DC:C8:E5:8C:C2
X509v3 Authority Key Identifier:
keyid:F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/326130303a386530303a313a3a2f34382d3438203d3e203230373132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:8e00:1::/48
Signature Algorithm: sha256WithRSAEncryption
c9:0d:e0:69:1e:40:eb:fa:ba:ff:ea:db:04:43:6a:de:01:1a:
d4:7d:30:24:03:ef:6f:c2:be:e4:b7:b4:dd:92:4d:74:b3:d0:
f1:d1:ab:ab:da:90:41:9f:b1:31:31:d4:f0:4e:d8:6a:1b:9b:
c7:19:b0:db:01:4a:1c:2d:e5:4f:06:b1:f4:62:05:77:cc:23:
2c:f5:a5:a9:22:64:f9:be:2b:62:46:d0:87:c5:37:84:15:a4:
83:5b:3b:4a:35:58:fa:2b:06:db:89:75:62:4d:5f:bb:07:7d:
fb:d1:a0:da:77:6e:15:14:df:98:2d:4c:21:55:f2:50:5e:05:
9e:ab:4f:43:3c:d1:50:9e:b5:7f:de:a7:de:86:f3:a1:b3:d2:
6c:bd:f2:a1:c5:0c:89:ce:51:22:25:7b:93:73:4f:a2:90:61:
4d:44:cf:c7:9d:6f:32:42:eb:d5:76:2c:e6:3d:89:ed:2b:d5:
c0:b9:ba:7d:41:93:36:de:61:03:85:6a:5c:36:5d:6e:44:14:
c8:77:e0:aa:9a:ca:3d:fc:e9:3f:32:3d:d6:52:0a:ae:34:f8:
20:42:0f:a1:31:13:08:78:a1:1c:98:93:0b:76:e8:8d:aa:6f:
02:2c:34:2c:b2:d5:2e:84:11:c8:01:8d:06:d4:6c:36:ed:cf:
a9:4a:9a:18
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUT4c0xWCeP4YMZfwM+mIzDLNyYA0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjI5ZmJhYjRkYjg2N2Y2YmQ5YTdlZmY2YWE1NWQ5OGMx
NjJlMWFhZDAeFw0yNDEwMTIxODM4MjVaFw0yNTEwMTExODQzMjVaMDMxMTAvBgNV
BAMTKDY0ODk4MUI2REVDOTAzOTA4MTE4MkEzQTgxQjNBRkRDQzhFNThDQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdDk06ZrCx/hof5C1OrOnndYEC
cVFd8dux9BtS0ApVAr9Fr4X2BAmpfGGEwnN/Xnu/Wz43wxOrK+Nl9iW/spM2uDoM
DwNFWrZ8Lkj321JsEDhTA2cV8L5kP+oRYCbuTEY8yviRHcGPLlgyQbTO/5TWd5dA
v5afo8IBj9Pg/kVtokw7Qb+oBHmQ3Ga7sLMCPka+5F0BhDUFIQITtsokrX3whVdT
96hqdLRyXDxMOhKuBkjpLpwS5jO9Tm+vjubN2S/2OFf3BoXRKqfMExD4FL5wlYkl
Y4K25vQf05Uskqztxsrg3PmgQclYdnKXJkq8sI2qb3J+QuEBNaVlS49YKiP9AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUZImBtt7JA5CBGCo6gbOv3MjljMIwHwYDVR0j
BBgwFoAU8p+6tNuGf2vZp+/2qlXZjBYuGq0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQtM2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0
OTEyLzAvRjI5RkJBQjREQjg2N0Y2QkQ5QTdFRkY2QUE1NUQ5OEMxNjJFMUFBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhwLTZ0TnVHZjJ2WnAtXzJxbFhaakJZ
dUdxMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQt
M2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0OTEyLzAvMzI2MTMwMzAzYTM4NjUzMDMw
M2EzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNzMxMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqAI4AAAEwDQYJKoZIhvcNAQELBQADggEBAMkN4GkeQOv6uv/q2wRDat4BGtR9
MCQD72/CvuS3tN2STXSz0PHRq6vakEGfsTEx1PBO2Gobm8cZsNsBShwt5U8GsfRi
BXfMIyz1pakiZPm+K2JG0IfFN4QVpINbO0o1WPorBtuJdWJNX7sHffvRoNp3bhUU
35gtTCFV8lBeBZ6rT0M80VCetX/ep96G86Gz0my98qHFDInOUSIle5NzT6KQYU1E
z8edbzJC69V2LOY9ie0r1cC5un1BkzbeYQOFalw2XW5EFMh34Kqayj386T8yPdZS
Cq40+CBCD6ExEwh4oRyYkwt26I2qbwIsNCyy1S6EEcgBjQbUbDbtz6lKmhg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 05:53:32 2024 by rpki-client on console-fra.rpki-client.org