Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/2/323030313a3637633a323830303a3a2f34382d3438203d3e20323035333239.roa
File: 323030313a3637633a323830303a3a2f34382d3438203d3e20323035333239.roa (raw, json)
Hash identifier: kzIiKa78uyzgIwp38B3VckxTAvGVZjyeobfym4ZXmx8=
Subject key identifier: 60:04:4B:0B:C3:53:A8:9C:D3:8C:AF:A8:FE:05:63:D0:3A:C3:54:02
Certificate issuer: /CN=2f08cecd5e57cba0e68bca7f7401bd5edb387fb8
Certificate serial: 2169741FEB44D74DD89F522E1468A82787EEB81D
Authority key identifier: 2F:08:CE:CD:5E:57:CB:A0:E6:8B:CA:7F:74:01:BD:5E:DB:38:7F:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LwjOzV5Xy6Dmi8p_dAG9Xts4f7g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/2/323030313a3637633a323830303a3a2f34382d3438203d3e20323035333239.roa
Signing time: Fri 13 Sep 2024 20:09:37 +0000
ROA not before: Fri 13 Sep 2024 20:04:37 +0000
ROA not after: Fri 12 Sep 2025 20:09:37 +0000
asID: 205329
IP address blocks: 2001:67c:2800::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/2/2F08CECD5E57CBA0E68BCA7F7401BD5EDB387FB8.crl
rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/2/2F08CECD5E57CBA0E68BCA7F7401BD5EDB387FB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/LwjOzV5Xy6Dmi8p_dAG9Xts4f7g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:69:74:1f:eb:44:d7:4d:d8:9f:52:2e:14:68:a8:27:87:ee:b8:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f08cecd5e57cba0e68bca7f7401bd5edb387fb8
Validity
Not Before: Sep 13 20:04:37 2024 GMT
Not After : Sep 12 20:09:37 2025 GMT
Subject: CN=60044B0BC353A89CD38CAFA8FE0563D03AC35402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6f:6f:21:29:95:b6:11:0c:d4:95:e2:85:4e:
8e:fd:7e:da:db:d0:01:16:fb:ea:1d:1f:56:e9:2d:
fb:59:85:8f:be:b8:7f:07:0f:11:6a:30:b2:73:14:
21:65:1b:b4:7c:39:e7:ab:39:83:4b:2a:94:3f:24:
89:36:5c:91:e4:84:94:d0:47:48:42:a4:02:c3:e3:
0f:6d:67:ed:8f:8e:e0:d1:a1:9c:8b:ef:7a:aa:80:
a5:0e:34:17:ec:0e:64:1c:8a:18:60:46:d1:87:80:
d4:25:91:7d:72:ef:9d:8e:33:f1:b4:eb:ba:ac:15:
df:ae:6f:c1:82:8f:dc:f6:7c:e1:8f:a9:30:4f:a9:
2f:30:86:95:8c:3b:b9:eb:2e:a7:3b:64:73:41:04:
7a:ed:bd:bc:7d:f9:69:e3:bc:53:0f:3f:66:0a:2a:
0c:43:f8:60:16:c7:e6:d0:15:38:b6:65:e1:d2:93:
f9:f7:dd:d1:a9:3e:83:fe:4e:2c:d3:9d:54:d6:63:
00:a0:08:c6:f8:2e:d9:2c:b6:24:55:6b:e8:ab:cd:
c1:16:13:c7:fa:d8:3c:8c:5b:ef:2f:be:80:06:62:
8c:a1:dc:35:8e:bb:6e:38:b7:4d:74:56:62:68:75:
32:91:63:10:bd:e7:b0:35:cd:44:c8:f6:2a:fc:08:
5f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:04:4B:0B:C3:53:A8:9C:D3:8C:AF:A8:FE:05:63:D0:3A:C3:54:02
X509v3 Authority Key Identifier:
keyid:2F:08:CE:CD:5E:57:CB:A0:E6:8B:CA:7F:74:01:BD:5E:DB:38:7F:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/2/2F08CECD5E57CBA0E68BCA7F7401BD5EDB387FB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LwjOzV5Xy6Dmi8p_dAG9Xts4f7g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/2/323030313a3637633a323830303a3a2f34382d3438203d3e20323035333239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2800::/48
Signature Algorithm: sha256WithRSAEncryption
47:a6:39:43:8b:b5:0b:1e:11:a8:a4:3b:99:25:ef:a9:b3:dc:
5b:df:6f:d2:18:8a:23:a8:5a:03:6b:0e:ec:c9:42:52:b0:38:
a2:3a:43:42:b5:d9:26:3b:d3:d1:f8:a8:eb:d9:99:76:2b:f7:
97:1f:f3:a8:94:67:11:49:e3:68:71:66:4e:42:f8:97:00:b9:
9c:94:aa:5b:ff:21:13:03:0e:89:f7:ce:62:1a:35:e2:e5:04:
0f:4a:85:e5:5a:2d:97:1d:52:fa:b5:d7:11:91:99:2d:a3:a6:
d1:74:5d:33:59:6e:91:ef:89:aa:e9:0f:c8:97:0d:de:e0:44:
52:9d:ef:90:1c:fb:85:8a:e0:3b:68:d3:9d:8b:42:7f:21:4d:
e6:85:7f:97:6e:79:65:0f:0f:90:a5:33:8a:11:e5:ba:c9:84:
70:12:f8:24:67:72:e1:c5:62:52:64:37:c9:3d:67:9a:a3:56:
99:f1:d8:e7:07:7f:13:a3:78:ed:6a:52:57:e8:aa:9d:d0:87:
80:35:68:ff:42:1c:f2:9b:b9:aa:44:de:ec:f1:0e:92:c9:05:
28:1d:15:10:f3:d3:ef:1e:d2:4b:00:23:41:f4:d5:bf:fd:eb:
96:48:c2:85:a2:fa:37:f8:df:16:9a:6e:ac:0d:be:4e:3d:60:
1f:dd:4b:1b
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUIWl0H+tE103Yn1IuFGioJ4fuuB0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMmYwOGNlY2Q1ZTU3Y2JhMGU2OGJjYTdmNzQwMWJkNWVk
YjM4N2ZiODAeFw0yNDA5MTMyMDA0MzdaFw0yNTA5MTIyMDA5MzdaMDMxMTAvBgNV
BAMTKDYwMDQ0QjBCQzM1M0E4OUNEMzhDQUZBOEZFMDU2M0QwM0FDMzU0MDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCub28hKZW2EQzUleKFTo79ftrb
0AEW++odH1bpLftZhY++uH8HDxFqMLJzFCFlG7R8OeerOYNLKpQ/JIk2XJHkhJTQ
R0hCpALD4w9tZ+2PjuDRoZyL73qqgKUONBfsDmQcihhgRtGHgNQlkX1y752OM/G0
67qsFd+ub8GCj9z2fOGPqTBPqS8whpWMO7nrLqc7ZHNBBHrtvbx9+WnjvFMPP2YK
KgxD+GAWx+bQFTi2ZeHSk/n33dGpPoP+TizTnVTWYwCgCMb4LtkstiRVa+irzcEW
E8f62DyMW+8vvoAGYoyh3DWOu244t010VmJodTKRYxC957A1zUTI9ir8CF8BAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUYARLC8NTqJzTjK+o/gVj0DrDVAIwHwYDVR0j
BBgwFoAULwjOzV5Xy6Dmi8p/dAG9Xts4f7gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDY5NzE2MGMtYWNjNS00YjUxLWJmNTUtMTBjN2E2ZTY2
OTgwLzIvMkYwOENFQ0Q1RTU3Q0JBMEU2OEJDQTdGNzQwMUJENUVEQjM4N0ZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0x3ak96VjVYeTZEbWk4cF9kQUc5WHRz
NGY3Zy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDY5NzE2MGMt
YWNjNS00YjUxLWJmNTUtMTBjN2E2ZTY2OTgwLzIvMzIzMDMwMzEzYTM2Mzc2MzNh
MzIzODMwMzAzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMwMzUzMzMyMzkucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAgAQZ8KAAwDQYJKoZIhvcNAQELBQADggEBAEemOUOLtQseEaikO5kl
76mz3Fvfb9IYiiOoWgNrDuzJQlKwOKI6Q0K12SY709H4qOvZmXYr95cf86iUZxFJ
42hxZk5C+JcAuZyUqlv/IRMDDon3zmIaNeLlBA9KheVaLZcdUvq11xGRmS2jptF0
XTNZbpHviarpD8iXDd7gRFKd75Ac+4WK4Dto052LQn8hTeaFf5dueWUPD5ClM4oR
5brJhHAS+CRncuHFYlJkN8k9Z5qjVpnx2OcHfxOjeO1qUlfoqp3Qh4A1aP9CHPKb
uapE3uzxDpLJBSgdFRDz0+8e0ksAI0H01b/965ZIwoWi+jf43xaabqwNvk49YB/d
Sxs=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:49:09 2024 by rpki-client on console-ams.rpki-client.org