Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/2/323030313a3637633a323830303a3a2f34382d3438203d3e20323035333239.roa
File: 323030313a3637633a323830303a3a2f34382d3438203d3e20323035333239.roa (raw, json)
Hash identifier: vX/4y//rrkrjGM9oEnDBFIqKEWN0nHxqpLFw+yvpPI8=
Subject key identifier: 1F:85:8B:EE:AA:73:39:D9:1F:59:38:94:C5:42:79:57:18:11:87:F2
Certificate issuer: /CN=2f08cecd5e57cba0e68bca7f7401bd5edb387fb8
Certificate serial: 0B719C7CDB0F82659B141FC190D7DA1D925CE2D7
Authority key identifier: 2F:08:CE:CD:5E:57:CB:A0:E6:8B:CA:7F:74:01:BD:5E:DB:38:7F:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LwjOzV5Xy6Dmi8p_dAG9Xts4f7g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/2/323030313a3637633a323830303a3a2f34382d3438203d3e20323035333239.roa
Signing time: Fri 13 Oct 2023 19:55:05 +0000
ROA not before: Fri 13 Oct 2023 19:50:05 +0000
ROA not after: Fri 11 Oct 2024 19:55:05 +0000
asID: 205329
IP address blocks: 2001:67c:2800::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/2/2F08CECD5E57CBA0E68BCA7F7401BD5EDB387FB8.crl
rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/2/2F08CECD5E57CBA0E68BCA7F7401BD5EDB387FB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/LwjOzV5Xy6Dmi8p_dAG9Xts4f7g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:41:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:71:9c:7c:db:0f:82:65:9b:14:1f:c1:90:d7:da:1d:92:5c:e2:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f08cecd5e57cba0e68bca7f7401bd5edb387fb8
Validity
Not Before: Oct 13 19:50:05 2023 GMT
Not After : Oct 11 19:55:05 2024 GMT
Subject: CN=1F858BEEAA7339D91F593894C5427957181187F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4f:66:78:f5:52:41:45:df:7c:f9:64:0a:04:
39:00:90:9d:91:12:c1:2e:62:cc:42:08:0c:55:30:
c7:6d:82:23:31:b6:15:a3:4a:42:2c:53:e5:ce:65:
45:22:c6:94:69:15:3b:8e:8a:8c:19:20:18:d6:2f:
c2:c6:a5:14:e0:62:e9:af:b0:81:7b:8c:71:98:25:
0a:0d:93:77:df:db:e7:a0:7b:65:42:6a:c2:e1:5c:
fb:f5:af:83:34:de:4d:2a:df:6b:8a:79:73:4e:23:
03:84:d9:63:16:c6:cf:2d:82:92:f6:3a:60:77:54:
de:43:f7:00:4a:45:7d:cc:80:10:80:30:f3:f0:49:
74:bb:99:9d:07:2f:bf:be:66:aa:e6:f8:bd:25:be:
2e:2c:3a:61:b3:5a:59:b8:db:bb:0c:36:ff:92:02:
71:f4:07:25:76:07:e8:3b:7b:80:28:99:c2:d0:35:
7f:48:0b:2d:b7:18:46:a0:3e:77:e7:4c:0b:7f:59:
fd:29:70:42:50:8a:90:e1:a9:5d:23:77:05:27:d2:
58:bf:e7:42:40:30:82:92:ef:6b:dd:2f:57:b4:86:
96:df:93:b8:6d:ba:eb:07:4d:9e:3a:62:50:36:51:
af:2a:de:08:ca:70:79:90:38:43:88:46:a0:9e:bd:
85:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:85:8B:EE:AA:73:39:D9:1F:59:38:94:C5:42:79:57:18:11:87:F2
X509v3 Authority Key Identifier:
keyid:2F:08:CE:CD:5E:57:CB:A0:E6:8B:CA:7F:74:01:BD:5E:DB:38:7F:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/2/2F08CECD5E57CBA0E68BCA7F7401BD5EDB387FB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LwjOzV5Xy6Dmi8p_dAG9Xts4f7g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/2/323030313a3637633a323830303a3a2f34382d3438203d3e20323035333239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2800::/48
Signature Algorithm: sha256WithRSAEncryption
b4:6d:de:0b:d0:b3:cf:f6:c5:55:8c:da:d9:64:d4:4d:3b:95:
b8:9c:90:12:07:1c:a4:1d:72:bb:65:d6:1d:ec:25:e2:b6:6f:
1d:82:75:f8:46:f4:75:d0:46:a3:0e:82:6a:c7:4a:4d:8a:20:
66:b2:7a:c2:f1:a6:6e:14:1e:41:1a:3c:0e:01:cb:04:3e:1b:
30:0a:dd:fb:5f:e3:5f:a1:6a:5e:bc:24:96:11:97:a6:2b:d7:
6b:c0:2f:ca:2d:73:7f:8e:26:af:bb:bc:d0:13:d1:3c:2e:d8:
df:bd:46:0f:d0:e4:c1:27:5c:22:62:20:eb:25:71:a5:e4:07:
b3:64:9c:d1:5d:4b:8d:c4:6e:20:90:5f:db:31:4d:44:ee:87:
d8:a7:26:51:f4:7b:e3:31:12:da:3d:0e:aa:6d:58:b8:3f:c3:
6f:09:a7:4c:cd:1f:cf:a4:40:ab:b1:a8:45:8e:55:a8:05:e6:
f7:03:b1:19:c4:8c:b4:d5:27:db:13:2a:bd:dd:b0:a4:01:b3:
ac:46:c9:66:37:40:34:41:95:c0:84:ae:f0:1b:a3:99:30:19:
29:39:57:46:e4:34:a3:6b:42:39:a2:71:34:5a:12:4d:7a:9c:
53:e5:c4:b9:3e:e1:98:13:e3:a5:aa:c6:e4:74:69:8a:b6:5b:
f7:47:d4:65
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUC3GcfNsPgmWbFB/BkNfaHZJc4tcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMmYwOGNlY2Q1ZTU3Y2JhMGU2OGJjYTdmNzQwMWJkNWVk
YjM4N2ZiODAeFw0yMzEwMTMxOTUwMDVaFw0yNDEwMTExOTU1MDVaMDMxMTAvBgNV
BAMTKDFGODU4QkVFQUE3MzM5RDkxRjU5Mzg5NEM1NDI3OTU3MTgxMTg3RjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaT2Z49VJBRd98+WQKBDkAkJ2R
EsEuYsxCCAxVMMdtgiMxthWjSkIsU+XOZUUixpRpFTuOiowZIBjWL8LGpRTgYumv
sIF7jHGYJQoNk3ff2+ege2VCasLhXPv1r4M03k0q32uKeXNOIwOE2WMWxs8tgpL2
OmB3VN5D9wBKRX3MgBCAMPPwSXS7mZ0HL7++Zqrm+L0lvi4sOmGzWlm427sMNv+S
AnH0ByV2B+g7e4AomcLQNX9ICy23GEagPnfnTAt/Wf0pcEJQipDhqV0jdwUn0li/
50JAMIKS72vdL1e0hpbfk7htuusHTZ46YlA2Ua8q3gjKcHmQOEOIRqCevYVDAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUH4WL7qpzOdkfWTiUxUJ5VxgRh/IwHwYDVR0j
BBgwFoAULwjOzV5Xy6Dmi8p/dAG9Xts4f7gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDY5NzE2MGMtYWNjNS00YjUxLWJmNTUtMTBjN2E2ZTY2
OTgwLzIvMkYwOENFQ0Q1RTU3Q0JBMEU2OEJDQTdGNzQwMUJENUVEQjM4N0ZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0x3ak96VjVYeTZEbWk4cF9kQUc5WHRz
NGY3Zy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDY5NzE2MGMt
YWNjNS00YjUxLWJmNTUtMTBjN2E2ZTY2OTgwLzIvMzIzMDMwMzEzYTM2Mzc2MzNh
MzIzODMwMzAzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMwMzUzMzMyMzkucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAgAQZ8KAAwDQYJKoZIhvcNAQELBQADggEBALRt3gvQs8/2xVWM2tlk
1E07lbickBIHHKQdcrtl1h3sJeK2bx2CdfhG9HXQRqMOgmrHSk2KIGayesLxpm4U
HkEaPA4BywQ+GzAK3ftf41+hal68JJYRl6Yr12vAL8otc3+OJq+7vNAT0Twu2N+9
Rg/Q5MEnXCJiIOslcaXkB7NknNFdS43EbiCQX9sxTUTuh9inJlH0e+MxEto9Dqpt
WLg/w28Jp0zNH8+kQKuxqEWOVagF5vcDsRnEjLTVJ9sTKr3dsKQBs6xGyWY3QDRB
lcCErvAbo5kwGSk5V0bkNKNrQjmicTRaEk16nFPlxLk+4ZgT46WqxuR0aYq2W/dH
1GU=
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:16:42 2024 by rpki-client on console-ams.rpki-client.org