Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634323a3130303a3a2f34382d3438203d3e203438323830.roa
File: 326131333a393634323a3130303a3a2f34382d3438203d3e203438323830.roa (raw, json)
Hash identifier: 5gKZW/GJ6szyeA660SSSZ04c5MFxaWdT28EUODZAZVs=
Subject key identifier: B9:DF:D1:2D:1D:3F:CA:6A:46:47:72:00:1C:E1:45:29:CC:F0:89:B0
Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial: 1FAD232FC1C561A994435177756F159D42CACF97
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634323a3130303a3a2f34382d3438203d3e203438323830.roa
Signing time: Thu 08 Aug 2024 15:14:10 +0000
ROA not before: Thu 08 Aug 2024 15:09:10 +0000
ROA not after: Thu 07 Aug 2025 15:14:10 +0000
asID: 48280
IP address blocks: 2a13:9642:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:ad:23:2f:c1:c5:61:a9:94:43:51:77:75:6f:15:9d:42:ca:cf:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
Validity
Not Before: Aug 8 15:09:10 2024 GMT
Not After : Aug 7 15:14:10 2025 GMT
Subject: CN=B9DFD12D1D3FCA6A464772001CE14529CCF089B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:28:a3:ab:f7:00:74:f1:25:36:81:c2:c4:b6:
ba:cb:36:94:a6:de:22:b4:7b:c5:40:df:15:b6:16:
e0:95:bc:14:ae:cf:1c:c6:a8:aa:86:03:83:d4:06:
c3:2e:6b:c3:62:63:e6:0f:9c:2e:a8:8e:5d:be:ab:
6d:59:94:04:19:6d:81:4e:4e:05:01:30:c5:1f:6e:
92:4e:c9:f1:49:a6:0b:e7:d5:a2:b8:95:ab:d3:e8:
cf:19:c8:c2:75:53:a7:cd:64:d3:49:69:34:88:d1:
13:6f:98:8a:bc:c2:1f:e8:02:3e:b9:12:fd:1f:e4:
c6:05:32:ba:de:30:57:0c:44:80:06:7a:93:3e:01:
66:f9:d3:2f:1e:d4:15:63:e3:a2:6d:a0:27:b8:37:
5e:c2:ce:7b:e1:bc:53:06:5c:5f:fc:70:f3:3e:73:
29:d1:70:7b:24:64:54:7e:f2:66:24:6b:3a:da:2d:
36:47:19:4d:3c:c2:6f:ec:1f:24:cb:39:63:51:cd:
9b:ec:49:11:79:b5:6c:56:73:7a:aa:64:5f:14:d8:
b7:40:36:a8:72:f9:b3:61:9d:fd:60:63:bd:7b:05:
75:67:b0:f8:38:85:c3:4f:f6:5a:08:a1:25:34:5b:
89:84:30:d7:cf:e4:a5:6b:6a:a7:4a:93:66:6d:cc:
8f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:DF:D1:2D:1D:3F:CA:6A:46:47:72:00:1C:E1:45:29:CC:F0:89:B0
X509v3 Authority Key Identifier:
keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634323a3130303a3a2f34382d3438203d3e203438323830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9642:100::/48
Signature Algorithm: sha256WithRSAEncryption
ab:fc:5e:f9:88:52:a6:1b:8e:5f:34:7b:e2:f0:e3:ca:38:f8:
95:fe:84:1c:53:7e:e8:d4:85:b8:1d:2f:9d:af:f3:e5:48:03:
05:47:f3:e6:78:a2:4c:2e:d3:dc:c7:23:bc:17:20:f0:f6:f1:
31:5e:6d:b9:20:70:c7:e4:75:8e:5f:5e:44:1e:8e:09:0a:ef:
e5:95:01:5d:44:90:3c:81:00:25:f3:a7:92:a2:ef:e1:a0:c0:
eb:8c:50:16:1b:ab:91:2c:da:aa:d2:f5:a1:99:c5:cc:0a:57:
3f:b8:0c:af:a1:c7:63:4e:15:af:2b:6a:53:26:2d:2f:85:74:
52:2e:d0:f5:00:69:52:df:1e:0f:2a:6b:3f:b4:21:f6:bf:c6:
2a:26:11:42:d4:b1:56:b2:88:bf:71:1c:10:59:30:eb:bc:63:
eb:7a:b0:6b:0d:9b:0f:5d:b6:63:ff:ee:bf:dd:0b:58:ae:93:
46:bd:3a:dd:a5:52:13:8d:f4:51:a8:39:bd:ac:ee:54:e6:c3:
d6:25:22:0c:0b:33:10:a4:14:4d:28:21:fd:00:cf:bd:99:33:
7b:00:2e:f3:34:1b:b6:84:4b:87:20:ab:9e:51:20:a6:d1:26:
23:ab:2e:d4:af:14:a0:76:e6:79:4f:d8:71:60:ff:f2:55:5a:
dd:53:1a:66
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUH60jL8HFYamUQ1F3dW8VnULKz5cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNDA4MDgxNTA5MTBaFw0yNTA4MDcxNTE0MTBaMDMxMTAvBgNV
BAMTKEI5REZEMTJEMUQzRkNBNkE0NjQ3NzIwMDFDRTE0NTI5Q0NGMDg5QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtKKOr9wB08SU2gcLEtrrLNpSm
3iK0e8VA3xW2FuCVvBSuzxzGqKqGA4PUBsMua8NiY+YPnC6ojl2+q21ZlAQZbYFO
TgUBMMUfbpJOyfFJpgvn1aK4lavT6M8ZyMJ1U6fNZNNJaTSI0RNvmIq8wh/oAj65
Ev0f5MYFMrreMFcMRIAGepM+AWb50y8e1BVj46JtoCe4N17CznvhvFMGXF/8cPM+
cynRcHskZFR+8mYkazraLTZHGU08wm/sHyTLOWNRzZvsSRF5tWxWc3qqZF8U2LdA
Nqhy+bNhnf1gY717BXVnsPg4hcNP9loIoSU0W4mEMNfP5KVraqdKk2ZtzI8LAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUud/RLR0/ympGR3IAHOFFKczwibAwHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTMwZGU4NGIt
NDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1YjQ5LzAvMzI2MTMxMzMzYTM5MzYzNDMy
M2EzMTMwMzAzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzNDM4MzIzODMwLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhOWQgEAMA0GCSqGSIb3DQEBCwUAA4IBAQCr/F75iFKmG45fNHvi8OPK
OPiV/oQcU37o1IW4HS+dr/PlSAMFR/PmeKJMLtPcxyO8FyDw9vExXm25IHDH5HWO
X15EHo4JCu/llQFdRJA8gQAl86eSou/hoMDrjFAWG6uRLNqq0vWhmcXMClc/uAyv
ocdjThWvK2pTJi0vhXRSLtD1AGlS3x4PKms/tCH2v8YqJhFC1LFWsoi/cRwQWTDr
vGPrerBrDZsPXbZj/+6/3QtYrpNGvTrdpVITjfRRqDm9rO5U5sPWJSIMCzMQpBRN
KCH9AM+9mTN7AC7zNBu2hEuHIKueUSCm0SYjqy7UrxSgduZ5T9hxYP/yVVrdUxpm
-----END CERTIFICATE-----
Generated at Mon Nov 25 14:29:17 2024 by rpki-client on console-ams.rpki-client.org