Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238303a383130303a3a2f34382d3438203d3e203431373230.roa
File: 326130643a623238303a383130303a3a2f34382d3438203d3e203431373230.roa (raw, json)
Hash identifier: Qv46t81qHTc4uf1Bxldy1f/G+l9sAnh7axBU+G8+9tQ=
Subject key identifier: B6:28:73:3F:40:BA:0A:68:E1:4B:56:38:E7:47:72:B1:FA:D9:A8:8E
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 22D450478D18E1C18FC9D3BC490FE79C93A35ED5
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238303a383130303a3a2f34382d3438203d3e203431373230.roa
Signing time: Thu 22 Aug 2024 15:50:00 +0000
ROA not before: Thu 22 Aug 2024 15:45:00 +0000
ROA not after: Thu 21 Aug 2025 15:50:00 +0000
asID: 41720
IP address blocks: 2a0d:b280:8100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Nov 2024 15:27:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:d4:50:47:8d:18:e1:c1:8f:c9:d3:bc:49:0f:e7:9c:93:a3:5e:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Aug 22 15:45:00 2024 GMT
Not After : Aug 21 15:50:00 2025 GMT
Subject: CN=B628733F40BA0A68E14B5638E74772B1FAD9A88E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8e:77:88:b7:e2:ef:ad:1c:25:8d:ad:c7:f6:
55:d0:99:89:17:24:78:92:08:13:68:f0:60:66:1c:
e0:53:05:d3:e4:b2:b1:a9:90:65:3b:e3:5c:a7:0c:
8e:62:0d:82:a4:f8:d6:ad:3d:b8:36:32:4b:8c:15:
7b:e2:71:54:61:ed:54:95:33:20:87:a2:12:87:f6:
b3:ca:19:22:0f:0f:b6:33:52:89:66:07:f4:6c:8f:
7c:01:ba:8f:f1:a9:e6:42:52:f8:ff:aa:7f:a1:9f:
13:aa:01:ee:d0:46:53:ca:24:5e:b1:59:0a:8c:bf:
9d:41:9d:14:7c:7a:e2:e3:c7:cd:7f:af:1f:2f:d0:
22:bb:8b:63:27:a7:5d:f2:5d:cd:53:57:95:fd:ef:
43:a4:b2:b5:07:6c:5a:cc:e2:c4:1f:6c:3e:94:af:
9f:c0:1f:90:ec:3d:d0:4d:67:3c:45:b0:85:c4:13:
5f:91:9b:ea:28:a6:52:66:b1:a3:55:73:24:41:42:
5d:48:5b:cd:14:b4:e8:9e:5a:0d:7e:d2:ab:f1:1b:
80:38:37:f2:ba:17:0e:f6:46:cb:4f:59:29:b8:6a:
fc:3c:ec:c0:73:3e:0f:1e:b4:10:6c:91:2d:3c:e5:
88:8b:d6:a9:bd:50:7a:53:67:7a:91:9b:5e:74:4e:
99:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:28:73:3F:40:BA:0A:68:E1:4B:56:38:E7:47:72:B1:FA:D9:A8:8E
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238303a383130303a3a2f34382d3438203d3e203431373230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b280:8100::/48
Signature Algorithm: sha256WithRSAEncryption
1e:11:86:f4:f1:f3:e2:da:99:10:f2:e3:62:b5:5c:6e:01:f6:
99:4e:c4:70:27:a1:cc:e3:22:d1:d3:ae:9a:ee:01:8c:1c:09:
4c:6e:83:60:93:36:8d:6b:08:ff:9b:2b:20:87:e6:ac:39:f6:
5a:b5:99:90:3d:01:b3:f3:b2:c2:18:98:3e:40:bc:33:32:22:
de:82:44:77:12:28:f6:1e:91:10:eb:62:25:aa:5b:70:70:92:
41:2c:90:9d:ea:8e:70:b3:84:66:fd:62:85:58:27:a4:a6:62:
49:37:46:2a:e7:a4:e3:a7:79:8c:8a:92:0e:3c:be:54:85:2b:
bf:5c:b8:df:9d:14:42:49:6a:03:52:52:69:22:ca:d8:4f:7a:
ef:5e:82:09:b6:0c:ab:68:8b:4a:40:32:96:28:0c:6b:4c:d9:
57:84:a1:49:b6:6e:d5:ed:cc:a8:2f:e9:cb:21:75:12:b1:15:
88:a6:cc:fd:2c:93:2b:10:23:e6:d8:d2:7d:b4:53:9f:74:0a:
74:fb:60:08:dd:a5:8c:c2:c1:87:76:1c:3c:80:76:cb:6a:2a:
b8:a8:ac:e0:e6:f3:ec:f1:e6:20:6a:19:dc:5d:10:72:ec:3e:
3e:65:8e:f6:5e:7e:ac:80:fe:b7:fe:c1:9e:5d:d1:d4:f5:8f:
56:f3:9a:ec
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUItRQR40Y4cGPydO8SQ/nnJOjXtUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNDA4MjIxNTQ1MDBaFw0yNTA4MjExNTUwMDBaMDMxMTAvBgNV
BAMTKEI2Mjg3MzNGNDBCQTBBNjhFMTRCNTYzOEU3NDc3MkIxRkFEOUE4OEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzjneIt+LvrRwlja3H9lXQmYkX
JHiSCBNo8GBmHOBTBdPksrGpkGU741ynDI5iDYKk+NatPbg2MkuMFXvicVRh7VSV
MyCHohKH9rPKGSIPD7YzUolmB/Rsj3wBuo/xqeZCUvj/qn+hnxOqAe7QRlPKJF6x
WQqMv51BnRR8euLjx81/rx8v0CK7i2Mnp13yXc1TV5X970OksrUHbFrM4sQfbD6U
r5/AH5DsPdBNZzxFsIXEE1+Rm+ooplJmsaNVcyRBQl1IW80UtOieWg1+0qvxG4A4
N/K6Fw72RstPWSm4avw87MBzPg8etBBskS085YiL1qm9UHpTZ3qRm150TpmhAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUtihzP0C6CmjhS1Y450dysfrZqI4wHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzI2MTMwNjQzYTYyMzIzODMw
M2EzODMxMzAzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDM0MzEzNzMyMzAucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqDbKAgQAwDQYJKoZIhvcNAQELBQADggEBAB4RhvTx8+LamRDy42K1
XG4B9plOxHAnoczjItHTrpruAYwcCUxug2CTNo1rCP+bKyCH5qw59lq1mZA9AbPz
ssIYmD5AvDMyIt6CRHcSKPYekRDrYiWqW3BwkkEskJ3qjnCzhGb9YoVYJ6SmYkk3
RirnpOOneYyKkg48vlSFK79cuN+dFEJJagNSUmkiythPeu9eggm2DKtoi0pAMpYo
DGtM2VeEoUm2btXtzKgv6cshdRKxFYimzP0skysQI+bY0n20U590CnT7YAjdpYzC
wYd2HDyAdstqKriorODm8+zx5iBqGdxdEHLsPj5ljvZefqyA/rf+wZ5d0dT1j1bz
muw=
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:15:05 2024 by rpki-client on console-fra.rpki-client.org