Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a646130303a3a2f34382d3438203d3e20323135313436.roa
File: 326130643a623238373a646130303a3a2f34382d3438203d3e20323135313436.roa (raw, json)
Hash identifier: iavCedfpEd5k0rIG/kL5F/xxOAMPmZq43N15rLvPbic=
Subject key identifier: 01:E8:6D:A0:47:95:A0:7A:4F:11:E4:8D:0E:81:3F:C8:F6:C9:8A:D6
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 6690FAE982A3514AEEF454191ADD69099AD109BC
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a646130303a3a2f34382d3438203d3e20323135313436.roa
Signing time: Sun 20 Oct 2024 15:27:06 +0000
ROA not before: Sun 20 Oct 2024 15:22:06 +0000
ROA not after: Sun 19 Oct 2025 15:27:06 +0000
asID: 215146
IP address blocks: 2a0d:b287:da00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Nov 2024 15:27:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:90:fa:e9:82:a3:51:4a:ee:f4:54:19:1a:dd:69:09:9a:d1:09:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Oct 20 15:22:06 2024 GMT
Not After : Oct 19 15:27:06 2025 GMT
Subject: CN=01E86DA04795A07A4F11E48D0E813FC8F6C98AD6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:56:b9:19:18:28:9a:31:e8:7c:fe:08:1b:19:
5e:ac:0f:94:15:dd:bc:55:55:51:38:0b:d1:a0:71:
8f:40:6d:13:f8:56:c8:ad:df:8a:51:c0:e6:6a:fc:
ee:bc:bb:0e:88:4c:5c:7e:c8:2d:78:c0:4a:a1:7c:
1b:90:f1:f6:51:5e:11:a0:76:bf:aa:11:c5:02:cc:
82:d6:b6:08:e4:d2:94:ef:fb:6d:4d:5a:79:54:80:
ee:ec:ae:64:5e:28:7a:19:69:85:71:af:21:ac:d7:
d0:45:74:4f:2a:f1:dc:ba:50:7a:61:5a:1f:d9:b2:
bd:12:73:37:b3:d1:c3:3c:26:b6:c6:9b:fb:8b:32:
a8:7f:ac:df:94:0f:6c:e4:a7:b7:52:3a:1e:10:68:
1a:c8:e5:d5:60:cc:29:98:42:68:7f:62:26:6a:26:
3f:05:29:3b:b3:c8:13:77:a7:20:8a:79:d6:aa:d5:
2c:5a:2a:13:e4:e9:e0:ce:87:ea:3e:71:a4:15:04:
4c:82:18:83:f6:e6:28:24:f8:d6:b8:0c:37:04:9e:
cf:8a:99:a8:5a:c2:b3:c1:61:19:a6:6d:16:c0:d0:
0d:28:8a:7a:df:7f:f2:82:c0:5d:30:0c:e4:6b:7b:
8c:96:b3:52:35:02:aa:94:2c:99:66:b7:bd:f1:4e:
71:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:E8:6D:A0:47:95:A0:7A:4F:11:E4:8D:0E:81:3F:C8:F6:C9:8A:D6
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a646130303a3a2f34382d3438203d3e20323135313436.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b287:da00::/48
Signature Algorithm: sha256WithRSAEncryption
5e:d0:3f:e0:d9:d1:45:8a:9a:01:74:c2:2b:2e:33:c3:7a:a9:
57:41:a8:16:2e:35:47:ca:17:16:cc:0d:cf:1c:1a:d7:90:dd:
7f:29:d7:43:f6:11:f7:aa:8c:2d:6e:94:67:0b:43:fe:ec:f3:
30:45:c6:89:8a:8f:3a:4c:e2:7c:ea:97:9f:35:08:89:eb:d1:
71:42:08:17:12:9c:8c:6b:40:2e:c1:f5:9a:8c:ef:31:b8:d5:
30:7c:78:42:34:56:2a:d6:6f:03:d4:b6:86:6f:51:95:47:16:
f5:5e:9c:c3:55:b9:f6:32:d3:e7:7c:b9:bd:e5:9f:7b:0f:15:
33:f8:bc:15:4d:10:67:30:85:bc:94:a0:33:54:22:79:a4:e3:
a5:82:b9:40:dd:11:3d:f2:30:30:19:dd:e0:24:a8:07:ca:25:
b1:af:4a:6f:89:bd:c5:2d:1a:e0:51:41:42:73:22:0a:61:2e:
6d:29:4f:63:10:1b:f8:9f:6d:d0:f9:df:b1:57:57:2a:27:c2:
4b:c2:3c:72:a3:95:e2:ef:af:00:28:3d:c3:da:4f:85:e2:58:
b1:1b:a2:a4:b8:c4:5e:34:f0:b6:52:da:97:46:bd:d2:fa:a4:
c0:9a:74:c6:42:d9:cc:d0:b7:de:95:46:e7:5d:18:f5:e9:30:
e3:8e:12:f4
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUZpD66YKjUUru9FQZGt1pCZrRCbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNDEwMjAxNTIyMDZaFw0yNTEwMTkxNTI3MDZaMDMxMTAvBgNV
BAMTKDAxRTg2REEwNDc5NUEwN0E0RjExRTQ4RDBFODEzRkM4RjZDOThBRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZVrkZGCiaMeh8/ggbGV6sD5QV
3bxVVVE4C9GgcY9AbRP4Vsit34pRwOZq/O68uw6ITFx+yC14wEqhfBuQ8fZRXhGg
dr+qEcUCzILWtgjk0pTv+21NWnlUgO7srmReKHoZaYVxryGs19BFdE8q8dy6UHph
Wh/Zsr0Sczez0cM8JrbGm/uLMqh/rN+UD2zkp7dSOh4QaBrI5dVgzCmYQmh/YiZq
Jj8FKTuzyBN3pyCKedaq1SxaKhPk6eDOh+o+caQVBEyCGIP25igk+Na4DDcEns+K
mahawrPBYRmmbRbA0A0oinrff/KCwF0wDORre4yWs1I1AqqULJlmt73xTnHrAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUAehtoEeVoHpPEeSNDoE/yPbJitYwHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzI2MTMwNjQzYTYyMzIzODM3
M2E2NDYxMzAzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNTMxMzQzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoNsofaADANBgkqhkiG9w0BAQsFAAOCAQEAXtA/4NnRRYqaAXTC
Ky4zw3qpV0GoFi41R8oXFswNzxwa15DdfynXQ/YR96qMLW6UZwtD/uzzMEXGiYqP
OkzifOqXnzUIievRcUIIFxKcjGtALsH1mozvMbjVMHx4QjRWKtZvA9S2hm9RlUcW
9V6cw1W59jLT53y5veWfew8VM/i8FU0QZzCFvJSgM1QieaTjpYK5QN0RPfIwMBnd
4CSoB8olsa9Kb4m9xS0a4FFBQnMiCmEubSlPYxAb+J9t0PnfsVdXKifCS8I8cqOV
4u+vACg9w9pPheJYsRuipLjEXjTwtlLal0a90vqkwJp0xkLZzNC33pVG510Y9ekw
444S9A==
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:15:05 2024 by rpki-client on console-fra.rpki-client.org