Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656330303a3a2f34302d3430203d3e20323135363634.roa
File: 326130643a623238373a656330303a3a2f34302d3430203d3e20323135363634.roa (raw, json)
Hash identifier: ZkXNpKW61UGEN6+3Eq/nkumIj3yuGpDt69ocmobqC/8=
Subject key identifier: AA:67:B3:2D:24:90:02:33:89:E3:EA:75:84:30:09:C3:E9:97:25:6A
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 5B82081C7BA589E2524DD21AE363A73F2CE73696
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656330303a3a2f34302d3430203d3e20323135363634.roa
Signing time: Thu 22 Aug 2024 15:50:17 +0000
ROA not before: Thu 22 Aug 2024 15:45:17 +0000
ROA not after: Thu 21 Aug 2025 15:50:17 +0000
asID: 215664
IP address blocks: 2a0d:b287:ec00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:82:08:1c:7b:a5:89:e2:52:4d:d2:1a:e3:63:a7:3f:2c:e7:36:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Aug 22 15:45:17 2024 GMT
Not After : Aug 21 15:50:17 2025 GMT
Subject: CN=AA67B32D2490023389E3EA75843009C3E997256A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bf:88:f7:fa:c0:18:08:8b:b7:f4:da:4c:7a:
21:a5:05:26:ad:2b:fb:9a:5b:94:91:76:68:67:dd:
3c:e2:fc:15:57:ae:b6:e3:0f:9b:ac:0e:53:bb:a1:
eb:e8:7b:8c:3f:0d:1b:c0:f7:24:36:d7:0d:0b:5e:
19:68:86:1a:e7:6e:84:a2:6d:1d:6d:42:9c:0b:ea:
41:c3:f8:da:b9:7d:96:fd:74:c3:0c:19:c9:0d:3b:
af:c8:9f:3c:a7:41:ee:2e:24:37:93:9b:4d:83:33:
10:eb:5b:aa:e7:84:8b:e2:b7:6a:4c:52:f0:86:42:
2f:f0:66:6b:cb:c0:f8:15:6f:4d:9d:20:ff:d8:7a:
cb:b0:6c:4b:72:ec:9d:fc:82:89:30:66:26:7b:9a:
d0:4e:d0:11:42:a2:f2:d1:00:00:df:90:b7:fe:8c:
37:07:67:8d:0f:71:c3:03:dd:48:c4:5d:45:c1:8b:
45:9f:2c:83:6f:90:40:41:52:7b:38:50:2b:06:0e:
0f:1b:5f:8c:bb:ee:97:94:e5:f0:93:cd:39:67:6a:
c6:03:16:85:48:1d:82:d6:73:d0:15:18:76:5c:83:
40:6f:06:44:18:31:74:84:91:ae:a9:5d:75:e9:03:
5a:0b:6f:3d:17:d7:c5:48:0d:c1:8b:c7:2b:98:63:
55:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:67:B3:2D:24:90:02:33:89:E3:EA:75:84:30:09:C3:E9:97:25:6A
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656330303a3a2f34302d3430203d3e20323135363634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b287:ec00::/40
Signature Algorithm: sha256WithRSAEncryption
ac:e0:ec:cf:ea:f6:36:70:c6:27:8b:94:45:bd:47:ea:16:34:
13:27:fa:d8:70:c2:f6:1f:c0:1a:6d:50:25:05:44:b8:2e:aa:
09:f0:99:b4:92:5b:42:7e:62:2e:24:8d:de:fe:47:d2:ec:ba:
24:97:32:bc:47:57:5d:a1:51:58:93:97:b9:b6:24:ab:a8:30:
4d:11:b1:f3:65:00:b5:cd:e6:94:7b:39:b6:6d:36:5b:ee:09:
93:99:2c:92:6f:b2:dc:09:78:07:06:ad:a7:36:ef:63:72:8f:
0f:da:d2:9f:4b:3b:88:b3:75:ca:31:8b:d5:62:66:fd:34:c4:
23:d6:55:de:6d:d9:de:6e:12:61:93:5d:a9:66:d4:f9:80:43:
59:67:12:f9:32:90:a7:27:48:fb:f8:62:7d:20:e0:fb:82:bc:
90:31:72:09:a7:61:5b:ca:56:d8:11:8a:16:2c:89:be:91:f5:
d6:7a:a4:1f:2d:9c:9d:44:53:be:f4:ed:0f:4b:1c:a0:e9:3e:
fb:3b:43:bb:0b:d0:5a:a0:c9:56:0d:d8:33:82:59:e1:31:8d:
f5:59:43:7c:db:33:1a:e3:74:9f:b0:68:17:5a:2c:35:e6:90:
d5:b8:0d:d7:ba:19:7a:53:2f:72:f1:14:d3:b2:15:7d:ac:2e:
d0:96:79:0f
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUW4IIHHulieJSTdIa42OnPyznNpYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNDA4MjIxNTQ1MTdaFw0yNTA4MjExNTUwMTdaMDMxMTAvBgNV
BAMTKEFBNjdCMzJEMjQ5MDAyMzM4OUUzRUE3NTg0MzAwOUMzRTk5NzI1NkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxv4j3+sAYCIu39NpMeiGlBSat
K/uaW5SRdmhn3Tzi/BVXrrbjD5usDlO7oevoe4w/DRvA9yQ21w0LXhlohhrnboSi
bR1tQpwL6kHD+Nq5fZb9dMMMGckNO6/InzynQe4uJDeTm02DMxDrW6rnhIvit2pM
UvCGQi/wZmvLwPgVb02dIP/YesuwbEty7J38gokwZiZ7mtBO0BFCovLRAADfkLf+
jDcHZ40PccMD3UjEXUXBi0WfLINvkEBBUns4UCsGDg8bX4y77peU5fCTzTlnasYD
FoVIHYLWc9AVGHZcg0BvBkQYMXSEka6pXXXpA1oLbz0X18VIDcGLxyuYY1UDAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUqmezLSSQAjOJ4+p1hDAJw+mXJWowHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzI2MTMwNjQzYTYyMzIzODM3
M2E2NTYzMzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNkM2UyMDMyMzEzNTM2MzYzNC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoNsofsMA0GCSqGSIb3DQEBCwUAA4IBAQCs4OzP6vY2cMYni5RF
vUfqFjQTJ/rYcML2H8AabVAlBUS4LqoJ8Jm0kltCfmIuJI3e/kfS7LoklzK8R1dd
oVFYk5e5tiSrqDBNEbHzZQC1zeaUezm2bTZb7gmTmSySb7LcCXgHBq2nNu9jco8P
2tKfSzuIs3XKMYvVYmb9NMQj1lXebdnebhJhk12pZtT5gENZZxL5MpCnJ0j7+GJ9
IOD7gryQMXIJp2FbylbYEYoWLIm+kfXWeqQfLZydRFO+9O0PSxyg6T77O0O7C9Ba
oMlWDdgzglnhMY31WUN82zMa43SfsGgXWiw15pDVuA3Xuhl6Uy9y8RTTshV9rC7Q
lnkP
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:18:04 2024 by rpki-client on console-ams.rpki-client.org