Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656334313a3a2f34382d3438203d3e20323132353136.roa
File: 326130643a623238373a656334313a3a2f34382d3438203d3e20323132353136.roa (raw, json)
Hash identifier: 5lNL9wmLDlet0KrRB5Z2lMcDOBbA6gqsqoS0zWeKarw=
Subject key identifier: 8D:B1:43:43:5A:D5:D0:1D:8E:6F:5A:38:B4:EA:87:47:79:39:34:06
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 26C90D07CEC6B7B68FD27CB3EE3A27D16E8DE1A4
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656334313a3a2f34382d3438203d3e20323132353136.roa
Signing time: Thu 22 Aug 2024 15:50:13 +0000
ROA not before: Thu 22 Aug 2024 15:45:13 +0000
ROA not after: Thu 21 Aug 2025 15:50:13 +0000
asID: 212516
IP address blocks: 2a0d:b287:ec41::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Nov 2024 15:27:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:c9:0d:07:ce:c6:b7:b6:8f:d2:7c:b3:ee:3a:27:d1:6e:8d:e1:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Aug 22 15:45:13 2024 GMT
Not After : Aug 21 15:50:13 2025 GMT
Subject: CN=8DB143435AD5D01D8E6F5A38B4EA874779393406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:25:ac:4d:7e:bb:83:59:46:3b:91:f7:69:47:
d7:ee:fc:75:6d:29:f6:d6:a9:e2:6e:d0:84:b1:22:
18:c7:dc:8f:91:dd:bc:cc:15:04:77:b4:30:5a:68:
29:c5:8d:c5:ce:b7:af:00:8c:e3:00:1a:b6:33:ae:
1f:8f:0b:bc:2b:93:21:f6:09:05:a2:cd:46:ed:c8:
a7:f0:9c:39:1e:b0:7c:c2:31:09:06:11:01:a9:9c:
f9:72:2f:9a:69:33:bd:5e:64:45:a6:54:f9:30:bf:
d7:81:1f:4d:dc:ed:db:a7:af:57:01:ab:35:b6:56:
d2:80:76:2e:9f:9b:ee:67:1c:ac:97:2a:13:dc:e9:
d6:c4:47:89:fe:0d:9d:e8:3f:54:39:89:7a:25:6f:
56:9a:92:5f:eb:29:23:e1:a7:ef:5c:11:99:11:fa:
e4:24:ac:4c:3a:f9:73:f7:70:f8:c7:d7:73:21:dc:
01:2c:8e:8c:b4:1a:c7:4e:72:65:b0:37:ba:1e:bd:
70:4f:01:58:eb:d0:65:42:38:0e:55:06:2f:8f:82:
ca:e0:d9:6e:ec:bb:39:ed:f3:a6:c8:ff:eb:91:35:
61:46:5d:54:31:a6:0b:3f:67:2b:ce:15:64:3e:da:
67:80:57:ac:8c:7a:5a:77:ca:78:19:5f:67:d2:32:
aa:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:B1:43:43:5A:D5:D0:1D:8E:6F:5A:38:B4:EA:87:47:79:39:34:06
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656334313a3a2f34382d3438203d3e20323132353136.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b287:ec41::/48
Signature Algorithm: sha256WithRSAEncryption
71:20:1a:9d:c8:ac:31:02:4e:99:85:e0:11:91:92:b5:70:39:
6b:79:c7:4e:de:0e:05:27:dc:16:08:3d:d9:81:0e:3c:26:48:
c8:95:a7:ba:0e:6b:02:74:7c:90:81:f9:a8:22:48:d3:c5:3a:
f4:a4:06:f6:69:7d:a2:cb:af:3d:51:75:f2:95:3a:12:a5:0c:
7c:cd:72:13:81:5e:54:7a:95:dd:3a:5e:a1:d1:a1:bc:85:5c:
1c:d5:75:a8:06:80:30:27:2f:41:9c:0b:f9:d6:8f:56:16:77:
5d:b3:bd:a5:86:ac:7e:3c:42:5e:95:fc:25:41:48:54:fc:01:
33:c2:ff:fc:b3:98:a9:05:74:52:cf:88:cc:38:1d:6a:d9:1b:
d8:a9:5d:89:e7:20:41:4f:fc:06:78:94:f8:28:cf:57:ae:b3:
36:d7:f9:90:51:92:00:34:84:c7:ff:e0:1d:ec:89:50:ca:fe:
f4:79:d5:fa:20:88:f4:d3:d2:e6:d0:3e:4b:5f:8d:7a:b7:01:
cb:cb:d7:00:9a:cf:3f:db:cc:6a:dd:99:c5:a7:53:0f:bc:81:
da:b3:53:d9:95:c1:92:06:9e:79:5b:a0:9e:06:b5:74:09:dd:
d3:ee:7b:37:a8:0c:48:49:59:6b:3d:f9:99:15:79:cc:c7:46:
eb:c6:37:8f
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUJskNB87Gt7aP0nyz7jon0W6N4aQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNDA4MjIxNTQ1MTNaFw0yNTA4MjExNTUwMTNaMDMxMTAvBgNV
BAMTKDhEQjE0MzQzNUFENUQwMUQ4RTZGNUEzOEI0RUE4NzQ3NzkzOTM0MDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOJaxNfruDWUY7kfdpR9fu/HVt
KfbWqeJu0ISxIhjH3I+R3bzMFQR3tDBaaCnFjcXOt68AjOMAGrYzrh+PC7wrkyH2
CQWizUbtyKfwnDkesHzCMQkGEQGpnPlyL5ppM71eZEWmVPkwv9eBH03c7dunr1cB
qzW2VtKAdi6fm+5nHKyXKhPc6dbER4n+DZ3oP1Q5iXolb1aakl/rKSPhp+9cEZkR
+uQkrEw6+XP3cPjH13Mh3AEsjoy0GsdOcmWwN7oevXBPAVjr0GVCOA5VBi+Pgsrg
2W7suznt86bI/+uRNWFGXVQxpgs/ZyvOFWQ+2meAV6yMelp3yngZX2fSMqqRAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUjbFDQ1rV0B2Ob1o4tOqHR3k5NAYwHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzI2MTMwNjQzYTYyMzIzODM3
M2E2NTYzMzQzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjM1MzEzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoNsofsQTANBgkqhkiG9w0BAQsFAAOCAQEAcSAancisMQJOmYXg
EZGStXA5a3nHTt4OBSfcFgg92YEOPCZIyJWnug5rAnR8kIH5qCJI08U69KQG9ml9
osuvPVF18pU6EqUMfM1yE4FeVHqV3TpeodGhvIVcHNV1qAaAMCcvQZwL+daPVhZ3
XbO9pYasfjxCXpX8JUFIVPwBM8L//LOYqQV0Us+IzDgdatkb2KldiecgQU/8BniU
+CjPV66zNtf5kFGSADSEx//gHeyJUMr+9HnV+iCI9NPS5tA+S1+NercBy8vXAJrP
P9vMat2ZxadTD7yB2rNT2ZXBkgaeeVugnga1dAnd0+57N6gMSElZaz35mRV5zMdG
68Y3jw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 00:11:00 2024 by rpki-client on console-ams.rpki-client.org