Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656530303a3a2f34302d3430203d3e20323038333238.roa
File: 326130643a623238373a656530303a3a2f34302d3430203d3e20323038333238.roa (raw, json)
Hash identifier: WtqgmDwc3f4nCSOQ8ixLkNx8sXt7FaBWfi7I6des1c8=
Subject key identifier: 2C:79:28:82:31:F5:11:0C:E1:F1:E3:14:6B:E2:AF:15:81:D7:84:32
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 6FCD34EB89298FB83478BF043A9284DDDB1574BD
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656530303a3a2f34302d3430203d3e20323038333238.roa
Signing time: Thu 14 Nov 2024 21:46:58 +0000
ROA not before: Thu 14 Nov 2024 21:41:58 +0000
ROA not after: Thu 13 Nov 2025 21:46:58 +0000
asID: 208328
IP address blocks: 2a0d:b287:ee00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Nov 2024 15:27:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:cd:34:eb:89:29:8f:b8:34:78:bf:04:3a:92:84:dd:db:15:74:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Nov 14 21:41:58 2024 GMT
Not After : Nov 13 21:46:58 2025 GMT
Subject: CN=2C79288231F5110CE1F1E3146BE2AF1581D78432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:41:46:33:81:9f:47:f5:95:41:34:11:90:23:
02:f3:67:d7:ff:f1:bd:a3:1c:74:80:6c:ab:86:b3:
ae:a6:cc:23:8a:f1:e0:db:b7:46:e9:b8:f9:08:6b:
e1:b6:70:36:2e:28:bc:1a:19:7e:1b:fd:24:7c:ba:
93:5e:76:88:6c:3b:ea:9e:d4:e1:c0:32:50:42:6d:
17:f3:e7:11:b6:e4:f4:2c:c0:c8:5d:f5:ba:5c:a0:
03:b0:78:0c:c5:9f:b2:d7:48:a7:17:22:ae:61:e2:
f6:28:0f:08:74:c9:66:94:77:00:c0:42:53:d8:e6:
c4:b7:e1:8d:56:be:6c:59:9a:a6:04:15:76:42:b0:
3b:e2:a7:79:51:c9:d9:32:8d:0f:4b:3b:a6:a8:04:
71:bd:ad:f9:07:72:64:8e:78:45:d7:0a:92:34:bb:
54:73:01:22:02:d8:d2:ce:cd:58:7e:8c:9a:4d:ca:
29:dc:3e:0a:e9:db:2a:df:c6:c7:cb:33:92:3e:3c:
03:a2:bf:c4:2b:dd:88:0f:32:28:6e:4f:37:98:46:
dd:2d:9e:39:55:1e:0f:cf:d3:48:d0:06:78:84:ea:
f7:a1:6f:67:b7:83:75:d8:55:3a:a2:20:c2:67:f3:
5d:e5:f3:73:54:98:fa:a0:1a:58:3c:17:6e:73:95:
d3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:79:28:82:31:F5:11:0C:E1:F1:E3:14:6B:E2:AF:15:81:D7:84:32
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656530303a3a2f34302d3430203d3e20323038333238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b287:ee00::/40
Signature Algorithm: sha256WithRSAEncryption
48:42:e3:af:a5:bd:2d:23:88:66:46:a4:7f:3b:7e:3f:b4:32:
ec:ba:2b:4d:37:f8:83:6e:aa:06:fc:53:e5:6e:7d:23:fb:b4:
50:79:8b:55:a0:3b:b3:f9:58:59:6f:20:8b:0f:2a:38:a1:28:
16:00:a6:39:49:d4:1a:2b:a9:8c:5d:ca:89:17:56:a3:23:ca:
24:55:a8:2f:ff:34:33:8e:70:50:06:23:63:68:ca:31:fe:71:
fd:4e:3d:42:a8:54:77:0f:85:62:ed:cf:47:d1:82:47:8f:d1:
74:25:f0:27:1d:42:18:be:71:b1:91:67:3d:85:15:0b:44:83:
da:8b:e7:28:55:03:1c:f1:4d:7a:b8:1e:73:d6:f5:87:5c:76:
eb:5c:5d:43:02:a6:6f:38:25:42:db:d6:7e:f7:36:40:43:40:
c2:3f:91:90:d4:0a:b9:30:b1:df:9f:6d:f4:10:85:bc:c5:96:
41:0a:98:a7:3b:db:af:99:78:1b:4a:e6:d6:a8:ea:48:40:98:
5d:fb:82:b0:cc:4f:83:26:4b:34:73:7d:72:6f:ab:bc:02:82:
25:1d:4d:36:ef:61:1f:2c:18:25:e4:87:1b:a6:4c:fb:d1:10:
49:e1:5b:c3:a0:c6:0b:ef:7e:d6:e8:b3:4a:9b:4a:75:2c:1a:
e8:00:52:ee
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUb80064kpj7g0eL8EOpKE3dsVdL0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNDExMTQyMTQxNThaFw0yNTExMTMyMTQ2NThaMDMxMTAvBgNV
BAMTKDJDNzkyODgyMzFGNTExMENFMUYxRTMxNDZCRTJBRjE1ODFENzg0MzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5QUYzgZ9H9ZVBNBGQIwLzZ9f/
8b2jHHSAbKuGs66mzCOK8eDbt0bpuPkIa+G2cDYuKLwaGX4b/SR8upNedohsO+qe
1OHAMlBCbRfz5xG25PQswMhd9bpcoAOweAzFn7LXSKcXIq5h4vYoDwh0yWaUdwDA
QlPY5sS34Y1WvmxZmqYEFXZCsDvip3lRydkyjQ9LO6aoBHG9rfkHcmSOeEXXCpI0
u1RzASIC2NLOzVh+jJpNyincPgrp2yrfxsfLM5I+PAOiv8Qr3YgPMihuTzeYRt0t
njlVHg/P00jQBniE6vehb2e3g3XYVTqiIMJn813l83NUmPqgGlg8F25zldPBAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQULHkogjH1EQzh8eMUa+KvFYHXhDIwHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzI2MTMwNjQzYTYyMzIzODM3
M2E2NTY1MzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNkM2UyMDMyMzAzODMzMzIzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoNsofuMA0GCSqGSIb3DQEBCwUAA4IBAQBIQuOvpb0tI4hmRqR/
O34/tDLsuitNN/iDbqoG/FPlbn0j+7RQeYtVoDuz+VhZbyCLDyo4oSgWAKY5SdQa
K6mMXcqJF1ajI8okVagv/zQzjnBQBiNjaMox/nH9Tj1CqFR3D4Vi7c9H0YJHj9F0
JfAnHUIYvnGxkWc9hRULRIPai+coVQMc8U16uB5z1vWHXHbrXF1DAqZvOCVC29Z+
9zZAQ0DCP5GQ1Aq5MLHfn230EIW8xZZBCpinO9uvmXgbSubWqOpIQJhd+4KwzE+D
Jks0c31yb6u8AoIlHU0272EfLBgl5Icbpkz70RBJ4VvDoMYL737W6LNKm0p1LBro
AFLu
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:15:05 2024 by rpki-client on console-fra.rpki-client.org