Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/0/323030313a3637633a3638383a3a2f34382d3438203d3e20323135393536.roa
File: 323030313a3637633a3638383a3a2f34382d3438203d3e20323135393536.roa (raw, json)
Hash identifier: LCPvAW7znySUZXFz7XFpzgRN+6mbY+WRXUnz/hkIdT0=
Subject key identifier: A7:C5:D3:F8:26:BF:74:71:04:19:6C:5D:4E:7E:17:F2:B0:8E:4B:C2
Certificate issuer: /CN=b3b9360c0dda3d688f4dbe53e2b6d3cef47fe825
Certificate serial: 4B28F30B31F6BF0DABE93D3EE37C28E8DF005C81
Authority key identifier: B3:B9:36:0C:0D:DA:3D:68:8F:4D:BE:53:E2:B6:D3:CE:F4:7F:E8:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s7k2DA3aPWiPTb5T4rbTzvR_6CU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/0/323030313a3637633a3638383a3a2f34382d3438203d3e20323135393536.roa
Signing time: Sun 25 Aug 2024 14:43:34 +0000
ROA not before: Sun 25 Aug 2024 14:38:34 +0000
ROA not after: Sun 24 Aug 2025 14:43:34 +0000
asID: 215956
IP address blocks: 2001:67c:688::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/0/B3B9360C0DDA3D688F4DBE53E2B6D3CEF47FE825.crl
rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/0/B3B9360C0DDA3D688F4DBE53E2B6D3CEF47FE825.mft
rsync://rpki.ripe.net/repository/DEFAULT/s7k2DA3aPWiPTb5T4rbTzvR_6CU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 13:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:28:f3:0b:31:f6:bf:0d:ab:e9:3d:3e:e3:7c:28:e8:df:00:5c:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3b9360c0dda3d688f4dbe53e2b6d3cef47fe825
Validity
Not Before: Aug 25 14:38:34 2024 GMT
Not After : Aug 24 14:43:34 2025 GMT
Subject: CN=A7C5D3F826BF747104196C5D4E7E17F2B08E4BC2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:77:44:0d:61:14:0c:2e:21:41:51:61:94:e4:
1e:a1:4f:45:91:24:8b:00:72:24:fd:c1:ab:f9:84:
98:3a:d3:fe:42:eb:2a:28:cc:cd:66:23:88:97:27:
8b:aa:61:f4:d9:ef:66:d9:1d:7a:f8:68:41:f5:38:
43:89:6d:71:5b:4e:32:76:4d:93:f5:9a:6a:d6:80:
a0:52:88:d8:e7:00:57:e2:65:90:8f:6e:33:5d:76:
6d:87:d2:64:73:c7:d2:18:c6:42:07:bc:a9:9b:b0:
7d:24:89:d9:9e:31:44:8e:11:fc:b3:18:74:fb:1a:
2e:f9:84:ec:25:b6:5e:a8:f4:5d:23:22:15:65:73:
f1:fa:2d:ff:b8:6d:43:9d:01:f4:ed:ab:05:9f:9c:
a0:4b:74:a5:6a:d2:de:28:0a:eb:1d:0e:07:82:e0:
16:f9:73:3b:81:a0:3b:a6:f8:20:8f:cb:3d:c2:d1:
15:7e:de:78:50:a3:4d:44:52:77:0c:1f:02:aa:29:
e4:ed:b4:9e:71:da:05:4f:a5:3e:92:31:79:1d:1c:
19:07:35:1e:c1:b6:dd:b8:2b:6b:8d:1c:34:88:3d:
2e:09:80:7e:1e:dd:26:b3:e3:97:7c:15:73:85:c3:
c3:9e:6f:aa:e3:12:20:ca:0e:b8:be:b6:36:bc:24:
e1:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:C5:D3:F8:26:BF:74:71:04:19:6C:5D:4E:7E:17:F2:B0:8E:4B:C2
X509v3 Authority Key Identifier:
keyid:B3:B9:36:0C:0D:DA:3D:68:8F:4D:BE:53:E2:B6:D3:CE:F4:7F:E8:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/0/B3B9360C0DDA3D688F4DBE53E2B6D3CEF47FE825.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s7k2DA3aPWiPTb5T4rbTzvR_6CU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/0/323030313a3637633a3638383a3a2f34382d3438203d3e20323135393536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:688::/48
Signature Algorithm: sha256WithRSAEncryption
8e:64:c3:a1:27:32:fb:f1:1a:df:10:55:74:ae:1e:18:d9:98:
0d:06:16:71:03:8e:cf:11:de:59:8a:1f:f8:d7:3d:c2:4c:5f:
25:99:63:e7:df:bf:34:e9:7c:f8:76:c2:7f:6c:18:aa:e5:ce:
3f:9c:47:46:8a:76:6e:c8:21:84:67:ad:05:91:62:ec:61:89:
f0:50:1d:be:f0:d1:06:3c:64:23:f6:0e:00:0c:b8:fb:2e:10:
b8:07:f5:8c:eb:3e:b8:63:76:83:69:c7:5a:76:42:ef:cc:78:
d6:6d:c2:2d:1d:08:d2:b8:29:27:f7:18:15:38:68:9d:b2:75:
d9:61:55:73:85:43:66:c5:0c:af:92:55:78:cc:0c:4a:70:e4:
10:13:63:20:00:76:f3:42:94:66:76:5c:c7:7a:9b:ec:82:a8:
cf:24:16:d9:f5:05:25:88:bd:93:6d:58:71:2f:6d:ac:b4:4d:
04:79:fa:a7:a3:dc:98:ce:cc:0d:7e:6b:e1:c5:5b:5b:69:0c:
9e:04:e1:1e:d7:39:56:9d:79:f3:68:e9:29:50:15:5c:61:c9:
3e:fe:94:e5:43:52:37:3c:d5:00:5f:97:35:0d:c5:f1:60:13:
12:79:93:c4:62:ad:69:aa:a6:61:4c:62:74:bf:90:81:c8:f4:
f3:e2:3c:1d
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUSyjzCzH2vw2r6T0+43wo6N8AXIEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjNiOTM2MGMwZGRhM2Q2ODhmNGRiZTUzZTJiNmQzY2Vm
NDdmZTgyNTAeFw0yNDA4MjUxNDM4MzRaFw0yNTA4MjQxNDQzMzRaMDMxMTAvBgNV
BAMTKEE3QzVEM0Y4MjZCRjc0NzEwNDE5NkM1RDRFN0UxN0YyQjA4RTRCQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6d0QNYRQMLiFBUWGU5B6hT0WR
JIsAciT9wav5hJg60/5C6yoozM1mI4iXJ4uqYfTZ72bZHXr4aEH1OEOJbXFbTjJ2
TZP1mmrWgKBSiNjnAFfiZZCPbjNddm2H0mRzx9IYxkIHvKmbsH0kidmeMUSOEfyz
GHT7Gi75hOwltl6o9F0jIhVlc/H6Lf+4bUOdAfTtqwWfnKBLdKVq0t4oCusdDgeC
4Bb5czuBoDum+CCPyz3C0RV+3nhQo01EUncMHwKqKeTttJ5x2gVPpT6SMXkdHBkH
NR7Btt24K2uNHDSIPS4JgH4e3Saz45d8FXOFw8Oeb6rjEiDKDri+tja8JOG3AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUp8XT+Ca/dHEEGWxdTn4X8rCOS8IwHwYDVR0j
BBgwFoAUs7k2DA3aPWiPTb5T4rbTzvR/6CUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWJmMDRjN2MtZjgyZC00NzFkLTg1YWQtOThjNjVkZTFj
OTEyLzAvQjNCOTM2MEMwRERBM0Q2ODhGNERCRTUzRTJCNkQzQ0VGNDdGRTgyNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3M3azJEQTNhUFdpUFRiNVQ0cmJUenZS
XzZDVS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWJmMDRjN2Mt
ZjgyZC00NzFkLTg1YWQtOThjNjVkZTFjOTEyLzAvMzIzMDMwMzEzYTM2Mzc2MzNh
MzYzODM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM1MzkzNTM2LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEGfAaIMA0GCSqGSIb3DQEBCwUAA4IBAQCOZMOhJzL78RrfEFV0rh4Y
2ZgNBhZxA47PEd5Zih/41z3CTF8lmWPn37806Xz4dsJ/bBiq5c4/nEdGinZuyCGE
Z60FkWLsYYnwUB2+8NEGPGQj9g4ADLj7LhC4B/WM6z64Y3aDacdadkLvzHjWbcIt
HQjSuCkn9xgVOGidsnXZYVVzhUNmxQyvklV4zAxKcOQQE2MgAHbzQpRmdlzHepvs
gqjPJBbZ9QUliL2TbVhxL22stE0Eefqno9yYzswNfmvhxVtbaQyeBOEe1zlWnXnz
aOkpUBVcYck+/pTlQ1I3PNUAX5c1DcXxYBMSeZPEYq1pqqZhTGJ0v5CByPTz4jwd
-----END CERTIFICATE-----
Generated at Wed Sep 18 20:49:34 2024 by rpki-client on console-fra.rpki-client.org