Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ed998082-a17e-46c1-a5a8-7d197c958639/0/326131343a3763303a323830303a3a2f33382d3438203d3e20323032363835.roa
File: 326131343a3763303a323830303a3a2f33382d3438203d3e20323032363835.roa (raw, json)
Hash identifier: /ULaaEvJgUxC1ZGl6NiEj7k5OBnGgg9Pq0ffAwKtw3s=
Subject key identifier: 9A:3A:17:4C:E7:75:25:6C:A7:68:2D:CD:74:54:5A:8E:89:D2:56:B6
Certificate issuer: /CN=74442e33a8f61580b6b4dfc4828d95e07891f4bc
Certificate serial: 6250ADFA21414AFC9BCB0DED6F75A6B05F0DFF9F
Authority key identifier: 74:44:2E:33:A8:F6:15:80:B6:B4:DF:C4:82:8D:95:E0:78:91:F4:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dEQuM6j2FYC2tN_Ego2V4HiR9Lw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ed998082-a17e-46c1-a5a8-7d197c958639/0/326131343a3763303a323830303a3a2f33382d3438203d3e20323032363835.roa
Signing time: Fri 05 Apr 2024 13:54:03 +0000
ROA not before: Fri 05 Apr 2024 13:49:03 +0000
ROA not after: Fri 04 Apr 2025 13:54:03 +0000
asID: 202685
IP address blocks: 2a14:7c0:2800::/38 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ed998082-a17e-46c1-a5a8-7d197c958639/0/74442E33A8F61580B6B4DFC4828D95E07891F4BC.crl
rsync://rsync.paas.rpki.ripe.net/repository/ed998082-a17e-46c1-a5a8-7d197c958639/0/74442E33A8F61580B6B4DFC4828D95E07891F4BC.mft
rsync://rpki.ripe.net/repository/DEFAULT/dEQuM6j2FYC2tN_Ego2V4HiR9Lw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:50:ad:fa:21:41:4a:fc:9b:cb:0d:ed:6f:75:a6:b0:5f:0d:ff:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74442e33a8f61580b6b4dfc4828d95e07891f4bc
Validity
Not Before: Apr 5 13:49:03 2024 GMT
Not After : Apr 4 13:54:03 2025 GMT
Subject: CN=9A3A174CE775256CA7682DCD74545A8E89D256B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c9:8d:b0:dd:bb:39:36:5d:08:68:82:58:aa:
41:fa:db:bc:f9:84:4f:f8:ea:f7:57:17:62:9e:67:
4d:95:45:22:81:11:72:e9:a0:d3:82:9a:b5:6d:df:
1d:39:54:c2:95:85:4f:76:ca:cf:a4:5a:2e:4c:12:
97:2a:b5:7b:56:47:bc:dd:a2:c6:57:9a:a2:e3:ff:
0d:99:ec:20:71:07:d8:af:37:9f:b7:e3:4d:85:6c:
b9:be:1c:e3:73:ef:41:c6:29:fb:65:8c:8e:58:ca:
7a:96:3f:5b:a3:01:d5:66:8c:91:86:89:bc:15:33:
83:4a:aa:eb:31:1e:16:89:92:26:84:f4:0a:48:c0:
fd:4f:9e:60:e8:bd:15:ed:1f:2f:7f:2d:7b:c2:53:
b7:5c:ba:ae:f5:d1:6d:56:ba:13:40:f0:dd:f5:d7:
f0:f4:13:ac:fb:ee:0a:b0:dc:f2:31:ed:64:46:35:
fc:8e:1f:51:77:0f:5d:e2:19:fa:f0:b4:4b:c8:d0:
65:44:a7:dc:f6:5b:ae:2a:a3:2a:ff:bb:13:47:ba:
5d:ac:1a:3e:7e:04:36:ac:52:b7:b8:a8:9c:63:14:
c6:38:99:6e:f5:7d:43:cd:66:89:c1:20:08:5d:61:
56:db:c7:41:bb:af:cc:16:90:38:75:f8:9d:cd:da:
28:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:3A:17:4C:E7:75:25:6C:A7:68:2D:CD:74:54:5A:8E:89:D2:56:B6
X509v3 Authority Key Identifier:
keyid:74:44:2E:33:A8:F6:15:80:B6:B4:DF:C4:82:8D:95:E0:78:91:F4:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ed998082-a17e-46c1-a5a8-7d197c958639/0/74442E33A8F61580B6B4DFC4828D95E07891F4BC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dEQuM6j2FYC2tN_Ego2V4HiR9Lw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ed998082-a17e-46c1-a5a8-7d197c958639/0/326131343a3763303a323830303a3a2f33382d3438203d3e20323032363835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7c0:2800::/38
Signature Algorithm: sha256WithRSAEncryption
2b:65:32:1d:1f:97:9f:32:9b:93:9b:55:6d:bc:1f:18:47:7d:
73:e1:12:33:76:e5:4d:bf:78:f5:83:76:f5:81:15:b2:ed:8d:
25:e5:65:29:51:3a:b8:0b:20:9e:31:e6:0f:bf:b6:15:6c:74:
1a:6d:71:7e:da:87:9a:56:b5:a9:07:6a:c6:20:db:e7:7a:08:
a1:3f:23:67:6a:f4:8c:66:1d:4a:f2:ee:8a:13:d6:af:06:ef:
fe:12:7e:d8:54:da:91:28:46:3e:5b:88:0d:0d:a9:8e:d9:56:
9e:50:e7:df:f7:b5:8a:fb:0b:84:6f:37:ea:d9:f2:6a:f1:92:
8c:77:67:d1:ac:35:42:dc:63:e7:29:61:9a:5a:5b:98:16:10:
fe:86:f3:3f:16:27:25:2f:94:3a:f8:be:5a:8d:e8:1c:cb:36:
ba:36:49:fe:60:96:1a:2c:44:85:73:91:d6:e1:b4:06:2b:f9:
d4:0b:a4:5c:c0:aa:9a:f1:22:b3:6a:0d:f8:43:a7:ec:76:89:
9b:40:66:3a:53:76:4c:22:4d:b3:36:31:68:df:72:36:eb:84:
80:a0:ae:6d:de:35:a0:24:43:ae:8c:3d:97:f1:11:0b:ec:7f:
8b:ad:17:a3:df:dd:83:8a:26:ff:47:9b:35:26:98:c3:6d:a2:
62:26:ef:73
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUYlCt+iFBSvybyw3tb3WmsF8N/58wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzQ0NDJlMzNhOGY2MTU4MGI2YjRkZmM0ODI4ZDk1ZTA3
ODkxZjRiYzAeFw0yNDA0MDUxMzQ5MDNaFw0yNTA0MDQxMzU0MDNaMDMxMTAvBgNV
BAMTKDlBM0ExNzRDRTc3NTI1NkNBNzY4MkRDRDc0NTQ1QThFODlEMjU2QjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAyY2w3bs5Nl0IaIJYqkH627z5
hE/46vdXF2KeZ02VRSKBEXLpoNOCmrVt3x05VMKVhU92ys+kWi5MEpcqtXtWR7zd
osZXmqLj/w2Z7CBxB9ivN5+3402FbLm+HONz70HGKftljI5YynqWP1ujAdVmjJGG
ibwVM4NKqusxHhaJkiaE9ApIwP1PnmDovRXtHy9/LXvCU7dcuq710W1WuhNA8N31
1/D0E6z77gqw3PIx7WRGNfyOH1F3D13iGfrwtEvI0GVEp9z2W64qoyr/uxNHul2s
Gj5+BDasUre4qJxjFMY4mW71fUPNZonBIAhdYVbbx0G7r8wWkDh1+J3N2ih5AgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUmjoXTOd1JWynaC3NdFRajonSVrYwHwYDVR0j
BBgwFoAUdEQuM6j2FYC2tN/Ego2V4HiR9LwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWQ5OTgwODItYTE3ZS00NmMxLWE1YTgtN2QxOTdjOTU4
NjM5LzAvNzQ0NDJFMzNBOEY2MTU4MEI2QjRERkM0ODI4RDk1RTA3ODkxRjRCQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RFUXVNNmoyRllDMnROX0VnbzJWNEhp
UjlMdy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWQ5OTgwODIt
YTE3ZS00NmMxLWE1YTgtN2QxOTdjOTU4NjM5LzAvMzI2MTMxMzQzYTM3NjMzMDNh
MzIzODMwMzAzYTNhMmYzMzM4MmQzNDM4MjAzZDNlMjAzMjMwMzIzNjM4MzUucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgIqFAfAKDANBgkqhkiG9w0BAQsFAAOCAQEAK2UyHR+XnzKbk5tVbbwf
GEd9c+ESM3blTb949YN29YEVsu2NJeVlKVE6uAsgnjHmD7+2FWx0Gm1xftqHmla1
qQdqxiDb53oIoT8jZ2r0jGYdSvLuihPWrwbv/hJ+2FTakShGPluIDQ2pjtlWnlDn
3/e1ivsLhG836tnyavGSjHdn0aw1Qtxj5ylhmlpbmBYQ/obzPxYnJS+UOvi+Wo3o
HMs2ujZJ/mCWGixEhXOR1uG0Biv51AukXMCqmvEis2oN+EOn7HaJm0BmOlN2TCJN
szYxaN9yNuuEgKCubd41oCRDrow9l/ERC+x/i60Xo9/dg4om/0ebNSaYw22iYibv
cw==
-----END CERTIFICATE-----
Generated at Fri May 17 19:11:47 2024 by rpki-client on console-ams.rpki-client.org