Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a3130303a3a2f34302d3438203d3e203432333636.roa
File: 326130313a3666303a3130303a3a2f34302d3438203d3e203432333636.roa (raw, json)
Hash identifier: hvch7YkT+S5zQ2efvYeI3aVdvOodXoJjddDEr+4HUwY=
Subject key identifier: 60:EF:0F:8C:7E:69:B3:13:DA:AB:AC:39:C1:1C:89:01:83:7B:76:0F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1407ECF453EFD72876DA1A220F5CEDA85B877A14
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a3130303a3a2f34302d3438203d3e203432333636.roa
Signing time: Mon 26 Feb 2024 08:53:22 +0000
ROA not before: Mon 26 Feb 2024 08:48:22 +0000
ROA not after: Mon 24 Feb 2025 08:53:22 +0000
asID: 42366
IP address blocks: 2a01:6f0:100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:07:ec:f4:53:ef:d7:28:76:da:1a:22:0f:5c:ed:a8:5b:87:7a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:22 2024 GMT
Not After : Feb 24 08:53:22 2025 GMT
Subject: CN=60EF0F8C7E69B313DAABAC39C11C8901837B760F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2d:20:8d:3e:ce:78:4e:28:55:88:8a:d4:f4:
81:8b:bf:8a:fe:ae:4d:77:69:3b:12:2d:c8:d0:47:
8e:51:2a:86:9e:f5:8b:c1:4a:4e:7b:15:a9:51:ff:
f3:aa:19:ef:17:25:40:da:9c:02:d9:dd:11:ab:73:
60:12:55:18:28:5c:50:5d:bf:b0:c1:ae:1a:65:c7:
23:00:8f:a5:88:25:a9:b0:eb:a5:47:5e:17:bc:db:
ea:66:a2:bb:84:0b:92:4d:22:68:eb:6d:b6:4c:dc:
d5:47:9f:8e:33:8a:39:57:de:59:c6:31:bb:64:16:
7b:89:8f:1c:31:ac:e0:fd:a5:70:6c:c4:6a:f5:ce:
b0:63:4e:8f:01:2b:cf:d1:17:29:d9:bb:3d:0a:53:
de:21:b6:f4:dc:b6:71:0c:21:fb:ff:de:90:6e:92:
db:c6:c3:a7:14:53:da:2b:4a:f0:59:80:42:b2:81:
c4:c5:03:e2:27:95:cc:49:2f:a4:3d:ba:70:f8:4e:
d7:08:91:87:41:d5:de:d0:b0:2f:ab:7e:99:70:d2:
d9:b6:94:b1:ee:ed:15:24:b7:9f:b4:69:0a:96:9d:
b0:21:02:45:8b:ca:df:5c:2d:08:11:f4:db:cb:d4:
5d:97:c1:82:c6:08:b4:5a:6a:75:30:b7:da:e7:d5:
ef:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:EF:0F:8C:7E:69:B3:13:DA:AB:AC:39:C1:1C:89:01:83:7B:76:0F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a3130303a3a2f34302d3438203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:6f0:100::/40
Signature Algorithm: sha256WithRSAEncryption
6f:78:06:ab:cb:6c:bc:1d:74:4a:a3:22:13:f7:19:42:bf:17:
19:b7:3e:24:ba:43:fd:e3:4f:9a:6a:0b:fa:d5:ba:8a:e0:d0:
cb:65:b6:10:6e:b2:59:b3:df:78:ad:a3:ac:d1:cb:ca:65:2a:
7d:21:37:ea:4e:d6:c2:1c:f4:14:27:e3:22:68:ed:1a:8f:d3:
83:eb:17:12:69:0e:5b:df:e4:2b:aa:c3:4c:f8:1b:95:77:99:
3b:a1:3b:2f:29:0f:96:64:8e:d5:9b:65:fc:69:13:cc:b3:28:
e7:47:be:13:f9:15:7f:39:93:03:0a:73:65:5b:58:a7:b8:34:
d2:13:8a:cf:f6:ca:0e:0c:e1:53:81:3c:95:3c:57:60:db:4c:
40:7e:63:2a:05:9d:45:4d:c8:27:57:83:6e:7d:fc:7b:87:f1:
f1:2e:54:e1:ef:0f:b5:64:76:32:8c:08:63:d1:d8:87:58:cb:
47:84:03:df:54:52:af:f5:67:5c:5a:00:54:22:1e:d5:17:4f:
e5:6a:37:3e:57:a0:c6:bf:7f:38:98:7d:16:79:a8:7d:60:35:
2f:b6:e2:f6:f0:26:32:67:8f:87:35:2d:4e:44:6f:93:b6:94:
56:cc:96:3f:ae:f7:7b:8d:42:9b:22:87:f3:cd:f1:e8:36:79:
8b:18:98:c4
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIUFAfs9FPv1yh22hoiD1ztqFuHehQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjJaFw0yNTAyMjQwODUzMjJaMDMxMTAvBgNV
BAMTKDYwRUYwRjhDN0U2OUIzMTNEQUFCQUMzOUMxMUM4OTAxODM3Qjc2MEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDELSCNPs54TihViIrU9IGLv4r+
rk13aTsSLcjQR45RKoae9YvBSk57FalR//OqGe8XJUDanALZ3RGrc2ASVRgoXFBd
v7DBrhplxyMAj6WIJamw66VHXhe82+pmoruEC5JNImjrbbZM3NVHn44zijlX3lnG
MbtkFnuJjxwxrOD9pXBsxGr1zrBjTo8BK8/RFynZuz0KU94htvTctnEMIfv/3pBu
ktvGw6cUU9orSvBZgEKygcTFA+InlcxJL6Q9unD4TtcIkYdB1d7QsC+rfplw0tm2
lLHu7RUkt5+0aQqWnbAhAkWLyt9cLQgR9NvL1F2XwYLGCLRaanUwt9rn1e9NAgMB
AAGjggJDMIICPzAdBgNVHQ4EFgQUYO8PjH5psxPaq6w5wRyJAYN7dg8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzI2MTMwMzEzYTM2NjYzMDNh
MzEzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzQzMjMzMzYzNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIw
CAMGACoBBvABMA0GCSqGSIb3DQEBCwUAA4IBAQBveAary2y8HXRKoyIT9xlCvxcZ
tz4kukP940+aagv61bqK4NDLZbYQbrJZs994raOs0cvKZSp9ITfqTtbCHPQUJ+Mi
aO0aj9OD6xcSaQ5b3+QrqsNM+BuVd5k7oTsvKQ+WZI7Vm2X8aRPMsyjnR74T+RV/
OZMDCnNlW1inuDTSE4rP9soODOFTgTyVPFdg20xAfmMqBZ1FTcgnV4Nuffx7h/Hx
LlTh7w+1ZHYyjAhj0diHWMtHhAPfVFKv9WdcWgBUIh7VF0/lajc+V6DGv384mH0W
eah9YDUvtuL28CYyZ4+HNS1ORG+TtpRWzJY/rvd7jUKbIofzzfHoNnmLGJjE
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:50 2024 by rpki-client on console-ams.rpki-client.org