Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a666530303a3a2f34302d3438203d3e203432333636.roa
File: 326130313a3666303a666530303a3a2f34302d3438203d3e203432333636.roa (raw, json)
Hash identifier: 4694E9ApMVGgCzjQkUutrum4DO9aPdzKvSGGPJEaN+o=
Subject key identifier: 22:BB:8A:49:BB:EF:D5:3F:A6:88:25:26:9B:67:2C:84:CC:EE:D4:65
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 782D17F8F69C4AD7E1D5FB88BEAB6D1EA9E21C41
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a666530303a3a2f34302d3438203d3e203432333636.roa
Signing time: Fri 13 Sep 2024 15:42:50 +0000
ROA not before: Fri 13 Sep 2024 15:37:50 +0000
ROA not after: Fri 12 Sep 2025 15:42:50 +0000
asID: 42366
IP address blocks: 2a01:6f0:fe00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:2d:17:f8:f6:9c:4a:d7:e1:d5:fb:88:be:ab:6d:1e:a9:e2:1c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 13 15:37:50 2024 GMT
Not After : Sep 12 15:42:50 2025 GMT
Subject: CN=22BB8A49BBEFD53FA68825269B672C84CCEED465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:95:53:fd:de:42:26:bd:28:6f:5a:cc:d8:47:
9e:54:a3:94:2b:ad:38:40:ef:35:c5:91:a4:ca:8e:
b6:92:d1:64:d9:ef:15:18:68:61:39:98:50:fe:22:
0b:0d:3b:2b:8f:27:ba:fe:2e:54:66:7d:85:c9:fe:
3c:2f:d1:98:54:12:a8:fb:88:31:b4:4b:50:56:4f:
fd:d0:bc:ba:7d:09:f1:00:af:df:8d:dc:56:bf:34:
5c:74:95:86:c6:b0:88:e6:88:ca:34:5a:76:98:fd:
d6:9c:3b:9f:71:0e:4f:b2:1d:2d:82:23:28:81:a9:
ea:27:66:2f:26:f3:34:3b:f6:53:26:b8:7c:f3:f6:
15:4c:90:c4:b9:db:78:e0:c0:ec:6a:63:be:e4:1d:
e7:11:6d:96:c6:29:10:f9:8e:3d:23:01:66:79:eb:
fa:63:24:03:bb:40:32:9f:df:39:6b:91:13:90:7b:
30:14:4d:c0:6c:b9:27:ca:58:f4:bc:f1:71:cc:46:
64:47:a9:8d:33:2b:d9:2e:2b:11:37:bb:3d:33:ac:
8f:6e:e8:28:9e:13:0a:f0:01:1d:9a:bc:06:f3:97:
d7:79:25:9e:03:98:0a:7f:1f:20:ea:42:c8:95:49:
32:8f:6c:80:49:94:0b:89:37:e5:ae:9f:e9:c6:85:
84:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:BB:8A:49:BB:EF:D5:3F:A6:88:25:26:9B:67:2C:84:CC:EE:D4:65
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a666530303a3a2f34302d3438203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:6f0:fe00::/40
Signature Algorithm: sha256WithRSAEncryption
88:dd:02:04:11:d3:88:43:5b:87:57:2d:fd:96:3b:93:aa:8a:
a1:e6:94:e5:bb:55:e3:29:de:a8:b8:d7:74:a7:d1:2e:e1:7e:
f8:21:a7:4f:4f:5e:15:0e:48:15:02:30:25:19:ca:13:54:13:
0f:19:81:ed:65:29:c3:67:a6:ce:fd:1e:2c:93:74:1a:77:48:
2b:6b:f3:12:a0:a9:f0:78:83:95:b2:57:22:78:eb:20:76:b2:
8b:12:cf:d8:f7:98:9a:0a:f0:7b:5e:6c:3e:ac:da:e7:26:23:
e1:b8:09:61:04:07:c3:cf:ae:db:b5:63:c6:e3:98:f6:88:f5:
76:39:99:fc:22:38:7d:cd:b4:53:1f:c4:c5:c2:76:61:0e:21:
15:2b:cb:76:dc:44:64:c3:d4:fb:e6:a2:1b:42:fb:0d:7b:4a:
82:51:d1:74:63:67:f8:ae:7e:0d:14:51:21:63:c9:ac:06:8f:
b8:b4:c9:69:fb:51:fa:0b:44:6a:af:cc:33:43:e0:1d:c1:7e:
b9:0c:80:4f:85:1c:9d:67:48:6c:80:45:ee:b2:28:c7:b3:84:
3c:48:da:07:36:06:cf:cc:5d:86:d8:0b:2f:1e:93:a1:4a:3e:
18:32:74:41:fa:cc:e4:be:6d:0e:eb:57:4b:f7:d9:e9:52:e5:
e4:c1:60:e1
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIUeC0X+PacStfh1fuIvqttHqniHEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MTMxNTM3NTBaFw0yNTA5MTIxNTQyNTBaMDMxMTAvBgNV
BAMTKDIyQkI4QTQ5QkJFRkQ1M0ZBNjg4MjUyNjlCNjcyQzg0Q0NFRUQ0NjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQColVP93kImvShvWszYR55Uo5Qr
rThA7zXFkaTKjraS0WTZ7xUYaGE5mFD+IgsNOyuPJ7r+LlRmfYXJ/jwv0ZhUEqj7
iDG0S1BWT/3QvLp9CfEAr9+N3Fa/NFx0lYbGsIjmiMo0WnaY/dacO59xDk+yHS2C
IyiBqeonZi8m8zQ79lMmuHzz9hVMkMS523jgwOxqY77kHecRbZbGKRD5jj0jAWZ5
6/pjJAO7QDKf3zlrkROQezAUTcBsuSfKWPS88XHMRmRHqY0zK9kuKxE3uz0zrI9u
6CieEwrwAR2avAbzl9d5JZ4DmAp/HyDqQsiVSTKPbIBJlAuJN+Wun+nGhYQTAgMB
AAGjggJFMIICQTAdBgNVHQ4EFgQUIruKSbvv1T+miCUmm2cshMzu1GUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzI2MTMwMzEzYTM2NjYzMDNh
NjY2NTMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIA
AjAIAwYAKgEG8P4wDQYJKoZIhvcNAQELBQADggEBAIjdAgQR04hDW4dXLf2WO5Oq
iqHmlOW7VeMp3qi413Sn0S7hfvghp09PXhUOSBUCMCUZyhNUEw8Zge1lKcNnps79
HiyTdBp3SCtr8xKgqfB4g5WyVyJ46yB2sosSz9j3mJoK8HtebD6s2ucmI+G4CWEE
B8PPrtu1Y8bjmPaI9XY5mfwiOH3NtFMfxMXCdmEOIRUry3bcRGTD1PvmohtC+w17
SoJR0XRjZ/iufg0UUSFjyawGj7i0yWn7UfoLRGqvzDND4B3BfrkMgE+FHJ1nSGyA
Re6yKMezhDxI2gc2Bs/MXYbYCy8ek6FKPhgydEH6zOS+bQ7rV0v32elS5eTBYOE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:04 2024 by rpki-client on console-fra.rpki-client.org