Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a666666663a3a2f34382d3438203d3e203633343733.roa
File: 326130313a3666303a666666663a3a2f34382d3438203d3e203633343733.roa (raw, json)
Hash identifier: YP7dzzRSZWAB1/ASqbAXi04RQKXIO+kAKc65sY149s0=
Subject key identifier: 38:F3:A2:5A:35:80:2E:3F:80:6D:FB:25:F4:4D:BE:8F:64:B8:98:06
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 30DB06719CEBF0316F864CEED8DAFC5D1713AC78
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a666666663a3a2f34382d3438203d3e203633343733.roa
Signing time: Mon 26 Feb 2024 08:52:59 +0000
ROA not before: Mon 26 Feb 2024 08:47:59 +0000
ROA not after: Mon 24 Feb 2025 08:52:59 +0000
asID: 63473
IP address blocks: 2a01:6f0:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:db:06:71:9c:eb:f0:31:6f:86:4c:ee:d8:da:fc:5d:17:13:ac:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:47:59 2024 GMT
Not After : Feb 24 08:52:59 2025 GMT
Subject: CN=38F3A25A35802E3F806DFB25F44DBE8F64B89806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:bd:b5:85:c3:d6:88:0a:ae:93:db:0d:f7:8f:
d0:14:75:62:b6:42:1d:44:c3:03:0d:20:b0:b3:d3:
30:08:7b:2d:7c:66:5f:4f:8c:6a:da:1b:91:f4:43:
99:f6:1e:36:e8:56:3e:44:23:f4:bc:6a:d4:4f:52:
1d:55:d9:c1:c4:e8:ee:c6:42:84:78:a4:78:71:85:
e2:1c:97:bb:be:4a:02:44:a4:b2:25:f4:f9:2b:b2:
cb:44:e0:ae:28:72:f9:ec:71:8f:fe:9c:4d:a0:8a:
16:d0:1d:35:20:fe:03:e3:bb:c3:ec:3a:1a:f7:20:
29:90:11:94:c7:29:84:60:7b:ef:bb:df:5f:39:00:
d6:95:f2:ed:eb:29:cf:98:3c:f1:b4:9f:d7:22:72:
21:51:46:90:85:c1:d1:39:a5:e8:89:5a:de:c7:e0:
a3:ff:04:0f:0d:a4:22:65:e0:6a:30:af:60:e7:95:
e9:36:c4:11:9e:e9:81:29:dc:d3:26:21:64:46:da:
5b:a4:07:31:dd:2e:43:c9:c8:58:b9:fd:fd:10:7e:
a5:fe:da:33:b6:8b:50:ad:9d:66:91:29:1b:04:81:
b8:ab:3e:a7:fb:98:bb:c5:fd:db:20:39:5b:00:66:
c3:c8:72:c0:9f:58:14:45:75:fd:18:08:31:bd:93:
f1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:F3:A2:5A:35:80:2E:3F:80:6D:FB:25:F4:4D:BE:8F:64:B8:98:06
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a666666663a3a2f34382d3438203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:6f0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
a0:0b:f7:27:3f:85:c3:1d:44:77:90:34:3f:38:cf:c8:67:d2:
4a:d4:97:98:9f:13:56:70:c2:6f:fb:20:0b:7c:a6:b9:06:75:
05:bd:35:11:dd:93:48:19:33:43:d4:45:b7:a5:c8:fe:7c:ad:
48:60:ba:c5:54:bb:97:e7:63:0e:5a:28:67:22:60:ee:70:dc:
10:d0:48:23:79:fa:8d:13:3d:90:bd:67:f4:c5:e7:aa:d0:ee:
52:f6:19:8a:cb:a7:e9:99:a8:40:19:ba:7a:2e:95:64:b9:d5:
4d:cd:42:f2:cb:cd:c1:f9:2b:34:a3:c8:92:b1:b4:87:c7:a2:
29:1c:dd:3a:01:e9:4e:10:84:ca:c1:e9:fa:5e:42:f1:0f:8e:
8f:57:2a:5e:0a:5a:3a:af:09:02:c3:13:01:79:74:99:61:3e:
ec:65:c5:af:7b:90:eb:8d:8a:16:65:71:00:c2:57:39:98:30:
f2:90:07:72:2e:b6:89:d8:cc:ce:84:ac:29:7f:1d:9f:dc:bb:
ec:15:1b:a8:b7:98:ac:c9:99:78:0c:2e:15:ee:70:6d:38:f8:
59:bb:a8:a3:ef:87:a4:cf:c1:f1:5b:1e:53:cd:51:27:b4:fc:
74:86:4b:e4:22:29:0b:c6:57:91:fa:31:ac:5b:d3:6b:60:b8:
4a:ca:a9:d5
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUMNsGcZzr8DFvhkzu2Nr8XRcTrHgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ3NTlaFw0yNTAyMjQwODUyNTlaMDMxMTAvBgNV
BAMTKDM4RjNBMjVBMzU4MDJFM0Y4MDZERkIyNUY0NERCRThGNjRCODk4MDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxvbWFw9aICq6T2w33j9AUdWK2
Qh1EwwMNILCz0zAIey18Zl9PjGraG5H0Q5n2HjboVj5EI/S8atRPUh1V2cHE6O7G
QoR4pHhxheIcl7u+SgJEpLIl9PkrsstE4K4ocvnscY/+nE2gihbQHTUg/gPju8Ps
Ohr3ICmQEZTHKYRge++73185ANaV8u3rKc+YPPG0n9ciciFRRpCFwdE5peiJWt7H
4KP/BA8NpCJl4Gowr2Dnlek2xBGe6YEp3NMmIWRG2lukBzHdLkPJyFi5/f0QfqX+
2jO2i1CtnWaRKRsEgbirPqf7mLvF/dsgOVsAZsPIcsCfWBRFdf0YCDG9k/FZAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUOPOiWjWALj+Abfsl9E2+j2S4mAYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzI2MTMwMzEzYTM2NjYzMDNh
NjY2NjY2NjYzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgEG8P//MA0GCSqGSIb3DQEBCwUAA4IBAQCgC/cnP4XDHUR3kDQ/OM/I
Z9JK1JeYnxNWcMJv+yALfKa5BnUFvTUR3ZNIGTND1EW3pcj+fK1IYLrFVLuX52MO
WihnImDucNwQ0EgjefqNEz2QvWf0xeeq0O5S9hmKy6fpmahAGbp6LpVkudVNzULy
y83B+Ss0o8iSsbSHx6IpHN06AelOEITKwen6XkLxD46PVypeClo6rwkCwxMBeXSZ
YT7sZcWve5DrjYoWZXEAwlc5mDDykAdyLraJ2MzOhKwpfx2f3LvsFRuot5isyZl4
DC4V7nBtOPhZu6ij74ekz8HxWx5TzVEntPx0hkvkIikLxleR+jGsW9NrYLhKyqnV
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org