Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/326130343a626463373a3130303a3a2f34382d3438203d3e203633343733.roa
File: 326130343a626463373a3130303a3a2f34382d3438203d3e203633343733.roa (raw, json)
Hash identifier: d3+LYRep3q9t8XZiTgUoiGu67YUtxfriC04SiaN6Q2M=
Subject key identifier: 54:FE:86:38:76:59:60:9C:40:48:63:71:13:04:CB:0E:2A:25:94:8A
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 267FC1F85257B1AF479F41C8517A6E8161CAF83A
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/326130343a626463373a3130303a3a2f34382d3438203d3e203633343733.roa
Signing time: Mon 11 Nov 2024 08:05:33 +0000
ROA not before: Mon 11 Nov 2024 08:00:33 +0000
ROA not after: Mon 10 Nov 2025 08:05:33 +0000
asID: 63473
IP address blocks: 2a04:bdc7:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:7f:c1:f8:52:57:b1:af:47:9f:41:c8:51:7a:6e:81:61:ca:f8:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Nov 11 08:00:33 2024 GMT
Not After : Nov 10 08:05:33 2025 GMT
Subject: CN=54FE86387659609C404863711304CB0E2A25948A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:2d:21:ab:e4:09:63:fa:b7:2f:f1:33:fe:fc:
f9:ee:6b:1d:de:33:b8:e6:9a:c7:19:84:91:8b:8e:
6d:13:ce:18:9b:37:c3:52:0e:6f:60:96:c7:55:5b:
9d:2f:eb:9d:e0:8f:86:68:12:78:50:bb:32:92:c3:
64:3a:ad:a2:42:33:04:fa:da:b3:e1:cb:36:18:4e:
1d:6f:1c:24:79:fc:e4:5b:69:68:ed:1c:dd:7f:e2:
d5:f0:22:f2:81:0b:1b:c2:6e:d1:16:0c:64:28:5b:
fd:5d:f6:ae:7f:7d:c1:5c:ad:46:4f:85:ab:57:36:
52:37:5c:18:80:dd:49:68:9d:11:0d:db:c0:c7:ad:
a3:fa:ce:c5:fa:0b:6b:6a:92:53:31:8a:0f:a3:8d:
61:c9:cc:6c:9d:92:b2:4c:ec:28:5e:75:a4:0c:9d:
50:bc:d0:95:61:56:f9:20:c0:e6:d8:7b:e3:44:53:
cf:0a:df:69:a2:2e:95:2f:53:37:13:07:e7:84:1f:
3a:5d:dc:6c:69:fa:bd:c3:c8:6e:a8:81:e6:b0:3c:
0a:dc:28:5d:71:c1:f0:c0:b4:27:d0:3d:12:82:ef:
08:0d:8f:85:6c:08:94:4a:78:ac:64:c7:83:5e:b2:
11:3e:c7:58:09:32:63:e9:82:6f:9f:17:f3:b6:00:
43:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:FE:86:38:76:59:60:9C:40:48:63:71:13:04:CB:0E:2A:25:94:8A
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/326130343a626463373a3130303a3a2f34382d3438203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:bdc7:100::/48
Signature Algorithm: sha256WithRSAEncryption
93:68:e7:97:42:61:dd:38:3d:fd:e8:12:8d:8a:ba:59:89:e2:
10:2f:d5:55:8d:3d:c5:88:8c:fa:bb:72:53:b4:50:8b:33:0d:
e7:34:6e:c3:d0:45:fd:78:52:64:f0:5f:78:e8:29:c7:04:05:
20:1d:28:a6:2e:0a:79:66:7c:bd:45:6c:ed:61:b6:58:3c:25:
19:4d:39:29:14:73:2d:4b:fe:31:c4:91:d9:00:47:47:00:44:
db:c0:21:2c:4d:47:dc:6e:07:23:3b:bf:3a:d0:34:9a:de:7c:
10:80:3a:88:9d:6d:d1:81:95:89:df:57:24:9f:62:a3:04:e8:
74:53:a3:35:ed:b9:d1:64:1a:63:63:6e:e1:6f:e2:88:63:6a:
e1:18:da:82:29:57:c4:b5:68:62:ee:a9:02:79:48:5e:b4:a5:
90:80:01:f7:4d:20:9f:58:24:f3:49:60:2f:f0:2f:38:14:2c:
7e:f2:27:08:43:d4:55:5a:64:0d:6d:c7:94:de:58:69:2e:26:
4a:bc:52:02:ac:fd:8b:33:31:fb:ec:05:46:0b:77:bf:e2:b0:
4e:9b:c9:1c:06:2e:54:f5:22:04:a2:96:4e:1c:50:53:52:29:
ee:38:61:66:b7:ac:08:51:3e:17:2e:e5:0e:91:23:22:5a:7a:
0a:9b:d8:06
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUJn/B+FJXsa9Hn0HIUXpugWHK+DowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDExMTEwODAwMzNaFw0yNTExMTAwODA1MzNaMDMxMTAvBgNV
BAMTKDU0RkU4NjM4NzY1OTYwOUM0MDQ4NjM3MTEzMDRDQjBFMkEyNTk0OEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaLSGr5Alj+rcv8TP+/Pnuax3e
M7jmmscZhJGLjm0TzhibN8NSDm9glsdVW50v653gj4ZoEnhQuzKSw2Q6raJCMwT6
2rPhyzYYTh1vHCR5/ORbaWjtHN1/4tXwIvKBCxvCbtEWDGQoW/1d9q5/fcFcrUZP
hatXNlI3XBiA3UlonREN28DHraP6zsX6C2tqklMxig+jjWHJzGydkrJM7ChedaQM
nVC80JVhVvkgwObYe+NEU88K32miLpUvUzcTB+eEHzpd3Gxp+r3DyG6ogeawPArc
KF1xwfDAtCfQPRKC7wgNj4VsCJRKeKxkx4NeshE+x1gJMmPpgm+fF/O2AEM5AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUVP6GOHZZYJxASGNxEwTLDiollIowHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzI2MTMwMzQzYTYyNjQ2MzM3
M2EzMTMwMzAzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgS9xwEAMA0GCSqGSIb3DQEBCwUAA4IBAQCTaOeXQmHdOD396BKNirpZ
ieIQL9VVjT3FiIz6u3JTtFCLMw3nNG7D0EX9eFJk8F946CnHBAUgHSimLgp5Zny9
RWztYbZYPCUZTTkpFHMtS/4xxJHZAEdHAETbwCEsTUfcbgcjO7860DSa3nwQgDqI
nW3RgZWJ31ckn2KjBOh0U6M17bnRZBpjY27hb+KIY2rhGNqCKVfEtWhi7qkCeUhe
tKWQgAH3TSCfWCTzSWAv8C84FCx+8icIQ9RVWmQNbceU3lhpLiZKvFICrP2LMzH7
7AVGC3e/4rBOm8kcBi5U9SIEopZOHFBTUinuOGFmt6wIUT4XLuUOkSMiWnoKm9gG
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:05 2024 by rpki-client on console-fra.rpki-client.org