Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/326130323a323633303a3a2f32392d3239203d3e203135343139.roa
File: 326130323a323633303a3a2f32392d3239203d3e203135343139.roa (raw, json)
Hash identifier: EdAeJzi7hzQ8grgTwwOtF0eu8ICWnleD0jVmMmEBH0Y=
Subject key identifier: 19:E3:04:06:25:5D:F9:BB:83:8F:8F:1A:36:60:3C:3D:F2:7B:E1:AD
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 278E5F87E2767387AA2A454BD1F2442362E8AACA
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/326130323a323633303a3a2f32392d3239203d3e203135343139.roa
Signing time: Fri 07 Jul 2023 08:08:17 +0000
ROA not before: Fri 07 Jul 2023 08:03:17 +0000
ROA not after: Fri 05 Jul 2024 08:08:17 +0000
asID: 15419
IP address blocks: 2a02:2630::/29 maxlen: 29
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:8e:5f:87:e2:76:73:87:aa:2a:45:4b:d1:f2:44:23:62:e8:aa:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:17 2023 GMT
Not After : Jul 5 08:08:17 2024 GMT
Subject: CN=19E30406255DF9BB838F8F1A36603C3DF27BE1AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:23:d3:b5:d5:89:66:cf:cc:ff:32:0e:19:02:
b1:33:de:bb:cc:b4:59:bf:e8:f0:d7:89:18:30:99:
92:65:ae:75:3e:b9:ea:ac:19:04:d4:a3:c8:27:6f:
b8:ec:20:36:b6:10:b6:55:3d:58:0c:93:61:98:0c:
23:ef:0d:99:20:b4:e6:1c:d3:57:e4:b4:97:85:d1:
99:fe:24:67:4a:65:f5:3c:a1:61:5a:cc:85:d6:1d:
29:fb:ca:aa:65:a9:d6:90:7a:4d:5e:4d:54:ff:3d:
ae:01:6a:59:69:54:89:40:de:3f:c6:f6:d9:29:90:
2c:6f:d4:60:4e:26:2e:e5:8c:25:54:ea:74:a3:65:
9d:03:be:ff:b8:3a:a0:7a:2f:32:5b:1e:9f:3b:86:
8a:ca:6e:7f:b1:70:6d:35:39:ab:7d:b2:55:f2:d0:
78:01:d3:32:83:1f:c8:cb:8a:2a:be:de:a8:79:39:
b3:cb:c3:6f:bb:89:a0:bc:fc:37:6c:f5:98:90:41:
eb:4f:3a:e4:f0:ca:c7:1b:8a:a0:05:06:ed:51:0c:
da:48:fc:8b:d8:c1:bf:e0:56:89:9d:2d:46:8c:c1:
d4:74:0a:aa:23:84:04:5e:99:43:65:34:8c:18:6c:
fa:29:db:a5:8f:1b:b4:b0:21:4a:0a:c8:f6:76:ae:
b7:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:E3:04:06:25:5D:F9:BB:83:8F:8F:1A:36:60:3C:3D:F2:7B:E1:AD
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/326130323a323633303a3a2f32392d3239203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2630::/29
Signature Algorithm: sha256WithRSAEncryption
14:fa:0b:a1:fe:a3:61:a8:0c:ef:5b:93:7b:3a:f3:46:8b:11:
21:2c:14:47:97:fe:de:bd:68:45:ec:bc:41:34:67:b6:bb:5e:
4f:d2:79:f9:2d:47:98:ea:45:e6:5e:07:3a:3c:2e:41:3f:15:
71:fb:b4:86:3d:1b:94:f3:79:d1:39:9a:f1:5b:22:08:dd:98:
ef:79:72:12:da:b1:eb:60:82:32:ef:06:8b:78:a9:ee:0b:ce:
e4:ee:65:95:20:f2:a9:02:21:b3:a3:84:56:f0:d4:14:6f:13:
8c:9c:7f:6a:b5:a8:a5:a7:8a:0c:23:87:63:bb:25:4f:12:ae:
f7:58:30:32:64:83:ac:32:53:94:9d:6d:ea:fe:7c:30:e4:8c:
a1:b9:fd:13:8c:42:79:26:6e:3f:08:00:e6:6a:60:7a:c7:9b:
71:ed:66:d4:71:79:43:ea:90:fe:6d:af:f2:9d:21:0c:8f:0d:
7f:c5:de:25:c5:bc:d5:18:02:5b:61:39:12:25:13:72:73:6e:
95:45:b7:cc:eb:ef:b1:f4:1e:59:29:59:72:20:f2:26:70:89:
83:56:d2:c7:f9:1e:b0:bb:1f:f7:82:51:b0:4e:a1:d0:c4:cf:
41:66:0a:77:10:13:b6:e0:98:80:11:6b:50:04:9e:85:3e:93:
a1:e3:02:78
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUJ45fh+J2c4eqKkVL0fJEI2LoqsowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTdaFw0yNDA3MDUwODA4MTdaMDMxMTAvBgNV
BAMTKDE5RTMwNDA2MjU1REY5QkI4MzhGOEYxQTM2NjAzQzNERjI3QkUxQUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8I9O11Ylmz8z/Mg4ZArEz3rvM
tFm/6PDXiRgwmZJlrnU+ueqsGQTUo8gnb7jsIDa2ELZVPVgMk2GYDCPvDZkgtOYc
01fktJeF0Zn+JGdKZfU8oWFazIXWHSn7yqplqdaQek1eTVT/Pa4BallpVIlA3j/G
9tkpkCxv1GBOJi7ljCVU6nSjZZ0Dvv+4OqB6LzJbHp87horKbn+xcG01Oat9slXy
0HgB0zKDH8jLiiq+3qh5ObPLw2+7iaC8/Dds9ZiQQetPOuTwyscbiqAFBu1RDNpI
/IvYwb/gVomdLUaMwdR0CqojhARemUNlNIwYbPop26WPG7SwIUoKyPZ2rrenAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUGeMEBiVd+buDj48aNmA8PfJ74a0wHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzI2MTMwMzIzYTMyMzYzMzMw
M2EzYTJmMzIzOTJkMzIzOTIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoC
JjAwDQYJKoZIhvcNAQELBQADggEBABT6C6H+o2GoDO9bk3s680aLESEsFEeX/t69
aEXsvEE0Z7a7Xk/SefktR5jqReZeBzo8LkE/FXH7tIY9G5TzedE5mvFbIgjdmO95
chLasetggjLvBot4qe4LzuTuZZUg8qkCIbOjhFbw1BRvE4ycf2q1qKWnigwjh2O7
JU8SrvdYMDJkg6wyU5Sdber+fDDkjKG5/ROMQnkmbj8IAOZqYHrHm3HtZtRxeUPq
kP5tr/KdIQyPDX/F3iXFvNUYAlthORIlE3JzbpVFt8zr77H0HlkpWXIg8iZwiYNW
0sf5HrC7H/eCUbBOodDEz0FmCncQE7bgmIARa1AEnoU+k6HjAng=
-----END CERTIFICATE-----
Generated at Sat Jun 1 01:00:43 2024 by rpki-client on console-fra.rpki-client.org