Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3130303a3a2f34302d3438203d3e203339373533.roa
File: 326130663a383563313a3130303a3a2f34302d3438203d3e203339373533.roa (raw, json)
Hash identifier: KPa9JxHunWDt4YoV7fBtimVauJ88izGNSJD+QrRTQjw=
Subject key identifier: CA:87:F5:49:6B:33:3A:D0:C6:16:28:5C:65:1E:1E:BF:0E:D2:D0:62
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 08D8F407CEF8287388D58669AFF76EB51BE7A368
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3130303a3a2f34302d3438203d3e203339373533.roa
Signing time: Tue 10 Oct 2023 15:13:45 +0000
ROA not before: Tue 10 Oct 2023 15:08:45 +0000
ROA not after: Tue 08 Oct 2024 15:13:45 +0000
asID: 39753
IP address blocks: 2a0f:85c1:100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:d8:f4:07:ce:f8:28:73:88:d5:86:69:af:f7:6e:b5:1b:e7:a3:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Oct 10 15:08:45 2023 GMT
Not After : Oct 8 15:13:45 2024 GMT
Subject: CN=CA87F5496B333AD0C616285C651E1EBF0ED2D062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f1:fb:09:b6:19:f2:88:a6:e2:b5:ae:95:0d:
15:18:fa:e7:2e:b4:2a:81:c0:0e:90:c5:7f:39:66:
f6:cc:0b:41:4c:6e:77:75:ce:f1:90:2d:1c:e8:4a:
2d:0a:05:2d:9d:50:12:d8:d1:e6:de:97:b0:67:39:
57:38:b1:fb:10:e0:0b:3f:e5:0c:bb:4f:8f:9b:50:
4d:2f:5a:7b:4f:12:88:c4:79:5a:dc:06:78:ae:02:
58:98:a8:c7:47:a4:0b:db:d2:46:c4:db:68:d4:48:
81:bf:71:dc:87:86:e4:d3:67:81:de:15:07:61:c5:
61:4a:7e:cc:06:c9:61:54:62:9b:29:84:36:ea:59:
86:83:54:b1:25:06:37:09:c9:f2:44:67:48:a2:8f:
71:bd:49:f7:ca:59:c5:ed:41:67:de:be:66:91:98:
8b:f3:fb:05:4b:05:c1:2c:eb:91:85:00:3e:43:90:
74:6d:cb:e4:af:f2:bb:2c:2c:bf:c6:d1:62:6d:cf:
85:b4:2c:18:77:dd:58:30:93:5d:34:21:63:4b:21:
50:95:1e:63:bc:54:ff:fc:27:c1:e3:9f:ae:dc:b8:
35:ff:2c:82:7d:5b:03:3b:37:b6:33:29:f9:2e:f7:
c2:88:03:9a:43:37:2e:d9:01:d9:32:fe:93:0a:aa:
c6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:87:F5:49:6B:33:3A:D0:C6:16:28:5C:65:1E:1E:BF:0E:D2:D0:62
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3130303a3a2f34302d3438203d3e203339373533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:100::/40
Signature Algorithm: sha256WithRSAEncryption
3e:01:b6:6d:f3:1b:c0:6c:41:a9:b3:91:43:ac:e8:e1:e4:80:
2d:13:04:18:70:18:ce:c8:53:60:d8:29:01:aa:cc:21:e8:20:
8c:30:d9:0b:af:68:f7:2b:22:7f:75:dc:22:85:d8:b4:39:25:
5b:01:5e:bc:a4:fe:1b:21:78:b3:f9:9e:50:cf:39:4f:d3:ec:
79:bd:93:88:2d:0b:74:8c:31:05:f6:e2:60:43:d9:f8:2c:b7:
5c:00:b0:1a:2c:6c:64:fd:9a:24:01:be:c5:5a:71:66:84:3a:
24:a8:59:07:18:fd:79:a1:b1:00:65:43:9d:0c:ba:e6:af:1a:
79:96:28:34:44:a5:f0:5b:0c:2c:82:0e:1c:7c:f7:54:48:b2:
7a:06:72:93:34:a0:1c:46:6c:e3:56:08:84:25:76:e3:64:d5:
73:13:50:1f:dd:5e:a9:c8:26:97:72:6a:d0:30:c9:7b:e3:2e:
ff:36:84:ac:4d:f0:bf:c4:5f:06:78:28:a6:45:bf:54:34:fc:
90:39:50:73:70:a2:cc:28:6a:82:8b:f7:2b:00:2a:62:99:c7:
38:70:91:b3:22:ec:8e:a9:f5:49:33:94:db:ee:7b:02:6e:09:
95:6f:2a:a6:ce:8d:14:0f:ae:e4:3c:e9:8a:7f:90:d1:42:77:
7a:8d:3d:f4
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIUCNj0B874KHOI1YZpr/dutRvno2gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yMzEwMTAxNTA4NDVaFw0yNDEwMDgxNTEzNDVaMDMxMTAvBgNV
BAMTKENBODdGNTQ5NkIzMzNBRDBDNjE2Mjg1QzY1MUUxRUJGMEVEMkQwNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC78fsJthnyiKbita6VDRUY+ucu
tCqBwA6QxX85ZvbMC0FMbnd1zvGQLRzoSi0KBS2dUBLY0ebel7BnOVc4sfsQ4As/
5Qy7T4+bUE0vWntPEojEeVrcBniuAliYqMdHpAvb0kbE22jUSIG/cdyHhuTTZ4He
FQdhxWFKfswGyWFUYpsphDbqWYaDVLElBjcJyfJEZ0iij3G9SffKWcXtQWfevmaR
mIvz+wVLBcEs65GFAD5DkHRty+Sv8rssLL/G0WJtz4W0LBh33Vgwk100IWNLIVCV
HmO8VP/8J8Hjn67cuDX/LIJ9WwM7N7YzKfku98KIA5pDNy7ZAdky/pMKqsZ7AgMB
AAGjggJFMIICQTAdBgNVHQ4EFgQUyof1SWszOtDGFihcZR4evw7S0GIwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMt
YTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhmMTk2LzAvMzI2MTMwNjYzYTM4MzU2MzMx
M2EzMTMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMzM5MzczNTMzLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIA
AjAIAwYAKg+FwQEwDQYJKoZIhvcNAQELBQADggEBAD4Btm3zG8BsQamzkUOs6OHk
gC0TBBhwGM7IU2DYKQGqzCHoIIww2QuvaPcrIn913CKF2LQ5JVsBXryk/hsheLP5
nlDPOU/T7Hm9k4gtC3SMMQX24mBD2fgst1wAsBosbGT9miQBvsVacWaEOiSoWQcY
/XmhsQBlQ50MuuavGnmWKDREpfBbDCyCDhx891RIsnoGcpM0oBxGbONWCIQlduNk
1XMTUB/dXqnIJpdyatAwyXvjLv82hKxN8L/EXwZ4KKZFv1Q0/JA5UHNwoswoaoKL
9ysAKmKZxzhwkbMi7I6p9UkzlNvuewJuCZVvKqbOjRQPruQ86Yp/kNFCd3qNPfQ=
-----END CERTIFICATE-----
Generated at Mon May 6 07:17:58 2024 by rpki-client on console-ams.rpki-client.org