Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3363363a3a2f34382d3438203d3e20313431383932.roa
File: 326130663a383563313a3363363a3a2f34382d3438203d3e20313431383932.roa (raw, json)
Hash identifier: 2UwgJmyLPCEfrgUqea8G6z4YN2Gf0P4ANFlwXEDbVVQ=
Subject key identifier: 26:91:1E:6C:16:46:CF:1F:3E:29:06:6D:B1:CB:6C:26:B0:4D:1D:8E
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 4D40790112471375E497733E5F0E99625E4FF25E
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3363363a3a2f34382d3438203d3e20313431383932.roa
Signing time: Fri 19 Apr 2024 16:48:52 +0000
ROA not before: Fri 19 Apr 2024 16:43:52 +0000
ROA not after: Fri 18 Apr 2025 16:48:52 +0000
asID: 141892
IP address blocks: 2a0f:85c1:3c6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:40:79:01:12:47:13:75:e4:97:73:3e:5f:0e:99:62:5e:4f:f2:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Apr 19 16:43:52 2024 GMT
Not After : Apr 18 16:48:52 2025 GMT
Subject: CN=26911E6C1646CF1F3E29066DB1CB6C26B04D1D8E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:9a:6f:e8:ce:e6:c4:e4:30:ab:bb:53:d8:7d:
21:c9:76:25:70:72:08:b9:e0:ff:67:3c:2e:1f:3f:
72:e5:3d:65:cc:06:d0:3f:dd:7c:93:66:ed:2b:ad:
0d:78:2c:43:69:20:5f:1b:cf:6a:94:b1:9c:7f:28:
88:12:56:0c:73:66:28:f2:72:b3:9f:28:e4:b2:a8:
7a:07:d6:8c:18:dd:91:05:2f:92:a7:04:2a:e5:4e:
f3:ab:c0:76:64:c7:8a:68:b7:00:e0:65:6e:9d:19:
8b:7a:37:2a:bf:00:d7:19:b2:cf:73:91:71:64:44:
f7:74:9a:16:9d:09:2b:91:e0:8f:3c:1a:49:17:e8:
7d:79:fb:f0:2e:a7:73:5a:5e:74:5e:0c:9f:5a:15:
28:00:55:b2:1f:51:c2:4e:7e:3f:15:4d:75:2d:9e:
cb:69:38:82:0f:de:d7:3f:a4:91:93:93:cc:dd:2f:
57:9a:2f:e1:55:42:90:b4:a5:b1:09:87:a9:d4:35:
f1:7c:01:4b:28:b5:74:4e:c3:43:c0:6e:30:05:1d:
33:67:a3:a0:7a:25:99:89:c8:24:bf:4f:1f:06:ab:
ad:87:1d:1f:e4:b5:50:31:af:5c:76:e8:f1:93:d1:
23:42:81:a7:5c:32:2d:14:81:30:de:51:e3:69:5f:
90:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:91:1E:6C:16:46:CF:1F:3E:29:06:6D:B1:CB:6C:26:B0:4D:1D:8E
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3363363a3a2f34382d3438203d3e20313431383932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3c6::/48
Signature Algorithm: sha256WithRSAEncryption
80:56:91:fc:8b:45:9a:32:c3:61:58:77:97:8e:93:2e:32:b2:
86:77:c1:ae:ac:c8:f9:77:49:79:d4:b1:6b:c6:89:93:60:9f:
76:68:05:50:20:47:69:04:a2:67:eb:ae:0e:40:29:63:c6:82:
d9:8d:57:c7:e5:74:aa:07:f4:9d:1f:85:66:d8:e7:38:aa:4e:
1e:a5:a4:d1:b2:ea:9a:47:7f:74:51:3a:4d:6b:8a:e6:f4:ae:
3d:75:3a:df:28:26:c9:20:93:b7:22:81:1a:35:f7:39:3e:41:
03:a0:f6:41:29:ae:83:c1:79:e5:29:38:01:29:e6:48:b3:c7:
2d:6b:62:b4:d5:46:87:c4:81:b6:f3:ed:7a:87:19:de:af:e8:
47:41:3d:99:e2:4c:d1:a8:ed:25:be:05:24:0c:64:1e:17:bc:
e3:2e:b6:d0:49:d9:62:dc:b3:7a:c6:c4:8b:6c:29:1a:2a:43:
51:ed:2b:63:94:18:69:3b:f6:f1:f3:62:54:5b:5f:13:c5:4a:
de:50:85:46:5c:25:8c:d4:7a:5c:eb:f6:ac:54:26:cc:e8:d6:
fc:29:5a:67:49:f3:1e:42:46:91:2f:ca:cb:25:f9:66:14:4c:
50:c2:62:28:97:34:3b:0d:e7:2c:ba:58:29:e6:b9:57:9c:7c:
55:8a:62:99
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUTUB5ARJHE3Xkl3M+Xw6ZYl5P8l4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA0MTkxNjQzNTJaFw0yNTA0MTgxNjQ4NTJaMDMxMTAvBgNV
BAMTKDI2OTExRTZDMTY0NkNGMUYzRTI5MDY2REIxQ0I2QzI2QjA0RDFEOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqmm/ozubE5DCru1PYfSHJdiVw
cgi54P9nPC4fP3LlPWXMBtA/3XyTZu0rrQ14LENpIF8bz2qUsZx/KIgSVgxzZijy
crOfKOSyqHoH1owY3ZEFL5KnBCrlTvOrwHZkx4potwDgZW6dGYt6Nyq/ANcZss9z
kXFkRPd0mhadCSuR4I88GkkX6H15+/Aup3NaXnReDJ9aFSgAVbIfUcJOfj8VTXUt
nstpOIIP3tc/pJGTk8zdL1eaL+FVQpC0pbEJh6nUNfF8AUsotXROw0PAbjAFHTNn
o6B6JZmJyCS/Tx8Gq62HHR/ktVAxr1x26PGT0SNCgadcMi0UgTDeUeNpX5DbAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUJpEebBZGzx8+KQZtsctsJrBNHY4wHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMt
YTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhmMTk2LzAvMzI2MTMwNjYzYTM4MzU2MzMx
M2EzMzYzMzYzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTM0MzEzODM5MzIucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqD4XBA8YwDQYJKoZIhvcNAQELBQADggEBAIBWkfyLRZoyw2FYd5eO
ky4ysoZ3wa6syPl3SXnUsWvGiZNgn3ZoBVAgR2kEomfrrg5AKWPGgtmNV8fldKoH
9J0fhWbY5ziqTh6lpNGy6ppHf3RROk1riub0rj11Ot8oJskgk7cigRo19zk+QQOg
9kEproPBeeUpOAEp5kizxy1rYrTVRofEgbbz7XqHGd6v6EdBPZniTNGo7SW+BSQM
ZB4XvOMuttBJ2WLcs3rGxItsKRoqQ1HtK2OUGGk79vHzYlRbXxPFSt5QhUZcJYzU
elzr9qxUJszo1vwpWmdJ8x5CRpEvyssl+WYUTFDCYiiXNDsN5yy6WCnmuVecfFWK
Ypk=
-----END CERTIFICATE-----
Generated at Wed May 8 14:38:58 2024 by rpki-client on console-fra.rpki-client.org