Route Origin Authorization
$ rpki-client -vvf 0.sb/repo/sb/1/326131313a333a3530303a3a2f34302d3438203d3e203433333537.roa
File: 326131313a333a3530303a3a2f34302d3438203d3e203433333537.roa (raw, json)
Hash identifier: g6rHHtxHEQXiiuR5VApu6yqB6eXHYU4g6Qk/mQzm6Nw=
Subject key identifier: 9E:92:23:C2:1E:ED:74:1B:51:DC:E7:C6:FB:CE:00:A4:B0:15:6E:98
Certificate issuer: /CN=917b088922d0f33feca164e08554ec992daa39c5
Certificate serial: 24468E2595C49382EFC144AE5B2194D6FF21F443
Authority key identifier: 91:7B:08:89:22:D0:F3:3F:EC:A1:64:E0:85:54:EC:99:2D:AA:39:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kXsIiSLQ8z_soWTghVTsmS2qOcU.cer
Subject info access: rsync://0.sb/repo/sb/1/326131313a333a3530303a3a2f34302d3438203d3e203433333537.roa
Signing time: Thu 25 Jan 2024 11:10:05 +0000
ROA not before: Thu 25 Jan 2024 11:05:05 +0000
ROA not after: Thu 23 Jan 2025 11:10:05 +0000
asID: 43357
IP address blocks: 2a11:3:500::/40 maxlen: 48
Validation: OK
Signature path: rsync://0.sb/repo/sb/1/917B088922D0F33FECA164E08554EC992DAA39C5.crl
rsync://0.sb/repo/sb/1/917B088922D0F33FECA164E08554EC992DAA39C5.mft
rsync://rpki.ripe.net/repository/DEFAULT/kXsIiSLQ8z_soWTghVTsmS2qOcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:46:8e:25:95:c4:93:82:ef:c1:44:ae:5b:21:94:d6:ff:21:f4:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=917b088922d0f33feca164e08554ec992daa39c5
Validity
Not Before: Jan 25 11:05:05 2024 GMT
Not After : Jan 23 11:10:05 2025 GMT
Subject: CN=9E9223C21EED741B51DCE7C6FBCE00A4B0156E98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a5:38:5f:f9:17:66:e9:61:3a:ba:f9:51:13:
8d:5a:d2:ae:cd:eb:dc:87:34:a9:27:4b:62:fb:92:
d2:08:f1:52:15:d4:68:47:21:21:2c:ac:e1:e8:89:
89:8c:d5:4c:e8:19:27:22:a3:b1:0c:1d:86:a0:5a:
60:42:62:4c:18:0d:a4:9a:6a:90:ad:5e:d1:43:5c:
54:7d:89:b4:67:54:3b:de:14:e5:ab:16:d3:bf:11:
b2:81:8c:94:41:1a:d7:c7:d5:ed:7e:e0:3b:22:13:
e2:c5:0b:72:8d:1f:4c:be:d2:5c:46:9f:68:b3:40:
84:87:2c:bc:9c:b5:5b:44:a4:1d:db:9b:20:74:65:
6f:52:65:f9:1c:14:b7:d4:5c:65:b9:f5:e4:2a:9e:
4f:75:0d:4f:1a:3e:30:34:c9:17:90:1b:f5:16:4d:
b4:a0:65:1f:48:8f:0a:dd:9f:30:af:d8:87:79:4b:
ba:0d:7e:f5:9e:13:73:5e:71:14:c9:dd:ea:a4:a6:
2a:e8:48:6b:65:84:dc:2b:c5:0a:3d:57:49:e6:ca:
4f:4b:2e:b8:7b:18:2e:6b:a5:0a:a8:fe:0f:78:0d:
df:41:2a:d2:97:fc:a5:fb:d5:cc:2e:36:d2:dd:6b:
ff:5e:84:65:fa:df:1d:8e:83:ae:72:77:3b:b9:45:
a0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:92:23:C2:1E:ED:74:1B:51:DC:E7:C6:FB:CE:00:A4:B0:15:6E:98
X509v3 Authority Key Identifier:
keyid:91:7B:08:89:22:D0:F3:3F:EC:A1:64:E0:85:54:EC:99:2D:AA:39:C5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://0.sb/repo/sb/1/917B088922D0F33FECA164E08554EC992DAA39C5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kXsIiSLQ8z_soWTghVTsmS2qOcU.cer
Subject Information Access:
Signed Object - URI:rsync://0.sb/repo/sb/1/326131313a333a3530303a3a2f34302d3438203d3e203433333537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3:500::/40
Signature Algorithm: sha256WithRSAEncryption
00:14:db:2f:70:6f:05:b4:39:60:44:b8:43:8a:42:bd:12:af:
3f:5a:77:ba:63:c6:05:df:99:01:cc:6a:b0:27:d5:4c:cd:4e:
7e:0a:4e:d8:8e:e0:f0:38:11:f2:ac:92:01:72:7d:f1:88:a5:
bb:3f:29:a0:f2:bf:5c:5a:ad:df:09:0f:1f:f0:73:c8:a4:7e:
92:e8:1a:7e:c3:9f:34:64:62:85:1e:f7:64:44:15:9a:68:1d:
2c:eb:3d:22:e1:cf:62:e1:3d:4f:5c:06:37:aa:a3:b1:da:7d:
28:1f:75:1e:63:96:97:08:6c:8d:b0:74:64:89:c0:ff:b3:5e:
4f:44:57:e1:13:55:d8:a6:3b:34:4a:af:8c:a1:c3:ba:12:78:
28:58:d3:2d:ee:38:55:98:e3:15:48:90:f1:0a:35:08:a9:89:
bc:69:4e:69:c4:71:cf:b5:96:2d:9d:38:b4:1f:b6:dc:bf:10:
96:d1:92:34:9b:64:da:d1:80:43:c6:0a:43:fa:95:18:f9:65:
25:02:17:da:b9:bb:fa:51:28:3b:91:34:3a:c2:c1:7c:24:1d:
f7:2a:45:b3:b3:cd:57:3d:12:f8:24:1e:c7:d5:c9:82:2c:d8:
2d:b6:94:61:57:09:9f:46:a3:8f:8f:eb:14:4b:16:3d:be:6c:
5f:6e:32:1c
-----BEGIN CERTIFICATE-----
MIIEsjCCA5qgAwIBAgIUJEaOJZXEk4LvwUSuWyGU1v8h9EMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTE3YjA4ODkyMmQwZjMzZmVjYTE2NGUwODU1NGVjOTky
ZGFhMzljNTAeFw0yNDAxMjUxMTA1MDVaFw0yNTAxMjMxMTEwMDVaMDMxMTAvBgNV
BAMTKDlFOTIyM0MyMUVFRDc0MUI1MURDRTdDNkZCQ0UwMEE0QjAxNTZFOTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3pThf+Rdm6WE6uvlRE41a0q7N
69yHNKknS2L7ktII8VIV1GhHISEsrOHoiYmM1UzoGScio7EMHYagWmBCYkwYDaSa
apCtXtFDXFR9ibRnVDveFOWrFtO/EbKBjJRBGtfH1e1+4DsiE+LFC3KNH0y+0lxG
n2izQISHLLyctVtEpB3bmyB0ZW9SZfkcFLfUXGW59eQqnk91DU8aPjA0yReQG/UW
TbSgZR9IjwrdnzCv2Id5S7oNfvWeE3NecRTJ3eqkpiroSGtlhNwrxQo9V0nmyk9L
Lrh7GC5rpQqo/g94Dd9BKtKX/KX71cwuNtLda/9ehGX63x2Og65ydzu5RaCfAgMB
AAGjggG8MIIBuDAdBgNVHQ4EFgQUnpIjwh7tdBtR3OfG+84ApLAVbpgwHwYDVR0j
BBgwFoAUkXsIiSLQ8z/soWTghVTsmS2qOcUwDgYDVR0PAQH/BAQDAgeAMFQGA1Ud
HwRNMEswSaBHoEWGQ3JzeW5jOi8vMC5zYi9yZXBvL3NiLzEvOTE3QjA4ODkyMkQw
RjMzRkVDQTE2NEUwODU1NEVDOTkyREFBMzlDNS5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2tYc0lpU0xROHpfc29XVGdoVlRzbVMycU9jVS5jZXIwbQYIKwYBBQUH
AQsEYTBfMF0GCCsGAQUFBzALhlFyc3luYzovLzAuc2IvcmVwby9zYi8xLzMyNjEz
MTMxM2EzMzNhMzUzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzQzMzMzMzUz
Ny5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQS
MBAwDgQCAAIwCAMGACoRAAMFMA0GCSqGSIb3DQEBCwUAA4IBAQAAFNsvcG8FtDlg
RLhDikK9Eq8/Wne6Y8YF35kBzGqwJ9VMzU5+Ck7YjuDwOBHyrJIBcn3xiKW7Pymg
8r9cWq3fCQ8f8HPIpH6S6Bp+w580ZGKFHvdkRBWaaB0s6z0i4c9i4T1PXAY3qqOx
2n0oH3UeY5aXCGyNsHRkicD/s15PRFfhE1XYpjs0Sq+MocO6EngoWNMt7jhVmOMV
SJDxCjUIqYm8aU5pxHHPtZYtnTi0H7bcvxCW0ZI0m2Ta0YBDxgpD+pUY+WUlAhfa
ubv6USg7kTQ6wsF8JB33KkWzs81XPRL4JB7H1cmCLNgttpRhVwmfRqOPj+sUSxY9
vmxfbjIc
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:40:44 2024 by rpki-client on console-fra.rpki-client.org