Route Origin Authorization
$ rpki-client -vvf 0.sb/repo/sb/1/326131313a3a2f33322d3438203d3e2038383838.roa
File: 326131313a3a2f33322d3438203d3e2038383838.roa (raw, json)
Hash identifier: 4ZWAmDrwu4Strz0TOAaswKz/Iza6dycEiIEWJH8g4Xw=
Subject key identifier: 7A:F6:17:14:52:AF:12:B5:84:46:B6:9D:D5:E7:35:33:93:37:A2:4E
Certificate issuer: /CN=917b088922d0f33feca164e08554ec992daa39c5
Certificate serial: 666098ADB81693EF587E80150A321DF3BC1E523B
Authority key identifier: 91:7B:08:89:22:D0:F3:3F:EC:A1:64:E0:85:54:EC:99:2D:AA:39:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kXsIiSLQ8z_soWTghVTsmS2qOcU.cer
Subject info access: rsync://0.sb/repo/sb/1/326131313a3a2f33322d3438203d3e2038383838.roa
Signing time: Fri 23 Aug 2024 10:47:06 +0000
ROA not before: Fri 23 Aug 2024 10:42:06 +0000
ROA not after: Fri 22 Aug 2025 10:47:06 +0000
asID: 8888
IP address blocks: 2a11::/32 maxlen: 48
Validation: OK
Signature path: rsync://0.sb/repo/sb/1/917B088922D0F33FECA164E08554EC992DAA39C5.crl
rsync://0.sb/repo/sb/1/917B088922D0F33FECA164E08554EC992DAA39C5.mft
rsync://rpki.ripe.net/repository/DEFAULT/kXsIiSLQ8z_soWTghVTsmS2qOcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:60:98:ad:b8:16:93:ef:58:7e:80:15:0a:32:1d:f3:bc:1e:52:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=917b088922d0f33feca164e08554ec992daa39c5
Validity
Not Before: Aug 23 10:42:06 2024 GMT
Not After : Aug 22 10:47:06 2025 GMT
Subject: CN=7AF6171452AF12B58446B69DD5E735339337A24E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:71:ee:d9:67:50:3e:b1:5d:54:de:19:b5:6a:
3c:18:88:40:59:1b:5d:c0:b3:be:e3:36:3d:1c:6e:
d7:df:d2:c6:0b:b3:6d:93:3f:79:10:fe:54:6b:6e:
6a:57:f4:63:4c:a6:c8:cb:d2:1b:c6:fe:3e:9b:7e:
c1:a7:31:50:8d:8a:b0:0f:73:b8:69:7d:76:c4:2c:
aa:d7:4f:b4:f2:67:73:79:bc:ed:df:ae:7f:e4:5a:
07:cb:77:dc:d9:a0:01:6a:a2:d0:6d:0e:f3:d2:44:
fe:9f:e3:11:f6:0e:77:5a:0d:5f:a1:f0:31:cd:d7:
45:00:27:b2:f1:07:4f:7f:c7:da:10:c1:fb:1b:88:
b1:f9:bb:9a:90:d0:3f:81:fe:59:ee:6c:6e:ce:63:
9f:ab:a4:d8:06:3f:6b:02:92:ef:8f:59:50:29:e7:
57:b6:d1:a1:14:1a:bd:0c:aa:9b:c2:55:66:49:a3:
ee:69:e7:4c:48:82:f3:5c:37:6e:52:17:4e:5f:40:
5b:38:f6:0c:e1:e1:9a:40:76:ba:e0:3c:ca:92:ed:
2e:70:04:30:b0:d4:13:78:c7:18:15:6d:4d:ed:c9:
a1:97:0a:0a:7c:e0:4b:b8:e3:f6:0d:f0:aa:e4:0d:
13:fb:aa:c8:fd:c5:d6:09:fb:bc:6f:00:10:eb:98:
fe:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:F6:17:14:52:AF:12:B5:84:46:B6:9D:D5:E7:35:33:93:37:A2:4E
X509v3 Authority Key Identifier:
keyid:91:7B:08:89:22:D0:F3:3F:EC:A1:64:E0:85:54:EC:99:2D:AA:39:C5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://0.sb/repo/sb/1/917B088922D0F33FECA164E08554EC992DAA39C5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kXsIiSLQ8z_soWTghVTsmS2qOcU.cer
Subject Information Access:
Signed Object - URI:rsync://0.sb/repo/sb/1/326131313a3a2f33322d3438203d3e2038383838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11::/32
Signature Algorithm: sha256WithRSAEncryption
64:a6:be:7a:45:2f:41:87:b0:c3:3c:a9:a1:07:99:4d:46:43:
0d:ed:69:1f:9b:66:84:82:f6:7c:21:4f:ac:c3:27:a9:ff:53:
24:94:15:1c:90:89:61:16:c8:fb:eb:c2:71:cd:af:99:a3:e8:
49:0c:76:53:39:fe:d7:74:82:e5:8e:2c:78:c3:17:9d:22:72:
c3:93:7a:e0:99:84:67:30:e8:26:56:b2:b4:5d:e1:9b:22:e3:
45:37:de:e1:67:c6:4a:d0:58:1f:d1:9b:92:aa:20:f7:d4:fa:
b5:71:33:69:dc:cd:3c:37:1c:b8:ea:96:c0:e5:3b:fd:3e:62:
36:1a:09:93:82:64:5c:09:5a:17:21:ab:a9:2e:6a:8c:72:0e:
02:9b:64:2a:dd:fd:92:b1:c8:8a:37:38:d8:5e:c8:a4:ed:54:
e1:11:d5:6f:8a:b5:e5:91:20:64:1d:4f:5f:46:7e:99:55:e3:
4f:ca:43:e6:4c:0a:85:73:b8:3f:d8:a3:15:eb:26:a7:b0:2c:
c9:57:4c:94:81:2d:ae:a9:86:67:e8:19:b6:55:77:55:10:c5:
e5:18:7d:6d:56:23:de:ad:cd:4f:78:9d:71:ce:ad:e6:73:76:
05:12:0d:ce:81:1a:70:d2:3f:7b:8b:ae:b2:d5:2e:2b:12:e0:
8c:54:73:d1
-----BEGIN CERTIFICATE-----
MIIEozCCA4ugAwIBAgIUZmCYrbgWk+9YfoAVCjId87weUjswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTE3YjA4ODkyMmQwZjMzZmVjYTE2NGUwODU1NGVjOTky
ZGFhMzljNTAeFw0yNDA4MjMxMDQyMDZaFw0yNTA4MjIxMDQ3MDZaMDMxMTAvBgNV
BAMTKDdBRjYxNzE0NTJBRjEyQjU4NDQ2QjY5REQ1RTczNTMzOTMzN0EyNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmce7ZZ1A+sV1U3hm1ajwYiEBZ
G13As77jNj0cbtff0sYLs22TP3kQ/lRrbmpX9GNMpsjL0hvG/j6bfsGnMVCNirAP
c7hpfXbELKrXT7TyZ3N5vO3frn/kWgfLd9zZoAFqotBtDvPSRP6f4xH2DndaDV+h
8DHN10UAJ7LxB09/x9oQwfsbiLH5u5qQ0D+B/lnubG7OY5+rpNgGP2sCku+PWVAp
51e20aEUGr0MqpvCVWZJo+5p50xIgvNcN25SF05fQFs49gzh4ZpAdrrgPMqS7S5w
BDCw1BN4xxgVbU3tyaGXCgp84Eu44/YN8KrkDRP7qsj9xdYJ+7xvABDrmP7VAgMB
AAGjggGtMIIBqTAdBgNVHQ4EFgQUevYXFFKvErWERrad1ec1M5M3ok4wHwYDVR0j
BBgwFoAUkXsIiSLQ8z/soWTghVTsmS2qOcUwDgYDVR0PAQH/BAQDAgeAMFQGA1Ud
HwRNMEswSaBHoEWGQ3JzeW5jOi8vMC5zYi9yZXBvL3NiLzEvOTE3QjA4ODkyMkQw
RjMzRkVDQTE2NEUwODU1NEVDOTkyREFBMzlDNS5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2tYc0lpU0xROHpfc29XVGdoVlRzbVMycU9jVS5jZXIwXwYIKwYBBQUH
AQsEUzBRME8GCCsGAQUFBzALhkNyc3luYzovLzAuc2IvcmVwby9zYi8xLzMyNjEz
MTMxM2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzgzODM4Mzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAq
EQAAMA0GCSqGSIb3DQEBCwUAA4IBAQBkpr56RS9Bh7DDPKmhB5lNRkMN7Wkfm2aE
gvZ8IU+swyep/1MklBUckIlhFsj768Jxza+Zo+hJDHZTOf7XdILljix4wxedInLD
k3rgmYRnMOgmVrK0XeGbIuNFN97hZ8ZK0Fgf0ZuSqiD31Pq1cTNp3M08Nxy46pbA
5Tv9PmI2GgmTgmRcCVoXIaupLmqMcg4Cm2Qq3f2SsciKNzjYXsik7VThEdVvirXl
kSBkHU9fRn6ZVeNPykPmTAqFc7g/2KMV6yansCzJV0yUgS2uqYZn6Bm2VXdVEMXl
GH1tViPerc1PeJ1xzq3mc3YFEg3OgRpw0j97i66y1S4rEuCMVHPR
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:37:40 2024 by rpki-client on console-ams.rpki-client.org