Route Origin Authorization
$ rpki-client -vvf rpki.owl.net/rrdp/owl/1/326130373a643838303a3a2f33322d3438203d3e2033323134.roa
File: 326130373a643838303a3a2f33322d3438203d3e2033323134.roa (raw, json)
Hash identifier: TTgyy1BxltMKK0bpAu8gO/WGwWb3aKvCSPTEoohixZ8=
Subject key identifier: 46:EA:99:48:64:2A:AD:ED:99:74:3A:28:0F:09:F8:54:89:6B:BB:C1
Certificate issuer: /CN=b55e2e72d7ffde6bceb73ce26f185c678a23892d
Certificate serial: 3D1371A6AE202CFE61CFC21CA4BA114291A0A6AF
Authority key identifier: B5:5E:2E:72:D7:FF:DE:6B:CE:B7:3C:E2:6F:18:5C:67:8A:23:89:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tV4uctf_3mvOtzzibxhcZ4ojiS0.cer
Subject info access: rsync://rpki.owl.net/rrdp/owl/1/326130373a643838303a3a2f33322d3438203d3e2033323134.roa
Signing time: Thu 12 Oct 2023 15:59:56 +0000
ROA not before: Thu 12 Oct 2023 15:54:56 +0000
ROA not after: Thu 10 Oct 2024 15:59:56 +0000
asID: 3214
IP address blocks: 2a07:d880::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.owl.net/rrdp/owl/1/B55E2E72D7FFDE6BCEB73CE26F185C678A23892D.crl
rsync://rpki.owl.net/rrdp/owl/1/B55E2E72D7FFDE6BCEB73CE26F185C678A23892D.mft
rsync://rpki.ripe.net/repository/DEFAULT/tV4uctf_3mvOtzzibxhcZ4ojiS0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 04:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:13:71:a6:ae:20:2c:fe:61:cf:c2:1c:a4:ba:11:42:91:a0:a6:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b55e2e72d7ffde6bceb73ce26f185c678a23892d
Validity
Not Before: Oct 12 15:54:56 2023 GMT
Not After : Oct 10 15:59:56 2024 GMT
Subject: CN=46EA9948642AADED99743A280F09F854896BBBC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d8:df:ca:32:92:fe:a9:88:7f:76:ea:1b:c8:
01:25:cd:e0:ff:29:6c:0c:fd:ab:69:64:c9:a4:fa:
6e:6d:93:81:10:9e:ab:d5:75:8a:c4:8b:6d:62:32:
fc:de:45:07:2a:fd:d8:3d:58:25:99:0c:e9:b8:dd:
ce:39:b0:c8:27:c5:0c:66:92:12:00:e1:c1:af:0a:
f2:80:d9:09:36:e8:97:93:4d:bb:ec:78:bb:f6:99:
65:77:af:66:a2:2b:df:b9:55:35:6c:38:9d:14:63:
21:bb:38:5c:6e:6d:3c:3d:43:d1:e1:b0:91:99:ce:
e7:1d:89:ca:b6:c2:f3:fa:b6:61:51:c5:57:84:b8:
a2:5c:32:2c:9d:4c:c6:89:c7:d7:64:12:db:d9:2a:
a2:21:0e:1b:ad:07:27:98:02:c6:58:d0:55:4a:ad:
ea:ce:59:4d:74:ee:71:5f:32:62:3a:7c:bf:c8:e8:
b7:b1:3c:8d:b5:a9:9b:fa:75:13:5e:ea:e4:f0:70:
af:22:45:0f:f4:f3:67:bd:8c:0d:3a:73:d0:32:2c:
96:45:60:68:e9:c6:6f:a2:83:df:d1:ff:dc:93:0f:
14:c7:49:c3:e0:92:29:04:b3:20:3f:d7:00:2f:58:
64:de:dc:cf:1f:54:4a:61:07:19:ff:83:70:6a:03:
b6:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:EA:99:48:64:2A:AD:ED:99:74:3A:28:0F:09:F8:54:89:6B:BB:C1
X509v3 Authority Key Identifier:
keyid:B5:5E:2E:72:D7:FF:DE:6B:CE:B7:3C:E2:6F:18:5C:67:8A:23:89:2D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.owl.net/rrdp/owl/1/B55E2E72D7FFDE6BCEB73CE26F185C678A23892D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tV4uctf_3mvOtzzibxhcZ4ojiS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.owl.net/rrdp/owl/1/326130373a643838303a3a2f33322d3438203d3e2033323134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:d880::/32
Signature Algorithm: sha256WithRSAEncryption
38:b8:21:48:15:6f:6b:a6:14:f0:c5:5a:ce:20:00:f4:37:be:
ae:bf:c2:8c:c6:b1:95:5c:e4:a1:e4:2b:c2:1c:14:fb:77:f6:
4d:45:07:85:f0:03:89:fa:87:9d:7f:60:0f:15:f5:4c:cf:65:
cb:a0:35:5c:55:b7:0b:e4:a3:c2:f6:6e:45:bd:20:c3:80:a9:
5d:b4:c8:16:dc:7e:51:34:16:49:d5:48:57:5d:a5:09:c5:41:
8c:ae:84:09:c9:4f:b2:91:7f:81:df:04:b8:5d:9e:aa:b8:88:
eb:79:af:f9:1c:15:fd:9a:7d:bb:7a:6f:35:43:af:bc:cc:5a:
f1:f7:88:2b:a4:fd:84:1c:53:ce:36:83:1c:93:93:8a:37:a6:
ec:d3:cf:25:4c:81:5c:e9:e5:e7:53:5c:7e:44:a2:99:3c:97:
63:c0:e5:2b:85:e0:95:29:16:e5:99:77:67:5c:ad:cc:98:dd:
a2:ad:aa:08:00:e3:15:76:1f:c5:c5:ff:39:ea:8d:41:a9:a3:
17:e1:ae:f8:15:61:62:76:21:26:4a:71:70:d9:33:9e:97:ab:
bd:75:b0:20:15:51:e1:18:22:eb:5a:61:69:c0:29:0f:78:56:
ce:09:71:18:c8:74:8c:77:b9:32:76:5c:81:6e:79:82:33:b8:
fc:94:18:a6
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUPRNxpq4gLP5hz8IcpLoRQpGgpq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjU1ZTJlNzJkN2ZmZGU2YmNlYjczY2UyNmYxODVjNjc4
YTIzODkyZDAeFw0yMzEwMTIxNTU0NTZaFw0yNDEwMTAxNTU5NTZaMDMxMTAvBgNV
BAMTKDQ2RUE5OTQ4NjQyQUFERUQ5OTc0M0EyODBGMDlGODU0ODk2QkJCQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY2N/KMpL+qYh/duobyAElzeD/
KWwM/atpZMmk+m5tk4EQnqvVdYrEi21iMvzeRQcq/dg9WCWZDOm43c45sMgnxQxm
khIA4cGvCvKA2Qk26JeTTbvseLv2mWV3r2aiK9+5VTVsOJ0UYyG7OFxubTw9Q9Hh
sJGZzucdicq2wvP6tmFRxVeEuKJcMiydTMaJx9dkEtvZKqIhDhutByeYAsZY0FVK
rerOWU107nFfMmI6fL/I6LexPI21qZv6dRNe6uTwcK8iRQ/082e9jA06c9AyLJZF
YGjpxm+ig9/R/9yTDxTHScPgkikEsyA/1wAvWGTe3M8fVEphBxn/g3BqA7Z/AgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQURuqZSGQqre2ZdDooDwn4VIlru8EwHwYDVR0j
BBgwFoAUtV4uctf/3mvOtzzibxhcZ4ojiS0wDgYDVR0PAQH/BAQDAgeAMF0GA1Ud
HwRWMFQwUqBQoE6GTHJzeW5jOi8vcnBraS5vd2wubmV0L3JyZHAvb3dsLzEvQjU1
RTJFNzJEN0ZGREU2QkNFQjczQ0UyNkYxODVDNjc4QTIzODkyRC5jcmwwZAYIKwYB
BQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVw
b3NpdG9yeS9ERUZBVUxUL3RWNHVjdGZfM212T3R6emlieGhjWjRvamlTMC5jZXIw
cgYIKwYBBQUHAQsEZjBkMGIGCCsGAQUFBzALhlZyc3luYzovL3Jwa2kub3dsLm5l
dC9ycmRwL293bC8xLzMyNjEzMDM3M2E2NDM4MzgzMDNhM2EyZjMzMzIyZDM0Mzgy
MDNkM2UyMDMzMzIzMTM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgfYgDANBgkqhkiG9w0BAQsFAAOC
AQEAOLghSBVva6YU8MVaziAA9De+rr/CjMaxlVzkoeQrwhwU+3f2TUUHhfADifqH
nX9gDxX1TM9ly6A1XFW3C+SjwvZuRb0gw4CpXbTIFtx+UTQWSdVIV12lCcVBjK6E
CclPspF/gd8EuF2eqriI63mv+RwV/Zp9u3pvNUOvvMxa8feIK6T9hBxTzjaDHJOT
ijem7NPPJUyBXOnl51NcfkSimTyXY8DlK4XglSkW5Zl3Z1ytzJjdoq2qCADjFXYf
xcX/OeqNQamjF+Gu+BVhYnYhJkpxcNkznpervXWwIBVR4Rgi61phacApD3hWzglx
GMh0jHe5MnZcgW55gjO4/JQYpg==
-----END CERTIFICATE-----
Generated at Mon May 20 08:57:04 2024 by rpki-client on console-ams.rpki-client.org