Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/326130323a323633303a3a2f32392d3239203d3e203135343139.roa
File: 326130323a323633303a3a2f32392d3239203d3e203135343139.roa (raw, json)
Hash identifier: USXMXzOV5ANsNLdkdDGh+aelwmgR1a255Z8q4twzCv0=
Subject key identifier: 84:EB:B1:D4:F1:AC:C3:64:C8:7B:82:DD:BE:DF:3C:A5:CF:6F:E6:3D
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 69CD82EFD15D8078DC3D17C9083EE01CD84A623C
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/326130323a323633303a3a2f32392d3239203d3e203135343139.roa
Signing time: Fri 07 Jun 2024 09:01:52 +0000
ROA not before: Fri 07 Jun 2024 08:56:52 +0000
ROA not after: Fri 06 Jun 2025 09:01:52 +0000
asID: 15419
IP address blocks: 2a02:2630::/29 maxlen: 29
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:cd:82:ef:d1:5d:80:78:dc:3d:17:c9:08:3e:e0:1c:d8:4a:62:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:52 2024 GMT
Not After : Jun 6 09:01:52 2025 GMT
Subject: CN=84EBB1D4F1ACC364C87B82DDBEDF3CA5CF6FE63D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:19:aa:1a:92:83:74:a0:9c:53:93:57:a9:2d:
de:93:b8:34:f5:cc:ae:72:d9:30:c3:27:9e:b3:1e:
ab:17:77:b0:2a:fd:db:3e:24:17:43:6f:40:e5:b4:
dd:66:0e:77:8f:68:d2:1e:81:0b:ff:f2:b7:2d:c3:
90:30:a5:ca:17:bf:6e:be:1d:56:71:25:c8:1d:77:
e1:7f:af:11:8a:bc:9a:f6:27:0c:24:53:69:a6:f9:
6a:1b:48:a5:24:cf:ce:c7:d6:bc:7e:35:a2:8a:96:
e7:3d:4e:d2:90:35:d3:5c:d6:ed:fa:4e:2a:8b:34:
93:eb:a7:2c:e8:b7:5b:c4:00:1e:4f:00:2d:6f:81:
6f:e1:0d:48:0b:ad:5e:a6:b7:fd:20:e5:04:ee:c3:
05:99:f4:2e:2b:c5:83:bd:af:4a:bf:61:dc:0f:a7:
fb:00:b3:1b:e0:bd:04:cf:1e:c9:7d:55:86:e2:c9:
27:02:03:bb:8d:2d:65:9d:4e:1d:cc:7b:bc:66:de:
fc:19:b6:f1:ab:ec:11:4f:5c:f1:f4:13:ae:32:a9:
c3:99:f2:5d:7a:f4:20:cb:fb:7f:3c:3e:a6:6c:72:
e0:f6:3e:b1:0a:d4:e6:dc:ea:70:de:56:75:e9:87:
b4:38:62:18:67:d0:d4:d5:7f:c5:49:12:a3:7a:22:
56:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:EB:B1:D4:F1:AC:C3:64:C8:7B:82:DD:BE:DF:3C:A5:CF:6F:E6:3D
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/326130323a323633303a3a2f32392d3239203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2630::/29
Signature Algorithm: sha256WithRSAEncryption
5e:8b:0b:c3:9a:3d:8c:eb:a5:45:82:d8:ec:92:27:b0:ca:67:
ee:73:4a:37:e2:c3:1e:57:a7:67:ac:7b:a2:c4:2e:8f:ee:29:
8f:42:ce:dc:79:2e:a3:c0:2a:d6:84:cb:b5:ce:a2:ee:87:d4:
87:b5:7f:96:6b:73:8d:78:51:50:e0:04:9f:29:f8:be:14:4c:
bb:56:cd:42:16:ed:9c:8c:91:c6:c9:4e:b2:e1:5a:dd:fd:7e:
96:ec:fe:38:a6:b9:1f:bb:a0:da:77:94:fb:4a:0d:d9:ae:15:
f6:de:d9:a3:38:a5:e2:92:8a:1d:5f:2e:09:21:da:49:d2:a4:
b7:f1:87:14:e4:2d:7f:f2:3a:eb:0c:66:0b:c2:b2:fb:68:6c:
42:b9:db:5c:f0:47:a2:96:fb:6e:d2:65:37:d9:09:78:9e:23:
7f:50:47:8a:96:71:f8:2c:a8:dc:d3:34:d3:2f:e5:4a:88:52:
2c:18:b3:9f:47:d3:d8:49:3e:47:7d:16:2c:9b:da:63:9f:fe:
f1:b7:dd:4b:d3:78:d5:3b:07:4e:77:7a:4a:de:6a:ba:d2:05:
96:41:d4:db:52:0f:61:81:69:75:9d:af:1e:85:9b:11:c8:6f:
18:ab:65:68:db:a5:cf:6a:ee:0d:aa:b9:5e:74:2b:cf:da:db:
3b:14:5f:be
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUac2C79FdgHjcPRfJCD7gHNhKYjwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTJaFw0yNTA2MDYwOTAxNTJaMDMxMTAvBgNV
BAMTKDg0RUJCMUQ0RjFBQ0MzNjRDODdCODJEREJFREYzQ0E1Q0Y2RkU2M0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNGaoakoN0oJxTk1epLd6TuDT1
zK5y2TDDJ56zHqsXd7Aq/ds+JBdDb0DltN1mDnePaNIegQv/8rctw5AwpcoXv26+
HVZxJcgdd+F/rxGKvJr2JwwkU2mm+WobSKUkz87H1rx+NaKKluc9TtKQNdNc1u36
TiqLNJPrpyzot1vEAB5PAC1vgW/hDUgLrV6mt/0g5QTuwwWZ9C4rxYO9r0q/YdwP
p/sAsxvgvQTPHsl9VYbiyScCA7uNLWWdTh3Me7xm3vwZtvGr7BFPXPH0E64yqcOZ
8l169CDL+388PqZscuD2PrEK1Obc6nDeVnXph7Q4Yhhn0NTVf8VJEqN6IlZhAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUhOux1PGsw2TIe4Ldvt88pc9v5j0wHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzI2MTMwMzIzYTMyMzYzMzMw
M2EzYTJmMzIzOTJkMzIzOTIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoC
JjAwDQYJKoZIhvcNAQELBQADggEBAF6LC8OaPYzrpUWC2OySJ7DKZ+5zSjfiwx5X
p2ese6LELo/uKY9Cztx5LqPAKtaEy7XOou6H1Ie1f5Zrc414UVDgBJ8p+L4UTLtW
zUIW7ZyMkcbJTrLhWt39fpbs/jimuR+7oNp3lPtKDdmuFfbe2aM4peKSih1fLgkh
2knSpLfxhxTkLX/yOusMZgvCsvtobEK521zwR6KW+27SZTfZCXieI39QR4qWcfgs
qNzTNNMv5UqIUiwYs59H09hJPkd9Fiyb2mOf/vG33UvTeNU7B053ekrearrSBZZB
1NtSD2GBaXWdrx6FmxHIbxirZWjbpc9q7g2quV50K8/a2zsUX74=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:50 2024 by rpki-client on console-fra.rpki-client.org