Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/326130323a323633303a3a2f33322d3332203d3e203135343139.roa
File: 326130323a323633303a3a2f33322d3332203d3e203135343139.roa (raw, json)
Hash identifier: bRN9WIaNgBfL6hWP8Q0NfsbEb+S5Yh1ES6lsal3H0uY=
Subject key identifier: 74:CE:CF:DC:11:68:35:00:23:91:9A:84:3D:A8:BC:71:D3:BE:02:91
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 3213CB6320E612D9DB842AC2736E5B06F5E54C52
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/326130323a323633303a3a2f33322d3332203d3e203135343139.roa
Signing time: Fri 07 Jun 2024 09:01:55 +0000
ROA not before: Fri 07 Jun 2024 08:56:55 +0000
ROA not after: Fri 06 Jun 2025 09:01:55 +0000
asID: 15419
IP address blocks: 2a02:2630::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:13:cb:63:20:e6:12:d9:db:84:2a:c2:73:6e:5b:06:f5:e5:4c:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:55 2024 GMT
Not After : Jun 6 09:01:55 2025 GMT
Subject: CN=74CECFDC1168350023919A843DA8BC71D3BE0291
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:87:d5:9f:f7:f4:7c:d9:49:73:10:01:d6:af:
8e:3d:cd:45:71:94:70:11:95:06:58:98:03:9b:87:
2e:5d:da:e8:06:22:d2:13:c7:f7:69:6b:f8:ea:8f:
6c:9f:df:92:b3:43:30:24:61:ba:7b:ea:50:e0:fb:
b1:8f:56:5e:53:5d:e7:fb:ad:ef:33:6c:e2:05:be:
7d:b3:21:f7:2e:6a:60:4c:70:63:72:4f:03:81:d2:
e9:ef:ba:3e:d5:ea:c1:6f:7a:e2:2b:cf:c2:6d:14:
93:3d:b5:f2:42:f9:67:9b:09:3e:1c:ac:fd:85:98:
40:77:96:2b:21:4a:56:51:fc:78:ab:05:00:a2:a5:
d8:95:c6:ed:dd:da:69:3b:64:2e:fa:d9:c0:cc:4d:
fb:34:ff:48:41:10:08:b4:8e:c7:4d:ed:fa:cd:c3:
6c:0b:4c:85:7e:20:6d:05:83:b1:33:ac:5e:3c:ee:
ba:bc:a1:fc:e8:eb:1e:44:83:4f:4c:17:49:16:ab:
8f:11:09:79:df:32:5e:06:45:a4:1d:c6:3a:6c:5a:
af:07:83:6b:ba:91:14:c4:8c:38:ba:83:58:af:aa:
0f:d2:20:db:42:d0:1f:b4:33:75:51:bc:89:6e:47:
3c:b6:aa:c6:27:0b:d8:96:65:ef:fb:82:72:06:7b:
ca:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:CE:CF:DC:11:68:35:00:23:91:9A:84:3D:A8:BC:71:D3:BE:02:91
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/326130323a323633303a3a2f33322d3332203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2630::/32
Signature Algorithm: sha256WithRSAEncryption
31:40:53:11:91:0c:b3:dd:38:e6:49:1e:c2:7e:34:d7:3d:24:
50:61:b4:20:42:40:a9:45:0b:5f:97:be:f1:c7:88:76:8a:63:
cf:9c:80:68:f8:d7:ba:da:b7:96:ea:4c:4f:e4:97:a1:60:4a:
49:ed:25:0a:8b:79:20:97:e2:c7:1b:91:e5:f0:82:37:88:67:
a3:78:61:4d:99:0b:5c:4b:36:13:54:d7:7b:dd:00:2b:ee:86:
66:85:67:cd:8f:44:2c:54:b2:ac:fc:06:b0:82:f6:b2:f4:5f:
c0:1f:a1:7e:da:c5:63:b4:8d:06:2e:c7:3c:c6:56:9c:d8:44:
1b:9f:6f:d8:63:14:31:d9:14:42:d6:9c:40:55:b2:51:95:93:
65:34:b6:3b:f3:81:17:00:17:5e:15:c3:2b:10:57:18:40:18:
d1:02:91:38:a8:b7:07:c3:66:d0:26:04:3f:93:02:7c:96:29:
1b:1b:e1:1c:c6:74:bf:9d:84:21:4d:ea:fe:a3:dc:03:08:e7:
49:f3:7f:ca:95:e3:8d:80:16:05:19:5d:e9:f3:38:e1:2d:25:
ab:1c:b4:e5:cb:e4:ea:31:f7:cc:62:1f:15:23:18:90:23:1d:
be:19:c9:fa:e7:e7:c0:ad:f7:ff:90:e4:64:40:3c:28:1c:b7:
fb:25:f6:c7
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUMhPLYyDmEtnbhCrCc25bBvXlTFIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTVaFw0yNTA2MDYwOTAxNTVaMDMxMTAvBgNV
BAMTKDc0Q0VDRkRDMTE2ODM1MDAyMzkxOUE4NDNEQThCQzcxRDNCRTAyOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5h9Wf9/R82UlzEAHWr449zUVx
lHARlQZYmAObhy5d2ugGItITx/dpa/jqj2yf35KzQzAkYbp76lDg+7GPVl5TXef7
re8zbOIFvn2zIfcuamBMcGNyTwOB0unvuj7V6sFveuIrz8JtFJM9tfJC+WebCT4c
rP2FmEB3lishSlZR/HirBQCipdiVxu3d2mk7ZC762cDMTfs0/0hBEAi0jsdN7frN
w2wLTIV+IG0Fg7EzrF487rq8ofzo6x5Eg09MF0kWq48RCXnfMl4GRaQdxjpsWq8H
g2u6kRTEjDi6g1ivqg/SINtC0B+0M3VRvIluRzy2qsYnC9iWZe/7gnIGe8qLAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUdM7P3BFoNQAjkZqEPai8cdO+ApEwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzI2MTMwMzIzYTMyMzYzMzMw
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoC
JjAwDQYJKoZIhvcNAQELBQADggEBADFAUxGRDLPdOOZJHsJ+NNc9JFBhtCBCQKlF
C1+XvvHHiHaKY8+cgGj417rat5bqTE/kl6FgSkntJQqLeSCX4scbkeXwgjeIZ6N4
YU2ZC1xLNhNU13vdACvuhmaFZ82PRCxUsqz8BrCC9rL0X8AfoX7axWO0jQYuxzzG
VpzYRBufb9hjFDHZFELWnEBVslGVk2U0tjvzgRcAF14VwysQVxhAGNECkTiotwfD
ZtAmBD+TAnyWKRsb4RzGdL+dhCFN6v6j3AMI50nzf8qV442AFgUZXenzOOEtJasc
tOXL5Oox98xiHxUjGJAjHb4Zyfrn58Ct9/+Q5GRAPCgct/sl9sc=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:50 2024 by rpki-client on console-fra.rpki-client.org