Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a34323a3a2f34382d3438203d3e20323135373531.roa
File: 326130623a346530343a34323a3a2f34382d3438203d3e20323135373531.roa (raw, json)
Hash identifier: UL7DNtF20elweRhYnvNGeqZFlJG6ugUMJNxN3qgPglg=
Subject key identifier: 9B:3D:46:FC:5A:C3:9C:2C:56:EC:7A:FD:54:A1:6B:4C:DE:35:CC:BA
Certificate issuer: /CN=42e508fba8960f48071b119accbf57bdbf3a8057
Certificate serial: 60C3456A47CDAAE1C0A536E647549E6728BF9C28
Authority key identifier: 42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a34323a3a2f34382d3438203d3e20323135373531.roa
Signing time: Tue 23 Jul 2024 02:27:19 +0000
ROA not before: Tue 23 Jul 2024 02:22:19 +0000
ROA not after: Tue 22 Jul 2025 02:27:19 +0000
asID: 215751
IP address blocks: 2a0b:4e04:42::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft
rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 02:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:c3:45:6a:47:cd:aa:e1:c0:a5:36:e6:47:54:9e:67:28:bf:9c:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42e508fba8960f48071b119accbf57bdbf3a8057
Validity
Not Before: Jul 23 02:22:19 2024 GMT
Not After : Jul 22 02:27:19 2025 GMT
Subject: CN=9B3D46FC5AC39C2C56EC7AFD54A16B4CDE35CCBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c5:a4:31:10:43:c3:83:7b:bf:81:65:c9:fe:
5a:ae:e3:fa:5d:a2:9c:8f:82:a3:7e:b9:16:ab:e6:
43:5f:94:6b:13:40:7d:78:71:27:f0:8e:09:1b:fe:
13:42:5a:d7:05:a1:6a:af:41:f8:6f:e6:7b:36:b1:
9a:cf:0d:59:3f:47:87:6b:79:91:4b:df:b5:56:7d:
a8:7a:54:a4:d3:3c:35:42:92:7b:5e:1f:01:09:95:
1e:0f:b3:c5:6b:f1:00:6c:3c:2b:a9:5e:db:5e:e5:
68:79:40:d1:ac:24:64:97:2f:37:64:eb:44:cb:49:
4d:d6:9f:fe:03:27:4f:09:71:f6:15:c4:45:28:51:
15:46:21:7c:a8:cc:8e:e4:67:8b:df:8d:0d:e4:d8:
e3:71:24:01:bc:91:f4:7b:0c:08:56:7a:4c:f0:fd:
a0:3e:6b:1d:b5:26:32:1e:ce:9f:38:ce:fb:ca:a8:
b8:01:f7:7a:07:30:ca:8e:2e:b2:7b:52:90:28:b5:
95:21:3b:22:f5:d8:8b:b3:cb:50:33:38:5e:41:bd:
ae:a6:2b:64:c9:12:20:c9:95:6c:72:3d:aa:6a:01:
85:09:b5:52:c6:2b:c5:c9:1d:67:14:48:69:69:98:
62:11:42:27:38:27:8d:92:92:93:04:93:4d:11:33:
52:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:3D:46:FC:5A:C3:9C:2C:56:EC:7A:FD:54:A1:6B:4C:DE:35:CC:BA
X509v3 Authority Key Identifier:
keyid:42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a34323a3a2f34382d3438203d3e20323135373531.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4e04:42::/48
Signature Algorithm: sha256WithRSAEncryption
9f:40:0e:cd:bf:9e:e8:37:3c:cb:f2:76:b5:b4:bf:1d:08:55:
db:5e:d0:ad:9f:33:96:13:d2:37:b6:b4:43:7e:b2:83:47:2b:
0c:aa:81:f2:88:75:b5:52:27:d9:83:c4:82:f3:40:5a:d7:0c:
87:76:19:2a:21:68:b7:ef:c9:9c:a2:61:1a:e4:2f:f2:4f:38:
ff:a9:e2:72:f0:26:e7:98:ad:a7:13:ea:b6:07:ae:83:b2:a7:
61:7e:99:68:a2:83:b1:98:12:80:75:cb:16:1c:45:e6:df:e1:
2c:9f:ed:c8:ec:33:3c:bb:fd:6a:2e:63:91:51:b8:d8:5a:3a:
9a:59:a6:a7:44:8c:cf:d4:44:98:fc:ee:06:08:5b:fa:78:7f:
e2:33:43:de:da:89:9c:96:36:da:4a:06:59:fc:9a:f1:56:34:
cb:46:64:ca:84:72:ad:d5:77:22:0f:d8:8d:45:69:b8:ae:e2:
c5:f4:fc:d7:40:be:ad:12:00:23:62:01:14:b0:e1:ad:c8:9e:
19:26:ba:d7:d5:34:47:d6:7d:84:b5:5d:3b:64:ce:5e:4b:49:
f1:d5:0c:24:4e:f6:64:71:f3:19:e8:ce:a1:02:aa:dc:82:d8:
88:42:60:79:06:18:54:1a:fb:14:0e:8c:b8:7c:b8:28:14:b9:
94:a1:42:88
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUYMNFakfNquHApTbmR1SeZyi/nCgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDJlNTA4ZmJhODk2MGY0ODA3MWIxMTlhY2NiZjU3YmRi
ZjNhODA1NzAeFw0yNDA3MjMwMjIyMTlaFw0yNTA3MjIwMjI3MTlaMDMxMTAvBgNV
BAMTKDlCM0Q0NkZDNUFDMzlDMkM1NkVDN0FGRDU0QTE2QjRDREUzNUNDQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDxaQxEEPDg3u/gWXJ/lqu4/pd
opyPgqN+uRar5kNflGsTQH14cSfwjgkb/hNCWtcFoWqvQfhv5ns2sZrPDVk/R4dr
eZFL37VWfah6VKTTPDVCknteHwEJlR4Ps8Vr8QBsPCupXtte5Wh5QNGsJGSXLzdk
60TLSU3Wn/4DJ08JcfYVxEUoURVGIXyozI7kZ4vfjQ3k2ONxJAG8kfR7DAhWekzw
/aA+ax21JjIezp84zvvKqLgB93oHMMqOLrJ7UpAotZUhOyL12Iuzy1AzOF5Bva6m
K2TJEiDJlWxyPapqAYUJtVLGK8XJHWcUSGlpmGIRQic4J42SkpMEk00RM1LxAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUmz1G/FrDnCxW7Hr9VKFrTN41zLowHwYDVR0j
BBgwFoAUQuUI+6iWD0gHGxGazL9Xvb86gFcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEtOGJhNS00NzlmLWEyMjktMGFiNzBlNDgx
NWJiLzAvNDJFNTA4RkJBODk2MEY0ODA3MUIxMTlBQ0NCRjU3QkRCRjNBODA1Ny5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1F1VUktNmlXRDBnSEd4R2F6TDlYdmI4
NmdGYy5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEt
OGJhNS00NzlmLWEyMjktMGFiNzBlNDgxNWJiLzAvMzI2MTMwNjIzYTM0NjUzMDM0
M2EzNDMyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM1MzczNTMxLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgtOBABCMA0GCSqGSIb3DQEBCwUAA4IBAQCfQA7Nv57oNzzL8na1tL8d
CFXbXtCtnzOWE9I3trRDfrKDRysMqoHyiHW1UifZg8SC80Ba1wyHdhkqIWi378mc
omEa5C/yTzj/qeJy8CbnmK2nE+q2B66DsqdhfploooOxmBKAdcsWHEXm3+Esn+3I
7DM8u/1qLmORUbjYWjqaWaanRIzP1ESY/O4GCFv6eH/iM0Pe2omcljbaSgZZ/Jrx
VjTLRmTKhHKt1XciD9iNRWm4ruLF9PzXQL6tEgAjYgEUsOGtyJ4ZJrrX1TRH1n2E
tV07ZM5eS0nx1QwkTvZkcfMZ6M6hAqrcgtiIQmB5BhhUGvsUDoy4fLgoFLmUoUKI
-----END CERTIFICATE-----
Generated at Wed Sep 18 07:44:06 2024 by rpki-client on console-fra.rpki-client.org