Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/326130623a366338303a3a2f33322d3332203d3e20323135383338.roa
File: 326130623a366338303a3a2f33322d3332203d3e20323135383338.roa (raw, json)
Hash identifier: hwipkGSwtCKNEaVeYs/lVeZpckysHvyHuEt4Oz/IH2U=
Subject key identifier: 04:FB:DD:C2:22:6F:96:8A:8A:C6:11:F0:1D:1A:9A:03:74:96:E3:A7
Certificate issuer: /CN=b3d0280f500695a43204251c9830454ca8a2e7ac
Certificate serial: 493934056148F2CF3E976E04EF112292F85C094A
Authority key identifier: B3:D0:28:0F:50:06:95:A4:32:04:25:1C:98:30:45:4C:A8:A2:E7:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9AoD1AGlaQyBCUcmDBFTKii56w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/326130623a366338303a3a2f33322d3332203d3e20323135383338.roa
Signing time: Tue 14 May 2024 09:36:04 +0000
ROA not before: Tue 14 May 2024 09:31:04 +0000
ROA not after: Tue 13 May 2025 09:36:04 +0000
asID: 215838
IP address blocks: 2a0b:6c80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/B3D0280F500695A43204251C9830454CA8A2E7AC.crl
rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/B3D0280F500695A43204251C9830454CA8A2E7AC.mft
rsync://rpki.ripe.net/repository/DEFAULT/s9AoD1AGlaQyBCUcmDBFTKii56w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:39:34:05:61:48:f2:cf:3e:97:6e:04:ef:11:22:92:f8:5c:09:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d0280f500695a43204251c9830454ca8a2e7ac
Validity
Not Before: May 14 09:31:04 2024 GMT
Not After : May 13 09:36:04 2025 GMT
Subject: CN=04FBDDC2226F968A8AC611F01D1A9A037496E3A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f0:fd:a4:12:1c:5a:48:d2:44:a1:c2:f6:2b:
43:0a:43:51:67:02:2e:4b:43:4b:42:ab:d0:58:7e:
b1:43:f9:31:77:2c:75:83:d4:68:ea:f9:de:df:d0:
8e:01:54:94:03:64:25:30:e5:b6:04:0f:33:7b:79:
1c:2f:7d:09:09:a6:65:75:4f:b1:ef:c4:40:9b:8b:
d4:ca:40:bb:a3:59:76:7b:dd:0e:de:bf:4a:c4:ef:
1f:94:84:2c:12:15:ff:eb:11:9a:64:7f:5a:e6:7e:
41:24:08:8e:a1:26:f1:ba:aa:67:95:3b:c9:7a:e5:
9f:2b:21:a9:65:71:c4:d9:f5:94:22:cf:7b:3c:e5:
cb:1c:8c:32:15:9b:ee:ae:20:92:94:58:f7:25:df:
53:7d:7b:80:02:da:13:c4:ba:60:54:40:61:30:5c:
95:5b:16:19:93:ae:47:dd:04:c7:b8:54:e1:48:b4:
cd:ef:dd:85:71:f5:53:e1:8a:38:74:53:d3:0d:df:
c1:d3:d8:fb:72:68:30:ad:f3:ca:df:05:a5:7e:4e:
33:1e:52:e0:d2:d1:e0:5f:d9:05:1c:f0:4b:0b:ad:
d9:31:63:ba:0d:c8:76:c6:05:58:06:ef:c6:87:4d:
7c:e2:86:a5:f7:cd:b0:68:63:78:9e:b8:3b:65:13:
b9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:FB:DD:C2:22:6F:96:8A:8A:C6:11:F0:1D:1A:9A:03:74:96:E3:A7
X509v3 Authority Key Identifier:
keyid:B3:D0:28:0F:50:06:95:A4:32:04:25:1C:98:30:45:4C:A8:A2:E7:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/B3D0280F500695A43204251C9830454CA8A2E7AC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9AoD1AGlaQyBCUcmDBFTKii56w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/326130623a366338303a3a2f33322d3332203d3e20323135383338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6c80::/32
Signature Algorithm: sha256WithRSAEncryption
94:af:93:de:50:08:5c:41:26:39:c4:65:2d:87:9f:36:48:4b:
26:20:64:dc:ae:17:38:14:26:31:b1:d6:d4:70:c5:70:37:19:
54:39:09:1f:ac:66:b0:95:ab:56:0b:fa:02:79:66:42:c7:cb:
61:ed:ad:f7:25:1d:bf:e1:d6:cc:33:33:ff:46:3f:3d:45:5d:
4a:e7:17:d2:47:12:41:5c:3e:83:c6:8b:05:2a:d6:91:b2:77:
9b:46:33:c2:03:a2:6a:c7:2e:34:47:8e:91:06:35:f7:11:1b:
7a:8c:ce:b3:e7:11:99:6c:08:75:56:c3:37:b2:10:1f:74:4d:
33:de:84:0c:97:d8:17:3c:6c:1c:9a:56:47:1c:49:88:7c:7d:
bb:27:68:98:34:d1:58:3d:9c:3c:d9:f9:e2:1c:a0:2a:36:03:
60:cd:1b:e9:d7:5b:13:12:6e:c5:1e:b9:80:f3:87:30:45:43:
c0:de:f5:b3:a0:ec:90:93:cb:d7:72:c6:55:de:76:5e:9c:fa:
16:ce:bb:18:55:89:62:26:e0:9e:ea:70:ee:af:b7:ac:ca:79:
b9:4a:81:64:c5:b2:81:1d:a9:60:0a:d1:a9:20:7e:dc:33:cb:
b7:c3:da:5b:20:13:47:0c:d2:07:11:f1:8f:12:9d:a4:93:26:
9d:68:bf:87
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUSTk0BWFI8s8+l24E7xEikvhcCUowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjNkMDI4MGY1MDA2OTVhNDMyMDQyNTFjOTgzMDQ1NGNh
OGEyZTdhYzAeFw0yNDA1MTQwOTMxMDRaFw0yNTA1MTMwOTM2MDRaMDMxMTAvBgNV
BAMTKDA0RkJEREMyMjI2Rjk2OEE4QUM2MTFGMDFEMUE5QTAzNzQ5NkUzQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp8P2kEhxaSNJEocL2K0MKQ1Fn
Ai5LQ0tCq9BYfrFD+TF3LHWD1Gjq+d7f0I4BVJQDZCUw5bYEDzN7eRwvfQkJpmV1
T7HvxECbi9TKQLujWXZ73Q7ev0rE7x+UhCwSFf/rEZpkf1rmfkEkCI6hJvG6qmeV
O8l65Z8rIallccTZ9ZQiz3s85cscjDIVm+6uIJKUWPcl31N9e4AC2hPEumBUQGEw
XJVbFhmTrkfdBMe4VOFItM3v3YVx9VPhijh0U9MN38HT2PtyaDCt88rfBaV+TjMe
UuDS0eBf2QUc8EsLrdkxY7oNyHbGBVgG78aHTXzihqX3zbBoY3ieuDtlE7kpAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUBPvdwiJvloqKxhHwHRqaA3SW46cwHwYDVR0j
BBgwFoAUs9AoD1AGlaQyBCUcmDBFTKii56wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODdhZTI1ZjMtNzA2Yi00N2VkLWJiNzQtNDY2ODRhZTBl
ZjJiLzAvQjNEMDI4MEY1MDA2OTVBNDMyMDQyNTFDOTgzMDQ1NENBOEEyRTdBQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3M5QW9EMUFHbGFReUJDVWNtREJGVEtp
aTU2dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODdhZTI1ZjMt
NzA2Yi00N2VkLWJiNzQtNDY2ODRhZTBlZjJiLzAvMzI2MTMwNjIzYTM2NjMzODMw
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTM1MzgzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KgtsgDANBgkqhkiG9w0BAQsFAAOCAQEAlK+T3lAIXEEmOcRlLYefNkhLJiBk3K4X
OBQmMbHW1HDFcDcZVDkJH6xmsJWrVgv6AnlmQsfLYe2t9yUdv+HWzDMz/0Y/PUVd
SucX0kcSQVw+g8aLBSrWkbJ3m0YzwgOiascuNEeOkQY19xEbeozOs+cRmWwIdVbD
N7IQH3RNM96EDJfYFzxsHJpWRxxJiHx9uydomDTRWD2cPNn54hygKjYDYM0b6ddb
ExJuxR65gPOHMEVDwN71s6DskJPL13LGVd52Xpz6Fs67GFWJYibgnupw7q+3rMp5
uUqBZMWygR2pYArRqSB+3DPLt8PaWyATRwzSBxHxjxKdpJMmnWi/hw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:43 2024 by rpki-client on console-ams.rpki-client.org