Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/326130623a366338313a3a2f33322d3332203d3e20323135383338.roa
File: 326130623a366338313a3a2f33322d3332203d3e20323135383338.roa (raw, json)
Hash identifier: ZrlItvK4GUW9v/tEHAeY+MLQvIad9obNlZyUUNFrjsU=
Subject key identifier: F4:53:BF:1C:4A:D9:C6:32:70:42:9C:AC:1B:88:B4:52:87:8B:58:D0
Certificate issuer: /CN=b3d0280f500695a43204251c9830454ca8a2e7ac
Certificate serial: 4C7BBA4FB5E25D7C62F203A83309754B7D94130E
Authority key identifier: B3:D0:28:0F:50:06:95:A4:32:04:25:1C:98:30:45:4C:A8:A2:E7:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9AoD1AGlaQyBCUcmDBFTKii56w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/326130623a366338313a3a2f33322d3332203d3e20323135383338.roa
Signing time: Tue 14 May 2024 09:36:04 +0000
ROA not before: Tue 14 May 2024 09:31:04 +0000
ROA not after: Tue 13 May 2025 09:36:04 +0000
asID: 215838
IP address blocks: 2a0b:6c81::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/B3D0280F500695A43204251C9830454CA8A2E7AC.crl
rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/B3D0280F500695A43204251C9830454CA8A2E7AC.mft
rsync://rpki.ripe.net/repository/DEFAULT/s9AoD1AGlaQyBCUcmDBFTKii56w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 13:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:7b:ba:4f:b5:e2:5d:7c:62:f2:03:a8:33:09:75:4b:7d:94:13:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d0280f500695a43204251c9830454ca8a2e7ac
Validity
Not Before: May 14 09:31:04 2024 GMT
Not After : May 13 09:36:04 2025 GMT
Subject: CN=F453BF1C4AD9C63270429CAC1B88B452878B58D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:85:c8:4b:d6:10:72:15:56:01:44:75:80:1f:
3e:c7:17:96:a7:e8:58:49:85:17:c1:a3:ce:f5:08:
9b:6b:0a:3f:c3:0f:f6:e4:4f:f9:c1:58:a9:1c:be:
3f:54:3e:8d:e2:6a:0f:a6:c0:fe:92:f5:9a:78:3c:
39:1d:95:fc:2d:04:06:9f:92:ff:f6:eb:fc:69:94:
44:af:fa:5f:af:fa:da:f9:20:d2:e5:ba:d1:2e:c7:
ff:1b:8b:68:8c:90:bf:5c:4c:ec:4c:e0:41:95:27:
5d:fc:90:1f:6e:15:19:61:86:1d:f1:b4:fc:ac:2e:
5a:14:23:ab:77:fa:a4:3f:2b:41:aa:0e:1d:24:a7:
4d:c4:e0:77:f6:30:d3:39:78:b1:c3:22:be:5d:99:
f2:8c:87:f5:1b:47:93:ea:1d:9b:cc:07:46:b1:4e:
25:62:3c:1a:66:6c:f4:be:1b:ad:63:49:94:9a:f4:
db:eb:59:1e:9b:90:f8:63:76:95:cb:e7:89:36:ed:
08:90:a1:e2:0d:8b:b2:16:fb:65:e9:ca:fb:e2:16:
45:cc:da:38:68:a0:b8:1d:11:34:01:e4:1a:fd:56:
51:36:98:3b:6f:79:77:04:43:90:f3:a7:27:55:37:
d5:23:42:7a:9f:58:f1:19:f5:70:48:fb:ef:4e:63:
9d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:53:BF:1C:4A:D9:C6:32:70:42:9C:AC:1B:88:B4:52:87:8B:58:D0
X509v3 Authority Key Identifier:
keyid:B3:D0:28:0F:50:06:95:A4:32:04:25:1C:98:30:45:4C:A8:A2:E7:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/B3D0280F500695A43204251C9830454CA8A2E7AC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9AoD1AGlaQyBCUcmDBFTKii56w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/326130623a366338313a3a2f33322d3332203d3e20323135383338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6c81::/32
Signature Algorithm: sha256WithRSAEncryption
9f:eb:af:f4:6a:34:f4:a1:c3:cc:71:80:09:e6:57:be:4c:32:
73:22:9f:40:95:1d:d6:bb:3f:77:99:53:83:bc:5d:25:55:25:
ca:64:b7:19:1a:9d:31:3a:5e:a2:71:e0:d0:bb:c0:a2:da:46:
4f:e2:f7:58:d1:d5:c3:5a:28:03:ac:0c:3e:0e:43:6e:e0:4a:
37:80:e4:0d:3c:c5:10:37:e1:0f:30:54:d3:b5:40:f9:25:1c:
11:80:4e:93:18:9f:f0:be:ba:c8:04:d3:2c:91:c6:f2:87:42:
72:a0:5d:83:9c:d2:8f:77:0b:8f:ba:7e:a0:69:1e:0d:f5:19:
f3:78:4e:9c:e4:19:95:a1:81:bb:ed:2e:63:ef:a4:cd:5e:a5:
c3:ef:b2:40:d1:da:53:39:5c:d0:68:98:5b:bb:39:7f:06:65:
38:ba:5a:ad:17:1d:e3:15:86:8c:b3:e1:3e:cc:0d:95:ee:fb:
67:39:b5:c7:6f:d6:e5:df:94:d3:25:d0:4a:16:9f:84:b7:57:
53:ea:8c:85:47:67:13:49:b1:b8:6a:47:dc:ee:ce:7e:8c:7d:
eb:e2:12:93:20:30:42:17:76:b4:5e:32:cc:63:13:18:5b:31:
bf:b1:e6:f0:e0:98:41:6c:f1:0b:9b:bd:4f:51:35:cb:f5:0f:
a3:8f:22:7e
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUTHu6T7XiXXxi8gOoMwl1S32UEw4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjNkMDI4MGY1MDA2OTVhNDMyMDQyNTFjOTgzMDQ1NGNh
OGEyZTdhYzAeFw0yNDA1MTQwOTMxMDRaFw0yNTA1MTMwOTM2MDRaMDMxMTAvBgNV
BAMTKEY0NTNCRjFDNEFEOUM2MzI3MDQyOUNBQzFCODhCNDUyODc4QjU4RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDshchL1hByFVYBRHWAHz7HF5an
6FhJhRfBo871CJtrCj/DD/bkT/nBWKkcvj9UPo3iag+mwP6S9Zp4PDkdlfwtBAaf
kv/26/xplESv+l+v+tr5INLlutEux/8bi2iMkL9cTOxM4EGVJ138kB9uFRlhhh3x
tPysLloUI6t3+qQ/K0GqDh0kp03E4Hf2MNM5eLHDIr5dmfKMh/UbR5PqHZvMB0ax
TiViPBpmbPS+G61jSZSa9NvrWR6bkPhjdpXL54k27QiQoeINi7IW+2XpyvviFkXM
2jhooLgdETQB5Br9VlE2mDtveXcEQ5DzpydVN9UjQnqfWPEZ9XBI++9OY53RAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQU9FO/HErZxjJwQpysG4i0UoeLWNAwHwYDVR0j
BBgwFoAUs9AoD1AGlaQyBCUcmDBFTKii56wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODdhZTI1ZjMtNzA2Yi00N2VkLWJiNzQtNDY2ODRhZTBl
ZjJiLzAvQjNEMDI4MEY1MDA2OTVBNDMyMDQyNTFDOTgzMDQ1NENBOEEyRTdBQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3M5QW9EMUFHbGFReUJDVWNtREJGVEtp
aTU2dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODdhZTI1ZjMt
NzA2Yi00N2VkLWJiNzQtNDY2ODRhZTBlZjJiLzAvMzI2MTMwNjIzYTM2NjMzODMx
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTM1MzgzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KgtsgTANBgkqhkiG9w0BAQsFAAOCAQEAn+uv9Go09KHDzHGACeZXvkwycyKfQJUd
1rs/d5lTg7xdJVUlymS3GRqdMTpeonHg0LvAotpGT+L3WNHVw1ooA6wMPg5DbuBK
N4DkDTzFEDfhDzBU07VA+SUcEYBOkxif8L66yATTLJHG8odCcqBdg5zSj3cLj7p+
oGkeDfUZ83hOnOQZlaGBu+0uY++kzV6lw++yQNHaUzlc0GiYW7s5fwZlOLparRcd
4xWGjLPhPswNle77Zzm1x2/W5d+U0yXQShafhLdXU+qMhUdnE0mxuGpH3O7Ofox9
6+ISkyAwQhd2tF4yzGMTGFsxv7Hm8OCYQWzxC5u9T1E1y/UPo48ifg==
-----END CERTIFICATE-----
Generated at Wed Sep 18 20:49:33 2024 by rpki-client on console-fra.rpki-client.org