Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/326130393a643634303a3a2f32392d3239203d3e20313938333435.roa
File: 326130393a643634303a3a2f32392d3239203d3e20313938333435.roa (raw, json)
Hash identifier: 3ZSjlKU0FDu1PfCNIY7S0AH8Mc5qUB/O/qjZ83x1+n4=
Subject key identifier: 31:FF:F2:B4:AC:29:D4:CC:1D:83:15:D9:A7:80:D4:A4:84:C0:0D:59
Certificate issuer: /CN=5da3215abfa4621d57709f838a92801f2e90ddfe
Certificate serial: 2617B138BF357AA268BB1B859336648467EBE15B
Authority key identifier: 5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/326130393a643634303a3a2f32392d3239203d3e20313938333435.roa
Signing time: Thu 01 Feb 2024 13:05:12 +0000
ROA not before: Thu 01 Feb 2024 13:00:12 +0000
ROA not after: Thu 30 Jan 2025 13:05:12 +0000
asID: 198345
IP address blocks: 2a09:d640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 23:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:17:b1:38:bf:35:7a:a2:68:bb:1b:85:93:36:64:84:67:eb:e1:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3215abfa4621d57709f838a92801f2e90ddfe
Validity
Not Before: Feb 1 13:00:12 2024 GMT
Not After : Jan 30 13:05:12 2025 GMT
Subject: CN=31FFF2B4AC29D4CC1D8315D9A780D4A484C00D59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:47:db:7b:5b:43:f9:a3:d0:ca:eb:60:87:fa:
7a:c1:21:67:cf:72:29:a9:50:3e:78:4d:a6:69:3d:
46:6d:3e:09:9b:07:62:b6:1b:25:ba:5e:a4:de:0d:
7e:7b:1c:70:82:e9:f6:49:86:97:71:36:76:3c:42:
a0:41:87:d6:8a:95:1e:d7:f8:96:e3:3d:ac:dd:92:
c9:fc:23:74:ec:90:58:ae:4a:ca:e8:76:35:01:2a:
8e:64:c8:2b:19:3c:ba:4f:8d:de:f1:8b:32:92:e1:
77:c6:71:ac:d5:75:ae:48:35:8c:12:01:6d:ee:b0:
bd:61:8e:83:c1:aa:94:d0:be:b2:88:91:b2:8b:3f:
a2:e0:e5:c3:cf:bd:e0:f9:ec:fb:51:56:b1:73:97:
e1:79:92:51:8c:e1:19:98:b4:90:ee:9c:74:64:d2:
75:63:b1:3b:de:4d:08:49:bc:07:35:7c:ca:66:46:
29:45:f4:59:25:93:16:3b:30:35:a0:09:1c:b4:96:
ae:11:4c:81:ab:80:07:2f:52:e7:01:08:e1:8e:ed:
8b:2f:7c:8e:61:97:11:19:a8:5b:9d:22:81:1f:51:
55:fa:33:e9:c0:9b:03:1f:40:42:64:37:86:5e:fc:
ca:3b:cb:11:0f:df:c4:55:dc:d4:c6:30:91:23:3a:
6f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:FF:F2:B4:AC:29:D4:CC:1D:83:15:D9:A7:80:D4:A4:84:C0:0D:59
X509v3 Authority Key Identifier:
keyid:5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/326130393a643634303a3a2f32392d3239203d3e20313938333435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:d640::/29
Signature Algorithm: sha256WithRSAEncryption
47:06:66:01:c0:90:90:ea:d2:81:08:68:b0:24:de:92:d7:73:
37:77:d0:8a:f0:03:69:53:f6:4b:4b:06:e6:58:fd:2b:36:81:
37:ec:8d:e2:1f:df:8d:4f:2a:d8:9d:1a:7a:fe:50:9c:d3:95:
21:b9:34:02:ed:02:30:43:dc:f7:8b:9d:ce:1c:58:e3:08:71:
da:04:0e:cd:82:c5:5b:d5:a8:69:76:fb:46:4d:9e:a1:54:68:
a1:98:36:c3:7f:f9:10:8d:f0:6d:6b:4f:b7:f1:db:cf:bb:ba:
80:38:7f:50:f6:19:c5:17:19:7f:d1:43:fb:94:32:45:71:bd:
33:09:f6:bf:65:af:fb:ac:2c:7c:71:ed:f7:d9:dd:19:d1:76:
17:66:64:c7:18:af:a5:10:27:f5:70:4f:2e:07:ae:04:5d:64:
f5:97:53:28:eb:6a:ba:07:81:65:d4:82:42:85:09:3a:46:ff:
41:30:c0:b9:8c:ee:1c:32:f2:cb:16:8a:10:08:a7:b9:f5:63:
e3:bc:a7:b5:ee:2b:34:94:30:00:1a:f7:15:c1:61:2a:26:90:
92:a3:14:4f:d3:4f:96:37:c2:93:18:b5:94:2b:e1:ee:e7:67:
93:fd:e3:99:3b:62:1d:a0:6b:29:ac:dc:ae:0e:d8:c5:33:2e:
fa:aa:d7:64
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUJhexOL81eqJouxuFkzZkhGfr4VswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWRhMzIxNWFiZmE0NjIxZDU3NzA5ZjgzOGE5MjgwMWYy
ZTkwZGRmZTAeFw0yNDAyMDExMzAwMTJaFw0yNTAxMzAxMzA1MTJaMDMxMTAvBgNV
BAMTKDMxRkZGMkI0QUMyOUQ0Q0MxRDgzMTVEOUE3ODBENEE0ODRDMDBENTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeR9t7W0P5o9DK62CH+nrBIWfP
cimpUD54TaZpPUZtPgmbB2K2GyW6XqTeDX57HHCC6fZJhpdxNnY8QqBBh9aKlR7X
+JbjPazdksn8I3TskFiuSsrodjUBKo5kyCsZPLpPjd7xizKS4XfGcazVda5INYwS
AW3usL1hjoPBqpTQvrKIkbKLP6Lg5cPPveD57PtRVrFzl+F5klGM4RmYtJDunHRk
0nVjsTveTQhJvAc1fMpmRilF9FklkxY7MDWgCRy0lq4RTIGrgAcvUucBCOGO7Ysv
fI5hlxEZqFudIoEfUVX6M+nAmwMfQEJkN4Ze/Mo7yxEP38RV3NTGMJEjOm/1AgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUMf/ytKwp1MwdgxXZp4DUpITADVkwHwYDVR0j
BBgwFoAUXaMhWr+kYh1XcJ+DipKAHy6Q3f4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYyNDU2N2ItN2E3NC00YzFmLWFhODUtZGQyNGFmNzNj
Y2JiLzAvNURBMzIxNUFCRkE0NjIxRDU3NzA5RjgzOEE5MjgwMUYyRTkwRERGRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hhTWhXci1rWWgxWGNKLURpcEtBSHk2
UTNmNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYyNDU2N2It
N2E3NC00YzFmLWFhODUtZGQyNGFmNzNjY2JiLzAvMzI2MTMwMzkzYTY0MzYzNDMw
M2EzYTJmMzIzOTJkMzIzOTIwM2QzZTIwMzEzOTM4MzMzNDM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUD
KgnWQDANBgkqhkiG9w0BAQsFAAOCAQEARwZmAcCQkOrSgQhosCTektdzN3fQivAD
aVP2S0sG5lj9KzaBN+yN4h/fjU8q2J0aev5QnNOVIbk0Au0CMEPc94udzhxY4whx
2gQOzYLFW9WoaXb7Rk2eoVRooZg2w3/5EI3wbWtPt/Hbz7u6gDh/UPYZxRcZf9FD
+5QyRXG9Mwn2v2Wv+6wsfHHt99ndGdF2F2ZkxxivpRAn9XBPLgeuBF1k9ZdTKOtq
ugeBZdSCQoUJOkb/QTDAuYzuHDLyyxaKEAinufVj47ynte4rNJQwABr3FcFhKiaQ
kqMUT9NPljfCkxi1lCvh7udnk/3jmTtiHaBrKazcrg7YxTMu+qrXZA==
-----END CERTIFICATE-----
Generated at Sat May 18 04:11:02 2024 by rpki-client on console-ams.rpki-client.org