Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/326130363a356563303a3a2f34382d3438203d3e20323034363933.roa
File: 326130363a356563303a3a2f34382d3438203d3e20323034363933.roa (raw, json)
Hash identifier: +zgqg7oCfaFMqowtNn81ipaj3irDs5wSCtc6B41Oes8=
Subject key identifier: D2:BC:6D:43:4F:C7:C8:CE:80:D8:FD:A1:F7:BD:01:F2:38:7E:6C:91
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 772B90AE1F0D338F62961E64C664D9EF75899B9E
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/326130363a356563303a3a2f34382d3438203d3e20323034363933.roa
Signing time: Tue 05 Nov 2024 17:43:27 +0000
ROA not before: Tue 05 Nov 2024 17:38:27 +0000
ROA not after: Tue 04 Nov 2025 17:43:27 +0000
asID: 204693
IP address blocks: 2a06:5ec0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:2b:90:ae:1f:0d:33:8f:62:96:1e:64:c6:64:d9:ef:75:89:9b:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Nov 5 17:38:27 2024 GMT
Not After : Nov 4 17:43:27 2025 GMT
Subject: CN=D2BC6D434FC7C8CE80D8FDA1F7BD01F2387E6C91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c4:2a:73:66:b3:2d:5b:fc:56:ca:cd:3f:49:
56:96:94:92:07:6a:d1:24:8a:1a:02:15:64:4f:9d:
1b:bf:a8:9e:53:c0:fb:ec:9d:ec:a4:94:49:cc:15:
df:50:21:d9:83:bf:a9:26:c4:42:27:0c:56:30:96:
79:2e:c2:07:f6:60:75:b4:c4:8e:49:e1:6f:ab:2e:
60:62:1e:17:3e:02:5b:bb:66:1f:ab:7f:8b:87:5d:
c2:ad:6b:ea:c3:b5:85:02:42:1b:7f:89:05:49:82:
2e:84:7e:0a:90:cb:55:9e:f3:56:e1:ee:22:16:12:
d1:12:95:7b:05:95:cc:e1:dc:c8:10:98:ea:01:e9:
3b:08:56:a1:a7:ce:f7:02:c6:94:38:bf:db:e9:c7:
25:9d:b8:bc:c7:17:ad:95:fe:59:a9:e0:56:d2:a1:
7b:19:0d:6e:a5:82:d9:18:72:86:03:f7:bb:4a:7c:
3e:e5:ce:35:36:37:4d:0e:b7:fb:e1:fc:e0:6d:5e:
5a:6c:4b:fd:5d:c7:7d:ac:25:10:ae:54:8a:04:57:
56:9d:70:93:da:ca:87:b1:58:5a:4c:2a:11:21:d7:
22:9e:89:7e:c1:d3:da:2c:6f:01:f6:c5:07:7e:06:
77:dd:54:49:42:23:0d:c9:ac:3f:34:3f:76:48:7a:
e9:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:BC:6D:43:4F:C7:C8:CE:80:D8:FD:A1:F7:BD:01:F2:38:7E:6C:91
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/326130363a356563303a3a2f34382d3438203d3e20323034363933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:5ec0::/48
Signature Algorithm: sha256WithRSAEncryption
92:f4:45:4d:2a:01:4f:bd:42:44:ac:cb:87:33:0d:9c:dd:34:
82:59:d2:6f:59:85:37:b9:af:b6:af:41:96:6d:f4:41:04:41:
6d:94:73:d4:53:74:f7:40:aa:dd:d1:b8:c0:d0:f0:b4:d9:cb:
60:b0:78:37:9c:96:76:ac:b9:ec:64:2b:2f:bd:23:6c:ec:b9:
73:64:9a:1b:d4:b7:d3:8c:e7:6b:15:b1:69:9f:f5:fd:87:7f:
a8:13:a9:d8:00:bb:de:69:89:8c:d2:67:04:03:0e:90:ab:2c:
af:8e:de:56:7b:a1:d2:3f:0d:36:7a:45:a6:ce:4a:21:8d:14:
97:ea:11:2f:ad:30:7b:09:dd:90:f5:75:99:ab:98:3f:0f:9f:
4a:77:1e:7e:6c:8d:90:d7:34:28:81:3c:3e:a1:82:70:03:73:
90:4e:f2:8a:8d:f4:8f:1e:83:7c:46:95:c8:47:81:a7:29:7c:
99:e0:4a:78:a0:36:0e:36:05:e6:f1:53:86:11:f5:61:82:81:
80:14:9f:18:9d:b7:f7:50:e8:05:ac:d1:b7:5b:26:d9:5d:51:
9b:5f:da:b2:4f:ca:e3:6f:3f:94:0f:18:95:67:49:1b:72:37:
24:b9:cd:02:3b:19:5d:c0:26:94:bc:eb:47:e2:bc:f2:20:df:
f7:0b:93:1a
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUdyuQrh8NM49ilh5kxmTZ73WJm54wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNDExMDUxNzM4MjdaFw0yNTExMDQxNzQzMjdaMDMxMTAvBgNV
BAMTKEQyQkM2RDQzNEZDN0M4Q0U4MEQ4RkRBMUY3QkQwMUYyMzg3RTZDOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTxCpzZrMtW/xWys0/SVaWlJIH
atEkihoCFWRPnRu/qJ5TwPvsneyklEnMFd9QIdmDv6kmxEInDFYwlnkuwgf2YHW0
xI5J4W+rLmBiHhc+Alu7Zh+rf4uHXcKta+rDtYUCQht/iQVJgi6EfgqQy1We81bh
7iIWEtESlXsFlczh3MgQmOoB6TsIVqGnzvcCxpQ4v9vpxyWduLzHF62V/lmp4FbS
oXsZDW6lgtkYcoYD97tKfD7lzjU2N00Ot/vh/OBtXlpsS/1dx32sJRCuVIoEV1ad
cJPayoexWFpMKhEh1yKeiX7B09osbwH2xQd+BnfdVElCIw3JrD80P3ZIeulbAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQU0rxtQ0/HyM6A2P2h970B8jh+bJEwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzI2MTMwMzYzYTM1NjU2MzMw
M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDM0MzYzOTMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcA
KgZewAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCS9EVNKgFPvUJErMuHMw2c3TSCWdJv
WYU3ua+2r0GWbfRBBEFtlHPUU3T3QKrd0bjA0PC02ctgsHg3nJZ2rLnsZCsvvSNs
7LlzZJob1LfTjOdrFbFpn/X9h3+oE6nYALveaYmM0mcEAw6Qqyyvjt5We6HSPw02
ekWmzkohjRSX6hEvrTB7Cd2Q9XWZq5g/D59Kdx5+bI2Q1zQogTw+oYJwA3OQTvKK
jfSPHoN8RpXIR4GnKXyZ4Ep4oDYONgXm8VOGEfVhgoGAFJ8Ynbf3UOgFrNG3WybZ
XVGbX9qyT8rjbz+UDxiVZ0kbcjckuc0COxldwCaUvOtH4rzyIN/3C5Ma
-----END CERTIFICATE-----
Generated at Fri Nov 22 07:03:46 2024 by rpki-client on console-fra.rpki-client.org