Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3361393a3a2f34382d3438203d3e203134363138.roa
File: 326130663a383563313a3361393a3a2f34382d3438203d3e203134363138.roa (raw, json)
Hash identifier: kzbEW7ZHOxCMyWdddfKLNGWlX0mU3I3VEQ5SPldSR50=
Subject key identifier: 03:57:D6:5D:61:CA:1A:E3:8A:6F:92:83:B2:B5:FC:1D:8A:5C:32:D8
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 55EE931532D03029E4092E38846278D12334E067
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3361393a3a2f34382d3438203d3e203134363138.roa
Signing time: Sun 07 Apr 2024 21:09:56 +0000
ROA not before: Sun 07 Apr 2024 21:04:56 +0000
ROA not after: Sun 06 Apr 2025 21:09:56 +0000
asID: 14618
IP address blocks: 2a0f:85c1:3a9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 17:37:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:ee:93:15:32:d0:30:29:e4:09:2e:38:84:62:78:d1:23:34:e0:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Apr 7 21:04:56 2024 GMT
Not After : Apr 6 21:09:56 2025 GMT
Subject: CN=0357D65D61CA1AE38A6F9283B2B5FC1D8A5C32D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:90:9b:83:e8:d9:9d:80:db:c7:d5:e9:79:76:
d1:b3:93:c3:02:54:0d:84:93:38:e5:55:a4:4b:ce:
b6:99:e6:fa:cd:a2:55:e7:00:b8:53:57:4c:0d:b5:
80:89:44:d3:53:76:5e:d5:12:84:7a:14:cb:6f:ae:
ca:0f:29:d8:e4:6a:70:45:76:94:7f:aa:7d:28:d9:
ed:34:8e:5d:72:83:a5:74:d0:e4:e4:ad:b4:63:42:
fb:8f:5b:b2:07:76:30:9f:d5:e1:11:10:b5:05:49:
96:0c:29:dc:61:6b:b3:d4:b4:f4:14:8e:25:bd:da:
86:4f:37:b3:51:02:94:df:99:32:4f:80:84:18:0c:
de:3a:98:79:5a:64:01:9f:44:6e:fa:f1:cd:ce:c1:
85:76:fd:68:dd:3e:6b:a6:07:71:61:18:dc:72:ef:
db:42:d3:9d:3b:d8:91:a4:19:3c:f1:9d:50:7c:e9:
fa:35:79:cc:27:1a:e7:95:7b:c7:91:ff:37:f1:93:
8d:9e:df:9a:75:61:a9:a9:fb:87:8f:9b:38:c7:ac:
c9:76:0a:cf:83:5e:e4:ef:93:e0:d2:da:fd:e4:2b:
e4:c3:21:c0:50:2c:cf:7e:bc:b4:03:c2:7b:42:bc:
cb:c2:be:9b:75:2a:01:d3:d7:2b:07:fc:a7:e4:c4:
74:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:57:D6:5D:61:CA:1A:E3:8A:6F:92:83:B2:B5:FC:1D:8A:5C:32:D8
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3361393a3a2f34382d3438203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3a9::/48
Signature Algorithm: sha256WithRSAEncryption
02:d8:bf:41:16:ba:45:6f:f8:c5:2c:34:08:75:83:d2:a9:ea:
d6:2c:7f:ff:0e:60:89:11:52:d5:b8:36:3b:e6:c3:1c:07:33:
f0:f1:ef:31:dc:a7:74:e0:31:25:62:db:53:94:91:0b:f6:19:
89:b9:47:ae:75:59:54:82:44:e5:18:97:fb:5c:b2:60:ae:72:
95:16:b1:7c:fd:79:a3:75:ca:79:a2:27:1a:b1:ae:28:b6:4a:
9b:a5:44:2a:ef:4f:39:69:8d:d2:e3:73:fb:ac:1c:a7:2a:78:
57:27:ba:75:94:c7:9c:90:9c:c4:88:20:da:65:2c:5f:c7:72:
f8:10:d0:30:13:c7:b0:81:e9:f7:df:6d:2a:1e:ce:b1:bb:21:
15:7c:4b:02:de:ad:de:1c:5a:b7:dc:1c:5a:f7:f4:61:86:42:
e7:2c:77:29:8a:11:b3:cf:a8:e9:61:86:31:b5:18:18:40:26:
5a:7d:12:6a:ee:6d:28:f6:9d:78:eb:3a:87:3f:a4:8f:d8:42:
93:ce:70:65:82:3d:c4:da:97:9a:18:0c:a7:71:70:ac:77:38:
89:3a:bc:31:03:03:d1:4a:1c:66:6d:24:27:1f:4a:0f:58:1c:
11:cb:99:58:f9:82:82:c3:1e:00:c2:cf:9c:af:f3:f3:d8:03:
99:f2:29:0a
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUVe6TFTLQMCnkCS44hGJ40SM04GcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA0MDcyMTA0NTZaFw0yNTA0MDYyMTA5NTZaMDMxMTAvBgNV
BAMTKDAzNTdENjVENjFDQTFBRTM4QTZGOTI4M0IyQjVGQzFEOEE1QzMyRDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjkJuD6NmdgNvH1el5dtGzk8MC
VA2EkzjlVaRLzraZ5vrNolXnALhTV0wNtYCJRNNTdl7VEoR6FMtvrsoPKdjkanBF
dpR/qn0o2e00jl1yg6V00OTkrbRjQvuPW7IHdjCf1eERELUFSZYMKdxha7PUtPQU
jiW92oZPN7NRApTfmTJPgIQYDN46mHlaZAGfRG768c3OwYV2/WjdPmumB3FhGNxy
79tC05072JGkGTzxnVB86fo1ecwnGueVe8eR/zfxk42e35p1Yamp+4ePmzjHrMl2
Cs+DXuTvk+DS2v3kK+TDIcBQLM9+vLQDwntCvMvCvpt1KgHT1ysH/KfkxHQnAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUA1fWXWHKGuOKb5KDsrX8HYpcMtgwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMt
YTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhmMTk2LzAvMzI2MTMwNjYzYTM4MzU2MzMx
M2EzMzYxMzkzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTM0MzYzMTM4LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKg+FwQOpMA0GCSqGSIb3DQEBCwUAA4IBAQAC2L9BFrpFb/jFLDQIdYPS
qerWLH//DmCJEVLVuDY75sMcBzPw8e8x3Kd04DElYttTlJEL9hmJuUeudVlUgkTl
GJf7XLJgrnKVFrF8/Xmjdcp5oicasa4otkqbpUQq7085aY3S43P7rBynKnhXJ7p1
lMeckJzEiCDaZSxfx3L4ENAwE8ewgen3320qHs6xuyEVfEsC3q3eHFq33Bxa9/Rh
hkLnLHcpihGzz6jpYYYxtRgYQCZafRJq7m0o9p146zqHP6SP2EKTznBlgj3E2pea
GAyncXCsdziJOrwxAwPRShxmbSQnH0oPWBwRy5lY+YKCwx4Aws+cr/Pz2AOZ8ikK
-----END CERTIFICATE-----
Generated at Tue Apr 30 23:03:40 2024 by rpki-client on console-fra.rpki-client.org