Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3361393a3a2f34382d3438203d3e203136353039.roa
File: 326130663a383563313a3361393a3a2f34382d3438203d3e203136353039.roa (raw, json)
Hash identifier: fIOmkIEU0wPzXV/MKL7S/QrmmBK8+x3Zo1Z1Q8cNhjI=
Subject key identifier: C4:0F:2F:AC:24:2F:E6:EE:4F:B0:5D:84:D4:F8:26:93:70:D4:BA:56
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 3AA246222921A1DB5A5D5B08EB3862DBC1741F4C
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3361393a3a2f34382d3438203d3e203136353039.roa
Signing time: Sun 07 Apr 2024 21:09:45 +0000
ROA not before: Sun 07 Apr 2024 21:04:45 +0000
ROA not after: Sun 06 Apr 2025 21:09:45 +0000
asID: 16509
IP address blocks: 2a0f:85c1:3a9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:a2:46:22:29:21:a1:db:5a:5d:5b:08:eb:38:62:db:c1:74:1f:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Apr 7 21:04:45 2024 GMT
Not After : Apr 6 21:09:45 2025 GMT
Subject: CN=C40F2FAC242FE6EE4FB05D84D4F8269370D4BA56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c5:02:25:e3:e1:7f:4e:20:74:6d:87:9c:85:
81:33:40:7b:3d:9d:65:50:42:04:13:85:d4:4e:79:
b3:2b:3d:a1:9d:0b:d6:fa:d4:c6:5d:54:04:ee:00:
2e:be:f7:62:54:c9:6e:3c:a3:05:d6:fa:64:43:ab:
9a:c9:38:88:37:65:12:58:e6:49:85:51:a6:24:e6:
7b:d3:e6:56:62:1a:0f:7e:35:d9:0c:09:bd:8a:a0:
cf:a3:e6:5e:d2:2b:bd:0e:9a:29:64:77:f3:5f:d3:
12:56:cc:cf:2b:fa:db:ce:94:10:de:f5:cc:66:a4:
f5:24:f9:6c:fb:fa:e1:9c:d0:b8:40:b2:2a:35:35:
f7:d4:e7:ee:14:8a:cd:da:20:64:c7:b0:0b:15:c9:
f7:06:94:86:bf:2c:3f:51:1f:83:5b:86:05:e4:e2:
73:4a:b3:93:a8:b7:93:cf:b0:34:2e:2c:61:d2:31:
49:cb:47:50:3e:29:e6:7b:18:79:99:59:46:fd:bd:
ea:7b:5d:0b:a7:d6:5d:39:8d:e6:60:48:23:9e:dc:
e8:92:69:fd:9f:35:62:03:d5:5d:7c:bf:a1:89:86:
4f:7f:5f:a5:6d:74:0b:8e:ee:4b:58:75:c6:d2:fb:
e0:0b:18:f9:e9:ac:be:d9:54:09:d0:1b:af:a5:2e:
75:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:0F:2F:AC:24:2F:E6:EE:4F:B0:5D:84:D4:F8:26:93:70:D4:BA:56
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3361393a3a2f34382d3438203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3a9::/48
Signature Algorithm: sha256WithRSAEncryption
79:35:d4:8e:4c:99:48:9d:e4:3c:51:a3:28:ce:cb:38:99:8a:
2a:3b:d2:9e:3e:80:a6:a1:5d:4a:51:89:70:52:f6:80:ad:0e:
70:42:e4:69:37:9f:05:f7:00:de:71:ce:34:be:4f:7a:2d:91:
ad:7b:a5:7c:fa:01:3a:03:ff:fa:73:96:a8:5f:6a:07:2f:7f:
26:b5:f2:5e:1b:84:62:dd:ff:dd:c8:41:f8:5b:dc:a2:3c:ec:
56:03:8a:00:34:8e:2b:61:aa:4f:b8:42:c9:00:58:4a:a8:b8:
ad:50:eb:89:27:a8:8b:fc:ca:0e:a0:c2:36:0d:2d:c4:7f:c2:
00:ca:41:af:f9:f5:7a:a2:47:86:fe:a9:50:63:30:61:1b:ba:
e7:81:d8:ad:e6:20:bf:00:7e:f1:bb:0b:e8:85:e3:dd:ec:7a:
f0:51:33:b6:3f:2e:43:5e:67:95:7c:b3:e9:db:eb:58:f1:ac:
78:b8:3c:95:9c:74:2d:ac:60:77:6c:93:ca:14:93:09:7c:69:
7d:ca:bd:81:3c:63:7f:f1:9b:c4:52:68:5a:e7:01:37:0d:37:
e3:ad:d1:19:34:5c:03:c1:d0:eb:ab:04:d3:6e:ec:ba:af:77:
e7:f2:40:4f:28:69:a3:4a:fc:fe:70:c1:ef:fa:89:d3:fa:02:
b8:ad:52:e4
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUOqJGIikhodtaXVsI6zhi28F0H0wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA0MDcyMTA0NDVaFw0yNTA0MDYyMTA5NDVaMDMxMTAvBgNV
BAMTKEM0MEYyRkFDMjQyRkU2RUU0RkIwNUQ4NEQ0RjgyNjkzNzBENEJBNTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGxQIl4+F/TiB0bYechYEzQHs9
nWVQQgQThdROebMrPaGdC9b61MZdVATuAC6+92JUyW48owXW+mRDq5rJOIg3ZRJY
5kmFUaYk5nvT5lZiGg9+NdkMCb2KoM+j5l7SK70Omilkd/Nf0xJWzM8r+tvOlBDe
9cxmpPUk+Wz7+uGc0LhAsio1NffU5+4Uis3aIGTHsAsVyfcGlIa/LD9RH4NbhgXk
4nNKs5Oot5PPsDQuLGHSMUnLR1A+KeZ7GHmZWUb9vep7XQun1l05jeZgSCOe3OiS
af2fNWID1V18v6GJhk9/X6VtdAuO7ktYdcbS++ALGPnprL7ZVAnQG6+lLnVXAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUxA8vrCQv5u5PsF2E1Pgmk3DUulYwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMt
YTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhmMTk2LzAvMzI2MTMwNjYzYTM4MzU2MzMx
M2EzMzYxMzkzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTM2MzUzMDM5LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKg+FwQOpMA0GCSqGSIb3DQEBCwUAA4IBAQB5NdSOTJlIneQ8UaMozss4
mYoqO9KePoCmoV1KUYlwUvaArQ5wQuRpN58F9wDecc40vk96LZGte6V8+gE6A//6
c5aoX2oHL38mtfJeG4Ri3f/dyEH4W9yiPOxWA4oANI4rYapPuELJAFhKqLitUOuJ
J6iL/MoOoMI2DS3Ef8IAykGv+fV6okeG/qlQYzBhG7rngdit5iC/AH7xuwvohePd
7HrwUTO2Py5DXmeVfLPp2+tY8ax4uDyVnHQtrGB3bJPKFJMJfGl9yr2BPGN/8ZvE
Umha5wE3DTfjrdEZNFwDwdDrqwTTbuy6r3fn8kBPKGmjSvz+cMHv+onT+gK4rVLk
-----END CERTIFICATE-----
Generated at Thu May 2 10:53:04 2024 by rpki-client on console-fra.rpki-client.org