Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/326130343a626463373a3130303a3a2f34382d3438203d3e203633343733.roa
File: 326130343a626463373a3130303a3a2f34382d3438203d3e203633343733.roa (raw, json)
Hash identifier: cIgCPlWJVzQv9rFXK4UHAZrBLrfC24yg7y3paFaEs/w=
Subject key identifier: 3D:46:5A:73:C6:2A:E4:FD:87:AD:FF:F4:2D:CE:14:7E:BE:05:E7:96
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 33463AAAA608DB3DF33B84FD7B8C5DAE8318226E
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/326130343a626463373a3130303a3a2f34382d3438203d3e203633343733.roa
Signing time: Mon 11 Dec 2023 07:59:32 +0000
ROA not before: Mon 11 Dec 2023 07:54:32 +0000
ROA not after: Mon 09 Dec 2024 07:59:32 +0000
asID: 63473
IP address blocks: 2a04:bdc7:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:46:3a:aa:a6:08:db:3d:f3:3b:84:fd:7b:8c:5d:ae:83:18:22:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 11 07:54:32 2023 GMT
Not After : Dec 9 07:59:32 2024 GMT
Subject: CN=3D465A73C62AE4FD87ADFFF42DCE147EBE05E796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cf:70:8f:57:92:ea:6e:26:a9:98:bc:5d:64:
f1:12:a9:9f:8f:1c:d6:5b:f4:d5:97:62:8d:4f:50:
b0:bc:c2:e7:bb:5d:26:46:47:80:25:68:4b:2c:c4:
b7:c9:4b:74:be:ee:09:63:17:eb:cf:f4:c4:0d:fa:
62:55:80:4a:f6:c1:5d:b3:4d:60:7c:d3:c8:ae:6f:
8b:89:67:08:05:13:a6:f8:ec:74:07:31:b0:94:17:
d1:b2:0e:13:cb:bf:6c:de:44:a8:a8:ab:5e:27:9d:
f8:1c:57:01:01:b2:03:a6:22:8e:69:63:17:53:82:
08:99:c0:f4:fa:96:37:0c:5d:31:4e:a9:5b:69:d1:
3b:24:fe:2c:e5:b9:72:78:cb:9c:47:e7:d7:25:6d:
76:ad:76:10:44:b9:89:36:c9:a9:54:ab:18:bf:48:
55:f8:94:6f:9d:b4:fc:22:99:3b:0b:a1:7c:5a:dd:
03:6a:dd:28:67:a6:f6:87:bc:4c:96:e6:33:14:cb:
39:da:da:5f:0e:89:79:f6:8b:ef:d4:69:81:45:51:
35:ec:47:70:89:7c:bc:38:85:2b:1c:48:1c:b9:14:
71:77:a1:53:8b:7c:27:82:66:d2:f3:03:2d:8c:3f:
77:07:e0:77:ae:f4:7f:a6:d2:a2:05:15:0f:8f:ef:
77:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:46:5A:73:C6:2A:E4:FD:87:AD:FF:F4:2D:CE:14:7E:BE:05:E7:96
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/326130343a626463373a3130303a3a2f34382d3438203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:bdc7:100::/48
Signature Algorithm: sha256WithRSAEncryption
99:2c:85:7f:14:93:57:de:3a:83:f0:91:5c:b6:fc:ce:35:29:
f7:ef:d8:25:94:4c:94:74:43:50:8f:a1:5f:fd:6c:3d:54:eb:
fe:a0:18:87:bb:20:70:95:9e:ed:c9:ea:91:97:e4:32:7c:f6:
bc:96:6b:2b:a4:39:f6:c1:ca:0e:86:c1:cf:91:de:e4:e2:7c:
74:b1:de:2d:11:dd:e1:3b:a9:94:b8:ba:c5:96:25:8b:45:05:
37:2c:d0:25:b6:93:ea:76:77:51:74:cb:98:d0:a2:86:ae:53:
b3:a0:6f:0d:7d:e2:21:d1:ab:0c:78:bf:b8:30:45:f7:f2:76:
3d:f6:9a:5d:02:ed:43:d4:6e:8a:85:b5:8e:9b:fb:48:59:7b:
1b:81:76:2f:f7:16:af:f6:28:7b:0e:e6:2b:7d:14:f9:51:04:
a2:52:c6:3c:28:b9:d8:e9:e9:a9:8d:77:40:e6:4a:60:f2:19:
29:75:8d:32:1d:8b:1a:77:a1:f2:82:a5:5f:a4:83:bc:6d:20:
b5:08:40:d8:b8:19:28:70:3c:bb:9e:73:0a:6c:95:d7:43:0c:
fb:82:58:67:dd:28:19:7d:6d:5a:07:b1:f8:51:64:cf:1c:c9:
f2:26:b5:b6:39:37:fd:bb:6f:e6:0f:74:11:d8:62:af:29:39:
6c:42:b8:08
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUM0Y6qqYI2z3zO4T9e4xdroMYIm4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yMzEyMTEwNzU0MzJaFw0yNDEyMDkwNzU5MzJaMDMxMTAvBgNV
BAMTKDNENDY1QTczQzYyQUU0RkQ4N0FERkZGNDJEQ0UxNDdFQkUwNUU3OTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/z3CPV5LqbiapmLxdZPESqZ+P
HNZb9NWXYo1PULC8wue7XSZGR4AlaEssxLfJS3S+7gljF+vP9MQN+mJVgEr2wV2z
TWB808iub4uJZwgFE6b47HQHMbCUF9GyDhPLv2zeRKioq14nnfgcVwEBsgOmIo5p
YxdTggiZwPT6ljcMXTFOqVtp0Tsk/izluXJ4y5xH59clbXatdhBEuYk2yalUqxi/
SFX4lG+dtPwimTsLoXxa3QNq3ShnpvaHvEyW5jMUyzna2l8OiXn2i+/UaYFFUTXs
R3CJfLw4hSscSBy5FHF3oVOLfCeCZtLzAy2MP3cH4Heu9H+m0qIFFQ+P73f/AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUPUZac8Yq5P2Hrf/0Lc4Ufr4F55YwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzI2MTMwMzQzYTYyNjQ2MzM3
M2EzMTMwMzAzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgS9xwEAMA0GCSqGSIb3DQEBCwUAA4IBAQCZLIV/FJNX3jqD8JFctvzO
NSn379gllEyUdENQj6Ff/Ww9VOv+oBiHuyBwlZ7tyeqRl+QyfPa8lmsrpDn2wcoO
hsHPkd7k4nx0sd4tEd3hO6mUuLrFliWLRQU3LNAltpPqdndRdMuY0KKGrlOzoG8N
feIh0asMeL+4MEX38nY99ppdAu1D1G6KhbWOm/tIWXsbgXYv9xav9ih7DuYrfRT5
UQSiUsY8KLnY6empjXdA5kpg8hkpdY0yHYsad6HygqVfpIO8bSC1CEDYuBkocDy7
nnMKbJXXQwz7glhn3SgZfW1aB7H4UWTPHMnyJrW2OTf9u2/mD3QR2GKvKTlsQrgI
-----END CERTIFICATE-----
Generated at Thu May 16 15:36:04 2024 by rpki-client on console-fra.rpki-client.org