Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a31303a3a2f34382d3438203d3e203530333931.roa
File: 326131313a323963303a31303a3a2f34382d3438203d3e203530333931.roa (raw, json)
Hash identifier: 6LRoBKPpt7GgJlkBxrNmFbvS0fsdhmEaLNMGgb2KuQI=
Subject key identifier: FF:1B:E2:B9:4A:77:31:7F:97:FB:92:FF:1A:E1:05:21:F6:03:65:EE
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 50EF7102A123441C77D93FF4D796D805937E6D0D
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a31303a3a2f34382d3438203d3e203530333931.roa
Signing time: Wed 19 Jun 2024 14:01:15 +0000
ROA not before: Wed 19 Jun 2024 13:56:15 +0000
ROA not after: Wed 18 Jun 2025 14:01:15 +0000
asID: 50391
IP address blocks: 2a11:29c0:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:ef:71:02:a1:23:44:1c:77:d9:3f:f4:d7:96:d8:05:93:7e:6d:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Jun 19 13:56:15 2024 GMT
Not After : Jun 18 14:01:15 2025 GMT
Subject: CN=FF1BE2B94A77317F97FB92FF1AE10521F60365EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:92:66:02:96:3b:2b:81:ec:6a:e0:fd:28:9b:
b1:f3:54:ed:6c:cc:0c:aa:c3:51:64:c7:ce:d7:37:
cf:09:66:84:49:9e:f6:81:de:f6:9e:58:cd:2a:b8:
25:09:48:08:22:be:59:13:c6:fb:4d:0f:f2:fb:e4:
b6:b2:f2:40:c6:be:3f:5b:f7:46:0f:a5:19:95:11:
8e:29:3b:f5:ee:11:03:4c:3e:42:57:91:33:2e:4f:
71:83:c0:8d:e2:24:66:c0:1c:ba:31:ce:09:6d:87:
22:27:9d:3f:d7:a4:fc:9d:63:9a:ff:16:f4:4f:ee:
1e:2d:a1:38:99:2f:d4:26:2c:10:7a:d7:32:e8:19:
19:5f:b7:b7:08:2c:c7:b9:59:38:88:73:c2:6e:e0:
e6:1a:e1:33:18:88:0d:ac:43:62:4c:87:62:dd:cf:
c9:e9:ad:c4:44:9c:67:82:4b:bd:f4:7a:c1:f6:f7:
54:af:82:87:43:a9:95:82:c3:93:eb:0c:fd:41:a4:
02:be:9a:0c:78:4e:02:15:58:2b:39:bf:7e:73:25:
f6:67:b1:f8:59:25:5c:0b:7b:b0:63:58:fb:c1:8f:
20:93:35:58:8b:71:00:d5:8f:09:18:30:07:5c:ad:
77:34:a8:ea:da:31:a1:a0:bd:82:f2:e2:15:b7:57:
b8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:1B:E2:B9:4A:77:31:7F:97:FB:92:FF:1A:E1:05:21:F6:03:65:EE
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a31303a3a2f34382d3438203d3e203530333931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:10::/48
Signature Algorithm: sha256WithRSAEncryption
8f:e0:13:66:cc:b6:c0:05:a5:14:3b:e7:3e:56:06:61:a5:00:
72:3b:18:3b:c3:c2:2a:47:51:09:f5:78:85:06:d5:a6:a2:99:
a3:19:23:c8:8f:e0:8f:52:ee:db:98:5b:01:b6:53:89:ae:66:
41:44:8d:3c:eb:c2:e5:23:52:53:1a:b1:a3:d0:b2:d8:54:a1:
73:a7:c3:ef:74:ac:72:72:d3:ae:84:ca:d2:49:d0:d4:86:66:
d1:d4:44:55:58:cf:d4:5b:0e:56:33:a5:ca:75:65:6e:19:74:
82:81:dd:f2:ea:c6:c1:18:d7:e7:cf:d1:12:e2:de:d4:a8:41:
d4:f5:e8:b6:2d:a5:66:98:a6:75:d5:ad:af:14:0b:5d:2f:53:
3c:4c:dd:ac:53:aa:0c:fe:b7:7b:62:85:c2:8f:c1:50:6f:8d:
a1:4e:93:da:ae:b8:84:73:d5:62:8b:df:34:9b:16:cd:4e:da:
ae:9c:62:a4:6a:94:7e:a5:74:57:ed:d8:a7:a2:38:10:74:b6:
f4:f4:35:54:da:20:79:ab:23:5c:8a:31:f4:c1:69:f8:4a:c0:
35:98:3a:90:80:dc:20:46:44:6d:bf:96:4e:29:ea:7d:c5:2b:
bb:27:47:19:28:5f:aa:d5:eb:62:ee:16:db:b6:ea:40:ca:6d:
c8:8e:dc:79
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUUO9xAqEjRBx32T/015bYBZN+bQ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA2MTkxMzU2MTVaFw0yNTA2MTgxNDAxMTVaMDMxMTAvBgNV
BAMTKEZGMUJFMkI5NEE3NzMxN0Y5N0ZCOTJGRjFBRTEwNTIxRjYwMzY1RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3kmYCljsrgexq4P0om7HzVO1s
zAyqw1Fkx87XN88JZoRJnvaB3vaeWM0quCUJSAgivlkTxvtND/L75Lay8kDGvj9b
90YPpRmVEY4pO/XuEQNMPkJXkTMuT3GDwI3iJGbAHLoxzglthyInnT/XpPydY5r/
FvRP7h4toTiZL9QmLBB61zLoGRlft7cILMe5WTiIc8Ju4OYa4TMYiA2sQ2JMh2Ld
z8nprcREnGeCS730esH291SvgodDqZWCw5PrDP1BpAK+mgx4TgIVWCs5v35zJfZn
sfhZJVwLe7BjWPvBjyCTNViLcQDVjwkYMAdcrXc0qOraMaGgvYLy4hW3V7g5AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU/xviuUp3MX+X+5L/GuEFIfYDZe4wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMTMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzUzMDMzMzkzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoRKcAAEDANBgkqhkiG9w0BAQsFAAOCAQEAj+ATZsy2wAWlFDvnPlYGYaUA
cjsYO8PCKkdRCfV4hQbVpqKZoxkjyI/gj1Lu25hbAbZTia5mQUSNPOvC5SNSUxqx
o9Cy2FShc6fD73SscnLTroTK0knQ1IZm0dREVVjP1FsOVjOlynVlbhl0goHd8urG
wRjX58/REuLe1KhB1PXoti2lZpimddWtrxQLXS9TPEzdrFOqDP63e2KFwo/BUG+N
oU6T2q64hHPVYovfNJsWzU7arpxipGqUfqV0V+3Yp6I4EHS29PQ1VNogeasjXIox
9MFp+ErANZg6kIDcIEZEbb+WTinqfcUruydHGShfqtXrYu4W27bqQMptyI7ceQ==
-----END CERTIFICATE-----
Generated at Tue Jun 25 20:25:27 2024 by rpki-client on console-ams.rpki-client.org