Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336465303a3a2f34342d3438203d3e20323136323636.roa
File: 326131313a323963303a336465303a3a2f34342d3438203d3e20323136323636.roa (raw, json)
Hash identifier: 0YHxl+kpCBPZB3d5oNLEJi5hOa0Bmzil7/xM/ymdplo=
Subject key identifier: FA:91:2E:E4:C6:A4:90:D4:98:87:94:38:AD:46:28:31:A5:7D:D7:07
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 6D663BCB93464AC12BA18961803CD356B3AA1A20
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336465303a3a2f34342d3438203d3e20323136323636.roa
Signing time: Sat 15 Jun 2024 05:48:32 +0000
ROA not before: Sat 15 Jun 2024 05:43:32 +0000
ROA not after: Sat 14 Jun 2025 05:48:32 +0000
asID: 216266
IP address blocks: 2a11:29c0:3de0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:66:3b:cb:93:46:4a:c1:2b:a1:89:61:80:3c:d3:56:b3:aa:1a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Jun 15 05:43:32 2024 GMT
Not After : Jun 14 05:48:32 2025 GMT
Subject: CN=FA912EE4C6A490D498879438AD462831A57DD707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2a:63:5b:84:f5:f8:c1:1b:f1:6f:f3:bd:ba:
b1:22:e9:9e:8a:e4:95:3e:c5:d4:b2:47:90:e8:52:
ff:fa:3d:44:dc:38:fa:2e:35:11:ed:1e:8c:50:d2:
e8:33:5e:55:9d:05:56:24:bf:a6:87:9e:57:ba:41:
93:a6:18:6b:fe:79:8f:cd:98:b7:ff:68:8d:98:13:
64:a6:fb:3c:10:b5:5a:22:fc:0d:a7:7a:ab:29:26:
85:2f:6d:06:db:e8:d2:4f:e3:82:d3:a0:f1:cc:d8:
16:9b:ad:95:ac:33:4c:32:e8:da:40:43:26:e8:46:
34:21:e2:f2:75:8c:3e:2d:ad:30:66:4e:3a:7a:83:
8b:26:c0:e6:96:fc:6b:15:5e:78:32:52:12:f3:5b:
76:14:95:29:da:4f:b9:d0:47:ad:12:7e:b1:52:b7:
7d:9b:fa:ee:dd:e3:36:6f:0e:a6:e6:07:cd:54:b3:
2f:7f:aa:25:f1:d7:f6:ff:6a:e1:2d:8d:71:fc:88:
e4:15:62:8c:18:1c:9f:17:63:41:55:e4:30:42:d3:
d2:9b:10:10:d9:7e:76:0d:10:61:ef:cc:be:29:ac:
15:de:4f:e3:92:2f:d4:6e:67:50:ab:5d:5a:86:3a:
8b:94:4a:0b:f7:9e:43:fb:6b:7b:1e:0a:28:a7:f2:
7f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:91:2E:E4:C6:A4:90:D4:98:87:94:38:AD:46:28:31:A5:7D:D7:07
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336465303a3a2f34342d3438203d3e20323136323636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3de0::/44
Signature Algorithm: sha256WithRSAEncryption
a8:fd:fa:8b:10:5e:e5:83:73:0a:09:64:8c:96:23:93:a1:2b:
1a:8d:ab:e2:d2:1d:18:f8:e9:b7:df:0c:fa:c7:5d:21:f2:dd:
13:5b:df:a7:99:ae:fb:0a:9d:47:12:52:ad:bd:0e:2c:04:cd:
fb:1e:75:68:c2:9c:fd:46:c5:9f:5e:39:e6:b0:27:04:cd:8f:
da:58:d8:40:92:4a:d0:ad:a2:93:ac:c2:89:45:d4:c2:18:14:
d3:72:23:37:48:3d:fe:9f:fb:9c:22:ee:74:f9:f8:65:8a:32:
3e:27:42:29:71:85:4f:8a:fc:b1:91:eb:c3:bd:be:c7:d8:11:
f1:ab:ca:25:a3:f0:be:f9:c1:db:de:f0:69:92:6f:1f:c9:23:
1a:8a:f9:ed:88:88:8d:9a:8e:7e:f6:2d:ba:07:29:92:98:3e:
78:02:d8:9b:d1:af:c1:42:0d:0f:95:6e:8c:ca:8e:e8:f6:bd:
00:25:04:0b:7f:67:60:c5:42:9f:90:81:28:83:0b:3d:27:12:
f0:b6:e6:92:d0:23:6a:38:52:dc:66:9e:c8:9e:b7:a0:38:b0:
c0:d6:1a:c5:55:99:cb:8b:21:7c:f8:64:f9:c1:ca:c4:8a:96:
ee:38:de:cc:cf:2e:5d:de:d6:98:42:56:b6:7e:d7:6e:01:b6:
27:68:bb:79
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUbWY7y5NGSsEroYlhgDzTVrOqGiAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA2MTUwNTQzMzJaFw0yNTA2MTQwNTQ4MzJaMDMxMTAvBgNV
BAMTKEZBOTEyRUU0QzZBNDkwRDQ5ODg3OTQzOEFENDYyODMxQTU3REQ3MDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIKmNbhPX4wRvxb/O9urEi6Z6K
5JU+xdSyR5DoUv/6PUTcOPouNRHtHoxQ0ugzXlWdBVYkv6aHnle6QZOmGGv+eY/N
mLf/aI2YE2Sm+zwQtVoi/A2neqspJoUvbQbb6NJP44LToPHM2BabrZWsM0wy6NpA
QyboRjQh4vJ1jD4trTBmTjp6g4smwOaW/GsVXngyUhLzW3YUlSnaT7nQR60SfrFS
t32b+u7d4zZvDqbmB81Usy9/qiXx1/b/auEtjXH8iOQVYowYHJ8XY0FV5DBC09Kb
EBDZfnYNEGHvzL4prBXeT+OSL9RuZ1CrXVqGOouUSgv3nkP7a3seCiin8n8LAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU+pEu5MakkNSYh5Q4rUYoMaV91wcwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjUzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMyMzEzNjMyMzYzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoRKcA94DANBgkqhkiG9w0BAQsFAAOCAQEAqP36ixBe5YNzCglk
jJYjk6ErGo2r4tIdGPjpt98M+sddIfLdE1vfp5mu+wqdRxJSrb0OLATN+x51aMKc
/UbFn1455rAnBM2P2ljYQJJK0K2ik6zCiUXUwhgU03IjN0g9/p/7nCLudPn4ZYoy
PidCKXGFT4r8sZHrw72+x9gR8avKJaPwvvnB297waZJvH8kjGor57YiIjZqOfvYt
ugcpkpg+eALYm9GvwUIND5VujMqO6Pa9ACUEC39nYMVCn5CBKIMLPScS8LbmktAj
ajhS3GaeyJ63oDiwwNYaxVWZy4shfPhk+cHKxIqW7jjezM8uXd7WmEJWtn7XbgG2
J2i7eQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 15:59:02 2024 by rpki-client on console-fra.rpki-client.org