Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a643a3a2f34382d3438203d3e203530333931.roa
File:                     326131313a323963303a643a3a2f34382d3438203d3e203530333931.roa (raw, json)
Hash identifier:          N0ONA1hdK4fuWDRa7RhxgL7HNR1ORHObqZ2Kwmb9toU=
Subject key identifier:   C0:6A:EA:53:DF:E9:4F:3E:45:1F:97:BC:78:08:B0:3F:36:4F:F8:13
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       65EED64CABD48C9F7E600DD469460D0BAA2EE07A
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a643a3a2f34382d3438203d3e203530333931.roa
Signing time:             Wed 19 Jun 2024 14:01:19 +0000
ROA not before:           Wed 19 Jun 2024 13:56:19 +0000
ROA not after:            Wed 18 Jun 2025 14:01:19 +0000
asID:                     50391
IP address blocks:        2a11:29c0:d::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 26 Jun 2024 14:33:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:ee:d6:4c:ab:d4:8c:9f:7e:60:0d:d4:69:46:0d:0b:aa:2e:e0:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Jun 19 13:56:19 2024 GMT
            Not After : Jun 18 14:01:19 2025 GMT
        Subject: CN=C06AEA53DFE94F3E451F97BC7808B03F364FF813
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:18:2a:e8:1b:4b:0d:cd:cd:13:9c:60:ab:96:
                    42:0c:3f:e2:c8:1e:e9:98:40:83:06:e9:3e:70:45:
                    21:30:97:c1:24:a6:0b:b1:7b:de:5a:02:1d:6b:27:
                    c5:80:14:5f:db:f3:43:5e:32:40:a7:34:ef:3c:68:
                    fd:29:8d:36:16:25:b8:8b:91:a7:14:29:8c:79:10:
                    cc:68:f1:b0:0c:8c:d2:02:ea:20:ea:14:14:8f:33:
                    cd:2d:1c:5e:6e:37:c8:86:e6:e0:8d:84:11:f7:9c:
                    cd:a8:03:20:d5:aa:95:2d:7e:c7:23:f0:a4:ba:8b:
                    67:c3:64:ab:b0:48:03:d6:18:a9:d7:98:e0:10:40:
                    04:9a:dd:26:45:d0:b3:d5:e6:7a:16:05:b6:20:d2:
                    79:6c:e2:56:36:33:31:5e:ce:91:9a:e5:05:a6:55:
                    f8:df:09:ab:a8:49:5d:c0:f3:21:c5:4b:e9:aa:a9:
                    5f:9f:0b:83:dd:5d:12:c7:4d:b0:31:2c:6d:13:d5:
                    fc:da:73:0e:d5:08:05:6a:a9:d2:86:90:ba:7b:a8:
                    74:a9:3d:90:22:e4:9d:91:57:04:d3:1f:4d:d4:62:
                    74:ce:cf:0a:15:c5:89:19:b0:1a:82:03:42:a5:8b:
                    10:7e:f1:83:49:2f:d9:1d:b6:53:09:5d:f9:5a:83:
                    3c:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:6A:EA:53:DF:E9:4F:3E:45:1F:97:BC:78:08:B0:3F:36:4F:F8:13
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a643a3a2f34382d3438203d3e203530333931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c0:d::/48

    Signature Algorithm: sha256WithRSAEncryption
         81:bb:72:ec:1b:5f:a7:0e:cf:fe:1d:47:43:8c:18:7f:cd:00:
         d5:95:a8:d5:a4:b6:1f:d1:b9:a7:2d:5c:fb:00:8f:d7:2e:6a:
         b7:27:7f:0c:85:d7:52:eb:a9:f0:ab:a9:8b:04:18:3f:59:3d:
         1b:48:10:1d:a5:b3:ba:80:96:03:fc:ed:ed:47:43:56:a7:3d:
         4c:d5:6c:6a:63:d1:d1:c9:e1:c2:b5:3a:d8:60:73:50:6c:e4:
         cb:0a:94:e6:25:67:a0:85:89:46:cc:81:d4:e9:dd:ed:6b:76:
         cf:9b:2d:63:ae:1d:ee:fc:71:58:0c:e7:23:6b:0c:26:04:62:
         24:70:06:0a:aa:77:75:5b:31:6e:cc:57:fe:66:f1:99:d4:a0:
         07:19:57:d2:fb:e1:cf:dd:01:27:cf:78:6a:88:6d:20:9e:b0:
         d3:36:44:82:f3:eb:88:8c:9f:4f:f5:5e:e5:58:c6:99:31:17:
         54:6d:cc:6d:b2:81:75:07:d4:2a:16:2d:fc:3b:65:d1:85:52:
         47:58:52:1f:b4:c1:e6:68:b9:6c:f9:21:95:50:a3:45:75:83:
         09:e3:55:86:4c:2c:83:d3:ac:81:e6:ea:cc:19:ed:d8:e3:26:
         46:a0:61:e8:21:81:ca:93:77:00:d7:e7:dd:16:2e:d1:4f:b2:
         19:0e:29:5d
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUZe7WTKvUjJ9+YA3UaUYNC6ou4HowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA2MTkxMzU2MTlaFw0yNTA2MTgxNDAxMTlaMDMxMTAvBgNV
BAMTKEMwNkFFQTUzREZFOTRGM0U0NTFGOTdCQzc4MDhCMDNGMzY0RkY4MTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEGCroG0sNzc0TnGCrlkIMP+LI
HumYQIMG6T5wRSEwl8Ekpguxe95aAh1rJ8WAFF/b80NeMkCnNO88aP0pjTYWJbiL
kacUKYx5EMxo8bAMjNIC6iDqFBSPM80tHF5uN8iG5uCNhBH3nM2oAyDVqpUtfscj
8KS6i2fDZKuwSAPWGKnXmOAQQASa3SZF0LPV5noWBbYg0nls4lY2MzFezpGa5QWm
VfjfCauoSV3A8yHFS+mqqV+fC4PdXRLHTbAxLG0T1fzacw7VCAVqqdKGkLp7qHSp
PZAi5J2RVwTTH03UYnTOzwoVxYkZsBqCA0KlixB+8YNJL9kdtlMJXflagzzBAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUwGrqU9/pTz5FH5e8eAiwPzZP+BMwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2E2NDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzAzMzM5MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqESnAAA0wDQYJKoZIhvcNAQELBQADggEBAIG7cuwbX6cOz/4dR0OMGH/NANWV
qNWkth/RuactXPsAj9cuarcnfwyF11LrqfCrqYsEGD9ZPRtIEB2ls7qAlgP87e1H
Q1anPUzVbGpj0dHJ4cK1Othgc1Bs5MsKlOYlZ6CFiUbMgdTp3e1rds+bLWOuHe78
cVgM5yNrDCYEYiRwBgqqd3VbMW7MV/5m8ZnUoAcZV9L74c/dASfPeGqIbSCesNM2
RILz64iMn0/1XuVYxpkxF1RtzG2ygXUH1CoWLfw7ZdGFUkdYUh+0weZouWz5IZVQ
o0V1gwnjVYZMLIPTrIHm6swZ7djjJkagYeghgcqTdwDX590WLtFPshkOKV0=
-----END CERTIFICATE-----
Generated at Tue Jun 25 21:57:50 2024 by rpki-client on console-fra.rpki-client.org