Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730313a31303a3a2f34342d3434203d3e20323030313938.roa
File: 326131313a353730313a31303a3a2f34342d3434203d3e20323030313938.roa (raw, json)
Hash identifier: Mjv6PPEtIBIWfZkl9zHwBSCSpmV3MNYts3m8K5dL10o=
Subject key identifier: 3B:47:DC:21:7C:8F:A0:AA:D1:B8:A3:B5:0F:9D:6B:7D:E7:C3:CB:AD
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 479B9160A3EF3D09DE646475463702969871540E
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730313a31303a3a2f34342d3434203d3e20323030313938.roa
Signing time: Tue 25 Jul 2023 15:01:41 +0000
ROA not before: Tue 25 Jul 2023 14:56:41 +0000
ROA not after: Tue 23 Jul 2024 15:01:41 +0000
asID: 200198
IP address blocks: 2a11:5701:10::/44 maxlen: 44
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:9b:91:60:a3:ef:3d:09:de:64:64:75:46:37:02:96:98:71:54:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jul 25 14:56:41 2023 GMT
Not After : Jul 23 15:01:41 2024 GMT
Subject: CN=3B47DC217C8FA0AAD1B8A3B50F9D6B7DE7C3CBAD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5c:40:86:f3:b3:36:99:62:dd:1a:8b:e7:b7:
55:41:d5:ab:bd:7d:6e:a0:fb:51:f0:d2:3d:e3:a0:
19:6d:c2:03:36:b5:c3:b2:90:8b:13:71:88:49:75:
f6:c1:37:c0:9a:10:3c:35:4b:e4:cd:c0:1b:27:5a:
e0:40:bf:3d:ca:b9:72:7a:9e:7b:a8:f4:34:87:fd:
c2:f0:e7:92:1b:ec:e3:da:13:5f:80:64:d5:26:64:
e4:dc:8f:6b:02:b2:d1:d5:e3:b2:2e:d6:d7:9d:19:
3a:96:c8:d2:f1:46:23:06:bf:94:12:1b:db:79:60:
63:6c:17:7a:48:03:de:31:eb:68:e7:bf:45:dc:1d:
99:50:37:87:d0:4a:e7:b4:f2:3c:9f:59:10:57:cf:
9f:fa:87:6f:4a:44:cb:e7:db:e8:24:52:41:e6:d0:
a2:45:c7:f4:a7:01:1e:87:8d:fb:2e:e4:91:ed:f6:
6f:a6:7c:c2:2f:e3:5d:4f:12:de:f2:f4:8f:a7:0e:
d1:95:cb:7a:46:20:e3:e7:0b:89:47:ba:6b:84:9e:
96:50:04:08:f4:a6:7e:38:20:5e:9b:25:e2:89:cc:
bb:27:10:3a:d6:62:6f:02:93:87:21:6c:68:08:72:
fa:2e:da:87:a4:a3:2c:23:40:bb:76:16:58:40:dc:
68:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:47:DC:21:7C:8F:A0:AA:D1:B8:A3:B5:0F:9D:6B:7D:E7:C3:CB:AD
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730313a31303a3a2f34342d3434203d3e20323030313938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5701:10::/44
Signature Algorithm: sha256WithRSAEncryption
3f:c0:d2:cb:11:00:12:70:f1:b4:1b:d5:6e:76:8b:33:ae:7b:
d8:54:ba:61:3a:46:69:30:3c:6b:94:25:d6:76:cb:2a:54:af:
49:1e:06:d3:d0:f8:cf:98:68:f1:fa:89:2a:fe:dc:3f:2d:f3:
c2:5f:95:1b:be:84:5d:b3:28:d1:89:7a:7e:a5:9b:d9:13:ed:
3b:53:ff:3d:cd:31:93:cc:d4:0f:cb:57:64:f8:e6:89:b0:90:
34:1e:4f:03:9e:9e:c4:51:18:96:10:c6:48:88:0c:29:a3:f4:
1e:8e:1d:c8:7b:5a:7f:34:2a:d5:4e:aa:09:cc:1c:b3:55:24:
1a:38:3e:7e:c4:1f:1c:52:08:07:9d:f7:69:fe:98:5c:28:10:
72:38:48:a0:28:0b:b3:08:90:bb:6c:a3:80:cf:18:ae:1f:6f:
73:72:89:07:da:4c:0d:72:67:a1:5e:c5:f2:4f:d4:57:a9:ed:
55:1c:9c:c2:1f:69:e5:57:e5:bf:f0:24:8f:eb:97:8c:e2:fa:
3f:a7:81:b6:8f:e0:a1:3b:80:98:a0:06:70:6d:8c:7f:19:32:
49:9f:3b:aa:95:7c:4e:cf:74:31:6f:1d:38:70:58:ae:d2:01:
74:2e:94:b7:91:3e:db:ea:f0:98:20:bb:35:b1:f3:c3:f0:c5:
ee:d7:3a:87
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUR5uRYKPvPQneZGR1RjcClphxVA4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yMzA3MjUxNDU2NDFaFw0yNDA3MjMxNTAxNDFaMDMxMTAvBgNV
BAMTKDNCNDdEQzIxN0M4RkEwQUFEMUI4QTNCNTBGOUQ2QjdERTdDM0NCQUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxXECG87M2mWLdGovnt1VB1au9
fW6g+1Hw0j3joBltwgM2tcOykIsTcYhJdfbBN8CaEDw1S+TNwBsnWuBAvz3KuXJ6
nnuo9DSH/cLw55Ib7OPaE1+AZNUmZOTcj2sCstHV47Iu1tedGTqWyNLxRiMGv5QS
G9t5YGNsF3pIA94x62jnv0XcHZlQN4fQSue08jyfWRBXz5/6h29KRMvn2+gkUkHm
0KJFx/SnAR6Hjfsu5JHt9m+mfMIv411PEt7y9I+nDtGVy3pGIOPnC4lHumuEnpZQ
BAj0pn44IF6bJeKJzLsnEDrWYm8Ck4chbGgIcvou2oekoywjQLt2FlhA3GgxAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUO0fcIXyPoKrRuKO1D51rfefDy60wHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDMx
M2EzMTMwM2EzYTJmMzQzNDJkMzQzNDIwM2QzZTIwMzIzMDMwMzEzOTM4LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcEKhFXAQAQMA0GCSqGSIb3DQEBCwUAA4IBAQA/wNLLEQAScPG0G9Vudosz
rnvYVLphOkZpMDxrlCXWdssqVK9JHgbT0PjPmGjx+okq/tw/LfPCX5UbvoRdsyjR
iXp+pZvZE+07U/89zTGTzNQPy1dk+OaJsJA0Hk8Dnp7EURiWEMZIiAwpo/Qejh3I
e1p/NCrVTqoJzByzVSQaOD5+xB8cUggHnfdp/phcKBByOEigKAuzCJC7bKOAzxiu
H29zcokH2kwNcmehXsXyT9RXqe1VHJzCH2nlV+W/8CSP65eM4vo/p4G2j+ChO4CY
oAZwbYx/GTJJnzuqlXxOz3Qxbx04cFiu0gF0LpS3kT7b6vCYILs1sfPD8MXu1zqH
-----END CERTIFICATE-----
Generated at Fri Jun 21 11:19:00 2024 by rpki-client on console-ams.rpki-client.org