Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730323a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a353730323a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: e6KdxMFQXXYYTjok2EyXtZMqVW8K+wJ5hoG/taFsXvw=
Subject key identifier: 2D:79:87:AD:A5:1D:96:13:A9:54:DE:AE:E7:24:AD:1A:C3:0F:93:00
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 26945B763E47E81265A9F34DA108B3E78F615774
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730323a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Tue 25 Jul 2023 15:01:45 +0000
ROA not before: Tue 25 Jul 2023 14:56:45 +0000
ROA not after: Tue 23 Jul 2024 15:01:45 +0000
asID: 212149
IP address blocks: 2a11:5702:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:94:5b:76:3e:47:e8:12:65:a9:f3:4d:a1:08:b3:e7:8f:61:57:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jul 25 14:56:45 2023 GMT
Not After : Jul 23 15:01:45 2024 GMT
Subject: CN=2D7987ADA51D9613A954DEAEE724AD1AC30F9300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ee:dc:10:e1:8e:65:1c:a7:83:bc:57:47:65:
8c:64:d8:76:a9:77:c6:9f:cd:ba:27:be:b7:f2:da:
49:8c:12:5e:2b:e4:ff:fd:de:ff:53:51:54:99:08:
52:87:81:e3:61:ad:a1:73:d6:82:4c:50:43:33:65:
ec:ca:4b:f8:0d:85:c2:99:10:f8:b5:84:3d:1b:a6:
6e:82:22:66:18:15:06:b7:05:5a:34:40:f4:78:e6:
08:c2:7f:cc:91:9c:17:35:0d:01:2e:f9:03:d5:2e:
f8:9a:98:6d:21:4c:0a:e4:a0:d2:9f:41:dd:1c:c0:
02:87:aa:0d:9b:1a:a5:66:0f:b5:8b:3a:bf:8d:23:
f4:b1:ba:dc:f5:11:60:3b:16:47:ed:3a:24:1a:32:
8b:7a:e3:f7:b9:66:47:b0:9f:41:01:07:e5:82:71:
59:c8:46:7e:17:77:f4:f8:03:6e:27:cf:6e:cf:75:
a1:c3:20:7b:ba:84:69:4e:a9:b2:be:1c:e4:45:0a:
49:59:e1:c0:8b:a4:3a:98:e6:e3:a6:f9:39:60:64:
1a:78:77:08:1e:45:f8:8b:f1:8a:3c:10:70:0d:5e:
4e:0c:4d:4e:17:6b:fc:8a:47:78:7c:e8:a9:21:4f:
5b:88:90:41:54:8d:d3:c7:24:4e:64:0e:46:a8:04:
67:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:79:87:AD:A5:1D:96:13:A9:54:DE:AE:E7:24:AD:1A:C3:0F:93:00
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730323a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5702:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
25:99:ba:a0:c9:03:b9:47:9c:3b:e7:2f:6b:81:e0:70:19:28:
b0:f8:d7:88:bd:00:c7:82:45:b5:8a:ce:05:82:0c:a9:30:1e:
6b:1a:b2:c0:7b:80:dc:4b:83:11:16:6d:3b:c3:c4:3a:0b:8c:
d9:03:ca:cf:c9:bb:63:26:9d:78:05:09:43:dc:96:bb:78:ef:
1c:50:fb:ba:4f:b4:17:b9:f4:6c:8e:ac:9c:94:5b:6a:87:59:
9f:66:62:ff:2e:d7:f7:2a:bb:d8:d9:59:73:8f:5a:75:b5:6a:
b9:37:a6:bb:46:c1:d2:38:e5:27:28:74:e1:f9:38:7e:30:6e:
8a:44:25:32:e7:e0:8f:68:35:c1:20:4e:ff:ae:90:7a:3a:d2:
ae:cf:20:d0:ed:8b:ac:65:7d:29:e0:57:f5:8c:72:a0:66:00:
4f:cd:1a:39:9e:27:84:91:24:da:83:0f:97:ba:55:53:d5:26:
ce:e4:0d:a3:da:36:0e:4c:78:96:67:11:22:0e:4e:78:ae:f7:
b3:4e:9a:fe:73:52:88:51:f1:a4:71:b2:7c:bb:4c:7d:99:d8:
22:fb:ee:c2:0e:8d:d5:5c:b8:08:db:e3:5a:91:da:94:f9:26:
3c:5c:98:78:b4:f8:4b:3c:66:2b:11:06:0c:27:89:b9:e1:d2:
1d:e9:01:be
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUJpRbdj5H6BJlqfNNoQiz549hV3QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yMzA3MjUxNDU2NDVaFw0yNDA3MjMxNTAxNDVaMDMxMTAvBgNV
BAMTKDJENzk4N0FEQTUxRDk2MTNBOTU0REVBRUU3MjRBRDFBQzMwRjkzMDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ7twQ4Y5lHKeDvFdHZYxk2Hap
d8afzbonvrfy2kmMEl4r5P/93v9TUVSZCFKHgeNhraFz1oJMUEMzZezKS/gNhcKZ
EPi1hD0bpm6CImYYFQa3BVo0QPR45gjCf8yRnBc1DQEu+QPVLviamG0hTArkoNKf
Qd0cwAKHqg2bGqVmD7WLOr+NI/Sxutz1EWA7FkftOiQaMot64/e5Zkewn0EBB+WC
cVnIRn4Xd/T4A24nz27PdaHDIHu6hGlOqbK+HORFCklZ4cCLpDqY5uOm+TlgZBp4
dwgeRfiL8Yo8EHANXk4MTU4Xa/yKR3h86KkhT1uIkEFUjdPHJE5kDkaoBGd5AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQULXmHraUdlhOpVN6u5yStGsMPkwAwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDMy
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRVwKwCzANBgkqhkiG9w0BAQsFAAOCAQEAJZm6oMkDuUecO+cv
a4HgcBkosPjXiL0Ax4JFtYrOBYIMqTAeaxqywHuA3EuDERZtO8PEOguM2QPKz8m7
YyadeAUJQ9yWu3jvHFD7uk+0F7n0bI6snJRbaodZn2Zi/y7X9yq72NlZc49adbVq
uTemu0bB0jjlJyh04fk4fjBuikQlMufgj2g1wSBO/66QejrSrs8g0O2LrGV9KeBX
9YxyoGYAT80aOZ4nhJEk2oMPl7pVU9UmzuQNo9o2Dkx4lmcRIg5OeK73s06a/nNS
iFHxpHGyfLtMfZnYIvvuwg6N1Vy4CNvjWpHalPkmPFyYeLT4SzxmKxEGDCeJueHS
HekBvg==
-----END CERTIFICATE-----
Generated at Fri Jun 21 08:54:24 2024 by rpki-client on console-fra.rpki-client.org