Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730343a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a353730343a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: VLMJSk6s8ziUS7xBD0MyCyzg2oAx6dFdHdJt1/iLud0=
Subject key identifier: F9:3E:2D:87:EB:C9:C8:42:AA:52:D4:DF:B6:B6:DD:F0:1C:C1:3D:53
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 016E9CF4E5CA79C985FACFF42007CE9AC2F467F5
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730343a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Tue 25 Jul 2023 15:01:47 +0000
ROA not before: Tue 25 Jul 2023 14:56:47 +0000
ROA not after: Tue 23 Jul 2024 15:01:47 +0000
asID: 212149
IP address blocks: 2a11:5704:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:6e:9c:f4:e5:ca:79:c9:85:fa:cf:f4:20:07:ce:9a:c2:f4:67:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jul 25 14:56:47 2023 GMT
Not After : Jul 23 15:01:47 2024 GMT
Subject: CN=F93E2D87EBC9C842AA52D4DFB6B6DDF01CC13D53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:10:9d:73:c3:32:cd:00:43:9b:95:ad:1a:3e:
5a:74:89:6b:c7:8d:5b:3d:ab:94:01:0b:16:26:0e:
ae:d8:d8:58:70:71:6d:88:65:6f:b3:37:c2:6c:84:
7b:c4:c2:0c:d2:c2:56:0e:5b:4c:f8:58:d1:a0:d7:
b1:6d:2e:18:39:38:21:67:01:0e:81:e1:b7:09:69:
79:b6:64:8b:83:b2:51:f7:1b:ef:b3:60:4a:cc:12:
36:04:ac:35:1e:b8:0a:b4:f0:76:9f:94:ac:75:a8:
fc:11:f4:df:89:3f:8e:ea:07:eb:53:4d:d3:26:6a:
44:23:75:64:0c:4b:48:eb:45:98:bd:e2:a1:d1:bc:
e3:6a:9a:89:78:57:1e:95:a0:53:93:f8:0a:71:8b:
16:df:16:0f:2a:20:44:6d:60:75:13:a2:1d:f1:28:
46:57:e1:7a:46:da:d8:d6:04:96:5e:38:9e:c1:31:
87:2b:28:48:90:74:bf:25:62:81:68:86:fc:1c:e3:
5b:88:e8:3a:51:17:41:45:eb:26:4f:e2:ac:3e:a5:
fd:3d:b9:f5:60:1a:8e:48:9f:13:81:c2:2c:00:93:
e3:78:92:a3:10:83:c4:ca:17:3f:94:b5:45:da:b3:
b8:1a:a9:cf:99:c8:7f:ed:67:28:36:9e:a5:49:54:
ec:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:3E:2D:87:EB:C9:C8:42:AA:52:D4:DF:B6:B6:DD:F0:1C:C1:3D:53
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730343a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5704:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
83:7a:ad:8d:22:cb:36:a1:b2:c9:d7:21:67:82:9e:24:82:9b:
30:45:2f:f5:13:cd:fd:e6:9b:a6:92:0f:df:05:7c:58:d2:9a:
99:31:46:56:ed:ee:09:6b:43:4d:c6:29:7d:7c:21:db:9e:c1:
8b:d7:73:e7:de:50:2d:0a:33:b8:f7:1e:60:cc:cb:35:89:7d:
a0:fd:17:a4:37:25:d0:b8:54:8b:2b:ba:a1:7e:51:78:e3:ce:
f2:36:96:9c:e4:e4:ea:f5:e4:cf:45:50:cd:52:c6:6d:78:de:
10:b3:2e:c4:ee:66:f4:e1:36:6b:89:90:7a:e1:32:c2:58:f0:
a6:6d:c1:91:99:6b:29:5b:01:22:d7:45:56:bb:08:2f:17:a3:
cc:36:1f:9b:e2:28:d1:b8:c3:34:b2:1f:e4:ed:71:16:f3:ae:
02:45:39:9e:2d:68:9e:d0:07:a1:f1:bc:62:98:a4:c1:ad:cc:
73:50:a2:f7:e5:44:0e:ab:66:64:d4:09:9e:9c:70:cd:bc:d8:
7a:3e:9d:f6:0d:ad:8f:bc:25:17:b0:cb:b4:1c:2f:a3:f1:ad:
90:9f:fb:63:65:ac:b9:b6:71:d0:22:84:2a:c9:1e:57:02:09:
1a:32:14:26:64:e5:83:0a:8c:c6:ee:52:00:a0:3f:c0:fc:42:
c7:10:30:fd
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUAW6c9OXKecmF+s/0IAfOmsL0Z/UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yMzA3MjUxNDU2NDdaFw0yNDA3MjMxNTAxNDdaMDMxMTAvBgNV
BAMTKEY5M0UyRDg3RUJDOUM4NDJBQTUyRDRERkI2QjZEREYwMUNDMTNENTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKEJ1zwzLNAEObla0aPlp0iWvH
jVs9q5QBCxYmDq7Y2FhwcW2IZW+zN8JshHvEwgzSwlYOW0z4WNGg17FtLhg5OCFn
AQ6B4bcJaXm2ZIuDslH3G++zYErMEjYErDUeuAq08HaflKx1qPwR9N+JP47qB+tT
TdMmakQjdWQMS0jrRZi94qHRvONqmol4Vx6VoFOT+ApxixbfFg8qIERtYHUToh3x
KEZX4XpG2tjWBJZeOJ7BMYcrKEiQdL8lYoFohvwc41uI6DpRF0FF6yZP4qw+pf09
ufVgGo5InxOBwiwAk+N4kqMQg8TKFz+UtUXas7gaqc+ZyH/tZyg2nqVJVOwpAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU+T4th+vJyEKqUtTftrbd8BzBPVMwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDM0
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRVwSwCzANBgkqhkiG9w0BAQsFAAOCAQEAg3qtjSLLNqGyydch
Z4KeJIKbMEUv9RPN/eabppIP3wV8WNKamTFGVu3uCWtDTcYpfXwh257Bi9dz595Q
LQozuPceYMzLNYl9oP0XpDcl0LhUiyu6oX5ReOPO8jaWnOTk6vXkz0VQzVLGbXje
ELMuxO5m9OE2a4mQeuEywljwpm3BkZlrKVsBItdFVrsILxejzDYfm+Io0bjDNLIf
5O1xFvOuAkU5ni1ontAHofG8Ypikwa3Mc1Ci9+VEDqtmZNQJnpxwzbzYej6d9g2t
j7wlF7DLtBwvo/GtkJ/7Y2WsubZx0CKEKskeVwIJGjIUJmTlgwqMxu5SAKA/wPxC
xxAw/Q==
-----END CERTIFICATE-----
Generated at Fri Jun 21 08:54:24 2024 by rpki-client on console-fra.rpki-client.org