Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a313a3a2f34382d3438203d3e20323032333539.roa
File: 326131313a663263303a313a3a2f34382d3438203d3e20323032333539.roa (raw, json)
Hash identifier: VbDcnC+TK3MoNWpoP0MgKr7V4JU4GJ8J5DDKUFDXorE=
Subject key identifier: 04:71:5F:0E:42:54:18:0B:B4:30:6C:E4:FA:DB:44:1F:0A:B8:50:90
Certificate issuer: /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial: 60834A4CF97CE91CB8392E8EFA06AC1D48345BA0
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a313a3a2f34382d3438203d3e20323032333539.roa
Signing time: Mon 13 Nov 2023 21:10:10 +0000
ROA not before: Mon 13 Nov 2023 21:05:10 +0000
ROA not after: Mon 11 Nov 2024 21:10:10 +0000
asID: 202359
IP address blocks: 2a11:f2c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:83:4a:4c:f9:7c:e9:1c:b8:39:2e:8e:fa:06:ac:1d:48:34:5b:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Validity
Not Before: Nov 13 21:05:10 2023 GMT
Not After : Nov 11 21:10:10 2024 GMT
Subject: CN=04715F0E4254180BB4306CE4FADB441F0AB85090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:49:24:34:9c:07:25:1a:b4:e1:46:1a:34:e7:
9a:0c:9d:fa:4f:db:eb:dd:7d:61:f2:d6:a7:10:5a:
5c:4f:13:f1:2d:59:44:5e:6d:38:02:b1:f5:79:f7:
7a:1b:ef:a3:85:54:c9:10:87:72:6b:e4:0b:ec:54:
95:51:1d:2d:0e:b6:d0:e9:86:ba:7b:53:d1:89:ad:
e8:14:d5:1f:49:49:1b:98:7f:c4:6a:f1:96:ca:a3:
d9:44:30:ce:71:2b:a6:e9:d4:f9:4c:c9:4b:3c:02:
86:c3:6b:42:06:1e:46:78:40:60:2f:30:46:35:a7:
85:2e:35:2c:f7:32:8e:8c:8e:c3:59:87:b8:33:55:
3a:39:12:61:e0:a1:7d:4c:19:26:81:ed:4c:fc:a0:
2a:80:6a:b2:d1:ea:58:94:23:ca:e0:6b:44:f2:be:
7f:71:53:19:30:65:27:83:74:5f:91:dc:f8:8a:a8:
eb:29:fc:ac:0d:d0:63:72:20:06:15:36:c2:ce:d8:
ad:8f:0a:3d:ad:b3:77:0b:f3:45:5f:3f:43:54:56:
b6:a9:b2:b0:8c:13:3a:dc:1a:2f:f7:bf:77:b4:bc:
5b:24:99:bf:75:cc:24:93:ad:4e:09:dc:2e:ef:5f:
bd:01:b7:ce:86:01:10:71:2e:68:1d:18:69:8c:fc:
37:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:71:5F:0E:42:54:18:0B:B4:30:6C:E4:FA:DB:44:1F:0A:B8:50:90
X509v3 Authority Key Identifier:
keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a313a3a2f34382d3438203d3e20323032333539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
31:3e:99:bc:30:2f:13:4d:b0:bb:84:b2:33:73:ab:a8:05:e4:
33:ce:d6:7f:fe:74:b4:74:84:19:85:20:27:87:33:e0:03:b5:
a8:28:f4:e8:70:a8:c0:0b:18:2d:2c:92:28:e3:ce:70:c0:8e:
4b:04:92:15:0e:ab:ff:b3:76:d5:ec:54:58:50:ec:eb:da:6f:
0b:b8:d5:ee:2a:22:f4:34:28:6e:16:46:a8:d5:7a:09:f9:d6:
38:ac:ff:fd:a6:95:7c:93:68:98:93:4e:9a:b3:15:57:a6:ff:
12:87:cd:69:df:88:46:a6:c0:5a:c7:2b:0e:cc:20:8d:87:f2:
e5:b4:8c:f7:29:39:29:4e:42:b9:41:59:ed:54:4e:0f:58:c1:
c2:55:03:34:54:e0:ac:19:df:79:54:f7:86:10:5e:cc:04:e6:
89:bb:78:e3:1a:20:5c:dc:71:25:d0:31:b1:bc:81:a2:6e:f0:
9b:c3:28:50:13:9e:4a:97:b8:27:62:34:81:9a:77:ae:61:00:
10:a1:a9:19:ce:bf:a4:bf:42:7f:f8:03:08:24:9f:d6:89:c7:
d9:7c:60:f2:d0:54:e5:ff:03:35:12:33:38:cd:57:bc:d7:43:
ff:03:f1:39:e7:6b:f4:84:44:20:2d:42:5a:be:c3:8a:91:13:
a6:88:00:b8
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUYINKTPl86Ry4OS6O+gasHUg0W6AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yMzExMTMyMTA1MTBaFw0yNDExMTEyMTEwMTBaMDMxMTAvBgNV
BAMTKDA0NzE1RjBFNDI1NDE4MEJCNDMwNkNFNEZBREI0NDFGMEFCODUwOTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVSSQ0nAclGrThRho055oMnfpP
2+vdfWHy1qcQWlxPE/EtWURebTgCsfV593ob76OFVMkQh3Jr5AvsVJVRHS0OttDp
hrp7U9GJregU1R9JSRuYf8Rq8ZbKo9lEMM5xK6bp1PlMyUs8AobDa0IGHkZ4QGAv
MEY1p4UuNSz3Mo6MjsNZh7gzVTo5EmHgoX1MGSaB7Uz8oCqAarLR6liUI8rga0Ty
vn9xUxkwZSeDdF+R3PiKqOsp/KwN0GNyIAYVNsLO2K2PCj2ts3cL80VfP0NUVrap
srCMEzrcGi/3v3e0vFskmb91zCSTrU4J3C7vX70Bt86GARBxLmgdGGmM/DeLAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUBHFfDkJUGAu0MGzk+ttEHwq4UJAwHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2EzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMjMzMzUzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoR8sAAATANBgkqhkiG9w0BAQsFAAOCAQEAMT6ZvDAvE02wu4SyM3OrqAXk
M87Wf/50tHSEGYUgJ4cz4AO1qCj06HCowAsYLSySKOPOcMCOSwSSFQ6r/7N21exU
WFDs69pvC7jV7ioi9DQobhZGqNV6CfnWOKz//aaVfJNomJNOmrMVV6b/EofNad+I
RqbAWscrDswgjYfy5bSM9yk5KU5CuUFZ7VROD1jBwlUDNFTgrBnfeVT3hhBezATm
ibt44xogXNxxJdAxsbyBom7wm8MoUBOeSpe4J2I0gZp3rmEAEKGpGc6/pL9Cf/gD
CCSf1onH2Xxg8tBU5f8DNRIzOM1XvNdD/wPxOedr9IREIC1CWr7DipETpogAuA==
-----END CERTIFICATE-----
Generated at Fri Apr 19 16:37:36 2024 by rpki-client on console-fra.rpki-client.org