Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a333a3a2f34382d3438203d3e20323032333539.roa
File: 326131313a663263303a333a3a2f34382d3438203d3e20323032333539.roa (raw, json)
Hash identifier: uoV3AyWsQn9bnmf2bh7ihOi+LTUbP2RlO5tu1U7pCp8=
Subject key identifier: 17:3E:EA:FE:70:21:6F:51:5B:3C:A2:46:FF:39:CC:53:E8:77:D7:41
Certificate issuer: /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial: 489A749A646FF511066BA507E7C0B2E1794DF5B5
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a333a3a2f34382d3438203d3e20323032333539.roa
Signing time: Wed 09 Aug 2023 16:36:55 +0000
ROA not before: Wed 09 Aug 2023 16:31:55 +0000
ROA not after: Wed 07 Aug 2024 16:36:55 +0000
asID: 202359
IP address blocks: 2a11:f2c0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:9a:74:9a:64:6f:f5:11:06:6b:a5:07:e7:c0:b2:e1:79:4d:f5:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Validity
Not Before: Aug 9 16:31:55 2023 GMT
Not After : Aug 7 16:36:55 2024 GMT
Subject: CN=173EEAFE70216F515B3CA246FF39CC53E877D741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ca:c1:ca:cc:ee:8c:fa:19:cc:eb:0f:28:f8:
52:77:43:33:54:fc:c1:62:88:1c:7a:fd:ef:97:77:
5f:6a:d7:d7:e0:50:f9:0e:69:d7:24:fe:24:e0:b1:
6e:e2:14:54:8a:c9:f0:21:88:1e:1a:f4:70:e3:71:
37:dc:51:71:3e:3b:e5:e6:bf:6b:fb:64:fd:37:34:
c0:97:a7:e1:17:4d:02:2c:e5:11:91:d8:9b:e1:6a:
d6:4d:b3:5d:52:33:1a:4b:a3:a4:f3:a2:a0:b0:d6:
6b:fc:01:82:f6:f0:0a:09:11:86:70:ff:4c:ec:93:
a9:cb:cb:d2:83:fd:19:cb:09:e5:50:0e:68:0a:24:
1b:44:d9:36:3a:af:b6:d4:65:85:16:0e:2b:d1:e6:
b1:7b:4f:7d:a2:e9:71:4e:08:b7:a9:0f:46:5c:b2:
c3:4c:8a:1e:50:0d:21:60:db:b6:75:ec:c4:93:be:
9a:54:2a:69:ee:82:8c:de:13:8c:ad:af:e6:ab:7f:
ff:13:2b:b2:63:86:14:90:2e:1a:91:4b:da:c8:c9:
a9:f2:2c:2a:d7:64:63:21:38:4f:67:16:7a:8a:d2:
6c:8b:b9:8b:18:45:9e:ce:e1:10:84:fd:01:55:e1:
3c:e4:41:70:da:c0:84:81:ef:a1:3e:fc:6d:4a:00:
a3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:3E:EA:FE:70:21:6F:51:5B:3C:A2:46:FF:39:CC:53:E8:77:D7:41
X509v3 Authority Key Identifier:
keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a333a3a2f34382d3438203d3e20323032333539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:3::/48
Signature Algorithm: sha256WithRSAEncryption
a7:ff:ba:5c:09:df:bf:82:7c:b4:aa:7e:f9:05:52:f7:4e:c8:
1e:e8:e4:de:97:0c:67:a9:ed:5b:4d:28:f4:ee:e0:89:fd:03:
48:39:4f:b4:28:7b:f2:d5:ba:74:cd:97:ec:75:00:9e:1b:44:
db:07:62:00:bc:d3:4e:d0:6b:09:fe:33:d6:c1:29:4e:68:01:
18:b5:e1:f3:3b:51:b7:bc:08:0e:c9:66:7e:31:26:8e:f3:42:
80:5d:11:ad:72:71:fe:aa:6e:42:f2:01:89:54:35:32:9c:0b:
bb:4b:f4:e7:4c:79:25:19:00:0b:e3:1a:91:7d:03:dc:19:81:
8a:61:76:d9:91:16:da:e2:0b:2b:25:88:e4:3c:97:9d:12:fc:
2e:bd:de:46:4a:51:55:2b:78:5c:6c:45:24:1c:98:44:6e:1a:
30:90:da:c9:37:db:0c:da:72:71:16:b4:f1:44:a3:9d:03:6b:
c6:7c:29:ca:03:55:95:0f:8f:92:ca:46:16:41:ed:31:bb:74:
45:30:15:9c:c6:37:4f:e4:65:ed:12:06:a5:91:9d:ab:be:06:
2c:e2:4f:1e:ef:3e:49:a2:08:f3:6f:60:ce:c6:a7:c6:93:9c:
6b:f3:bd:e6:d3:15:79:11:76:cc:4d:04:84:59:5f:dd:73:3e:
9e:c9:56:5c
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUSJp0mmRv9REGa6UH58Cy4XlN9bUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yMzA4MDkxNjMxNTVaFw0yNDA4MDcxNjM2NTVaMDMxMTAvBgNV
BAMTKDE3M0VFQUZFNzAyMTZGNTE1QjNDQTI0NkZGMzlDQzUzRTg3N0Q3NDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3ysHKzO6M+hnM6w8o+FJ3QzNU
/MFiiBx6/e+Xd19q19fgUPkOadck/iTgsW7iFFSKyfAhiB4a9HDjcTfcUXE+O+Xm
v2v7ZP03NMCXp+EXTQIs5RGR2JvhatZNs11SMxpLo6TzoqCw1mv8AYL28AoJEYZw
/0zsk6nLy9KD/RnLCeVQDmgKJBtE2TY6r7bUZYUWDivR5rF7T32i6XFOCLepD0Zc
ssNMih5QDSFg27Z17MSTvppUKmnugozeE4ytr+arf/8TK7JjhhSQLhqRS9rIyany
LCrXZGMhOE9nFnqK0myLuYsYRZ7O4RCE/QFV4TzkQXDawISB76E+/G1KAKMFAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUFz7q/nAhb1FbPKJG/znMU+h310EwHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2EzMzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMjMzMzUzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoR8sAAAzANBgkqhkiG9w0BAQsFAAOCAQEAp/+6XAnfv4J8tKp++QVS907I
Hujk3pcMZ6ntW00o9O7gif0DSDlPtCh78tW6dM2X7HUAnhtE2wdiALzTTtBrCf4z
1sEpTmgBGLXh8ztRt7wIDslmfjEmjvNCgF0RrXJx/qpuQvIBiVQ1MpwLu0v050x5
JRkAC+MakX0D3BmBimF22ZEW2uILKyWI5DyXnRL8Lr3eRkpRVSt4XGxFJByYRG4a
MJDayTfbDNpycRa08USjnQNrxnwpygNVlQ+PkspGFkHtMbt0RTAVnMY3T+Rl7RIG
pZGdq74GLOJPHu8+SaII829gzsanxpOca/O95tMVeRF2zE0EhFlf3XM+nslWXA==
-----END CERTIFICATE-----
Generated at Sat May 4 01:11:17 2024 by rpki-client on console-ams.rpki-client.org