Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a616361303a3a2f34342d3438203d3e20323132323435.roa
File: 326131313a663263303a616361303a3a2f34342d3438203d3e20323132323435.roa (raw, json)
Hash identifier: I4QYao9OyveQCQy0LQb0aX1HPiZQ5NMFJ/YD0AjUxR4=
Subject key identifier: D2:C2:73:D1:4C:3E:BA:3B:1D:D9:86:B3:25:6A:88:E6:D4:A4:15:D0
Certificate issuer: /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial: 126885E2681816F1D35CB7010EEBFD08A6EBCCB6
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a616361303a3a2f34342d3438203d3e20323132323435.roa
Signing time: Fri 29 Mar 2024 20:05:46 +0000
ROA not before: Fri 29 Mar 2024 20:00:46 +0000
ROA not after: Fri 28 Mar 2025 20:05:46 +0000
asID: 212245
IP address blocks: 2a11:f2c0:aca0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:68:85:e2:68:18:16:f1:d3:5c:b7:01:0e:eb:fd:08:a6:eb:cc:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Validity
Not Before: Mar 29 20:00:46 2024 GMT
Not After : Mar 28 20:05:46 2025 GMT
Subject: CN=D2C273D14C3EBA3B1DD986B3256A88E6D4A415D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:03:02:c8:99:54:2a:79:07:6a:f2:d8:c3:0f:
20:67:73:25:70:51:cc:2c:37:4d:a2:c1:e8:ac:0e:
2e:38:0d:c6:94:70:30:b2:2c:2f:af:04:a1:14:63:
46:dc:be:1b:85:60:f5:e3:6d:77:61:e2:b0:eb:ce:
d2:29:2a:db:45:d4:14:90:1f:5b:64:89:c7:52:7f:
8f:a5:ac:6d:d4:8e:58:11:d5:8f:7d:cd:ae:cc:7a:
26:ce:5d:5d:44:1c:9c:c1:dc:96:e7:b9:d1:64:13:
9e:d4:9b:e0:2c:07:8d:66:cb:52:a6:4f:44:ae:98:
1f:10:05:a6:d6:ee:5a:be:37:13:fc:fe:2b:e7:da:
c4:df:3a:53:71:cd:2a:55:23:9a:2e:69:c0:a0:07:
a9:54:7c:8a:0e:91:a2:37:11:c2:de:f0:66:1d:86:
3f:7c:55:b0:ed:0c:27:bc:ae:ac:96:9c:0f:0f:e1:
a8:f6:cb:9e:84:8d:a9:d3:2c:28:dd:25:52:e9:7b:
ac:81:26:c9:d7:b7:56:9e:c0:7c:47:3b:4c:52:7a:
5b:c1:b4:74:29:d2:cf:64:85:6a:06:3b:d9:fb:bf:
9a:a4:db:d1:67:8d:fb:10:16:b3:45:ac:ee:51:19:
22:9f:dc:2a:df:c9:7e:2d:e5:53:5f:a2:fb:c3:11:
d6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C2:73:D1:4C:3E:BA:3B:1D:D9:86:B3:25:6A:88:E6:D4:A4:15:D0
X509v3 Authority Key Identifier:
keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a616361303a3a2f34342d3438203d3e20323132323435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:aca0::/44
Signature Algorithm: sha256WithRSAEncryption
54:0a:27:9e:8d:83:e6:35:55:4a:81:86:45:fa:fa:88:90:ef:
07:58:4d:b4:eb:ad:98:c1:46:26:01:99:82:f1:a3:90:36:1d:
45:7e:ef:6e:fe:c8:45:d2:47:76:f8:57:e0:19:e5:d4:4c:73:
c7:e3:e7:e5:aa:8a:7f:60:75:fb:83:6c:cf:a1:8a:f9:de:45:
e6:59:42:72:b9:0f:69:f2:9a:33:04:bc:f8:0f:c0:b9:26:39:
12:75:14:d1:15:c3:46:de:bc:b0:e9:56:58:8b:40:fa:68:d1:
60:46:dd:11:cb:0a:bb:04:44:64:f4:43:d9:bd:54:2c:4a:60:
70:24:9e:12:85:aa:c0:69:a8:18:f7:19:9c:87:5f:e9:38:17:
20:ef:96:75:9f:ba:32:19:8a:ab:41:48:cc:b8:65:80:4a:29:
24:fc:88:33:f1:c6:84:15:a4:f3:3a:05:2e:c0:b8:b1:76:1f:
71:f9:18:6d:db:2e:cc:8c:34:8c:90:70:5d:e5:69:45:17:da:
fd:6e:93:ef:1b:94:13:7d:d0:b9:ee:92:d3:38:6d:d2:97:92:
96:37:a3:71:6c:a4:6d:a3:6d:8e:45:0b:2b:97:ac:e8:1a:7d:
40:7a:13:b1:06:c5:2b:d3:1d:07:4c:dd:43:41:15:60:88:3e:
a3:69:1e:96
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUEmiF4mgYFvHTXLcBDuv9CKbrzLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yNDAzMjkyMDAwNDZaFw0yNTAzMjgyMDA1NDZaMDMxMTAvBgNV
BAMTKEQyQzI3M0QxNEMzRUJBM0IxREQ5ODZCMzI1NkE4OEU2RDRBNDE1RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD7AwLImVQqeQdq8tjDDyBncyVw
UcwsN02iweisDi44DcaUcDCyLC+vBKEUY0bcvhuFYPXjbXdh4rDrztIpKttF1BSQ
H1tkicdSf4+lrG3UjlgR1Y99za7MeibOXV1EHJzB3JbnudFkE57Um+AsB41my1Km
T0SumB8QBabW7lq+NxP8/ivn2sTfOlNxzSpVI5ouacCgB6lUfIoOkaI3EcLe8GYd
hj98VbDtDCe8rqyWnA8P4aj2y56EjanTLCjdJVLpe6yBJsnXt1aewHxHO0xSelvB
tHQp0s9khWoGO9n7v5qk29FnjfsQFrNFrO5RGSKf3CrfyX4t5VNfovvDEdaHAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU0sJz0Uw+ujsd2YazJWqI5tSkFdAwHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2E2MTYzNjEzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMyMzEzMjMyMzQzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoR8sCsoDANBgkqhkiG9w0BAQsFAAOCAQEAVAonno2D5jVVSoGG
Rfr6iJDvB1hNtOutmMFGJgGZgvGjkDYdRX7vbv7IRdJHdvhX4Bnl1Exzx+Pn5aqK
f2B1+4Nsz6GK+d5F5llCcrkPafKaMwS8+A/AuSY5EnUU0RXDRt68sOlWWItA+mjR
YEbdEcsKuwREZPRD2b1ULEpgcCSeEoWqwGmoGPcZnIdf6TgXIO+WdZ+6MhmKq0FI
zLhlgEopJPyIM/HGhBWk8zoFLsC4sXYfcfkYbdsuzIw0jJBwXeVpRRfa/W6T7xuU
E33Que6S0zht0peSljejcWykbaNtjkULK5es6Bp9QHoTsQbFK9MdB0zdQ0EVYIg+
o2kelg==
-----END CERTIFICATE-----
Generated at Sat May 4 01:11:17 2024 by rpki-client on console-ams.rpki-client.org