Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a623030623a3a2f34382d3438203d3e20323035373839.roa
File: 326131313a663263303a623030623a3a2f34382d3438203d3e20323035373839.roa (raw, json)
Hash identifier: RYeIOTorPOvJWZ8UNO1CWZ06MZbv+AEH/w+O/KVREFg=
Subject key identifier: 30:2F:3C:A7:44:0D:57:76:23:30:4F:1D:BF:E9:AB:4A:F3:0B:21:B7
Certificate issuer: /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial: 4AB91B836F1D7218CB61187B810E450A76749256
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a623030623a3a2f34382d3438203d3e20323035373839.roa
Signing time: Mon 15 Apr 2024 17:09:53 +0000
ROA not before: Mon 15 Apr 2024 17:04:53 +0000
ROA not after: Mon 14 Apr 2025 17:09:53 +0000
asID: 205789
IP address blocks: 2a11:f2c0:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:b9:1b:83:6f:1d:72:18:cb:61:18:7b:81:0e:45:0a:76:74:92:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Validity
Not Before: Apr 15 17:04:53 2024 GMT
Not After : Apr 14 17:09:53 2025 GMT
Subject: CN=302F3CA7440D577623304F1DBFE9AB4AF30B21B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:21:ad:b9:0c:b8:be:a1:f2:b8:4e:08:c2:6b:
71:f2:a9:c7:11:25:9a:94:70:92:77:e0:19:f3:4e:
7d:ca:d5:cf:23:f4:ff:15:87:ac:29:53:ec:a1:79:
16:72:f3:3f:e5:87:74:ea:5d:e8:c2:88:4a:2c:77:
13:9d:e6:2a:64:b3:30:6e:94:84:d9:75:03:b1:7f:
c1:2c:4a:ca:07:a7:c5:cd:ca:77:9d:fd:d3:57:c8:
42:a9:70:4e:90:12:cc:7e:63:e1:77:b0:eb:38:3f:
6e:1a:25:45:64:9d:dd:96:3a:fb:e5:b5:7e:a1:cb:
6f:6e:01:c9:9d:53:18:3c:c4:28:66:1d:12:48:9d:
8f:0c:30:9c:2c:73:27:a4:d0:b8:40:c7:e0:d8:a4:
ec:b6:6b:8a:f5:3c:91:53:3d:c2:81:b4:1c:b0:0d:
16:ad:a1:4c:b6:48:b1:d7:a1:fb:d1:46:08:a0:c3:
49:b3:75:d3:50:6c:10:92:52:0b:ef:22:ac:1a:89:
4e:78:e5:61:83:9b:40:22:be:77:30:a0:18:02:74:
8f:4d:11:53:2f:a2:79:ff:7f:0d:a3:94:06:7c:82:
0f:80:0c:96:b3:61:94:ec:25:a3:e2:a8:49:e3:6e:
25:25:32:2c:78:34:67:87:55:87:76:b4:b1:9c:aa:
cc:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:2F:3C:A7:44:0D:57:76:23:30:4F:1D:BF:E9:AB:4A:F3:0B:21:B7
X509v3 Authority Key Identifier:
keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a623030623a3a2f34382d3438203d3e20323035373839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
cb:bd:48:67:17:ac:c2:e4:bd:61:32:38:7a:31:19:8c:df:7b:
63:51:18:10:a6:b7:9f:96:04:07:d9:38:79:b8:3e:9a:ab:5f:
11:2b:55:59:14:e7:b5:63:96:c9:af:0b:31:1c:d2:7c:fc:3e:
31:b7:38:5d:36:d3:01:0b:f8:e1:d9:b8:ec:16:a9:7a:7d:6d:
96:f3:53:9d:b6:f4:2a:95:d9:e1:73:6a:1d:0b:3b:4e:c8:c8:
26:64:44:be:03:41:ec:ca:38:ac:7b:7c:f2:ce:50:a7:70:52:
c5:a0:e4:e3:57:da:de:ad:f9:40:63:3b:f4:3d:e9:58:a6:22:
cf:fe:80:fc:03:be:f9:9f:63:50:00:0a:57:01:97:94:00:29:
9e:5d:80:46:ea:76:0e:cb:db:e7:ba:7b:6d:d2:c8:de:58:09:
95:67:d9:0d:3d:92:9f:78:f8:da:f5:e5:23:82:9e:af:30:93:
a1:61:97:d7:4e:44:d8:92:f5:0c:f4:2f:54:63:db:dd:54:d1:
c7:a1:fc:73:16:b6:89:02:06:4f:8d:a9:91:2e:41:72:92:ef:
fc:3b:04:1e:04:35:26:e4:14:b5:5a:58:45:67:a9:71:d2:d5:
4d:e4:a1:ec:c3:f4:24:13:d8:58:8f:78:a5:dc:77:4b:5f:b3:
44:e8:4a:fd
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUSrkbg28dchjLYRh7gQ5FCnZ0klYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yNDA0MTUxNzA0NTNaFw0yNTA0MTQxNzA5NTNaMDMxMTAvBgNV
BAMTKDMwMkYzQ0E3NDQwRDU3NzYyMzMwNEYxREJGRTlBQjRBRjMwQjIxQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwIa25DLi+ofK4TgjCa3HyqccR
JZqUcJJ34BnzTn3K1c8j9P8Vh6wpU+yheRZy8z/lh3TqXejCiEosdxOd5ipkszBu
lITZdQOxf8EsSsoHp8XNyned/dNXyEKpcE6QEsx+Y+F3sOs4P24aJUVknd2WOvvl
tX6hy29uAcmdUxg8xChmHRJInY8MMJwscyek0LhAx+DYpOy2a4r1PJFTPcKBtByw
DRatoUy2SLHXofvRRgigw0mzddNQbBCSUgvvIqwaiU545WGDm0AivncwoBgCdI9N
EVMvonn/fw2jlAZ8gg+ADJazYZTsJaPiqEnjbiUlMix4NGeHVYd2tLGcqsx1AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUMC88p0QNV3YjME8dv+mrSvMLIbcwHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNTM3MzgzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoR8sCwCzANBgkqhkiG9w0BAQsFAAOCAQEAy71IZxeswuS9YTI4
ejEZjN97Y1EYEKa3n5YEB9k4ebg+mqtfEStVWRTntWOWya8LMRzSfPw+Mbc4XTbT
AQv44dm47Bapen1tlvNTnbb0KpXZ4XNqHQs7TsjIJmREvgNB7Mo4rHt88s5Qp3BS
xaDk41fa3q35QGM79D3pWKYiz/6A/AO++Z9jUAAKVwGXlAApnl2ARup2Dsvb57p7
bdLI3lgJlWfZDT2Sn3j42vXlI4KerzCToWGX105E2JL1DPQvVGPb3VTRx6H8cxa2
iQIGT42pkS5BcpLv/DsEHgQ1JuQUtVpYRWepcdLVTeSh7MP0JBPYWI94pdx3S1+z
ROhK/Q==
-----END CERTIFICATE-----
Generated at Sat May 4 01:54:33 2024 by rpki-client on console-fra.rpki-client.org