Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663303a3a2f34382d3438203d3e20323035353839.roa
File: 326131313a663263303a666663303a3a2f34382d3438203d3e20323035353839.roa (raw, json)
Hash identifier: WoiGHgRovpX6HrTVYAjaMCOiSmpF1eZHQGyGFi5DPoE=
Subject key identifier: 00:99:01:CE:23:5B:92:EB:E6:D2:43:44:C0:D7:EE:A7:3D:56:DD:26
Certificate issuer: /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial: 3C5D29DC89CF530CB346F478B028538FA1208803
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663303a3a2f34382d3438203d3e20323035353839.roa
Signing time: Wed 14 Feb 2024 03:58:12 +0000
ROA not before: Wed 14 Feb 2024 03:53:12 +0000
ROA not after: Wed 12 Feb 2025 03:58:12 +0000
asID: 205589
IP address blocks: 2a11:f2c0:ffc0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:5d:29:dc:89:cf:53:0c:b3:46:f4:78:b0:28:53:8f:a1:20:88:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Validity
Not Before: Feb 14 03:53:12 2024 GMT
Not After : Feb 12 03:58:12 2025 GMT
Subject: CN=009901CE235B92EBE6D24344C0D7EEA73D56DD26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:7d:66:f6:b5:02:bf:11:17:42:6d:c0:ee:ae:
f1:62:a4:ef:36:db:6d:ea:2d:5e:42:75:1c:9c:36:
33:6f:16:34:00:02:22:ae:cb:3b:b8:12:65:8d:92:
4c:1d:b1:0e:8e:e4:3d:2d:cb:8f:d6:ef:88:70:88:
8b:3d:4f:d4:05:2b:85:b9:b6:0a:6c:ce:9f:c6:f1:
67:a2:a6:50:25:be:4b:a3:ee:98:d2:1c:c4:02:dc:
9f:74:e5:56:2d:f0:be:a8:76:05:bb:19:51:78:67:
2b:2e:0c:c5:05:4c:52:6b:8f:02:08:3a:bf:36:63:
9f:3c:50:2e:77:48:d8:86:f5:1c:6d:c7:fb:ed:40:
66:7f:fa:26:cf:d8:a2:6b:b5:20:23:13:de:cd:2a:
9a:fc:b5:ca:20:af:df:6e:21:37:64:98:ea:22:9e:
60:d8:db:c1:65:d5:f0:b0:0b:58:13:d1:52:ea:80:
c4:7a:f5:ab:fd:99:82:7d:ed:97:75:63:29:64:1c:
c5:96:56:8e:36:f0:94:ba:f4:26:61:c3:54:35:9a:
a6:ab:0f:9a:08:31:b1:14:4e:9b:71:44:0a:14:b7:
43:2d:bd:22:11:c9:da:9c:52:db:b1:08:7c:c7:a8:
63:62:d6:dd:b9:09:76:f1:a1:da:91:09:d2:38:50:
e7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:99:01:CE:23:5B:92:EB:E6:D2:43:44:C0:D7:EE:A7:3D:56:DD:26
X509v3 Authority Key Identifier:
keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663303a3a2f34382d3438203d3e20323035353839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:ffc0::/48
Signature Algorithm: sha256WithRSAEncryption
92:f8:a2:41:f4:33:5e:58:db:7a:d1:dd:40:73:93:80:50:c9:
21:fb:14:8e:b0:6c:b0:3e:2d:c5:1f:4f:4a:ee:c7:cf:f1:60:
ab:87:22:90:e3:89:dc:cc:93:8f:93:98:a5:6d:3d:c2:06:d6:
27:4f:b9:c4:af:bf:21:8b:02:23:3b:e0:fa:16:b1:be:96:1e:
79:49:25:95:83:39:39:bf:77:36:a8:21:55:d6:df:af:88:82:
37:62:f5:66:58:c4:ad:c5:23:51:d6:80:a3:d5:22:ee:7a:a3:
36:a6:3e:e0:b9:e5:2e:82:0b:bf:b3:e2:03:9c:a4:f5:28:90:
1b:23:9e:33:8e:1f:dc:7a:18:09:97:a0:40:d1:ff:ac:66:f2:
7d:1b:c1:7d:de:8a:e3:6a:f1:32:77:d5:16:a3:9c:f5:4b:f4:
89:38:68:57:de:20:c9:37:15:cf:f3:9d:fe:05:2b:1b:65:80:
db:cd:5c:b6:19:84:75:e3:e4:83:88:c7:e7:36:a5:9d:be:61:
c7:27:00:b0:fe:aa:a2:10:30:f7:c7:7f:28:3d:1f:d6:85:76:
d9:86:53:01:a9:ed:ac:19:44:15:b2:da:8b:cd:c4:16:6b:24:
74:d1:5e:9b:7c:19:67:e2:30:07:52:22:b9:f9:73:4e:ed:7d:
4c:b1:97:d1
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUPF0p3InPUwyzRvR4sChTj6EgiAMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yNDAyMTQwMzUzMTJaFw0yNTAyMTIwMzU4MTJaMDMxMTAvBgNV
BAMTKDAwOTkwMUNFMjM1QjkyRUJFNkQyNDM0NEMwRDdFRUE3M0Q1NkREMjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgfWb2tQK/ERdCbcDurvFipO82
223qLV5CdRycNjNvFjQAAiKuyzu4EmWNkkwdsQ6O5D0ty4/W74hwiIs9T9QFK4W5
tgpszp/G8WeiplAlvkuj7pjSHMQC3J905VYt8L6odgW7GVF4ZysuDMUFTFJrjwII
Or82Y588UC53SNiG9Rxtx/vtQGZ/+ibP2KJrtSAjE97NKpr8tcogr99uITdkmOoi
nmDY28Fl1fCwC1gT0VLqgMR69av9mYJ97Zd1YylkHMWWVo428JS69CZhw1Q1mqar
D5oIMbEUTptxRAoUt0MtvSIRydqcUtuxCHzHqGNi1t25CXbxodqRCdI4UOdrAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUAJkBziNbkuvm0kNEwNfupz1W3SYwHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2E2NjY2NjMzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNTM1MzgzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoR8sD/wDANBgkqhkiG9w0BAQsFAAOCAQEAkviiQfQzXljbetHd
QHOTgFDJIfsUjrBssD4txR9PSu7Hz/Fgq4cikOOJ3MyTj5OYpW09wgbWJ0+5xK+/
IYsCIzvg+haxvpYeeUkllYM5Ob93NqghVdbfr4iCN2L1ZljErcUjUdaAo9Ui7nqj
NqY+4LnlLoILv7PiA5yk9SiQGyOeM44f3HoYCZegQNH/rGbyfRvBfd6K42rxMnfV
FqOc9Uv0iThoV94gyTcVz/Od/gUrG2WA281cthmEdePkg4jH5zalnb5hxycAsP6q
ohAw98d/KD0f1oV22YZTAantrBlEFbLai83EFmskdNFem3wZZ+IwB1IiuflzTu19
TLGX0Q==
-----END CERTIFICATE-----
Generated at Sat May 4 01:54:33 2024 by rpki-client on console-fra.rpki-client.org