Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663313a3a2f34382d3438203d3e20313939333337.roa
File: 326131313a663263303a666663313a3a2f34382d3438203d3e20313939333337.roa (raw, json)
Hash identifier: achVjQjhhlxmFxf7RnbVr1mcUtM9pYI4UFuIgORR17M=
Subject key identifier: B4:3C:CF:CB:9A:AB:A6:B2:07:1D:54:9A:F4:2B:2B:FA:00:05:D3:65
Certificate issuer: /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial: 7A8E26C069F36060C017CC24A3C78E8FEC39380E
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663313a3a2f34382d3438203d3e20313939333337.roa
Signing time: Sat 09 Mar 2024 02:02:11 +0000
ROA not before: Sat 09 Mar 2024 01:57:11 +0000
ROA not after: Sat 08 Mar 2025 02:02:11 +0000
asID: 199337
IP address blocks: 2a11:f2c0:ffc1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:8e:26:c0:69:f3:60:60:c0:17:cc:24:a3:c7:8e:8f:ec:39:38:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Validity
Not Before: Mar 9 01:57:11 2024 GMT
Not After : Mar 8 02:02:11 2025 GMT
Subject: CN=B43CCFCB9AABA6B2071D549AF42B2BFA0005D365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2c:67:fb:0c:14:ea:f9:36:2d:0d:72:3f:c7:
1b:ef:ba:61:c8:8d:e0:ac:9d:f6:44:aa:48:3b:42:
14:b2:29:65:e3:c3:fe:1c:09:f5:f9:9a:91:4b:b9:
11:45:6b:01:f3:a3:e5:ea:c8:29:e9:90:c1:70:e7:
b7:39:fa:64:f0:63:28:ab:a1:9a:c9:a1:2f:af:d6:
db:5c:ea:87:5d:8f:52:9c:42:e7:b7:93:ac:af:a6:
89:77:c8:f2:5f:a0:71:6f:ad:4d:10:bf:e6:17:f3:
4c:e8:a6:19:37:02:05:7d:fb:30:59:33:c5:80:ca:
a0:fe:78:46:4c:11:bd:9b:a7:27:ae:56:02:c1:fe:
eb:0c:9a:23:0d:07:b9:74:bc:9a:2c:36:07:98:bd:
c7:1c:b1:8c:96:1b:46:88:2b:4f:33:24:48:4f:f9:
9e:a1:f9:11:c7:39:ef:16:2c:bb:39:23:33:9b:9e:
18:f8:f6:8c:37:88:cf:3b:c4:8d:ea:7a:bc:a8:32:
1f:c8:8e:12:46:bb:02:27:9e:86:77:d9:31:62:5e:
66:98:2d:f8:c9:8d:d5:99:7f:4e:12:53:1d:6e:22:
01:28:4d:6f:c3:14:8c:e5:4f:6b:43:e6:13:e7:5c:
3a:f6:da:2d:bd:01:ff:e9:04:18:9f:97:f2:34:12:
e0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:3C:CF:CB:9A:AB:A6:B2:07:1D:54:9A:F4:2B:2B:FA:00:05:D3:65
X509v3 Authority Key Identifier:
keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663313a3a2f34382d3438203d3e20313939333337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:ffc1::/48
Signature Algorithm: sha256WithRSAEncryption
8e:41:01:49:d2:be:aa:8d:7a:49:80:9c:ad:e0:9b:10:8d:a9:
9b:51:ae:23:fd:1c:cb:3b:f6:a1:37:67:85:03:b0:d5:a7:0f:
f3:92:ba:7b:cb:ea:5a:03:c3:2d:db:80:46:6d:48:7b:03:55:
46:1a:06:c1:ba:af:0f:18:89:7f:ec:a5:1d:19:1a:07:cc:a7:
b9:ee:8f:cb:69:93:09:33:00:85:56:c0:98:48:6f:fc:66:fd:
f7:d7:70:29:61:89:27:dd:13:7a:8c:a9:5e:78:ff:e9:da:03:
a7:47:3b:df:bf:15:db:fc:4b:4f:50:96:50:61:92:dd:88:62:
45:4f:76:b2:93:30:14:2b:d5:c9:a9:23:06:52:d1:12:a7:c3:
ed:3e:8a:5f:e2:68:75:6c:22:39:96:82:3a:5c:b6:22:91:a7:
32:6d:70:f9:49:a9:5c:59:37:91:92:80:b6:dd:97:fc:5b:81:
86:60:82:7c:50:14:eb:45:29:c4:e6:ca:48:93:28:d8:b4:a3:
7d:42:10:a7:00:94:9b:54:e1:ad:25:e5:76:a2:d6:7f:1b:f8:
77:50:9c:9c:2f:7b:40:51:71:b0:86:7e:b4:81:ee:c6:23:07:
5e:52:ab:4c:bd:7a:7c:75:be:6a:01:e5:59:3d:98:9d:36:c4:
29:2b:38:f0
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUeo4mwGnzYGDAF8wko8eOj+w5OA4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yNDAzMDkwMTU3MTFaFw0yNTAzMDgwMjAyMTFaMDMxMTAvBgNV
BAMTKEI0M0NDRkNCOUFBQkE2QjIwNzFENTQ5QUY0MkIyQkZBMDAwNUQzNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMLGf7DBTq+TYtDXI/xxvvumHI
jeCsnfZEqkg7QhSyKWXjw/4cCfX5mpFLuRFFawHzo+XqyCnpkMFw57c5+mTwYyir
oZrJoS+v1ttc6oddj1KcQue3k6yvpol3yPJfoHFvrU0Qv+YX80zophk3AgV9+zBZ
M8WAyqD+eEZMEb2bpyeuVgLB/usMmiMNB7l0vJosNgeYvcccsYyWG0aIK08zJEhP
+Z6h+RHHOe8WLLs5IzObnhj49ow3iM87xI3qeryoMh/IjhJGuwInnoZ32TFiXmaY
LfjJjdWZf04SUx1uIgEoTW/DFIzlT2tD5hPnXDr22i29Af/pBBifl/I0EuBJAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUtDzPy5qrprIHHVSa9Csr+gAF02UwHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2E2NjY2NjMzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzkzOTMzMzMzNy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoR8sD/wTANBgkqhkiG9w0BAQsFAAOCAQEAjkEBSdK+qo16SYCc
reCbEI2pm1GuI/0cyzv2oTdnhQOw1acP85K6e8vqWgPDLduARm1IewNVRhoGwbqv
DxiJf+ylHRkaB8ynue6Py2mTCTMAhVbAmEhv/Gb999dwKWGJJ90TeoypXnj/6doD
p0c7378V2/xLT1CWUGGS3YhiRU92spMwFCvVyakjBlLREqfD7T6KX+JodWwiOZaC
Oly2IpGnMm1w+UmpXFk3kZKAtt2X/FuBhmCCfFAU60UpxObKSJMo2LSjfUIQpwCU
m1ThrSXldqLWfxv4d1CcnC97QFFxsIZ+tIHuxiMHXlKrTL16fHW+agHlWT2YnTbE
KSs48A==
-----END CERTIFICATE-----
Generated at Sat May 4 01:11:17 2024 by rpki-client on console-ams.rpki-client.org