Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663323a3a2f34382d3438203d3e20313939333337.roa
File: 326131313a663263303a666663323a3a2f34382d3438203d3e20313939333337.roa (raw, json)
Hash identifier: qQAO/3idT4HE9MusRGOW1fvhehT1f8GIS1ji31h+0wg=
Subject key identifier: 65:37:19:40:9F:AF:D0:C7:3D:D3:4D:3B:A6:C4:16:68:72:A0:1C:E3
Certificate issuer: /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial: 330E1D31BDCCFAF6544F46775C3F8D6428DFD37A
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663323a3a2f34382d3438203d3e20313939333337.roa
Signing time: Sat 09 Mar 2024 02:02:11 +0000
ROA not before: Sat 09 Mar 2024 01:57:11 +0000
ROA not after: Sat 08 Mar 2025 02:02:11 +0000
asID: 199337
IP address blocks: 2a11:f2c0:ffc2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:0e:1d:31:bd:cc:fa:f6:54:4f:46:77:5c:3f:8d:64:28:df:d3:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Validity
Not Before: Mar 9 01:57:11 2024 GMT
Not After : Mar 8 02:02:11 2025 GMT
Subject: CN=653719409FAFD0C73DD34D3BA6C4166872A01CE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c9:c2:d8:06:9b:50:ea:5c:e5:d5:42:7e:5d:
6e:d8:9e:6d:b9:5b:bb:36:6c:70:f9:aa:bc:f7:ef:
be:d7:7c:3c:b1:3c:1f:8e:c0:22:62:86:76:16:5b:
6a:ac:87:16:a7:7f:fe:be:15:cc:2f:72:9a:15:ed:
72:89:45:7e:af:c6:59:bb:47:9e:e3:5a:bd:f6:ee:
45:05:39:db:b6:91:50:f0:64:46:1b:72:ca:e3:95:
7e:cd:1a:f0:d6:00:4e:3c:58:49:13:d2:76:62:9d:
2e:76:0b:3d:8e:65:1d:70:d0:53:1c:53:b7:8d:11:
c3:7d:69:b7:ab:2e:e3:b2:fa:b1:03:fa:82:ff:7b:
e8:bf:4e:c9:b2:11:f7:26:de:ed:e2:3b:53:a3:be:
34:a4:3b:8b:bf:ee:38:9a:73:f5:06:e8:0a:f0:82:
ed:77:7b:51:dc:e8:46:54:3f:0c:1f:7f:86:52:5b:
75:43:03:9e:68:7e:fa:8f:f6:cb:05:6a:48:61:a4:
0d:52:d0:0a:4d:50:44:72:45:02:3d:0d:9a:f1:3b:
2c:d4:ff:d5:18:34:48:e6:25:0c:80:c5:56:51:7d:
10:ba:31:50:11:4a:6d:85:00:60:0c:10:9f:9a:c2:
86:40:4b:95:1a:92:41:c0:45:22:c2:ab:01:78:8f:
c8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:37:19:40:9F:AF:D0:C7:3D:D3:4D:3B:A6:C4:16:68:72:A0:1C:E3
X509v3 Authority Key Identifier:
keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663323a3a2f34382d3438203d3e20313939333337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:ffc2::/48
Signature Algorithm: sha256WithRSAEncryption
a0:81:13:90:95:cd:a7:7b:b5:95:6c:f3:2a:f2:e2:bf:c9:0c:
18:dc:7d:bf:dc:40:d6:5a:a4:f9:ef:d3:b7:12:da:38:13:18:
aa:ad:09:56:b2:18:aa:d6:7c:33:06:64:e3:1a:58:1b:0a:ef:
aa:08:50:ac:85:b5:7c:d6:38:f2:e4:6e:44:48:96:43:66:7b:
16:2c:6c:82:af:b1:63:f8:86:76:14:a1:79:8a:16:0a:a7:9f:
7b:a9:c5:8f:33:af:6e:b1:ca:70:6a:0c:71:6c:98:d5:1b:62:
5a:0d:c1:7a:ea:f9:65:c4:35:26:4a:82:2f:4f:cd:23:35:3f:
5a:7f:c7:68:81:34:b4:0f:17:50:f0:c5:8a:44:ea:20:54:2c:
ac:b5:2b:a7:cf:4c:db:c3:f9:15:ff:12:d1:d6:2e:7c:f8:3a:
91:5f:f8:8e:7d:4b:91:bf:36:a6:e1:15:34:4d:07:87:06:0a:
99:95:15:92:f5:20:2f:55:3b:d1:e8:0d:4b:d5:1c:18:da:de:
7a:97:e9:45:5a:51:d9:c9:1e:88:bf:5e:f3:ae:08:3f:29:d1:
01:f2:0e:30:2b:fb:41:3d:e5:50:c6:6c:96:cf:71:1b:46:cb:
f6:9c:a6:1a:14:0d:94:bc:49:35:56:7f:a9:92:86:39:7f:f8:
40:31:41:85
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUMw4dMb3M+vZUT0Z3XD+NZCjf03owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yNDAzMDkwMTU3MTFaFw0yNTAzMDgwMjAyMTFaMDMxMTAvBgNV
BAMTKDY1MzcxOTQwOUZBRkQwQzczREQzNEQzQkE2QzQxNjY4NzJBMDFDRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgycLYBptQ6lzl1UJ+XW7Ynm25
W7s2bHD5qrz3777XfDyxPB+OwCJihnYWW2qshxanf/6+FcwvcpoV7XKJRX6vxlm7
R57jWr327kUFOdu2kVDwZEYbcsrjlX7NGvDWAE48WEkT0nZinS52Cz2OZR1w0FMc
U7eNEcN9aberLuOy+rED+oL/e+i/TsmyEfcm3u3iO1OjvjSkO4u/7jiac/UG6Arw
gu13e1Hc6EZUPwwff4ZSW3VDA55ofvqP9ssFakhhpA1S0ApNUERyRQI9DZrxOyzU
/9UYNEjmJQyAxVZRfRC6MVARSm2FAGAMEJ+awoZAS5UakkHARSLCqwF4j8gxAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUZTcZQJ+v0Mc90007psQWaHKgHOMwHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2E2NjY2NjMzMjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzkzOTMzMzMzNy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoR8sD/wjANBgkqhkiG9w0BAQsFAAOCAQEAoIETkJXNp3u1lWzz
KvLiv8kMGNx9v9xA1lqk+e/TtxLaOBMYqq0JVrIYqtZ8MwZk4xpYGwrvqghQrIW1
fNY48uRuREiWQ2Z7Fixsgq+xY/iGdhSheYoWCqefe6nFjzOvbrHKcGoMcWyY1Rti
Wg3Beur5ZcQ1JkqCL0/NIzU/Wn/HaIE0tA8XUPDFikTqIFQsrLUrp89M28P5Ff8S
0dYufPg6kV/4jn1Lkb82puEVNE0HhwYKmZUVkvUgL1U70egNS9UcGNreepfpRVpR
2ckeiL9e864IPynRAfIOMCv7QT3lUMZsls9xG0bL9pymGhQNlLxJNVZ/qZKGOX/4
QDFBhQ==
-----END CERTIFICATE-----
Generated at Sat May 4 01:54:33 2024 by rpki-client on console-fra.rpki-client.org