Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663363a3a2f34382d3438203d3e20323136323038.roa
File: 326131313a663263303a666663363a3a2f34382d3438203d3e20323136323038.roa (raw, json)
Hash identifier: ZBRge16Y4TT2kB9hBaGKFIBPtfNl4umVDnOurbwYiKE=
Subject key identifier: DE:08:8A:E6:3A:9C:E7:6F:B6:12:00:ED:7B:F7:7C:E3:51:C3:55:22
Certificate issuer: /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial: 6961E461990F67E59DA1AC8B7DEB55911D56A954
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663363a3a2f34382d3438203d3e20323136323038.roa
Signing time: Thu 05 Oct 2023 08:34:32 +0000
ROA not before: Thu 05 Oct 2023 08:29:32 +0000
ROA not after: Thu 03 Oct 2024 08:34:32 +0000
asID: 216208
IP address blocks: 2a11:f2c0:ffc6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:61:e4:61:99:0f:67:e5:9d:a1:ac:8b:7d:eb:55:91:1d:56:a9:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Validity
Not Before: Oct 5 08:29:32 2023 GMT
Not After : Oct 3 08:34:32 2024 GMT
Subject: CN=DE088AE63A9CE76FB61200ED7BF77CE351C35522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7f:fd:cf:71:46:16:0e:ac:ab:77:63:af:ad:
db:dd:3d:11:c9:55:ed:99:86:a3:03:bf:75:8c:6e:
c1:a3:7a:1e:9d:dd:ca:56:ff:67:56:21:1f:61:dc:
96:c7:c5:40:57:d1:f2:13:e4:6b:d7:ce:7c:e7:a4:
85:09:1d:37:52:14:c7:8e:03:4c:64:46:e5:b6:8b:
59:a4:40:55:1a:03:da:7f:d8:0e:9a:d2:59:c5:82:
ae:03:16:20:d3:86:ef:27:36:22:e4:61:76:82:4c:
94:11:4a:25:df:ba:a7:ca:ce:f0:72:e2:de:52:19:
c2:75:7b:c8:72:ce:30:e0:93:67:98:6f:ce:a9:91:
65:70:12:b2:8f:64:80:e4:5c:91:66:28:56:ec:f6:
a6:fd:81:a1:24:78:50:46:23:f0:66:6b:80:85:56:
86:df:cd:d2:5d:9b:0a:21:ac:25:3f:42:ad:8b:d9:
27:6d:0d:f3:f6:28:0a:59:fa:8d:a1:9e:96:e6:6e:
3f:a0:16:e9:d6:41:ac:b5:4d:30:ce:3c:eb:c9:6f:
6e:ef:ad:3e:65:53:12:b6:b7:c8:4d:9a:f4:3f:2f:
e0:39:df:94:f9:57:10:5a:c8:ca:67:c4:eb:a5:10:
64:d7:10:1c:ef:38:45:5e:76:06:1b:f2:fe:a8:60:
f9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:08:8A:E6:3A:9C:E7:6F:B6:12:00:ED:7B:F7:7C:E3:51:C3:55:22
X509v3 Authority Key Identifier:
keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663363a3a2f34382d3438203d3e20323136323038.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:ffc6::/48
Signature Algorithm: sha256WithRSAEncryption
bb:a3:5c:d6:91:a1:44:a5:98:f9:d9:92:2d:91:65:24:b6:ac:
9b:79:41:49:96:35:6c:6a:2f:58:e9:e6:81:b0:05:56:ce:94:
82:62:1b:fa:a9:d5:26:db:61:3d:cb:11:0c:5b:e1:45:b1:6e:
44:81:14:9c:35:c4:b0:b5:f7:f6:a7:d7:e8:6d:7d:e9:ef:30:
9f:73:cd:bc:03:93:d6:22:bd:c1:f0:08:e9:d0:e8:f2:fc:c3:
3f:9d:42:eb:90:64:8b:43:1d:ad:b2:14:37:ab:92:34:c3:f0:
bc:86:18:28:64:34:ed:b8:7a:67:eb:fe:12:54:8b:0f:81:42:
7d:b8:20:e6:79:14:3e:0a:8e:c1:6b:a6:89:a9:5d:47:dd:92:
bb:08:ee:15:00:dc:66:f1:b8:d9:6c:a3:52:1b:2d:d3:6d:39:
5b:bb:e4:60:60:91:a6:15:08:7a:ac:cb:a4:15:01:21:b1:e3:
f2:62:af:df:22:fe:14:ed:f5:26:7f:0c:e2:01:68:59:a8:d8:
ee:02:e8:1b:ac:3e:38:53:8f:0b:21:aa:40:a2:2e:e3:0c:bc:
7c:25:29:12:0b:26:6d:ea:12:02:37:06:03:00:c0:a8:ba:4c:
f6:18:47:dc:ff:14:d6:51:72:92:50:e8:f3:e6:0d:33:64:83:
5a:f7:2d:0d
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUaWHkYZkPZ+WdoayLfetVkR1WqVQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yMzEwMDUwODI5MzJaFw0yNDEwMDMwODM0MzJaMDMxMTAvBgNV
BAMTKERFMDg4QUU2M0E5Q0U3NkZCNjEyMDBFRDdCRjc3Q0UzNTFDMzU1MjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkf/3PcUYWDqyrd2OvrdvdPRHJ
Ve2ZhqMDv3WMbsGjeh6d3cpW/2dWIR9h3JbHxUBX0fIT5GvXznznpIUJHTdSFMeO
A0xkRuW2i1mkQFUaA9p/2A6a0lnFgq4DFiDThu8nNiLkYXaCTJQRSiXfuqfKzvBy
4t5SGcJ1e8hyzjDgk2eYb86pkWVwErKPZIDkXJFmKFbs9qb9gaEkeFBGI/Bma4CF
VobfzdJdmwohrCU/Qq2L2SdtDfP2KApZ+o2hnpbmbj+gFunWQay1TTDOPOvJb27v
rT5lUxK2t8hNmvQ/L+A535T5VxBayMpnxOulEGTXEBzvOEVedgYb8v6oYPl5AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU3giK5jqc52+2EgDte/d841HDVSIwHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2E2NjY2NjMzNjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNjMyMzAzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoR8sD/xjANBgkqhkiG9w0BAQsFAAOCAQEAu6Nc1pGhRKWY+dmS
LZFlJLasm3lBSZY1bGovWOnmgbAFVs6UgmIb+qnVJtthPcsRDFvhRbFuRIEUnDXE
sLX39qfX6G196e8wn3PNvAOT1iK9wfAI6dDo8vzDP51C65Bki0MdrbIUN6uSNMPw
vIYYKGQ07bh6Z+v+ElSLD4FCfbgg5nkUPgqOwWumialdR92SuwjuFQDcZvG42Wyj
Uhst0205W7vkYGCRphUIeqzLpBUBIbHj8mKv3yL+FO31Jn8M4gFoWajY7gLoG6w+
OFOPCyGqQKIu4wy8fCUpEgsmbeoSAjcGAwDAqLpM9hhH3P8U1lFyklDo8+YNM2SD
WvctDQ==
-----END CERTIFICATE-----
Generated at Sat May 4 01:11:17 2024 by rpki-client on console-ams.rpki-client.org