Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663373a3a2f34382d3438203d3e20323136313431.roa
File: 326131313a663263303a666663373a3a2f34382d3438203d3e20323136313431.roa (raw, json)
Hash identifier: 9TpoUIsBfgcavoHyarcbqlUbZMx4DGk7Ug4+UPwTW9E=
Subject key identifier: 7F:1D:D9:94:09:12:2B:87:20:E2:AA:F0:BD:4A:70:7C:AE:DA:F3:59
Certificate issuer: /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial: 4D3ECFF78D45A3E4FA8A578A5271B9E3702A7909
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663373a3a2f34382d3438203d3e20323136313431.roa
Signing time: Tue 17 Oct 2023 16:05:33 +0000
ROA not before: Tue 17 Oct 2023 16:00:33 +0000
ROA not after: Tue 15 Oct 2024 16:05:33 +0000
asID: 216141
IP address blocks: 2a11:f2c0:ffc7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:3e:cf:f7:8d:45:a3:e4:fa:8a:57:8a:52:71:b9:e3:70:2a:79:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Validity
Not Before: Oct 17 16:00:33 2023 GMT
Not After : Oct 15 16:05:33 2024 GMT
Subject: CN=7F1DD99409122B8720E2AAF0BD4A707CAEDAF359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b1:c8:10:2e:51:80:6d:e9:76:30:64:33:53:
fd:d2:38:6e:39:09:9e:37:d3:cc:52:f2:40:53:f8:
43:e5:3d:82:5d:bc:8a:65:e6:f3:3c:2c:c1:56:6a:
d1:ca:b2:54:e3:94:76:15:7a:ef:b3:bf:fa:51:57:
de:d5:00:d6:5e:0d:df:31:8c:af:c0:da:9c:99:3a:
0f:f1:dd:49:66:69:66:ff:7f:8f:f0:97:9e:0b:30:
1f:b9:b6:8e:cf:ad:75:bd:82:a1:57:97:ef:5f:d3:
98:d7:a0:87:b6:87:0a:dd:16:76:b8:90:26:02:64:
90:e8:a2:c1:84:a9:b1:53:49:bb:f9:82:0d:5e:47:
2d:fc:6a:81:b5:e2:c4:35:eb:d0:ce:3c:ee:58:89:
6e:a6:35:5f:57:c9:8d:80:d7:67:42:ab:e9:8e:5e:
d6:ed:0c:93:ef:1d:49:68:76:39:15:10:c9:99:ec:
88:56:7b:9f:8c:1a:2d:71:1d:24:5c:c8:d1:13:82:
1e:cd:60:3c:3a:b6:d8:b9:5f:3f:0a:59:ed:da:7f:
84:e1:a1:9f:ca:92:8b:0e:81:c2:7a:4c:da:eb:04:
2e:69:5c:3c:c4:12:6d:88:82:c6:7b:68:e5:9a:aa:
01:78:53:9a:b1:6b:e4:57:b0:a8:c0:5f:b7:cd:eb:
3f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:1D:D9:94:09:12:2B:87:20:E2:AA:F0:BD:4A:70:7C:AE:DA:F3:59
X509v3 Authority Key Identifier:
keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663373a3a2f34382d3438203d3e20323136313431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:ffc7::/48
Signature Algorithm: sha256WithRSAEncryption
ac:f7:9b:62:30:fd:5e:e3:ec:bf:ec:87:b6:ed:b0:d1:32:73:
5d:f2:56:cc:9b:33:14:64:95:b3:d9:e2:e3:bd:84:23:0f:cf:
2b:e9:23:2f:51:24:dc:57:66:90:f0:29:32:9f:df:bc:af:55:
36:d4:d4:53:28:bc:d7:6b:d6:e4:69:80:80:4e:f3:be:54:ea:
ca:d9:c0:25:6a:1b:5a:dc:d3:d3:6d:1e:ae:8f:99:20:bf:6b:
d2:52:ee:d3:c4:ef:29:98:40:a6:91:ad:1a:43:c5:0f:71:7b:
fc:ad:46:9c:8c:72:35:6e:e4:43:52:56:f0:61:d4:c9:54:e7:
16:c6:4d:48:64:5e:27:e3:d9:72:7d:41:32:94:9c:f5:ec:7e:
8f:06:a3:75:e9:59:3f:9b:cb:47:2d:0f:89:7e:ce:d2:21:45:
b5:60:2e:4c:0d:98:ae:08:32:fc:b3:ba:30:6e:92:92:0f:79:
65:82:f2:77:22:ac:f2:83:88:19:c7:19:4c:c6:e0:51:25:62:
9b:f2:9c:81:29:b5:1e:9b:33:30:56:68:16:85:b6:eb:5d:7a:
8f:5d:db:cb:ff:3c:78:35:4e:c6:22:f2:d9:10:58:6c:2b:1a:
e8:ac:28:ca:c1:b4:1d:86:10:a5:91:9d:19:14:85:d6:0e:2a:
eb:cd:42:6d
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUTT7P941Fo+T6ileKUnG543AqeQkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yMzEwMTcxNjAwMzNaFw0yNDEwMTUxNjA1MzNaMDMxMTAvBgNV
BAMTKDdGMUREOTk0MDkxMjJCODcyMEUyQUFGMEJENEE3MDdDQUVEQUYzNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSscgQLlGAbel2MGQzU/3SOG45
CZ4308xS8kBT+EPlPYJdvIpl5vM8LMFWatHKslTjlHYVeu+zv/pRV97VANZeDd8x
jK/A2pyZOg/x3UlmaWb/f4/wl54LMB+5to7PrXW9gqFXl+9f05jXoIe2hwrdFna4
kCYCZJDoosGEqbFTSbv5gg1eRy38aoG14sQ169DOPO5YiW6mNV9XyY2A12dCq+mO
XtbtDJPvHUlodjkVEMmZ7IhWe5+MGi1xHSRcyNETgh7NYDw6tti5Xz8KWe3af4Th
oZ/KkosOgcJ6TNrrBC5pXDzEEm2IgsZ7aOWaqgF4U5qxa+RXsKjAX7fN6z95AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUfx3ZlAkSK4cg4qrwvUpwfK7a81kwHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2E2NjY2NjMzNzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNjMxMzQzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoR8sD/xzANBgkqhkiG9w0BAQsFAAOCAQEArPebYjD9XuPsv+yH
tu2w0TJzXfJWzJszFGSVs9ni472EIw/PK+kjL1Ek3FdmkPApMp/fvK9VNtTUUyi8
12vW5GmAgE7zvlTqytnAJWobWtzT020ero+ZIL9r0lLu08TvKZhAppGtGkPFD3F7
/K1GnIxyNW7kQ1JW8GHUyVTnFsZNSGReJ+PZcn1BMpSc9ex+jwajdelZP5vLRy0P
iX7O0iFFtWAuTA2Yrggy/LO6MG6Skg95ZYLydyKs8oOIGccZTMbgUSVim/KcgSm1
HpszMFZoFoW26116j13by/88eDVOxiLy2RBYbCsa6KwoysG0HYYQpZGdGRSF1g4q
681CbQ==
-----END CERTIFICATE-----
Generated at Sat May 4 01:54:33 2024 by rpki-client on console-fra.rpki-client.org