Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663393a3a2f34382d3438203d3e20323135393633.roa
File: 326131313a663263303a666663393a3a2f34382d3438203d3e20323135393633.roa (raw, json)
Hash identifier: WK8dGlPEOr0xlh+5qt1rqRalv5EraijIhWhS1dcD5H8=
Subject key identifier: 5B:96:EC:A4:68:CC:74:D0:D9:BE:69:4A:E4:26:79:BA:18:F6:FF:39
Certificate issuer: /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial: 183A4BB938174BA35BCB8C1026D37504DFF2F543
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663393a3a2f34382d3438203d3e20323135393633.roa
Signing time: Sun 31 Dec 2023 01:02:29 +0000
ROA not before: Sun 31 Dec 2023 00:57:29 +0000
ROA not after: Sun 29 Dec 2024 01:02:29 +0000
asID: 215963
IP address blocks: 2a11:f2c0:ffc9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:3a:4b:b9:38:17:4b:a3:5b:cb:8c:10:26:d3:75:04:df:f2:f5:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Validity
Not Before: Dec 31 00:57:29 2023 GMT
Not After : Dec 29 01:02:29 2024 GMT
Subject: CN=5B96ECA468CC74D0D9BE694AE42679BA18F6FF39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ea:59:08:b6:0f:58:6f:b0:2e:6c:c7:5c:63:
2d:f5:2a:04:0b:96:ab:fb:cf:50:54:81:67:c9:c6:
4b:e1:6b:68:42:5d:0e:c5:48:0b:b1:c2:61:05:d0:
12:6a:bf:f4:e4:36:c3:79:62:12:2d:e4:fd:b6:cb:
e3:1d:e3:7d:15:8f:2f:57:90:1c:09:e5:72:26:91:
78:bd:b4:27:46:2d:c5:ae:d2:10:9e:18:2a:fd:98:
fb:1e:7d:43:d0:e0:c6:ab:fd:e5:de:c7:36:f8:b4:
f6:75:90:71:ef:a6:45:cb:ed:b5:a8:0a:67:7d:b2:
bd:4b:0b:78:53:e6:15:96:c9:04:a8:3f:23:a8:77:
58:b7:d9:13:6c:27:1f:a4:0c:44:12:1d:17:42:e8:
28:27:c8:de:99:16:62:55:8a:3c:85:75:ab:51:24:
25:8e:9e:b3:01:56:af:0d:c7:4a:2c:78:81:f3:15:
aa:f5:40:29:7c:b0:4b:9b:3d:d8:75:2a:6d:81:d7:
bd:ae:f1:d3:1a:26:e2:20:5e:ab:4c:d3:46:16:16:
f1:68:d6:d3:88:ed:74:c9:67:59:1f:09:55:d5:31:
b0:d1:58:e1:2a:53:6d:ed:b8:24:c0:0d:94:b7:50:
97:66:35:b6:52:99:a4:bd:9a:91:cc:dd:9b:d3:0e:
52:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:96:EC:A4:68:CC:74:D0:D9:BE:69:4A:E4:26:79:BA:18:F6:FF:39
X509v3 Authority Key Identifier:
keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663393a3a2f34382d3438203d3e20323135393633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:ffc9::/48
Signature Algorithm: sha256WithRSAEncryption
cc:e1:0e:f8:87:16:05:3e:a5:88:4f:02:8b:e2:0f:88:48:b9:
3e:ae:a3:7b:fa:e2:ef:04:5c:ca:bf:9c:9a:15:99:64:3a:fe:
35:14:9b:9b:b7:48:f8:5a:24:5a:56:75:f0:93:92:74:b8:1e:
22:2a:7f:81:eb:c1:29:c2:2b:86:67:be:bc:0e:eb:95:3d:8e:
6a:23:c3:3a:b6:c3:e9:ad:80:d8:e8:ee:16:28:ab:f7:71:e4:
a0:b5:3c:97:bb:75:2e:c6:a3:0c:59:b6:e8:6b:39:ed:65:c5:
a4:ba:b6:2f:06:54:02:27:8b:80:45:b6:41:44:8b:da:59:78:
76:b5:86:eb:e1:5c:07:a3:8b:a7:5c:b2:30:91:36:96:67:ab:
72:8c:6d:aa:54:90:0d:99:da:52:2b:42:dd:bb:90:42:86:e6:
89:d1:43:dc:f0:90:33:40:59:cf:b8:83:ac:70:b9:86:62:0f:
44:df:80:8a:e8:1e:0b:52:90:71:53:c2:4f:8a:e1:2e:e1:53:
28:b9:16:af:18:6f:3f:2a:5f:ba:c1:e6:55:ff:76:ce:bd:3c:
7c:62:2d:47:fa:e9:cf:43:0c:77:39:53:f4:73:d3:d9:cd:e7:
1a:e3:ea:18:7b:46:ff:a9:a8:f4:ff:c9:35:b8:e3:2d:be:f2:
f0:4b:49:47
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUGDpLuTgXS6Nby4wQJtN1BN/y9UMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yMzEyMzEwMDU3MjlaFw0yNDEyMjkwMTAyMjlaMDMxMTAvBgNV
BAMTKDVCOTZFQ0E0NjhDQzc0RDBEOUJFNjk0QUU0MjY3OUJBMThGNkZGMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk6lkItg9Yb7AubMdcYy31KgQL
lqv7z1BUgWfJxkvha2hCXQ7FSAuxwmEF0BJqv/TkNsN5YhIt5P22y+Md430Vjy9X
kBwJ5XImkXi9tCdGLcWu0hCeGCr9mPsefUPQ4Mar/eXexzb4tPZ1kHHvpkXL7bWo
Cmd9sr1LC3hT5hWWyQSoPyOod1i32RNsJx+kDEQSHRdC6CgnyN6ZFmJVijyFdatR
JCWOnrMBVq8Nx0oseIHzFar1QCl8sEubPdh1Km2B172u8dMaJuIgXqtM00YWFvFo
1tOI7XTJZ1kfCVXVMbDRWOEqU23tuCTADZS3UJdmNbZSmaS9mpHM3ZvTDlIrAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUW5bspGjMdNDZvmlK5CZ5uhj2/zkwHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2E2NjY2NjMzOTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNTM5MzYzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoR8sD/yTANBgkqhkiG9w0BAQsFAAOCAQEAzOEO+IcWBT6liE8C
i+IPiEi5Pq6je/ri7wRcyr+cmhWZZDr+NRSbm7dI+FokWlZ18JOSdLgeIip/gevB
KcIrhme+vA7rlT2OaiPDOrbD6a2A2OjuFiir93HkoLU8l7t1LsajDFm26Gs57WXF
pLq2LwZUAieLgEW2QUSL2ll4drWG6+FcB6OLp1yyMJE2lmercoxtqlSQDZnaUitC
3buQQobmidFD3PCQM0BZz7iDrHC5hmIPRN+AiugeC1KQcVPCT4rhLuFTKLkWrxhv
PypfusHmVf92zr08fGItR/rpz0MMdzlT9HPT2c3nGuPqGHtG/6mo9P/JNbjjLb7y
8EtJRw==
-----END CERTIFICATE-----
Generated at Sat May 4 01:54:33 2024 by rpki-client on console-fra.rpki-client.org