Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663613a3a2f34382d3438203d3e20323135383639.roa
File: 326131313a663263303a666663613a3a2f34382d3438203d3e20323135383639.roa (raw, json)
Hash identifier: epc/ZcMkK0UtdGdMhXhTz23IPLTk/ZaSUNbd3WDiORM=
Subject key identifier: 55:21:F3:D6:10:E0:1B:32:8F:57:49:7D:61:07:DF:16:EA:AF:84:F1
Certificate issuer: /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial: 42276B62EB858479693CAB7BF68116E4BB9AD894
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663613a3a2f34382d3438203d3e20323135383639.roa
Signing time: Tue 12 Dec 2023 10:04:05 +0000
ROA not before: Tue 12 Dec 2023 09:59:05 +0000
ROA not after: Tue 10 Dec 2024 10:04:05 +0000
asID: 215869
IP address blocks: 2a11:f2c0:ffca::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:27:6b:62:eb:85:84:79:69:3c:ab:7b:f6:81:16:e4:bb:9a:d8:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Validity
Not Before: Dec 12 09:59:05 2023 GMT
Not After : Dec 10 10:04:05 2024 GMT
Subject: CN=5521F3D610E01B328F57497D6107DF16EAAF84F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ea:73:83:a6:5b:2c:fb:46:1c:48:26:96:8b:
f6:6c:77:9e:99:bf:53:eb:af:9f:9c:7c:c2:3b:4a:
9d:25:05:0d:6b:98:9f:02:30:c1:4e:06:13:96:21:
3d:ea:74:83:51:47:19:91:74:a3:3d:0b:1e:9e:ec:
92:5c:fd:5f:4c:62:e3:6a:fe:b5:25:c3:3c:a8:d7:
b3:88:64:ee:f1:e1:e6:25:67:fa:75:f3:7f:ea:85:
35:b4:03:5f:aa:ea:4f:cc:74:fc:a8:59:ba:be:42:
47:6d:63:19:a4:3d:41:fa:2d:12:1d:d6:28:cc:2e:
61:2c:f4:35:15:47:c2:6e:38:16:c4:dd:ed:d4:f7:
d7:1c:ee:79:89:5a:3c:c1:58:7f:87:0c:59:48:0a:
31:7d:a2:57:9a:80:2f:40:6d:c3:fc:ed:cf:4a:b7:
f7:38:c9:b4:1b:57:1f:4c:59:4e:c8:0b:5a:fe:36:
7d:23:27:aa:52:61:f0:47:22:24:59:8d:a9:69:f5:
42:15:6b:c3:59:c0:78:9c:b3:e2:e6:53:44:91:d5:
dc:44:79:ae:83:42:d8:da:4a:b4:84:68:cc:ec:de:
ec:d7:ac:8f:2b:ee:35:f1:15:45:75:e2:c9:b9:54:
51:f5:10:7b:6c:06:84:d7:8f:23:c0:6b:16:b0:df:
00:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:21:F3:D6:10:E0:1B:32:8F:57:49:7D:61:07:DF:16:EA:AF:84:F1
X509v3 Authority Key Identifier:
keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663613a3a2f34382d3438203d3e20323135383639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:ffca::/48
Signature Algorithm: sha256WithRSAEncryption
ab:38:c1:10:57:b1:f3:c6:6f:c1:d9:3a:88:8a:e7:ba:6a:3a:
1b:86:1b:b8:dd:8a:f8:9d:60:49:e0:e5:21:0d:b0:c0:bc:92:
8a:7f:47:69:a0:50:56:0d:39:fa:14:08:e2:ad:b9:75:f9:15:
2b:88:92:56:2e:60:42:08:a8:76:8e:49:fd:80:72:25:67:a6:
eb:d8:cb:7a:58:9f:f1:83:00:2a:97:3d:42:40:9b:ba:7b:53:
1b:c5:2f:7e:01:54:56:7f:26:77:8c:25:9c:12:bf:22:77:a9:
5f:b4:dc:11:06:7e:98:d6:3b:08:8b:26:89:1c:fe:e1:f5:5e:
92:cb:66:48:93:77:7e:c2:20:7c:a5:4d:f6:0f:94:7e:dd:80:
40:04:0e:39:4b:eb:27:45:ee:72:a5:11:68:11:3a:15:1d:98:
0f:12:37:9c:39:71:85:0f:b5:10:38:44:90:9c:45:49:f1:0a:
57:ef:39:22:5c:04:c9:c0:e5:14:38:14:23:2b:8e:fa:55:cb:
c0:70:14:5f:34:f8:1f:5d:89:cb:92:f6:ef:9f:68:a5:5f:be:
76:e4:a5:a1:92:2a:39:32:88:0a:68:06:09:6b:54:7c:67:11:
c3:06:7d:82:2d:cb:49:f0:18:5b:89:80:7d:62:f4:84:ab:a1:
85:62:80:53
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUQidrYuuFhHlpPKt79oEW5Lua2JQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yMzEyMTIwOTU5MDVaFw0yNDEyMTAxMDA0MDVaMDMxMTAvBgNV
BAMTKDU1MjFGM0Q2MTBFMDFCMzI4RjU3NDk3RDYxMDdERjE2RUFBRjg0RjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCN6nODplss+0YcSCaWi/Zsd56Z
v1Prr5+cfMI7Sp0lBQ1rmJ8CMMFOBhOWIT3qdINRRxmRdKM9Cx6e7JJc/V9MYuNq
/rUlwzyo17OIZO7x4eYlZ/p183/qhTW0A1+q6k/MdPyoWbq+QkdtYxmkPUH6LRId
1ijMLmEs9DUVR8JuOBbE3e3U99cc7nmJWjzBWH+HDFlICjF9oleagC9AbcP87c9K
t/c4ybQbVx9MWU7IC1r+Nn0jJ6pSYfBHIiRZjalp9UIVa8NZwHics+LmU0SR1dxE
ea6DQtjaSrSEaMzs3uzXrI8r7jXxFUV14sm5VFH1EHtsBoTXjyPAaxaw3wA1AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUVSHz1hDgGzKPV0l9YQffFuqvhPEwHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2E2NjY2NjM2MTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNTM4MzYzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoR8sD/yjANBgkqhkiG9w0BAQsFAAOCAQEAqzjBEFex88Zvwdk6
iIrnumo6G4YbuN2K+J1gSeDlIQ2wwLySin9HaaBQVg05+hQI4q25dfkVK4iSVi5g
Qgiodo5J/YByJWem69jLelif8YMAKpc9QkCbuntTG8UvfgFUVn8md4wlnBK/Inep
X7TcEQZ+mNY7CIsmiRz+4fVekstmSJN3fsIgfKVN9g+Uft2AQAQOOUvrJ0XucqUR
aBE6FR2YDxI3nDlxhQ+1EDhEkJxFSfEKV+85IlwEycDlFDgUIyuO+lXLwHAUXzT4
H12Jy5L2759opV++duSloZIqOTKICmgGCWtUfGcRwwZ9gi3LSfAYW4mAfWL0hKuh
hWKAUw==
-----END CERTIFICATE-----
Generated at Sat May 4 01:54:33 2024 by rpki-client on console-fra.rpki-client.org