Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663633a3a2f34382d3438203d3e20323135373638.roa
File: 326131313a663263303a666663633a3a2f34382d3438203d3e20323135373638.roa (raw, json)
Hash identifier: 5FZBXdv1oXL4TPDjpRJJbOHb/Q8xtTru4tluBhT2wG8=
Subject key identifier: 5A:83:3C:C5:A8:F9:46:7B:24:8C:5E:49:91:A5:47:56:BB:F1:E6:2E
Certificate issuer: /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial: 32B0563D448AA42B19CB1F55BBED8FB62E80F492
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663633a3a2f34382d3438203d3e20323135373638.roa
Signing time: Sun 24 Mar 2024 20:10:22 +0000
ROA not before: Sun 24 Mar 2024 20:05:22 +0000
ROA not after: Sun 23 Mar 2025 20:10:22 +0000
asID: 215768
IP address blocks: 2a11:f2c0:ffcc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:b0:56:3d:44:8a:a4:2b:19:cb:1f:55:bb:ed:8f:b6:2e:80:f4:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Validity
Not Before: Mar 24 20:05:22 2024 GMT
Not After : Mar 23 20:10:22 2025 GMT
Subject: CN=5A833CC5A8F9467B248C5E4991A54756BBF1E62E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:91:ef:cb:dc:e5:fd:53:80:ee:5f:0c:c5:e1:
7f:92:4e:7c:12:30:13:f5:71:70:5a:09:a7:e1:c1:
61:ac:9d:91:9d:87:aa:00:4f:0f:1e:c7:b3:66:cd:
4f:3e:58:b0:24:96:a4:47:4d:79:23:ae:5f:0b:c5:
64:8c:76:0a:4e:1d:77:34:7d:5f:2b:98:15:87:49:
25:cb:fd:d4:94:f9:f2:98:ef:cd:21:91:b4:a3:81:
47:0b:7b:73:5e:29:80:cc:8f:fa:99:b6:11:e7:8d:
fe:f0:70:e4:c3:5e:af:0e:23:01:11:03:14:d7:7a:
e8:2e:4a:2c:9a:7e:a3:1f:82:da:a8:21:0c:30:97:
f6:84:70:e0:37:9b:b1:b0:d2:2f:18:0b:95:96:fe:
1f:9a:d9:2e:73:9c:80:0a:3e:23:55:a3:73:92:d4:
97:73:97:e1:39:79:72:d9:ba:09:8c:bf:2d:81:7f:
6b:eb:b4:72:fd:43:5f:ef:9e:e9:ef:0e:50:cb:fa:
5e:24:15:e3:39:60:27:2e:b3:61:40:12:b9:31:f4:
6a:65:d9:db:48:57:04:04:90:32:70:76:5c:a2:3f:
4b:f4:10:f0:46:49:9d:8b:0d:c4:54:34:50:aa:05:
62:ff:bd:c7:32:61:51:a0:8a:3a:6d:55:fc:c7:61:
86:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:83:3C:C5:A8:F9:46:7B:24:8C:5E:49:91:A5:47:56:BB:F1:E6:2E
X509v3 Authority Key Identifier:
keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666663633a3a2f34382d3438203d3e20323135373638.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:ffcc::/48
Signature Algorithm: sha256WithRSAEncryption
78:2f:cd:e9:16:35:40:7c:2f:28:09:9e:d2:57:e7:4e:c8:1a:
66:c1:33:ec:d1:fa:50:34:93:23:83:d5:2d:57:c4:06:ce:d7:
b8:da:15:f3:49:f9:73:28:3a:28:4a:bd:ae:2a:4d:0a:98:ae:
04:34:25:3e:59:e8:46:92:81:ba:b7:13:df:a5:ed:fc:7f:ed:
e0:86:45:30:1d:d9:cc:c0:45:8d:f8:c1:0c:9d:a5:64:0a:47:
17:a6:a2:0e:1f:57:5f:eb:c6:bc:c4:41:0d:de:cd:ef:88:5b:
39:11:a6:8b:35:54:f4:0d:7b:09:27:54:26:bb:d3:4c:7b:1d:
e5:6b:74:12:04:87:aa:b4:56:27:af:60:ba:a1:16:c8:29:1b:
9a:3c:47:05:bf:c8:f8:60:d6:72:9e:12:c9:b5:13:10:fb:c8:
05:45:37:f6:e0:a8:38:39:c4:e9:db:bc:1a:ed:08:66:36:c0:
2d:63:bd:20:76:6e:da:2c:99:60:c5:cb:86:07:67:9d:90:f9:
03:10:31:37:c2:60:bb:7a:3c:35:07:61:8b:e8:40:b2:45:74:
30:2d:27:2b:bf:0e:de:af:30:5f:46:e0:94:9a:99:d3:f0:dc:
04:8e:00:20:a5:fc:bc:3a:02:ad:83:8f:32:bc:48:4f:a6:4a:
64:b2:a7:5c
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUMrBWPUSKpCsZyx9Vu+2Pti6A9JIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yNDAzMjQyMDA1MjJaFw0yNTAzMjMyMDEwMjJaMDMxMTAvBgNV
BAMTKDVBODMzQ0M1QThGOTQ2N0IyNDhDNUU0OTkxQTU0NzU2QkJGMUU2MkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNke/L3OX9U4DuXwzF4X+STnwS
MBP1cXBaCafhwWGsnZGdh6oATw8ex7NmzU8+WLAklqRHTXkjrl8LxWSMdgpOHXc0
fV8rmBWHSSXL/dSU+fKY780hkbSjgUcLe3NeKYDMj/qZthHnjf7wcOTDXq8OIwER
AxTXeuguSiyafqMfgtqoIQwwl/aEcOA3m7Gw0i8YC5WW/h+a2S5znIAKPiNVo3OS
1Jdzl+E5eXLZugmMvy2Bf2vrtHL9Q1/vnunvDlDL+l4kFeM5YCcus2FAErkx9Gpl
2dtIVwQEkDJwdlyiP0v0EPBGSZ2LDcRUNFCqBWL/vccyYVGgijptVfzHYYbtAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUWoM8xaj5RnskjF5JkaVHVrvx5i4wHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2E2NjY2NjM2MzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNTM3MzYzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoR8sD/zDANBgkqhkiG9w0BAQsFAAOCAQEAeC/N6RY1QHwvKAme
0lfnTsgaZsEz7NH6UDSTI4PVLVfEBs7XuNoV80n5cyg6KEq9ripNCpiuBDQlPlno
RpKBurcT36Xt/H/t4IZFMB3ZzMBFjfjBDJ2lZApHF6aiDh9XX+vGvMRBDd7N74hb
ORGmizVU9A17CSdUJrvTTHsd5Wt0EgSHqrRWJ69guqEWyCkbmjxHBb/I+GDWcp4S
ybUTEPvIBUU39uCoODnE6du8Gu0IZjbALWO9IHZu2iyZYMXLhgdnnZD5AxAxN8Jg
u3o8NQdhi+hAskV0MC0nK78O3q8wX0bglJqZ0/DcBI4AIKX8vDoCrYOPMrxIT6ZK
ZLKnXA==
-----END CERTIFICATE-----
Generated at Sat May 4 01:11:17 2024 by rpki-client on console-ams.rpki-client.org