Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666666313a3a2f34382d3438203d3e20323032353132.roa
File: 326131313a663263303a666666313a3a2f34382d3438203d3e20323032353132.roa (raw, json)
Hash identifier: CL1WnH9FhUreqG2dWKq8we8TMHhhLlfqHX05+hg8zN8=
Subject key identifier: 01:A3:4B:10:41:E4:0F:8F:5B:89:EB:31:B7:BC:B4:B8:3B:A2:27:92
Certificate issuer: /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial: 20315F17E886EFA6F64A288397A67C594461F8CA
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666666313a3a2f34382d3438203d3e20323032353132.roa
Signing time: Wed 10 Jan 2024 22:03:14 +0000
ROA not before: Wed 10 Jan 2024 21:58:14 +0000
ROA not after: Wed 08 Jan 2025 22:03:14 +0000
asID: 202512
IP address blocks: 2a11:f2c0:fff1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:31:5f:17:e8:86:ef:a6:f6:4a:28:83:97:a6:7c:59:44:61:f8:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Validity
Not Before: Jan 10 21:58:14 2024 GMT
Not After : Jan 8 22:03:14 2025 GMT
Subject: CN=01A34B1041E40F8F5B89EB31B7BCB4B83BA22792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fb:dc:10:c3:c3:6c:7c:1f:44:f9:a6:c7:5d:
76:5c:bd:74:90:3b:d9:9d:32:af:b1:2f:e7:ea:36:
fc:02:9c:57:7e:d6:d8:03:01:4b:2e:c2:40:42:97:
2f:f9:69:b7:26:3c:3d:a9:51:64:49:00:5f:da:a2:
a6:fe:ce:ae:2c:f0:a6:57:26:29:9f:62:8b:b0:04:
5f:f3:5f:9b:b0:38:94:aa:85:f7:9c:64:f4:3c:00:
bb:df:3f:2a:4b:47:aa:eb:b6:57:e0:4b:be:b3:2f:
23:39:67:69:a0:f9:d4:47:2e:24:16:58:ec:d7:fd:
f9:0f:1b:d4:13:92:5a:43:ed:70:80:2b:a9:a8:b9:
c0:b7:c8:34:a0:6c:fe:d3:7d:bd:c5:a4:c4:00:cb:
44:cb:e7:f2:63:06:1f:4d:fc:24:1a:d4:7d:fb:87:
c2:61:35:64:f0:58:35:6a:5d:8b:a0:05:58:29:e4:
2b:f9:27:35:92:41:7e:1e:28:f8:12:77:d7:e7:fb:
fb:0d:2c:ae:19:4f:43:e4:0a:ae:44:e5:09:74:70:
52:10:3e:b4:f1:10:ba:86:82:b9:c4:f4:72:bd:96:
14:9a:84:59:37:b9:59:8c:77:88:68:ef:48:85:46:
57:88:e9:7b:fb:2b:3b:80:67:a9:7b:8a:2e:54:fe:
7b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A3:4B:10:41:E4:0F:8F:5B:89:EB:31:B7:BC:B4:B8:3B:A2:27:92
X509v3 Authority Key Identifier:
keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666666313a3a2f34382d3438203d3e20323032353132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:fff1::/48
Signature Algorithm: sha256WithRSAEncryption
d5:77:21:07:21:ad:17:39:c0:4b:73:46:33:cb:1c:b0:ba:2f:
a1:07:38:15:08:1b:12:fc:ea:9c:17:7c:1e:2f:96:e6:9b:55:
c0:7a:08:74:9b:fd:01:fa:29:11:84:53:e9:53:38:b4:46:f3:
c0:47:20:0a:ab:2d:eb:b7:1b:d0:9a:63:76:11:af:f6:a8:2e:
be:95:3a:5a:db:ed:8e:46:1a:bd:1a:6e:16:93:d6:d3:de:df:
41:13:00:9a:90:84:04:e9:1f:d2:24:5a:21:89:65:c6:b8:9a:
c4:0d:bc:b4:b2:14:ee:a8:d3:56:d2:c1:2d:5a:d9:2f:72:a2:
6a:00:bf:34:98:cf:cb:fb:f7:c1:03:ae:28:b2:cb:b8:a1:08:
0f:fb:c0:cc:d3:69:8b:79:d4:3b:65:e6:b9:9a:32:d7:60:b8:
ce:55:12:11:72:01:56:4c:8c:71:02:1b:6d:a5:44:65:00:35:
8b:e7:e9:34:2f:3d:ad:12:ea:9c:94:fa:fd:d0:3b:73:20:65:
7c:8e:a6:ec:e0:24:dd:1f:01:6d:ab:de:a7:a3:47:43:ac:5a:
87:9f:ee:f8:44:af:93:c3:ee:75:cf:ee:38:ba:ec:e1:21:a6:
79:50:e7:2b:81:09:6f:f1:c2:28:0d:2f:8e:3e:ba:8b:53:15:
84:ff:89:c4
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUIDFfF+iG76b2SiiDl6Z8WURh+MowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yNDAxMTAyMTU4MTRaFw0yNTAxMDgyMjAzMTRaMDMxMTAvBgNV
BAMTKDAxQTM0QjEwNDFFNDBGOEY1Qjg5RUIzMUI3QkNCNEI4M0JBMjI3OTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2+9wQw8NsfB9E+abHXXZcvXSQ
O9mdMq+xL+fqNvwCnFd+1tgDAUsuwkBCly/5abcmPD2pUWRJAF/aoqb+zq4s8KZX
JimfYouwBF/zX5uwOJSqhfecZPQ8ALvfPypLR6rrtlfgS76zLyM5Z2mg+dRHLiQW
WOzX/fkPG9QTklpD7XCAK6moucC3yDSgbP7Tfb3FpMQAy0TL5/JjBh9N/CQa1H37
h8JhNWTwWDVqXYugBVgp5Cv5JzWSQX4eKPgSd9fn+/sNLK4ZT0PkCq5E5Ql0cFIQ
PrTxELqGgrnE9HK9lhSahFk3uVmMd4ho70iFRleI6Xv7KzuAZ6l7ii5U/ntRAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUAaNLEEHkD49biesxt7y0uDuiJ5IwHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2E2NjY2NjYzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMjM1MzEzMi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoR8sD/8TANBgkqhkiG9w0BAQsFAAOCAQEA1XchByGtFznAS3NG
M8scsLovoQc4FQgbEvzqnBd8Hi+W5ptVwHoIdJv9AfopEYRT6VM4tEbzwEcgCqst
67cb0JpjdhGv9qguvpU6WtvtjkYavRpuFpPW097fQRMAmpCEBOkf0iRaIYllxria
xA28tLIU7qjTVtLBLVrZL3KiagC/NJjPy/v3wQOuKLLLuKEID/vAzNNpi3nUO2Xm
uZoy12C4zlUSEXIBVkyMcQIbbaVEZQA1i+fpNC89rRLqnJT6/dA7cyBlfI6m7OAk
3R8Bbavep6NHQ6xah5/u+ESvk8Pudc/uOLrs4SGmeVDnK4EJb/HCKA0vjj66i1MV
hP+JxA==
-----END CERTIFICATE-----
Generated at Sat May 4 01:54:33 2024 by rpki-client on console-fra.rpki-client.org