Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666666623a3a2f34382d3438203d3e20323033313035.roa
File: 326131313a663263303a666666623a3a2f34382d3438203d3e20323033313035.roa (raw, json)
Hash identifier: kD1kF732hPPrdFwd+BwKQ+GFuIdm0S+nt6OOdHzdAR8=
Subject key identifier: 9F:CC:2E:2E:D2:6D:40:E8:16:C7:17:D1:0A:D4:81:4D:54:F3:7F:0C
Certificate issuer: /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial: 4F5862FC6B77AF681B19DC5C12E91DA6058DB79D
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666666623a3a2f34382d3438203d3e20323033313035.roa
Signing time: Wed 08 Nov 2023 14:50:01 +0000
ROA not before: Wed 08 Nov 2023 14:45:01 +0000
ROA not after: Wed 06 Nov 2024 14:50:01 +0000
asID: 203105
IP address blocks: 2a11:f2c0:fffb::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:58:62:fc:6b:77:af:68:1b:19:dc:5c:12:e9:1d:a6:05:8d:b7:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Validity
Not Before: Nov 8 14:45:01 2023 GMT
Not After : Nov 6 14:50:01 2024 GMT
Subject: CN=9FCC2E2ED26D40E816C717D10AD4814D54F37F0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:73:87:2e:df:9e:f7:74:f5:29:3e:6f:fb:a3:
7d:bb:c5:33:7d:d0:dc:ef:65:23:07:f7:f7:7a:f0:
37:01:75:a3:89:a0:14:22:03:91:4b:94:a5:46:b0:
9f:b9:49:89:b7:0f:89:50:13:2b:0b:d8:e9:44:5d:
d1:99:08:6a:0d:c8:bc:55:97:ea:54:45:ab:2f:ef:
2f:66:8c:50:ef:6c:29:eb:d3:f3:f3:d6:69:4b:c5:
e9:47:e3:50:f0:5e:f9:72:8e:1b:8b:cb:01:db:8d:
b6:8e:27:83:ab:d1:61:63:46:33:17:28:a4:a9:b2:
a9:47:7a:5b:fa:1e:80:08:6e:38:d2:ae:7a:dc:72:
8d:66:e9:35:4e:bb:8d:50:28:56:6c:f7:08:25:5e:
da:95:65:9b:86:57:e3:76:cf:49:40:0f:d5:ed:b1:
b7:de:97:bd:c6:75:d7:19:47:6d:81:d8:c5:25:dc:
0a:bd:de:b6:94:33:51:a8:90:0c:ba:f5:86:2e:ee:
7a:2e:d7:47:aa:e2:cd:ea:77:b4:e5:93:aa:81:2c:
bc:21:7a:ba:8f:db:d6:48:0c:2c:43:9b:81:ae:26:
cb:40:b7:60:67:e3:d6:e9:6b:12:e5:b6:6c:ae:21:
fa:3f:43:cb:bb:14:d2:e5:dc:80:ed:ca:67:48:31:
b6:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:CC:2E:2E:D2:6D:40:E8:16:C7:17:D1:0A:D4:81:4D:54:F3:7F:0C
X509v3 Authority Key Identifier:
keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666666623a3a2f34382d3438203d3e20323033313035.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:fffb::/48
Signature Algorithm: sha256WithRSAEncryption
ae:e1:d1:5d:57:a5:30:97:8f:ea:9c:33:5a:8f:36:22:39:31:
00:e6:48:4f:84:24:36:37:2e:57:19:7e:b8:36:aa:d9:83:15:
1a:95:a3:c7:11:90:d0:be:a2:a8:3b:4a:df:3c:f4:e4:e5:81:
16:ad:2e:99:d6:62:ab:df:20:48:79:96:8c:6c:95:4a:b4:db:
d8:54:f5:a9:d3:a8:56:9f:ed:29:7f:d3:4e:2c:4d:7f:ed:25:
55:23:36:43:46:b9:62:95:59:f6:e5:0d:6c:17:f0:a1:8f:20:
c6:29:4c:bc:07:e8:b2:a4:e4:e3:ff:d1:9a:4e:83:f0:b2:9d:
e5:1b:a2:6c:00:85:2c:a1:0e:28:6a:71:bf:25:39:66:65:85:
91:77:80:08:b7:10:5f:01:ca:ea:f7:80:ac:81:9e:88:fd:f8:
13:3f:e1:52:45:88:ec:dc:eb:de:6b:1f:2f:73:67:ba:f4:07:
6f:8e:14:45:5b:f6:05:72:50:c7:08:f5:ed:87:e9:ad:02:93:
a3:4e:c4:5e:44:40:4b:f3:c4:e2:08:ee:10:8b:8e:9f:07:fa:
b0:15:19:7d:0e:55:20:dc:b8:f0:e1:9b:32:03:4e:24:50:88:
2b:52:29:ed:33:13:dd:1e:86:cf:cd:88:e2:6b:d3:a6:bf:0d:
ef:8d:4f:3e
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUT1hi/Gt3r2gbGdxcEukdpgWNt50wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yMzExMDgxNDQ1MDFaFw0yNDExMDYxNDUwMDFaMDMxMTAvBgNV
BAMTKDlGQ0MyRTJFRDI2RDQwRTgxNkM3MTdEMTBBRDQ4MTRENTRGMzdGMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLc4cu3573dPUpPm/7o327xTN9
0NzvZSMH9/d68DcBdaOJoBQiA5FLlKVGsJ+5SYm3D4lQEysL2OlEXdGZCGoNyLxV
l+pURasv7y9mjFDvbCnr0/Pz1mlLxelH41DwXvlyjhuLywHbjbaOJ4Or0WFjRjMX
KKSpsqlHelv6HoAIbjjSrnrcco1m6TVOu41QKFZs9wglXtqVZZuGV+N2z0lAD9Xt
sbfel73GddcZR22B2MUl3Aq93raUM1GokAy69YYu7nou10eq4s3qd7Tlk6qBLLwh
erqP29ZIDCxDm4GuJstAt2Bn49bpaxLltmyuIfo/Q8u7FNLl3IDtymdIMbYZAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUn8wuLtJtQOgWxxfRCtSBTVTzfwwwHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2E2NjY2NjY2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMzMxMzAzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoR8sD/+zANBgkqhkiG9w0BAQsFAAOCAQEAruHRXVelMJeP6pwz
Wo82IjkxAOZIT4QkNjcuVxl+uDaq2YMVGpWjxxGQ0L6iqDtK3zz05OWBFq0umdZi
q98gSHmWjGyVSrTb2FT1qdOoVp/tKX/TTixNf+0lVSM2Q0a5YpVZ9uUNbBfwoY8g
xilMvAfosqTk4//Rmk6D8LKd5RuibACFLKEOKGpxvyU5ZmWFkXeACLcQXwHK6veA
rIGeiP34Ez/hUkWI7Nzr3msfL3NnuvQHb44URVv2BXJQxwj17YfprQKTo07EXkRA
S/PE4gjuEIuOnwf6sBUZfQ5VINy48OGbMgNOJFCIK1Ip7TMT3R6Gz82I4mvTpr8N
741PPg==
-----END CERTIFICATE-----
Generated at Sat May 4 01:54:33 2024 by rpki-client on console-fra.rpki-client.org