Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666666643a3a2f34382d3438203d3e20323035373839.roa
File: 326131313a663263303a666666643a3a2f34382d3438203d3e20323035373839.roa (raw, json)
Hash identifier: Ta+aveYkoRpVz4XXclndR3ojYrJwrn3+W0kvt0oK7i0=
Subject key identifier: F5:1C:A4:4D:CD:8D:EC:BB:DD:4E:2B:F7:B1:F9:6F:4B:8D:C6:DD:D6
Certificate issuer: /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial: 09B7DEB41E9348C1C9B5243047A20B68098EA47D
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666666643a3a2f34382d3438203d3e20323035373839.roa
Signing time: Wed 08 Nov 2023 14:49:44 +0000
ROA not before: Wed 08 Nov 2023 14:44:44 +0000
ROA not after: Wed 06 Nov 2024 14:49:44 +0000
asID: 205789
IP address blocks: 2a11:f2c0:fffd::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:b7:de:b4:1e:93:48:c1:c9:b5:24:30:47:a2:0b:68:09:8e:a4:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Validity
Not Before: Nov 8 14:44:44 2023 GMT
Not After : Nov 6 14:49:44 2024 GMT
Subject: CN=F51CA44DCD8DECBBDD4E2BF7B1F96F4B8DC6DDD6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e7:b4:d1:3a:22:0b:12:1f:70:44:ba:80:cb:
b8:43:f7:5b:8d:85:da:dd:28:a9:1a:a3:59:ff:f6:
63:6a:a4:f4:62:d4:e9:2e:77:43:ee:84:a3:5d:b3:
86:a1:56:53:68:b0:55:ab:d3:46:1d:ea:26:ad:f2:
c7:77:5a:12:e1:3d:c8:c2:4a:73:d4:ab:17:40:e3:
2d:47:6b:c6:fb:e5:f5:d1:47:dd:d6:29:c6:65:1e:
fa:8c:b1:50:9d:f4:5d:50:f7:cc:31:59:d2:08:31:
2e:b1:21:d2:23:62:a6:f6:66:21:3c:b9:07:8e:8f:
57:eb:e9:3d:ad:3d:fc:ea:67:28:25:0b:c7:fa:9d:
e2:e9:36:92:cc:21:eb:b0:21:d7:d9:ee:5e:fd:76:
ea:c6:9c:9b:f6:19:ac:e1:b1:55:78:77:32:f6:29:
b0:89:98:65:3f:ae:6d:97:1d:8f:4d:21:cc:a6:e5:
bb:8f:55:fe:d1:42:3c:fa:d6:fb:bc:00:56:09:bd:
07:b1:ca:85:5a:73:6d:b4:3f:42:2a:f8:4f:9e:20:
ef:92:40:27:11:03:07:8d:37:99:cb:fa:fa:37:5f:
ab:61:6a:eb:32:2c:12:76:dd:68:53:f3:57:78:67:
87:0a:f2:a5:35:26:3e:d0:e3:b0:e1:19:a2:6f:0e:
b7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:1C:A4:4D:CD:8D:EC:BB:DD:4E:2B:F7:B1:F9:6F:4B:8D:C6:DD:D6
X509v3 Authority Key Identifier:
keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666666643a3a2f34382d3438203d3e20323035373839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:fffd::/48
Signature Algorithm: sha256WithRSAEncryption
49:92:0c:ad:cc:9e:f1:35:7f:d1:21:98:78:59:c2:fd:a2:9e:
43:24:b0:0c:ff:c6:c6:a5:59:d8:5e:a6:4e:b5:da:a8:c5:76:
85:7c:8f:34:e3:a6:5a:5a:e6:30:51:33:41:e4:69:9d:07:c1:
29:9a:de:5c:60:e9:63:3f:9e:73:31:c1:78:86:b1:4a:10:67:
f9:77:e0:7b:7a:a0:bc:06:aa:a7:ff:ba:af:5b:76:36:d5:6a:
e1:9c:5f:32:2c:b9:52:f6:cb:9b:5b:e6:24:99:95:36:4b:11:
b8:26:d5:35:90:c2:1b:76:21:cd:ea:a7:f0:dd:84:ad:33:83:
b3:a7:ad:73:e9:7c:df:28:7b:ae:3e:b1:cf:14:62:9a:b9:ba:
86:11:32:47:5a:70:0a:b1:5a:e6:6d:13:22:65:43:d4:14:2b:
b9:ea:33:cf:7b:f7:91:aa:95:6c:e0:a7:1b:86:00:c8:e2:a6:
b6:00:d9:aa:6b:34:73:d3:af:76:62:40:98:e8:4b:e6:f2:a0:
12:c5:83:36:35:1a:9d:a3:2c:bd:36:9c:d5:d6:e1:3a:63:18:
ad:e4:32:0d:3f:ed:d2:fc:41:5a:12:86:60:fa:d0:66:d9:a0:
60:fa:45:86:1b:28:e6:12:e6:67:06:86:41:b1:57:68:e5:0e:
2c:e4:21:29
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUCbfetB6TSMHJtSQwR6ILaAmOpH0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yMzExMDgxNDQ0NDRaFw0yNDExMDYxNDQ5NDRaMDMxMTAvBgNV
BAMTKEY1MUNBNDREQ0Q4REVDQkJERDRFMkJGN0IxRjk2RjRCOERDNkRERDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCG57TROiILEh9wRLqAy7hD91uN
hdrdKKkao1n/9mNqpPRi1Okud0PuhKNds4ahVlNosFWr00Yd6iat8sd3WhLhPcjC
SnPUqxdA4y1Ha8b75fXRR93WKcZlHvqMsVCd9F1Q98wxWdIIMS6xIdIjYqb2ZiE8
uQeOj1fr6T2tPfzqZyglC8f6neLpNpLMIeuwIdfZ7l79durGnJv2GazhsVV4dzL2
KbCJmGU/rm2XHY9NIcym5buPVf7RQjz61vu8AFYJvQexyoVac220P0Iq+E+eIO+S
QCcRAweNN5nL+vo3X6thausyLBJ23WhT81d4Z4cK8qU1Jj7Q47DhGaJvDrd/AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU9RykTc2N7LvdTiv3sflvS43G3dYwHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2E2NjY2NjY2NDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNTM3MzgzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoR8sD//TANBgkqhkiG9w0BAQsFAAOCAQEASZIMrcye8TV/0SGY
eFnC/aKeQySwDP/GxqVZ2F6mTrXaqMV2hXyPNOOmWlrmMFEzQeRpnQfBKZreXGDp
Yz+eczHBeIaxShBn+Xfge3qgvAaqp/+6r1t2NtVq4ZxfMiy5UvbLm1vmJJmVNksR
uCbVNZDCG3Yhzeqn8N2ErTODs6etc+l83yh7rj6xzxRimrm6hhEyR1pwCrFa5m0T
ImVD1BQrueozz3v3kaqVbOCnG4YAyOKmtgDZqms0c9OvdmJAmOhL5vKgEsWDNjUa
naMsvTac1dbhOmMYreQyDT/t0vxBWhKGYPrQZtmgYPpFhhso5hLmZwaGQbFXaOUO
LOQhKQ==
-----END CERTIFICATE-----
Generated at Sat May 4 01:54:33 2024 by rpki-client on console-fra.rpki-client.org