Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666666653a3a2f34382d3438203d3e20323130353032.roa
File: 326131313a663263303a666666653a3a2f34382d3438203d3e20323130353032.roa (raw, json)
Hash identifier: X+TWfgYHq7kCqKYrKVpMG2E+IkJixgeTflppXLFLaTM=
Subject key identifier: F3:F4:A6:84:FD:61:4F:7C:00:0B:B6:CB:1F:07:54:4D:BF:BF:3A:CB
Certificate issuer: /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial: 20F1795772238BE55AE9EF14DEA348F74008EBF0
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666666653a3a2f34382d3438203d3e20323130353032.roa
Signing time: Wed 08 Nov 2023 14:49:42 +0000
ROA not before: Wed 08 Nov 2023 14:44:42 +0000
ROA not after: Wed 06 Nov 2024 14:49:42 +0000
asID: 210502
IP address blocks: 2a11:f2c0:fffe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:f1:79:57:72:23:8b:e5:5a:e9:ef:14:de:a3:48:f7:40:08:eb:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Validity
Not Before: Nov 8 14:44:42 2023 GMT
Not After : Nov 6 14:49:42 2024 GMT
Subject: CN=F3F4A684FD614F7C000BB6CB1F07544DBFBF3ACB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:04:47:6f:12:3c:97:35:e1:92:dd:bf:d6:98:
60:d4:57:76:6b:32:dd:53:96:9f:50:be:43:6c:b1:
37:fb:54:15:55:d5:9e:eb:f0:64:c6:8e:3e:cb:ad:
ec:7f:f0:a6:af:ec:73:3f:65:7b:e7:ca:8b:d4:58:
11:9f:13:25:f8:de:18:e5:42:53:ac:44:81:3e:b8:
00:08:27:ec:fa:c0:82:02:53:ca:31:11:8e:a4:d7:
06:7e:f9:5c:69:c0:29:24:ed:a1:2a:2f:83:7c:4d:
64:94:92:0b:cc:cd:a5:34:bd:42:32:7e:b8:87:8d:
71:22:01:ed:6b:fe:7f:4c:30:fd:bc:f2:b9:b6:5a:
f5:51:92:07:75:9e:cb:2f:80:c3:87:9f:50:52:fc:
a9:e7:1f:93:02:24:25:08:96:4b:48:cd:ce:df:0e:
ec:6b:41:26:12:f4:43:bd:65:74:9c:ed:ad:ae:9c:
cd:c0:dd:a5:aa:e3:e8:3c:dd:07:2a:f2:7c:09:75:
25:a7:f9:00:cf:f1:e8:69:ba:3e:40:64:7d:05:7f:
3e:eb:f1:7e:10:86:0a:de:cc:1d:1c:a9:ac:99:cc:
c6:c3:82:97:09:ce:6e:6e:df:9f:bd:d2:de:54:84:
3d:67:b9:4c:aa:0c:03:ef:a9:0c:31:c0:ee:9f:18:
09:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:F4:A6:84:FD:61:4F:7C:00:0B:B6:CB:1F:07:54:4D:BF:BF:3A:CB
X509v3 Authority Key Identifier:
keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666666653a3a2f34382d3438203d3e20323130353032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
93:a7:20:e1:66:0a:a7:06:0c:36:4e:3b:62:57:f0:c8:35:1d:
58:e6:96:92:d4:0a:4b:ab:eb:fb:0c:a7:54:2d:4f:4e:e8:a2:
6a:e9:85:d0:02:aa:c1:94:a1:7b:fc:fb:9b:59:45:43:69:3b:
98:37:4d:64:d3:18:b2:ce:67:51:df:50:70:be:27:cb:38:fd:
8c:2c:37:bb:df:b9:e7:c8:9a:dc:ab:4a:d0:82:8b:6e:ab:29:
0a:d5:86:60:43:84:63:f9:b2:81:cb:27:d2:86:0d:f1:9a:07:
2d:f4:4c:2e:d2:c5:3b:cd:b6:e3:c6:e2:cd:58:e7:a3:88:e3:
5d:02:84:ee:cc:6b:27:4c:f9:52:c4:34:c5:50:39:0d:0c:c7:
21:dc:a0:1d:d0:f2:9d:5e:ae:53:6f:47:23:ba:fa:92:97:e7:
75:55:8a:91:7a:ae:ab:f0:66:df:ca:30:e5:ea:4d:7d:12:9c:
b9:4b:6d:9a:28:98:fd:68:9c:40:9a:6c:ba:fc:c6:d5:0f:43:
7b:69:fc:97:63:06:51:5f:2b:d0:b0:57:60:43:e9:06:80:b8:
34:be:d6:4f:ac:47:51:f5:c6:c6:5e:dc:b0:de:bb:f2:45:d9:
e1:34:91:4b:95:d0:fb:06:04:14:67:ac:a5:96:3f:53:e4:6d:
d5:c6:52:75
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUIPF5V3Iji+Va6e8U3qNI90AI6/AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yMzExMDgxNDQ0NDJaFw0yNDExMDYxNDQ5NDJaMDMxMTAvBgNV
BAMTKEYzRjRBNjg0RkQ2MTRGN0MwMDBCQjZDQjFGMDc1NDREQkZCRjNBQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjBEdvEjyXNeGS3b/WmGDUV3Zr
Mt1Tlp9QvkNssTf7VBVV1Z7r8GTGjj7Lrex/8Kav7HM/ZXvnyovUWBGfEyX43hjl
QlOsRIE+uAAIJ+z6wIICU8oxEY6k1wZ++VxpwCkk7aEqL4N8TWSUkgvMzaU0vUIy
friHjXEiAe1r/n9MMP288rm2WvVRkgd1nssvgMOHn1BS/KnnH5MCJCUIlktIzc7f
DuxrQSYS9EO9ZXSc7a2unM3A3aWq4+g83Qcq8nwJdSWn+QDP8ehpuj5AZH0Ffz7r
8X4QhgrezB0cqayZzMbDgpcJzm5u35+90t5UhD1nuUyqDAPvqQwxwO6fGAlfAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU8/SmhP1hT3wAC7bLHwdUTb+/OsswHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2E2NjY2NjY2NTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMDM1MzAzMi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoR8sD//jANBgkqhkiG9w0BAQsFAAOCAQEAk6cg4WYKpwYMNk47
YlfwyDUdWOaWktQKS6vr+wynVC1PTuiiaumF0AKqwZShe/z7m1lFQ2k7mDdNZNMY
ss5nUd9QcL4nyzj9jCw3u9+558ia3KtK0IKLbqspCtWGYEOEY/mygcsn0oYN8ZoH
LfRMLtLFO82248bizVjno4jjXQKE7sxrJ0z5UsQ0xVA5DQzHIdygHdDynV6uU29H
I7r6kpfndVWKkXquq/Bm38ow5epNfRKcuUttmiiY/WicQJpsuvzG1Q9De2n8l2MG
UV8r0LBXYEPpBoC4NL7WT6xHUfXGxl7csN678kXZ4TSRS5XQ+wYEFGespZY/U+Rt
1cZSdQ==
-----END CERTIFICATE-----
Generated at Sat May 4 01:54:33 2024 by rpki-client on console-fra.rpki-client.org