Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32383a3a2f34382d3438203d3e20323136313934.roa
File: 326131313a323963303a32383a3a2f34382d3438203d3e20323136313934.roa (raw, json)
Hash identifier: y3iQHYkZSVSeaFL5WTyJyvUlwzFZfmMojk+K7VhGL6Y=
Subject key identifier: 04:48:76:DB:65:3D:67:C1:B0:8B:DD:91:2E:A8:3E:09:B3:A1:1D:D6
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 16EDE88282A01C42B0EDA336544FFF413266AA6A
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32383a3a2f34382d3438203d3e20323136313934.roa
Signing time: Wed 11 Sep 2024 22:01:29 +0000
ROA not before: Wed 11 Sep 2024 21:56:29 +0000
ROA not after: Wed 10 Sep 2025 22:01:29 +0000
asID: 216194
IP address blocks: 2a11:29c0:28::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:ed:e8:82:82:a0:1c:42:b0:ed:a3:36:54:4f:ff:41:32:66:aa:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Sep 11 21:56:29 2024 GMT
Not After : Sep 10 22:01:29 2025 GMT
Subject: CN=044876DB653D67C1B08BDD912EA83E09B3A11DD6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5b:2f:c6:b2:85:a8:4b:5d:cc:c5:bb:01:18:
e6:ae:e7:57:de:a1:ac:6f:42:4f:78:9f:ab:db:3c:
1e:ea:ed:70:b4:74:10:6c:9d:f9:84:96:29:49:f0:
e7:93:e8:1d:ff:94:95:2b:28:72:b0:29:f8:e8:05:
1b:aa:ff:3c:18:ae:af:61:85:c6:70:45:63:a1:b0:
2d:5d:ea:bf:1c:53:5b:41:1f:3d:0a:8e:80:b9:6c:
38:ba:bd:09:e0:0a:6e:73:34:3c:00:99:31:6a:80:
b7:70:5c:9a:b9:f1:da:ea:21:a6:2a:0d:3a:26:f4:
53:4b:85:7d:51:f2:71:0d:9b:32:dd:59:ad:61:a3:
ce:b2:2b:04:be:23:6c:63:3c:11:6e:02:6f:f4:b0:
3e:e8:6e:98:31:73:15:a9:f6:43:82:98:2c:42:54:
62:94:f0:a1:e8:df:09:0e:c3:b1:80:66:91:5a:82:
25:cb:a1:f7:66:5d:4f:be:9f:2b:85:08:bb:88:3f:
2b:45:04:76:89:3d:e2:e0:fc:38:e8:ee:7c:41:cf:
bc:04:66:23:ba:f0:08:92:3f:c9:3e:1a:4c:33:fb:
c5:5e:78:72:7a:d7:fb:ea:55:d2:4d:37:b3:78:23:
d0:31:aa:18:d4:41:9c:3f:f2:45:c4:a2:eb:69:01:
0d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:48:76:DB:65:3D:67:C1:B0:8B:DD:91:2E:A8:3E:09:B3:A1:1D:D6
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32383a3a2f34382d3438203d3e20323136313934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:28::/48
Signature Algorithm: sha256WithRSAEncryption
89:df:0e:d7:8c:c5:d8:cb:c4:ad:9c:6a:9a:d9:07:53:4a:cc:
a8:75:8c:fd:76:74:0b:cd:5b:c2:5d:57:7a:7f:a8:f1:69:0b:
df:55:6e:88:cc:dd:ed:00:b7:24:93:91:3d:ff:92:db:7e:2c:
23:6b:9b:f3:d3:b3:31:8c:f7:1f:d3:c8:c9:58:9a:0e:52:a0:
18:96:5d:c9:ab:16:ed:85:e9:89:fb:ca:fe:d1:34:2a:90:19:
57:7e:57:89:cc:47:46:21:9c:7a:1c:26:4b:ef:0b:c2:de:3e:
7e:14:3c:32:27:f8:49:dd:94:85:f0:c9:80:ad:fa:bb:56:ae:
3f:be:28:24:2a:4a:db:fd:9c:91:d9:7f:82:04:86:71:75:54:
a8:62:e8:5c:70:d8:0d:4f:db:e0:40:1f:1c:87:02:81:4d:e0:
42:bf:df:1a:b9:e4:14:97:57:90:9e:a3:e1:a8:be:d6:63:ee:
bc:a9:73:2b:55:d4:c2:90:9c:07:49:8c:56:57:e1:09:2a:13:
e0:6b:7c:ba:00:ef:2e:34:bb:7b:55:a0:ac:9b:e6:dd:8f:72:
b6:2b:2e:b7:86:af:2a:51:3e:5a:8a:06:22:79:2d:08:56:ff:
7b:9c:52:0c:e7:91:a5:7c:da:a3:9f:74:f5:1f:15:b3:49:92:
ab:15:d9:f8
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUFu3ogoKgHEKw7aM2VE//QTJmqmowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA5MTEyMTU2MjlaFw0yNTA5MTAyMjAxMjlaMDMxMTAvBgNV
BAMTKDA0NDg3NkRCNjUzRDY3QzFCMDhCREQ5MTJFQTgzRTA5QjNBMTFERDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/Wy/GsoWoS13MxbsBGOau51fe
oaxvQk94n6vbPB7q7XC0dBBsnfmElilJ8OeT6B3/lJUrKHKwKfjoBRuq/zwYrq9h
hcZwRWOhsC1d6r8cU1tBHz0KjoC5bDi6vQngCm5zNDwAmTFqgLdwXJq58drqIaYq
DTom9FNLhX1R8nENmzLdWa1ho86yKwS+I2xjPBFuAm/0sD7obpgxcxWp9kOCmCxC
VGKU8KHo3wkOw7GAZpFagiXLofdmXU++nyuFCLuIPytFBHaJPeLg/Djo7nxBz7wE
ZiO68AiSP8k+Gkwz+8VeeHJ61/vqVdJNN7N4I9AxqhjUQZw/8kXEoutpAQ3fAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUBEh222U9Z8Gwi92RLqg+CbOhHdYwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMjM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM2MzEzOTM0LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwAAoMA0GCSqGSIb3DQEBCwUAA4IBAQCJ3w7XjMXYy8StnGqa2QdT
SsyodYz9dnQLzVvCXVd6f6jxaQvfVW6IzN3tALckk5E9/5Lbfiwja5vz07MxjPcf
08jJWJoOUqAYll3JqxbthemJ+8r+0TQqkBlXfleJzEdGIZx6HCZL7wvC3j5+FDwy
J/hJ3ZSF8MmArfq7Vq4/vigkKkrb/ZyR2X+CBIZxdVSoYuhccNgNT9vgQB8chwKB
TeBCv98aueQUl1eQnqPhqL7WY+68qXMrVdTCkJwHSYxWV+EJKhPga3y6AO8uNLt7
VaCsm+bdj3K2Ky63hq8qUT5aigYieS0IVv97nFIM55GlfNqjn3T1HxWzSZKrFdn4
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:13 2024 by rpki-client on console-fra.rpki-client.org