Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32393a3a2f34382d3438203d3e20323136303732.roa
File: 326131313a323963303a32393a3a2f34382d3438203d3e20323136303732.roa (raw, json)
Hash identifier: C7J8aSdccfgfDph7mcQ9d0DqmRj270kgjoCo+l+BEZc=
Subject key identifier: 91:41:67:DA:7B:B6:A3:EC:18:5B:5C:37:30:91:62:F1:B8:90:E9:51
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 481D59C065137A573C9004EF546FB41AED4D0EF1
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32393a3a2f34382d3438203d3e20323136303732.roa
Signing time: Tue 01 Oct 2024 15:01:31 +0000
ROA not before: Tue 01 Oct 2024 14:56:31 +0000
ROA not after: Tue 30 Sep 2025 15:01:31 +0000
asID: 216072
IP address blocks: 2a11:29c0:29::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:1d:59:c0:65:13:7a:57:3c:90:04:ef:54:6f:b4:1a:ed:4d:0e:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Oct 1 14:56:31 2024 GMT
Not After : Sep 30 15:01:31 2025 GMT
Subject: CN=914167DA7BB6A3EC185B5C37309162F1B890E951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:00:98:28:35:5d:89:16:7a:d1:54:32:12:f2:
29:27:7d:2b:ef:97:cd:af:df:04:ea:42:56:d7:0a:
aa:a9:6d:ae:93:88:6e:bb:b5:c9:95:c6:f6:cd:76:
3d:b1:ba:01:3e:92:11:08:da:d6:5a:16:d9:bd:64:
4e:f1:a9:46:4a:71:f6:cc:9d:3b:4f:f5:d6:15:f2:
8e:25:2e:b3:2e:7e:0d:13:51:13:9e:02:72:33:84:
bc:e1:9d:0d:bf:b9:ec:ab:94:39:6c:ee:6b:91:78:
9d:33:a3:fc:2d:0d:d7:27:e8:6a:bc:c2:e2:06:9f:
46:f7:05:20:ae:a7:93:8c:55:b2:fa:cb:de:1c:24:
48:4f:bd:51:86:45:bc:a0:e0:02:27:2c:ec:3f:9f:
50:d0:ae:d4:e6:48:3b:c1:cc:6a:a7:f7:c1:2b:71:
04:f6:af:2d:fd:f8:1e:a2:ec:d0:1c:23:0f:63:3c:
38:54:e8:7b:28:dd:10:86:57:1c:8c:d1:04:a9:2f:
dd:18:84:37:33:e7:95:52:34:af:07:5e:fb:29:74:
3a:e2:c6:cd:57:2b:ae:67:de:ba:dc:5e:22:91:65:
20:66:a0:53:94:1f:6a:f1:c1:4d:f1:dc:8e:e9:30:
ba:28:27:cd:f6:04:e3:28:2e:f4:5a:63:63:52:7a:
f4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:41:67:DA:7B:B6:A3:EC:18:5B:5C:37:30:91:62:F1:B8:90:E9:51
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32393a3a2f34382d3438203d3e20323136303732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:29::/48
Signature Algorithm: sha256WithRSAEncryption
a5:8c:15:f6:04:4b:08:63:be:0d:fa:d9:ac:63:d6:3b:25:68:
b7:83:cd:48:15:c1:29:ba:60:d2:8c:94:72:59:d4:9b:ea:60:
f1:db:21:05:12:8b:e3:3d:06:cc:23:dd:54:7c:f5:ee:ff:17:
1d:f0:31:d8:e7:36:30:73:43:72:00:51:b3:b9:48:01:04:42:
2f:cd:bb:0b:85:69:61:15:5f:5b:7e:9e:6f:1f:fa:f2:9e:5e:
7c:d6:7e:a6:ae:a2:db:4b:8f:62:a1:37:86:8d:ac:6a:e1:0e:
00:8d:1f:fd:05:af:d8:a5:06:b7:d3:52:38:92:21:de:69:55:
a9:fe:1c:13:f3:77:94:46:28:5c:90:14:30:35:86:4d:f3:ef:
d4:52:48:d4:5e:0a:83:10:33:dc:1c:e8:06:41:a8:77:17:68:
eb:be:f4:4f:7c:11:90:6e:98:aa:37:8b:0d:c2:ac:f4:7a:99:
9f:b2:7f:9f:49:56:aa:b2:0a:db:8d:97:67:db:78:4d:cc:63:
c1:db:6d:d6:f4:02:b6:1e:80:ff:6b:5a:76:3d:a2:fd:f3:b9:
09:e6:9f:9b:2a:a9:28:76:ab:c6:56:98:7b:a8:da:fa:05:09:
9b:73:42:42:7f:b7:27:0e:92:63:1c:0b:f8:a6:ba:fd:0f:46:
26:c3:fc:b3
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUSB1ZwGUTelc8kATvVG+0Gu1NDvEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDEwMDExNDU2MzFaFw0yNTA5MzAxNTAxMzFaMDMxMTAvBgNV
BAMTKDkxNDE2N0RBN0JCNkEzRUMxODVCNUMzNzMwOTE2MkYxQjg5MEU5NTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNAJgoNV2JFnrRVDIS8iknfSvv
l82v3wTqQlbXCqqpba6TiG67tcmVxvbNdj2xugE+khEI2tZaFtm9ZE7xqUZKcfbM
nTtP9dYV8o4lLrMufg0TUROeAnIzhLzhnQ2/ueyrlDls7muReJ0zo/wtDdcn6Gq8
wuIGn0b3BSCup5OMVbL6y94cJEhPvVGGRbyg4AInLOw/n1DQrtTmSDvBzGqn98Er
cQT2ry39+B6i7NAcIw9jPDhU6Hso3RCGVxyM0QSpL90YhDcz55VSNK8HXvspdDri
xs1XK65n3rrcXiKRZSBmoFOUH2rxwU3x3I7pMLooJ832BOMoLvRaY2NSevTfAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUkUFn2nu2o+wYW1w3MJFi8biQ6VEwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMjM5M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM2MzAzNzMyLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwAApMA0GCSqGSIb3DQEBCwUAA4IBAQCljBX2BEsIY74N+tmsY9Y7
JWi3g81IFcEpumDSjJRyWdSb6mDx2yEFEovjPQbMI91UfPXu/xcd8DHY5zYwc0Ny
AFGzuUgBBEIvzbsLhWlhFV9bfp5vH/rynl581n6mrqLbS49ioTeGjaxq4Q4AjR/9
Ba/YpQa301I4kiHeaVWp/hwT83eURihckBQwNYZN8+/UUkjUXgqDEDPcHOgGQah3
F2jrvvRPfBGQbpiqN4sNwqz0epmfsn+fSVaqsgrbjZdn23hNzGPB223W9AK2HoD/
a1p2PaL987kJ5p+bKqkodqvGVph7qNr6BQmbc0JCf7cnDpJjHAv4prr9D0Ymw/yz
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:20 2024 by rpki-client on console-ams.rpki-client.org