Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32633a3a2f34382d3438203d3e203136353039.roa
File: 326131313a323963303a32633a3a2f34382d3438203d3e203136353039.roa (raw, json)
Hash identifier: i8nHPdTdoSyq5KrirYX8LwtIh/R8pyQexo4nA2/2BE8=
Subject key identifier: 07:E0:E7:D3:CE:AC:C6:BC:CA:4B:D1:D4:6C:41:07:88:1B:AE:85:94
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 0CB711C6561EDA5082437B3B6F8D81FE3DA615CC
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32633a3a2f34382d3438203d3e203136353039.roa
Signing time: Fri 04 Oct 2024 22:41:42 +0000
ROA not before: Fri 04 Oct 2024 22:36:42 +0000
ROA not after: Fri 03 Oct 2025 22:41:42 +0000
asID: 16509
IP address blocks: 2a11:29c0:2c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:b7:11:c6:56:1e:da:50:82:43:7b:3b:6f:8d:81:fe:3d:a6:15:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Oct 4 22:36:42 2024 GMT
Not After : Oct 3 22:41:42 2025 GMT
Subject: CN=07E0E7D3CEACC6BCCA4BD1D46C4107881BAE8594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:cb:b0:7b:43:d5:c7:fc:2c:a1:be:aa:1a:19:
ea:e5:ca:96:ba:50:eb:3b:40:f1:fb:ef:67:25:1c:
94:ca:c9:56:96:64:bb:d8:4d:50:70:9e:25:50:6c:
2e:64:99:7b:1d:b2:db:08:ee:e5:56:52:22:86:ff:
5b:b0:78:10:9c:36:06:57:9f:3d:8a:11:7f:ef:2f:
43:d5:97:8e:e9:a1:02:9a:f5:f8:ee:db:90:81:89:
39:a7:97:78:a9:a1:64:4c:73:78:7e:9f:3d:51:83:
e2:eb:83:b3:4c:29:b7:bd:4c:51:5e:43:42:e7:c8:
08:7e:c3:3d:09:25:79:54:10:11:9e:38:9e:93:f9:
20:7a:60:fe:17:c4:cc:8d:e5:89:c4:5b:14:67:4b:
d3:26:d7:50:98:33:5f:b6:04:0c:65:d8:99:be:5f:
bd:f0:fe:66:b1:a7:2e:8d:93:67:1d:a8:a9:5f:2e:
b0:f7:81:7e:ad:03:58:63:c6:d6:75:c8:7c:9a:2e:
8c:ca:1f:21:5e:bc:23:00:e8:76:00:f6:65:9d:0a:
63:75:69:b5:97:4b:28:6e:59:e8:24:b9:ad:50:2b:
48:04:a4:c6:1b:00:33:ba:3f:d0:a9:26:12:1e:f9:
2d:78:db:f6:4e:e1:7a:5a:21:90:1c:59:4e:c6:c1:
99:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E0:E7:D3:CE:AC:C6:BC:CA:4B:D1:D4:6C:41:07:88:1B:AE:85:94
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32633a3a2f34382d3438203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:2c::/48
Signature Algorithm: sha256WithRSAEncryption
67:0f:7d:ed:20:39:67:3a:98:44:85:6f:18:91:20:ab:88:5c:
57:2c:ff:e9:80:81:b0:45:35:dc:cb:ca:9b:0c:cd:f0:d3:89:
e8:12:e1:ba:50:b4:ce:27:0e:11:6c:40:0b:88:5b:59:d2:27:
eb:bf:e1:b5:71:ec:d3:8a:e9:bd:81:89:5a:bc:21:14:c7:ef:
8d:ca:df:ed:03:e4:05:51:62:d3:78:4f:2a:37:4f:3b:fc:28:
aa:bd:ea:5e:8f:7b:65:2a:59:c4:91:58:16:79:ab:9a:30:e7:
2d:78:8f:b7:e7:59:e3:54:c1:11:fc:51:a6:31:07:30:a3:97:
a0:89:79:b7:9b:da:d6:cb:7f:ea:21:fd:64:65:33:55:e5:b5:
86:a5:f2:69:59:84:43:45:1f:70:32:f5:09:f9:55:4b:76:e5:
19:1d:8d:0b:0f:bb:fa:a3:c7:62:93:9d:36:c8:86:49:0d:45:
78:a7:0a:53:81:f3:01:18:6e:83:9a:0f:40:e6:8c:25:0b:46:
5f:49:6f:5c:8e:1e:59:1b:78:52:7a:58:7f:35:96:28:0e:85:
98:1b:82:96:95:09:ca:9f:c6:15:1c:26:2d:69:d7:67:e1:6b:
5b:ac:fa:95:da:e1:79:8d:de:c0:b4:c8:65:87:7d:37:ec:53:
ef:18:59:2b
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUDLcRxlYe2lCCQ3s7b42B/j2mFcwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDEwMDQyMjM2NDJaFw0yNTEwMDMyMjQxNDJaMDMxMTAvBgNV
BAMTKDA3RTBFN0QzQ0VBQ0M2QkNDQTRCRDFENDZDNDEwNzg4MUJBRTg1OTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCby7B7Q9XH/CyhvqoaGerlypa6
UOs7QPH772clHJTKyVaWZLvYTVBwniVQbC5kmXsdstsI7uVWUiKG/1uweBCcNgZX
nz2KEX/vL0PVl47poQKa9fju25CBiTmnl3ipoWRMc3h+nz1Rg+Lrg7NMKbe9TFFe
Q0LnyAh+wz0JJXlUEBGeOJ6T+SB6YP4XxMyN5YnEWxRnS9Mm11CYM1+2BAxl2Jm+
X73w/maxpy6Nk2cdqKlfLrD3gX6tA1hjxtZ1yHyaLozKHyFevCMA6HYA9mWdCmN1
abWXSyhuWegkua1QK0gEpMYbADO6P9CpJhIe+S142/ZO4XpaIZAcWU7GwZmzAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUB+Dn086sxrzKS9HUbEEHiBuuhZQwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMjYzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNjM1MzAzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoRKcAALDANBgkqhkiG9w0BAQsFAAOCAQEAZw997SA5ZzqYRIVvGJEgq4hc
Vyz/6YCBsEU13MvKmwzN8NOJ6BLhulC0zicOEWxAC4hbWdIn67/htXHs04rpvYGJ
WrwhFMfvjcrf7QPkBVFi03hPKjdPO/woqr3qXo97ZSpZxJFYFnmrmjDnLXiPt+dZ
41TBEfxRpjEHMKOXoIl5t5va1st/6iH9ZGUzVeW1hqXyaVmEQ0UfcDL1CflVS3bl
GR2NCw+7+qPHYpOdNsiGSQ1FeKcKU4HzARhug5oPQOaMJQtGX0lvXI4eWRt4UnpY
fzWWKA6FmBuClpUJyp/GFRwmLWnXZ+FrW6z6ldrheY3ewLTIZYd9N+xT7xhZKw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:13 2024 by rpki-client on console-fra.rpki-client.org