Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33353a3a2f34382d3438203d3e203233343730.roa
File: 326131313a323963303a33353a3a2f34382d3438203d3e203233343730.roa (raw, json)
Hash identifier: /sSKD8Ma46OuAt7NEmkChqg+1HBl0IPIHBNNH173nmM=
Subject key identifier: A1:48:61:43:66:51:36:F9:78:97:38:5E:89:11:EC:DC:4B:44:5D:87
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 03F90A38929600033C4AE30C63B671CDD41D4625
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33353a3a2f34382d3438203d3e203233343730.roa
Signing time: Fri 03 May 2024 11:35:09 +0000
ROA not before: Fri 03 May 2024 11:30:09 +0000
ROA not after: Fri 02 May 2025 11:35:09 +0000
asID: 23470
IP address blocks: 2a11:29c0:35::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:f9:0a:38:92:96:00:03:3c:4a:e3:0c:63:b6:71:cd:d4:1d:46:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 3 11:30:09 2024 GMT
Not After : May 2 11:35:09 2025 GMT
Subject: CN=A1486143665136F97897385E8911ECDC4B445D87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a4:a6:f0:fc:5d:ab:87:6d:b7:9e:71:f7:07:
98:c4:57:ae:e3:80:d6:92:e6:ee:43:17:63:5d:40:
68:a6:09:b1:44:29:75:69:fc:29:be:6a:75:e8:2c:
fc:67:d5:20:2b:3f:36:7e:94:ab:05:9a:22:02:27:
47:c5:32:38:9a:8d:f2:ba:a1:8b:f2:e9:06:3e:5f:
31:16:b3:59:c6:13:59:4d:27:c4:f1:e3:cd:c4:a1:
ab:91:92:de:30:08:04:96:4f:4a:51:07:cf:9a:d8:
1b:9d:7c:b1:bb:b8:4f:f7:77:34:de:fd:ff:b6:95:
00:64:6c:78:6e:b3:89:be:ca:4a:c2:9d:2e:f2:bd:
66:26:fc:28:8b:e5:97:4e:3c:d9:5f:e3:22:4a:64:
f2:9f:c8:4e:88:24:55:ce:31:2b:2a:a8:9b:f1:b3:
3a:4b:92:dc:b2:a8:fc:32:03:f6:c8:a8:05:b7:48:
73:11:c7:36:0b:87:3d:8b:1d:2d:fa:57:c8:36:9d:
25:30:26:0c:a6:68:44:50:12:ad:2e:b3:ce:cd:b7:
20:57:b6:b7:56:53:2e:be:dc:2a:79:52:49:77:c5:
1b:21:a1:71:bc:47:be:f9:5c:28:36:09:c0:65:3b:
e0:fd:5c:56:dd:45:7c:1c:a2:aa:63:ac:9e:2b:e9:
d7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:48:61:43:66:51:36:F9:78:97:38:5E:89:11:EC:DC:4B:44:5D:87
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33353a3a2f34382d3438203d3e203233343730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:35::/48
Signature Algorithm: sha256WithRSAEncryption
af:0c:c6:fb:0b:42:61:ab:73:7d:20:e4:f4:12:28:be:f8:5e:
7c:f7:71:ea:3d:5e:3a:19:8a:0d:14:cd:d1:21:ba:80:72:a2:
b0:1e:65:d9:2f:a5:d2:6b:0d:49:5e:d2:f8:f5:14:49:1a:f9:
95:64:70:f5:d8:2d:5c:0e:2f:aa:8e:4b:a6:78:8b:33:3a:da:
ed:b9:4b:0c:ee:b2:94:96:4b:9f:16:25:e9:ea:4f:4c:72:31:
7c:f1:9c:ad:70:7a:df:2e:79:3d:6f:15:fd:e0:6c:55:de:03:
ed:55:a4:d8:2f:b8:35:a4:8c:c9:cc:52:8c:29:a3:1a:74:48:
8b:51:b3:0e:55:50:4f:12:20:a2:4a:23:98:88:ba:6f:b2:b0:
6e:14:31:dc:8e:1b:1d:84:88:9b:8a:73:eb:b3:0a:d9:d7:f4:
6f:1a:45:37:13:27:f4:85:26:1b:d0:92:ae:38:2f:8c:03:b9:
30:51:9b:75:bd:2e:64:2a:4e:7a:7a:10:3d:8b:00:38:f7:10:
a2:d3:ed:4f:6b:00:a1:0b:58:5e:a1:01:06:d5:23:db:cc:dc:
d0:d3:8f:de:04:db:84:3f:12:7d:d2:07:03:d5:88:3c:5d:0c:
d4:40:76:15:14:5a:c0:32:81:23:e1:9d:81:aa:04:9e:6e:80:
cc:91:01:cd
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUA/kKOJKWAAM8SuMMY7ZxzdQdRiUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA1MDMxMTMwMDlaFw0yNTA1MDIxMTM1MDlaMDMxMTAvBgNV
BAMTKEExNDg2MTQzNjY1MTM2Rjk3ODk3Mzg1RTg5MTFFQ0RDNEI0NDVEODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSpKbw/F2rh223nnH3B5jEV67j
gNaS5u5DF2NdQGimCbFEKXVp/Cm+anXoLPxn1SArPzZ+lKsFmiICJ0fFMjiajfK6
oYvy6QY+XzEWs1nGE1lNJ8Tx483EoauRkt4wCASWT0pRB8+a2BudfLG7uE/3dzTe
/f+2lQBkbHhus4m+ykrCnS7yvWYm/CiL5ZdOPNlf4yJKZPKfyE6IJFXOMSsqqJvx
szpLktyyqPwyA/bIqAW3SHMRxzYLhz2LHS36V8g2nSUwJgymaERQEq0us87NtyBX
trdWUy6+3Cp5Ukl3xRshoXG8R775XCg2CcBlO+D9XFbdRXwcoqpjrJ4r6dc1AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUoUhhQ2ZRNvl4lzheiRHs3EtEXYcwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzM1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMzM0MzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoRKcAANTANBgkqhkiG9w0BAQsFAAOCAQEArwzG+wtCYatzfSDk9BIovvhe
fPdx6j1eOhmKDRTN0SG6gHKisB5l2S+l0msNSV7S+PUUSRr5lWRw9dgtXA4vqo5L
pniLMzra7blLDO6ylJZLnxYl6epPTHIxfPGcrXB63y55PW8V/eBsVd4D7VWk2C+4
NaSMycxSjCmjGnRIi1GzDlVQTxIgokojmIi6b7KwbhQx3I4bHYSIm4pz67MK2df0
bxpFNxMn9IUmG9CSrjgvjAO5MFGbdb0uZCpOenoQPYsAOPcQotPtT2sAoQtYXqEB
BtUj28zc0NOP3gTbhD8SfdIHA9WIPF0M1EB2FRRawDKBI+GdgaoEnm6AzJEBzQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:20 2024 by rpki-client on console-ams.rpki-client.org