Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33363a3a2f34382d3438203d3e203537343137.roa
File: 326131313a323963303a33363a3a2f34382d3438203d3e203537343137.roa (raw, json)
Hash identifier: w3eXA7nXm6iwLh+g3XAs2ZXqdRUnQJe6nGfOlTPEtYM=
Subject key identifier: C3:24:83:C1:52:00:40:97:D1:E5:1A:FB:2F:17:34:7A:CD:4C:D3:36
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 321A296F835FFBD53398037602517AFA60DC8250
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33363a3a2f34382d3438203d3e203537343137.roa
Signing time: Tue 24 Dec 2024 15:01:37 +0000
ROA not before: Tue 24 Dec 2024 14:56:37 +0000
ROA not after: Tue 23 Dec 2025 15:01:37 +0000
asID: 57417
IP address blocks: 2a11:29c0:36::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 11:26:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:1a:29:6f:83:5f:fb:d5:33:98:03:76:02:51:7a:fa:60:dc:82:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Dec 24 14:56:37 2024 GMT
Not After : Dec 23 15:01:37 2025 GMT
Subject: CN=C32483C152004097D1E51AFB2F17347ACD4CD336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:23:75:bf:2c:d3:f8:e1:a2:fc:53:0c:4c:69:
57:41:a1:3b:df:6d:3d:b4:30:b1:d0:30:d4:f5:8a:
17:58:38:7c:b2:42:27:52:20:18:3a:fd:8d:44:39:
46:4f:ff:6a:69:68:25:c7:a9:de:26:4d:7f:7d:f9:
e4:5e:75:f4:1c:65:80:38:66:1e:d5:d5:91:07:7e:
b2:a6:85:1a:d7:53:5c:e2:cd:24:3a:af:e7:ec:11:
93:1a:2a:bb:8d:7f:42:01:ad:8f:73:06:d7:1e:d2:
c7:2a:db:06:47:e3:2a:a4:4b:1f:64:ea:65:dd:3e:
ab:a9:2b:13:22:7d:1d:43:b8:6d:49:91:b1:79:30:
1a:6a:22:36:f6:2b:c0:c5:1f:c8:07:e5:cf:04:74:
80:5b:4d:41:a5:51:60:fa:5f:9d:9d:ec:64:7a:98:
0a:89:93:20:8c:0e:c2:65:89:3e:e1:c9:cc:9e:3e:
61:ce:64:e8:73:3c:dc:f2:66:72:77:3f:97:d8:1f:
67:9d:07:1c:f3:01:03:d0:83:24:67:52:c3:ae:9d:
a3:b4:b3:22:0c:43:dc:81:67:5c:00:66:0d:b4:7b:
af:f8:f5:bc:ff:94:82:ce:2e:7e:ab:a6:de:f9:18:
d1:6e:bd:0f:42:90:74:d6:8d:f5:9a:99:7f:ca:e0:
91:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:24:83:C1:52:00:40:97:D1:E5:1A:FB:2F:17:34:7A:CD:4C:D3:36
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33363a3a2f34382d3438203d3e203537343137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:36::/48
Signature Algorithm: sha256WithRSAEncryption
1c:5c:74:75:4d:10:13:c5:a5:13:84:bd:43:1e:c2:04:cb:cb:
e7:a9:c8:cf:f2:04:c9:63:0a:a6:ca:cb:ca:85:c6:bd:e5:3c:
58:dc:ad:41:fe:7a:2f:e4:df:0d:bb:9a:0b:d8:27:56:78:c4:
45:6a:47:25:7b:3c:01:6c:af:72:e3:33:9d:8a:70:70:8a:31:
58:bd:79:c8:48:1b:d7:8e:49:65:c1:de:2c:19:a5:ce:57:1e:
31:11:c1:55:6b:5d:a5:b9:1b:eb:09:28:44:0c:70:c1:d5:ed:
40:98:0b:01:bc:49:a0:2a:7f:b4:96:aa:db:34:dd:d6:eb:9e:
e7:90:12:f4:d1:90:38:09:18:6d:04:ca:e5:0b:bf:7c:e3:b6:
7b:d3:9b:53:51:f6:bc:91:12:c9:90:56:14:e4:51:40:12:47:
7b:47:78:d3:55:6e:de:14:26:9b:47:20:66:a4:70:e9:2e:fa:
62:99:8f:08:0c:af:68:2e:3e:a7:fe:93:09:66:51:32:1d:a4:
9c:02:4e:d6:43:d6:6a:6b:6c:d9:d1:97:34:71:0c:08:e8:cf:
5e:89:f0:5b:ea:c1:bb:de:6a:68:6a:e9:f9:52:ad:96:91:cf:
e6:a0:83:7d:58:f8:57:dd:70:2d:c1:8a:91:c8:19:21:a3:f5:
13:e1:81:19
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUMhopb4Nf+9UzmAN2AlF6+mDcglAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDEyMjQxNDU2MzdaFw0yNTEyMjMxNTAxMzdaMDMxMTAvBgNV
BAMTKEMzMjQ4M0MxNTIwMDQwOTdEMUU1MUFGQjJGMTczNDdBQ0Q0Q0QzMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6I3W/LNP44aL8UwxMaVdBoTvf
bT20MLHQMNT1ihdYOHyyQidSIBg6/Y1EOUZP/2ppaCXHqd4mTX99+eRedfQcZYA4
Zh7V1ZEHfrKmhRrXU1zizSQ6r+fsEZMaKruNf0IBrY9zBtce0scq2wZH4yqkSx9k
6mXdPqupKxMifR1DuG1JkbF5MBpqIjb2K8DFH8gH5c8EdIBbTUGlUWD6X52d7GR6
mAqJkyCMDsJliT7hycyePmHOZOhzPNzyZnJ3P5fYH2edBxzzAQPQgyRnUsOunaO0
syIMQ9yBZ1wAZg20e6/49bz/lILOLn6rpt75GNFuvQ9CkHTWjfWamX/K4JHZAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUwySDwVIAQJfR5Rr7Lxc0es1M0zYwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzM2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzUzNzM0MzEzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoRKcAANjANBgkqhkiG9w0BAQsFAAOCAQEAHFx0dU0QE8WlE4S9Qx7CBMvL
56nIz/IEyWMKpsrLyoXGveU8WNytQf56L+TfDbuaC9gnVnjERWpHJXs8AWyvcuMz
nYpwcIoxWL15yEgb145JZcHeLBmlzlceMRHBVWtdpbkb6wkoRAxwwdXtQJgLAbxJ
oCp/tJaq2zTd1uue55AS9NGQOAkYbQTK5Qu/fOO2e9ObU1H2vJESyZBWFORRQBJH
e0d401Vu3hQmm0cgZqRw6S76YpmPCAyvaC4+p/6TCWZRMh2knAJO1kPWamts2dGX
NHEMCOjPXonwW+rBu95qaGrp+VKtlpHP5qCDfVj4V91wLcGKkcgZIaP1E+GBGQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:46:32 2025 by rpki-client