Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466313a3a2f34382d3438203d3e20323039333839.roa
File: 326131313a323963303a336466313a3a2f34382d3438203d3e20323039333839.roa (raw, json)
Hash identifier: 9PZOs94MGbOclfpf/M7wstfHFV1Heae3MPZ3rn+Oj7w=
Subject key identifier: CB:7F:8A:67:09:42:3F:A2:37:AC:D7:70:2E:B9:D1:14:EF:DB:84:F2
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 126D391B6D5FF844B4AD8FCC52F210E99A2D0E2F
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466313a3a2f34382d3438203d3e20323039333839.roa
Signing time: Wed 19 Jul 2023 13:30:20 +0000
ROA not before: Wed 19 Jul 2023 13:25:20 +0000
ROA not after: Wed 17 Jul 2024 13:30:20 +0000
asID: 209389
IP address blocks: 2a11:29c0:3df1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:6d:39:1b:6d:5f:f8:44:b4:ad:8f:cc:52:f2:10:e9:9a:2d:0e:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Jul 19 13:25:20 2023 GMT
Not After : Jul 17 13:30:20 2024 GMT
Subject: CN=CB7F8A6709423FA237ACD7702EB9D114EFDB84F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:67:e7:ec:75:f6:08:0e:bf:1b:00:2c:81:dc:
19:4e:57:2f:30:83:ea:e3:b4:ab:43:26:10:58:86:
c0:52:2b:98:13:24:dd:d0:61:c1:71:93:8e:28:cd:
f4:24:05:f7:f0:6c:09:0e:c7:aa:f6:31:52:84:7d:
09:d0:f0:19:f8:9f:6e:c7:07:1d:7d:97:7c:47:c8:
42:84:62:cf:66:6a:5f:6f:c4:c3:2c:61:a1:9c:8a:
54:0e:d5:0f:52:fc:38:5b:a2:bc:1a:da:55:16:10:
b7:dc:2b:2a:28:28:32:24:60:e3:24:dd:60:a4:5b:
fc:27:13:f7:b6:52:33:d6:11:a7:2b:f0:04:9d:93:
bc:81:d5:7e:cd:14:dc:06:0a:d1:ea:15:03:5f:8e:
72:b8:d8:63:ea:9b:e4:22:17:80:06:c9:b7:41:bb:
90:b3:7d:fd:46:13:f9:27:99:92:19:75:03:b0:f2:
1c:76:39:8d:4e:73:dd:e0:93:4a:cc:e4:90:29:cc:
71:82:3b:7b:11:91:7e:91:cc:45:1b:9f:54:5c:cc:
b8:72:80:12:5b:e0:e1:22:e7:5c:cf:f6:5c:bb:ff:
2e:20:61:fe:aa:5d:1b:17:6a:33:22:be:fd:81:9c:
b5:ae:13:3e:95:d9:ea:c5:3c:d2:a7:78:7e:90:92:
7a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7F:8A:67:09:42:3F:A2:37:AC:D7:70:2E:B9:D1:14:EF:DB:84:F2
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466313a3a2f34382d3438203d3e20323039333839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3df1::/48
Signature Algorithm: sha256WithRSAEncryption
0d:f3:17:80:c3:90:e9:d4:18:55:54:62:21:06:95:c2:ff:b3:
df:53:84:de:0f:98:da:1d:58:54:0a:65:9f:f5:26:9f:ed:6d:
0a:ee:cf:31:c6:82:29:1c:e2:28:7c:cc:bb:b5:38:73:10:93:
9a:6f:21:00:b1:57:ce:e2:12:d9:c5:c6:80:58:40:f6:27:6b:
11:ea:bf:d8:47:77:a6:fe:81:fd:12:b6:9d:03:2a:24:43:4c:
90:ef:88:a0:aa:7b:f1:62:70:81:cb:5e:d0:59:24:cf:6d:d0:
be:eb:6a:9a:15:2b:e1:a4:0f:78:15:9d:46:cf:c0:0a:e7:52:
34:db:9c:99:6a:ad:fc:ea:c4:c7:e3:55:b0:6d:8c:63:ce:10:
51:f6:c4:ba:1a:40:ab:b7:a1:d9:fd:ac:82:2b:db:32:be:c8:
95:5d:1d:17:97:f4:9f:1e:70:56:b0:3d:35:0e:39:30:24:dc:
48:9f:d3:6a:ec:72:b1:f7:4e:7d:bd:bd:f3:60:c1:23:3e:f6:
12:70:a3:a8:70:16:a9:01:bc:aa:23:92:f7:5f:a4:4a:6a:06:
17:d6:f0:62:ca:1f:3a:2c:d8:98:90:87:a2:ae:0a:5a:7e:6e:
f7:db:8b:05:43:e5:75:67:9f:03:06:9a:b8:9d:57:ad:6f:65:
6e:ee:d9:5b
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUEm05G21f+ES0rY/MUvIQ6ZotDi8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yMzA3MTkxMzI1MjBaFw0yNDA3MTcxMzMwMjBaMDMxMTAvBgNV
BAMTKENCN0Y4QTY3MDk0MjNGQTIzN0FDRDc3MDJFQjlEMTE0RUZEQjg0RjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbZ+fsdfYIDr8bACyB3BlOVy8w
g+rjtKtDJhBYhsBSK5gTJN3QYcFxk44ozfQkBffwbAkOx6r2MVKEfQnQ8Bn4n27H
Bx19l3xHyEKEYs9mal9vxMMsYaGcilQO1Q9S/Dhborwa2lUWELfcKyooKDIkYOMk
3WCkW/wnE/e2UjPWEacr8ASdk7yB1X7NFNwGCtHqFQNfjnK42GPqm+QiF4AGybdB
u5Czff1GE/knmZIZdQOw8hx2OY1Oc93gk0rM5JApzHGCO3sRkX6RzEUbn1RczLhy
gBJb4OEi51zP9ly7/y4gYf6qXRsXajMivv2BnLWuEz6V2erFPNKneH6Qknr7AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUy3+KZwlCP6I3rNdwLrnRFO/bhPIwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzOTMzMzgzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA98TANBgkqhkiG9w0BAQsFAAOCAQEADfMXgMOQ6dQYVVRi
IQaVwv+z31OE3g+Y2h1YVApln/Umn+1tCu7PMcaCKRziKHzMu7U4cxCTmm8hALFX
zuIS2cXGgFhA9idrEeq/2Ed3pv6B/RK2nQMqJENMkO+IoKp78WJwgcte0Fkkz23Q
vutqmhUr4aQPeBWdRs/ACudSNNucmWqt/OrEx+NVsG2MY84QUfbEuhpAq7eh2f2s
givbMr7IlV0dF5f0nx5wVrA9NQ45MCTcSJ/TauxysfdOfb2982DBIz72EnCjqHAW
qQG8qiOS91+kSmoGF9bwYsofOizYmJCHoq4KWn5u99uLBUPldWefAwaauJ1XrW9l
bu7ZWw==
-----END CERTIFICATE-----
Generated at Fri May 31 23:16:06 2024 by rpki-client on console-ams.rpki-client.org