Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466323a3a2f34382d3438203d3e20323131393434.roa
File: 326131313a323963303a336466323a3a2f34382d3438203d3e20323131393434.roa (raw, json)
Hash identifier: CECH03RG3vsm1SlvCZxDFwrtveyGlzv4BybrzFG5woQ=
Subject key identifier: 70:BA:30:04:7C:48:17:C9:E2:B6:ED:5F:5D:B3:6F:E2:21:DD:91:2A
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 088952C915C9EE3803E4B9B5BAA771453BAC878D
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466323a3a2f34382d3438203d3e20323131393434.roa
Signing time: Wed 19 Jun 2024 14:01:18 +0000
ROA not before: Wed 19 Jun 2024 13:56:18 +0000
ROA not after: Wed 18 Jun 2025 14:01:18 +0000
asID: 211944
IP address blocks: 2a11:29c0:3df2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:89:52:c9:15:c9:ee:38:03:e4:b9:b5:ba:a7:71:45:3b:ac:87:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Jun 19 13:56:18 2024 GMT
Not After : Jun 18 14:01:18 2025 GMT
Subject: CN=70BA30047C4817C9E2B6ED5F5DB36FE221DD912A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:29:a3:24:5c:92:8a:73:72:b8:1e:3d:b1:10:
4c:cd:f8:2e:b9:5d:cd:07:4a:90:0e:6a:30:53:f8:
e9:50:1c:4b:d9:75:5b:3f:46:d3:aa:ac:86:cc:42:
86:16:cd:47:bd:5a:f1:f7:db:66:87:55:32:d9:b5:
37:c7:2e:5b:bc:8e:fa:20:2c:0c:54:b3:26:98:d0:
c4:9c:bb:62:0b:c0:ca:d0:d1:6f:a2:f9:c7:6c:65:
b8:42:46:2d:2e:c0:c8:18:b7:60:9c:54:e8:67:fc:
03:31:ff:9c:c7:69:0a:ef:d3:1c:fe:4b:47:6e:68:
de:52:91:a4:1a:e9:1a:7a:f7:17:33:7e:ff:a9:af:
02:98:99:04:d4:cc:40:ce:90:db:84:d2:2d:9e:2c:
b0:d9:52:c8:12:39:12:ae:60:b0:df:17:3b:e4:b4:
8d:49:ff:92:ad:c2:07:a4:6c:0a:2c:40:05:06:dd:
0c:e0:5f:2c:3d:6a:f7:d3:66:4c:94:ba:d2:4d:b6:
fa:91:87:39:f0:c2:3a:64:de:06:16:69:53:0c:ea:
ff:5e:31:90:7f:88:1f:41:b5:ad:bc:35:f4:d1:c1:
b1:d8:a9:21:58:84:c1:e4:2e:73:8b:e9:94:7e:1c:
ac:23:be:a4:ea:3a:00:f1:3e:50:84:de:14:0e:04:
5b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:BA:30:04:7C:48:17:C9:E2:B6:ED:5F:5D:B3:6F:E2:21:DD:91:2A
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466323a3a2f34382d3438203d3e20323131393434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3df2::/48
Signature Algorithm: sha256WithRSAEncryption
a2:66:e9:c6:16:37:c2:2e:bc:c6:65:89:08:d9:d5:7f:40:96:
2d:44:4a:c3:16:4d:6b:ce:52:bd:7e:99:f9:88:04:97:33:bc:
2e:02:63:c6:5e:48:08:77:d4:92:e7:67:c6:af:26:88:1f:50:
d9:ac:95:0f:fa:1c:3b:2e:9c:96:64:cb:50:bc:a1:43:d0:ef:
a8:9d:f3:be:b5:ed:14:be:50:3a:8b:d6:d8:7b:42:13:ea:62:
7b:fb:35:3e:42:0c:96:17:25:f4:c7:d5:b2:34:92:2f:5f:10:
9d:d0:9e:70:54:5d:11:58:d4:1d:d8:1f:f8:6c:42:fc:d9:c5:
c5:e8:5e:7c:b7:06:6d:86:64:73:6d:1c:fc:35:a0:89:2c:74:
fc:c5:7d:2a:cd:52:0b:44:ad:0d:dc:92:5e:57:2a:b7:af:53:
5c:f7:7e:01:ca:90:87:16:99:e2:c7:44:72:b7:d6:9e:b2:f1:
e4:0c:93:e9:f4:4d:d8:a3:99:a4:36:74:d2:dc:aa:83:b3:7f:
6c:11:65:64:99:8b:3c:20:f4:96:0b:ff:d9:f2:be:92:55:59:
b3:25:ea:55:8e:1e:de:01:76:eb:d4:86:87:84:da:8d:4a:e1:
a0:d0:49:5e:49:8d:0a:5f:6b:44:06:71:29:b4:05:ca:0b:9f:
37:cd:b2:ef
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUCIlSyRXJ7jgD5Lm1uqdxRTush40wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA2MTkxMzU2MThaFw0yNTA2MTgxNDAxMThaMDMxMTAvBgNV
BAMTKDcwQkEzMDA0N0M0ODE3QzlFMkI2RUQ1RjVEQjM2RkUyMjFERDkxMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9KaMkXJKKc3K4Hj2xEEzN+C65
Xc0HSpAOajBT+OlQHEvZdVs/RtOqrIbMQoYWzUe9WvH322aHVTLZtTfHLlu8jvog
LAxUsyaY0MScu2ILwMrQ0W+i+cdsZbhCRi0uwMgYt2CcVOhn/AMx/5zHaQrv0xz+
S0duaN5SkaQa6Rp69xczfv+prwKYmQTUzEDOkNuE0i2eLLDZUsgSORKuYLDfFzvk
tI1J/5KtwgekbAosQAUG3QzgXyw9avfTZkyUutJNtvqRhznwwjpk3gYWaVMM6v9e
MZB/iB9Bta28NfTRwbHYqSFYhMHkLnOL6ZR+HKwjvqTqOgDxPlCE3hQOBFtPAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUcLowBHxIF8nitu1fXbNv4iHdkSowHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzMjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMTM5MzQzNC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA98jANBgkqhkiG9w0BAQsFAAOCAQEAombpxhY3wi68xmWJ
CNnVf0CWLURKwxZNa85SvX6Z+YgElzO8LgJjxl5ICHfUkudnxq8miB9Q2ayVD/oc
Oy6clmTLULyhQ9DvqJ3zvrXtFL5QOovW2HtCE+pie/s1PkIMlhcl9MfVsjSSL18Q
ndCecFRdEVjUHdgf+GxC/NnFxehefLcGbYZkc20c/DWgiSx0/MV9Ks1SC0StDdyS
Xlcqt69TXPd+AcqQhxaZ4sdEcrfWnrLx5AyT6fRN2KOZpDZ00tyqg7N/bBFlZJmL
PCD0lgv/2fK+klVZsyXqVY4e3gF269SGh4TajUrhoNBJXkmNCl9rRAZxKbQFyguf
N82y7w==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:20 2024 by rpki-client on console-ams.rpki-client.org