Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466633a3a2f34382d3438203d3e20323130333438.roa
File: 326131313a323963303a336466633a3a2f34382d3438203d3e20323130333438.roa (raw, json)
Hash identifier: o9obzOwpLMPnVgR3FxwyuiB8u6Q0dBmePSmniSa2epI=
Subject key identifier: A1:2A:D1:F1:5E:39:6E:7F:BD:19:85:AE:66:E2:5C:2A:04:D5:86:EC
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 225DA8627047E774F77F8762F603A6829B7AB493
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466633a3a2f34382d3438203d3e20323130333438.roa
Signing time: Wed 19 Jun 2024 14:01:17 +0000
ROA not before: Wed 19 Jun 2024 13:56:17 +0000
ROA not after: Wed 18 Jun 2025 14:01:17 +0000
asID: 210348
IP address blocks: 2a11:29c0:3dfc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:5d:a8:62:70:47:e7:74:f7:7f:87:62:f6:03:a6:82:9b:7a:b4:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Jun 19 13:56:17 2024 GMT
Not After : Jun 18 14:01:17 2025 GMT
Subject: CN=A12AD1F15E396E7FBD1985AE66E25C2A04D586EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ee:56:7e:17:e5:20:8b:55:39:6a:aa:f9:dd:
77:f8:fd:35:fa:22:1b:14:d1:fd:86:ac:d8:6b:1b:
b1:da:e8:1c:e2:f2:6f:2a:1f:90:46:ab:f1:67:7e:
56:e7:ab:91:60:47:d3:73:c0:78:71:2e:70:c5:38:
1b:ac:8b:9a:89:9a:07:80:4d:e0:96:2b:d3:90:67:
01:e4:2a:31:d6:6c:38:38:4b:b2:6c:c8:f0:67:98:
dc:26:da:4b:d6:9b:09:6d:b1:21:73:c7:1a:4c:6e:
95:ac:22:32:1e:91:3a:11:5d:94:70:4c:38:04:a0:
13:df:2a:a8:91:2e:48:b5:5c:33:d0:af:c7:20:28:
32:80:d8:c6:31:f4:85:36:12:8e:33:80:a2:47:2f:
3c:55:fe:38:1e:94:20:4e:34:55:d1:9b:7a:c7:f7:
24:00:a5:a4:95:1a:fd:e2:22:c5:7a:f7:36:7f:cd:
06:d9:95:50:68:e0:e2:8e:bd:eb:5f:b7:53:80:7f:
54:e8:63:f3:e8:7d:e8:a0:39:ef:73:e4:2f:42:dc:
24:85:d7:63:3d:83:2a:8d:5c:cd:98:3a:ef:b6:6c:
11:36:c5:d1:3e:40:67:04:8a:74:54:8b:e6:b8:0f:
c4:e2:36:e9:35:a1:c9:21:26:68:24:f3:04:88:80:
93:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:2A:D1:F1:5E:39:6E:7F:BD:19:85:AE:66:E2:5C:2A:04:D5:86:EC
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466633a3a2f34382d3438203d3e20323130333438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3dfc::/48
Signature Algorithm: sha256WithRSAEncryption
63:e5:f5:1e:63:0c:4b:9a:a7:79:6f:22:62:2c:69:ec:7b:7b:
09:41:fc:e7:fb:09:41:01:88:1a:e7:e2:34:ab:54:9a:00:37:
18:8c:61:d1:a7:90:23:00:53:ef:86:71:6d:83:7d:2a:aa:eb:
5d:08:f7:bf:4d:ac:34:30:b3:6e:61:00:0c:65:27:ea:7e:c7:
7d:c7:be:cb:03:42:87:03:81:4a:3f:89:df:5b:58:c0:c4:e9:
62:e3:61:3d:a1:ae:b7:e4:07:73:30:d5:e6:6e:04:10:f4:89:
8a:10:bf:56:b2:88:d5:82:fc:aa:73:95:b3:22:0f:4d:77:d9:
c1:36:82:42:f8:15:0f:79:ee:f4:55:f6:0c:9c:01:c1:a5:0f:
7e:00:b9:8b:21:79:38:cb:1f:1c:9a:e8:5e:16:28:87:3e:88:
d8:34:c8:1e:5c:2f:c1:1e:29:6d:ac:cd:c2:78:47:4a:d7:f9:
5a:11:e2:5e:eb:bd:25:16:20:9a:ff:15:35:33:a2:1d:b8:f7:
37:99:54:ea:d0:35:ba:42:4f:a7:67:75:fa:7f:15:6c:9e:f2:
0a:73:08:d2:9f:79:b6:71:df:ad:ff:36:7e:e4:2e:d7:13:cf:
2e:89:87:bf:eb:00:03:60:a2:91:d4:a7:d6:65:50:f0:fa:dc:
39:53:cb:16
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUIl2oYnBH53T3f4di9gOmgpt6tJMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA2MTkxMzU2MTdaFw0yNTA2MTgxNDAxMTdaMDMxMTAvBgNV
BAMTKEExMkFEMUYxNUUzOTZFN0ZCRDE5ODVBRTY2RTI1QzJBMDRENTg2RUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCS7lZ+F+Ugi1U5aqr53Xf4/TX6
IhsU0f2GrNhrG7Ha6Bzi8m8qH5BGq/Fnflbnq5FgR9NzwHhxLnDFOBusi5qJmgeA
TeCWK9OQZwHkKjHWbDg4S7JsyPBnmNwm2kvWmwltsSFzxxpMbpWsIjIekToRXZRw
TDgEoBPfKqiRLki1XDPQr8cgKDKA2MYx9IU2Eo4zgKJHLzxV/jgelCBONFXRm3rH
9yQApaSVGv3iIsV69zZ/zQbZlVBo4OKOvetft1OAf1ToY/PofeigOe9z5C9C3CSF
12M9gyqNXM2YOu+2bBE2xdE+QGcEinRUi+a4D8TiNuk1ockhJmgk8wSIgJMZAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUoSrR8V45bn+9GYWuZuJcKgTVhuwwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjY2MzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMDMzMzQzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA9/DANBgkqhkiG9w0BAQsFAAOCAQEAY+X1HmMMS5qneW8i
Yixp7Ht7CUH85/sJQQGIGufiNKtUmgA3GIxh0aeQIwBT74ZxbYN9KqrrXQj3v02s
NDCzbmEADGUn6n7Hfce+ywNChwOBSj+J31tYwMTpYuNhPaGut+QHczDV5m4EEPSJ
ihC/VrKI1YL8qnOVsyIPTXfZwTaCQvgVD3nu9FX2DJwBwaUPfgC5iyF5OMsfHJro
XhYohz6I2DTIHlwvwR4pbazNwnhHStf5WhHiXuu9JRYgmv8VNTOiHbj3N5lU6tA1
ukJPp2d1+n8VbJ7yCnMI0p95tnHfrf82fuQu1xPPLomHv+sAA2CikdSn1mVQ8Prc
OVPLFg==
-----END CERTIFICATE-----
Generated at Sun Nov 24 12:05:38 2024 by rpki-client on console-fra.rpki-client.org