Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336530303a3a2f34342d3438203d3e203136353039.roa
File: 326131313a323963303a336530303a3a2f34342d3438203d3e203136353039.roa (raw, json)
Hash identifier: 2dF3YZJbGJycvJtzgnM5B7oDBDg3MHRNH/Hs/3B+Zr0=
Subject key identifier: 2C:C2:FF:1F:DB:A1:97:6E:38:2B:17:89:21:81:0E:30:43:D1:26:C3
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 54A39E4130686374A1067E05ABB5D7D2574EB680
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336530303a3a2f34342d3438203d3e203136353039.roa
Signing time: Sun 15 Sep 2024 21:01:30 +0000
ROA not before: Sun 15 Sep 2024 20:56:30 +0000
ROA not after: Sun 14 Sep 2025 21:01:30 +0000
asID: 16509
IP address blocks: 2a11:29c0:3e00::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:a3:9e:41:30:68:63:74:a1:06:7e:05:ab:b5:d7:d2:57:4e:b6:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Sep 15 20:56:30 2024 GMT
Not After : Sep 14 21:01:30 2025 GMT
Subject: CN=2CC2FF1FDBA1976E382B178921810E3043D126C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:83:a5:2a:58:61:c8:c7:76:4a:82:b7:cd:dd:
ef:bc:89:26:23:5a:f7:26:f5:86:02:7f:72:bb:f3:
3d:4b:3d:e2:e3:5b:93:ea:f9:61:48:ab:41:61:4a:
5c:67:c0:58:b3:f6:28:8e:d6:1d:81:44:5f:82:8b:
a6:38:66:c8:29:4e:83:09:a0:3e:8f:40:82:d0:46:
ef:f0:c3:e5:56:8e:06:0c:e1:39:09:28:6d:39:97:
69:66:da:ae:9d:02:49:5b:82:8e:c4:df:1e:91:cd:
2b:49:1a:2b:23:68:ee:79:02:2a:e5:e8:1d:4d:d6:
3f:1e:11:d9:b9:86:df:28:82:69:bf:f8:05:ca:85:
87:98:0d:fb:76:3b:49:ea:68:a2:d5:a7:ea:f0:35:
2e:81:cd:c0:24:85:b7:b2:4a:74:c6:07:0b:54:c3:
7b:45:f6:93:23:89:3b:28:c9:96:d2:c9:69:91:70:
f8:ae:78:2f:a8:0f:d6:fe:1d:06:57:df:41:ec:ec:
ef:98:e7:88:40:6e:8a:e6:ed:29:27:32:49:d5:8d:
61:67:b6:48:21:f3:ef:57:88:88:7d:15:6c:d0:bc:
ad:d4:20:b9:1c:05:8d:c4:8e:61:5f:69:73:9a:1a:
c5:eb:1e:04:f1:65:d2:e9:cd:e5:0e:8f:f6:26:bc:
e9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C2:FF:1F:DB:A1:97:6E:38:2B:17:89:21:81:0E:30:43:D1:26:C3
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336530303a3a2f34342d3438203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3e00::/44
Signature Algorithm: sha256WithRSAEncryption
06:7b:ad:65:74:26:b9:96:d7:37:e1:61:5d:5b:0b:97:43:2f:
52:c6:f3:e0:45:9d:cc:c6:14:a4:e9:0a:57:96:8f:aa:f3:d8:
e2:26:ad:79:9b:de:30:6f:9f:13:38:b6:94:36:e0:6e:4e:6c:
85:6e:39:ed:f5:62:e6:b9:53:3e:a5:c1:22:b2:42:83:16:d0:
44:fb:c1:79:d7:5e:73:44:37:1f:12:07:49:4b:7e:8d:33:11:
b7:87:37:a5:a4:49:53:7d:72:b1:14:d2:35:51:d5:5f:e5:c1:
ce:5d:40:d9:79:34:c8:34:a0:17:ff:fb:92:81:10:6e:24:f1:
88:83:cb:1b:90:81:c9:c4:c9:a1:7c:f5:3a:3d:2f:26:53:14:
39:7f:8f:4d:ba:1e:6d:b1:52:5a:ab:3c:f2:4d:c6:44:bb:c4:
39:63:cf:2c:ef:52:8f:bd:cf:58:53:52:7f:79:7f:1b:f6:d7:
16:ab:c6:d5:a4:40:6c:b0:4e:b6:1b:62:b5:0a:58:c0:e1:8e:
97:69:49:24:70:c4:13:e1:f8:d6:ab:18:4d:87:eb:ce:6d:15:
ad:99:44:6a:a2:6e:c6:07:99:ed:bc:d4:26:9e:98:74:30:be:
99:36:4a:6c:90:0c:2b:f6:e9:56:21:3a:47:1b:76:a0:c3:43:
72:47:49:a9
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUVKOeQTBoY3ShBn4Fq7XX0ldOtoAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA5MTUyMDU2MzBaFw0yNTA5MTQyMTAxMzBaMDMxMTAvBgNV
BAMTKDJDQzJGRjFGREJBMTk3NkUzODJCMTc4OTIxODEwRTMwNDNEMTI2QzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVg6UqWGHIx3ZKgrfN3e+8iSYj
Wvcm9YYCf3K78z1LPeLjW5Pq+WFIq0FhSlxnwFiz9iiO1h2BRF+Ci6Y4ZsgpToMJ
oD6PQILQRu/ww+VWjgYM4TkJKG05l2lm2q6dAklbgo7E3x6RzStJGisjaO55Airl
6B1N1j8eEdm5ht8ogmm/+AXKhYeYDft2O0nqaKLVp+rwNS6BzcAkhbeySnTGBwtU
w3tF9pMjiTsoyZbSyWmRcPiueC+oD9b+HQZX30Hs7O+Y54hAborm7SknMknVjWFn
tkgh8+9XiIh9FWzQvK3UILkcBY3EjmFfaXOaGsXrHgTxZdLpzeUOj/YmvOmvAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQULML/H9uhl244KxeJIYEOMEPRJsMwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY1MzAzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMxMzYzNTMwMzkucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwQqESnAPgAwDQYJKoZIhvcNAQELBQADggEBAAZ7rWV0JrmW1zfhYV1b
C5dDL1LG8+BFnczGFKTpCleWj6rz2OImrXmb3jBvnxM4tpQ24G5ObIVuOe31Yua5
Uz6lwSKyQoMW0ET7wXnXXnNENx8SB0lLfo0zEbeHN6WkSVN9crEU0jVR1V/lwc5d
QNl5NMg0oBf/+5KBEG4k8YiDyxuQgcnEyaF89To9LyZTFDl/j026Hm2xUlqrPPJN
xkS7xDljzyzvUo+9z1hTUn95fxv21xarxtWkQGywTrYbYrUKWMDhjpdpSSRwxBPh
+NarGE2H685tFa2ZRGqibsYHme281CaemHQwvpk2SmyQDCv26VYhOkcbdqDDQ3JH
Sak=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:13 2024 by rpki-client on console-fra.rpki-client.org