Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336532303a3a2f34342d3438203d3e20323135343738.roa
File: 326131313a323963303a336532303a3a2f34342d3438203d3e20323135343738.roa (raw, json)
Hash identifier: M7HjH+FqjeKUE4DiQ0JNnuAlQ4T7PrsHdwZtggcGyvM=
Subject key identifier: 1A:3A:25:6D:98:24:C1:52:B3:C0:00:2E:BB:A2:E7:82:8D:B3:D3:17
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 01071EC9BE7A8437E8E78F0065DDB2D51B540A0D
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336532303a3a2f34342d3438203d3e20323135343738.roa
Signing time: Wed 28 Feb 2024 22:14:53 +0000
ROA not before: Wed 28 Feb 2024 22:09:53 +0000
ROA not after: Wed 26 Feb 2025 22:14:53 +0000
asID: 215478
IP address blocks: 2a11:29c0:3e20::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:07:1e:c9:be:7a:84:37:e8:e7:8f:00:65:dd:b2:d5:1b:54:0a:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Feb 28 22:09:53 2024 GMT
Not After : Feb 26 22:14:53 2025 GMT
Subject: CN=1A3A256D9824C152B3C0002EBBA2E7828DB3D317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:11:f4:6b:c6:48:88:4f:37:db:ad:4f:6d:ee:
87:dc:77:06:be:ba:9e:52:cb:82:c5:3e:64:2a:6d:
0e:eb:e4:8c:f7:c6:f8:d3:c7:08:55:90:33:0e:67:
0c:24:8a:c0:e7:52:ed:b3:19:d1:01:10:e1:61:20:
97:84:24:81:b0:55:e0:d4:c1:25:6f:3f:5b:f0:52:
fd:9b:f9:a5:65:35:0d:59:99:0a:b8:20:4a:21:5d:
03:1b:ea:cc:88:48:9c:4b:d5:8e:99:64:0d:fe:fb:
d2:9f:45:06:0f:98:45:ce:79:5c:78:95:9b:33:29:
90:37:94:ee:7a:d9:3b:47:7e:14:2c:77:58:80:73:
a2:ec:43:a9:ec:a9:96:11:c9:37:9d:12:0e:70:61:
53:a0:6c:ce:dd:3e:d9:5f:79:fc:c4:ef:e6:ec:e3:
73:98:c8:58:9f:3f:57:14:39:dd:98:c8:55:32:97:
a3:6e:9f:6b:fc:38:8d:b9:61:af:1d:dc:b4:32:8c:
1a:1e:f6:09:ed:d4:2b:6d:2e:14:51:43:f1:13:5d:
3d:a0:15:7a:6a:79:15:0b:96:90:52:64:bb:e8:87:
9e:ad:d5:b4:66:11:06:d4:b8:ac:ba:eb:f6:b6:03:
33:ec:50:51:74:9b:54:cf:52:8f:c5:32:c0:80:e7:
fc:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:3A:25:6D:98:24:C1:52:B3:C0:00:2E:BB:A2:E7:82:8D:B3:D3:17
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336532303a3a2f34342d3438203d3e20323135343738.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3e20::/44
Signature Algorithm: sha256WithRSAEncryption
97:51:4f:59:c2:d3:06:26:0e:49:e2:44:3a:80:96:d3:88:69:
1f:22:17:7d:b6:12:21:c4:5f:58:ce:6b:32:16:4f:4f:ab:33:
eb:52:5c:cc:1c:a4:0a:f1:8a:4b:0b:79:8d:d8:63:23:51:54:
da:f2:a6:d3:ac:69:aa:54:94:0d:1e:9f:8e:17:19:cb:5f:88:
09:ff:15:20:f4:3d:d5:21:16:a4:ae:09:fe:51:0b:16:c2:9d:
b7:19:60:d8:78:b7:54:42:b4:17:fd:de:3d:70:cc:9a:02:78:
0d:8a:91:c8:34:f8:b1:ce:74:21:1e:b5:3b:9a:c2:56:93:02:
74:68:56:50:fe:f5:86:03:3f:61:8f:ac:df:d3:94:dc:76:26:
c1:2f:d1:f2:5c:1d:c9:52:24:b8:39:69:86:7c:11:70:5d:ed:
20:4b:f0:23:9f:f9:dd:00:24:7e:98:42:5b:02:61:54:68:64:
e9:fa:c7:d1:1d:52:71:07:22:f0:39:fd:d9:1e:38:de:2c:f7:
67:cc:b4:c3:ab:6d:cf:f1:ef:c5:89:d8:b8:21:ee:5a:5b:8b:
c2:c3:f4:9e:7f:d8:17:e8:14:d2:42:c5:7e:05:28:fa:27:fc:
11:57:8f:85:ce:db:48:77:47:0c:59:0c:79:36:51:ce:47:84:
2f:05:b5:6e
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUAQceyb56hDfo548AZd2y1RtUCg0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDAyMjgyMjA5NTNaFw0yNTAyMjYyMjE0NTNaMDMxMTAvBgNV
BAMTKDFBM0EyNTZEOTgyNEMxNTJCM0MwMDAyRUJCQTJFNzgyOERCM0QzMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkEfRrxkiITzfbrU9t7ofcdwa+
up5Sy4LFPmQqbQ7r5Iz3xvjTxwhVkDMOZwwkisDnUu2zGdEBEOFhIJeEJIGwVeDU
wSVvP1vwUv2b+aVlNQ1ZmQq4IEohXQMb6syISJxL1Y6ZZA3++9KfRQYPmEXOeVx4
lZszKZA3lO562TtHfhQsd1iAc6LsQ6nsqZYRyTedEg5wYVOgbM7dPtlfefzE7+bs
43OYyFifP1cUOd2YyFUyl6Nun2v8OI25Ya8d3LQyjBoe9gnt1CttLhRRQ/ETXT2g
FXpqeRULlpBSZLvoh56t1bRmEQbUuKy66/a2AzPsUFF0m1TPUo/FMsCA5/x9AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUGjolbZgkwVKzwAAuu6Lngo2z0xcwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY1MzIzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMyMzEzNTM0MzczOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoRKcA+IDANBgkqhkiG9w0BAQsFAAOCAQEAl1FPWcLTBiYOSeJE
OoCW04hpHyIXfbYSIcRfWM5rMhZPT6sz61JczBykCvGKSwt5jdhjI1FU2vKm06xp
qlSUDR6fjhcZy1+ICf8VIPQ91SEWpK4J/lELFsKdtxlg2Hi3VEK0F/3ePXDMmgJ4
DYqRyDT4sc50IR61O5rCVpMCdGhWUP71hgM/YY+s39OU3HYmwS/R8lwdyVIkuDlp
hnwRcF3tIEvwI5/53QAkfphCWwJhVGhk6frH0R1ScQci8Dn92R443iz3Z8y0w6tt
z/HvxYnYuCHuWluLwsP0nn/YF+gU0kLFfgUo+if8EVePhc7bSHdHDFkMeTZRzkeE
LwW1bg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:13 2024 by rpki-client on console-fra.rpki-client.org