Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336533303a3a2f34342d3438203d3e20323134353738.roa
File: 326131313a323963303a336533303a3a2f34342d3438203d3e20323134353738.roa (raw, json)
Hash identifier: xwlpKDD3Dkqv/4Jup6oCpxiykfUM7NaemNR+MAzpvVY=
Subject key identifier: 24:93:94:4D:C6:43:F4:06:5F:0A:9B:52:F6:EF:1C:98:1A:C8:A3:B6
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 2AC98CBC9B9F60B1A00023D7B0BC5801F5D1B40D
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336533303a3a2f34342d3438203d3e20323134353738.roa
Signing time: Wed 10 Jul 2024 13:44:14 +0000
ROA not before: Wed 10 Jul 2024 13:39:14 +0000
ROA not after: Wed 09 Jul 2025 13:44:14 +0000
asID: 214578
IP address blocks: 2a11:29c0:3e30::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:c9:8c:bc:9b:9f:60:b1:a0:00:23:d7:b0:bc:58:01:f5:d1:b4:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Jul 10 13:39:14 2024 GMT
Not After : Jul 9 13:44:14 2025 GMT
Subject: CN=2493944DC643F4065F0A9B52F6EF1C981AC8A3B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7a:3d:91:b2:67:ec:28:fa:ce:e1:6e:e2:d0:
4d:94:9c:77:b7:b1:df:72:4a:12:e5:88:17:69:2a:
f4:68:b5:8f:11:9d:0f:03:c7:d2:cd:16:ac:da:f9:
12:b0:96:4b:16:47:d6:d4:35:4d:c7:be:10:67:9d:
0f:49:fe:01:1e:69:2a:de:f1:f1:8d:c5:1a:3a:68:
50:b5:99:3c:8b:e6:50:fc:62:eb:55:b1:73:f7:5f:
e8:51:d3:9f:8d:5e:78:a0:c3:58:f3:89:de:4e:63:
17:cd:5c:68:e5:9d:92:d8:d3:cd:ec:d6:30:b2:ea:
08:63:96:de:82:b6:8e:91:4f:c0:3a:46:e9:7e:79:
a5:8c:57:5e:65:15:af:4a:54:09:aa:2a:f0:f0:b3:
a9:30:ab:79:4a:2e:5f:e2:e5:f8:7f:59:a2:01:db:
ab:c0:28:27:c5:9f:13:e3:f2:37:2a:3e:fe:cf:db:
c9:26:b6:ee:05:be:fd:89:68:2e:51:bc:67:ba:de:
27:3e:94:74:6c:8e:e5:ef:6b:a2:a6:f8:44:52:1c:
89:43:da:99:50:92:88:47:0e:03:cf:7a:2a:66:68:
af:fe:94:5d:c5:6b:d7:0d:0d:34:b7:3c:b8:43:ff:
88:31:b3:1e:bc:11:d2:6a:98:f2:66:52:ad:a8:5d:
e1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:93:94:4D:C6:43:F4:06:5F:0A:9B:52:F6:EF:1C:98:1A:C8:A3:B6
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336533303a3a2f34342d3438203d3e20323134353738.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3e30::/44
Signature Algorithm: sha256WithRSAEncryption
5b:1b:91:02:6f:9c:ae:a1:f8:16:dd:3d:07:b8:2a:81:a8:a3:
19:93:7f:9c:5b:0b:31:73:1d:8c:4d:28:0b:48:c3:0d:dd:73:
cc:32:e1:a7:c5:aa:74:57:3c:53:f8:c7:6a:6b:07:3c:ac:4f:
49:99:10:f9:88:75:18:56:50:18:f1:bd:c9:ce:f3:d3:66:ee:
11:61:d9:f8:36:b0:1f:38:a1:6b:aa:59:58:ec:c5:f2:de:15:
1d:fb:43:c7:b3:8a:61:3f:77:4b:c1:be:45:3b:3e:cc:1f:85:
4a:ba:27:50:b3:d1:41:2d:1f:f0:42:eb:7a:f5:1b:f9:64:c7:
b2:10:70:b9:94:4f:a1:5b:11:39:9f:5d:04:57:14:74:6f:cc:
8f:71:e8:4a:9a:ea:de:6e:08:dd:46:a4:5a:2a:a2:dd:86:6b:
dc:dd:94:fb:75:1d:15:ff:fe:ed:60:d4:3c:e9:20:cc:61:19:
bd:9e:5d:89:33:ac:cb:87:e0:0d:50:3f:99:03:58:bf:53:82:
d7:fa:31:b9:00:ce:4a:5a:c2:19:18:18:9e:7d:cd:b3:d1:fb:
a1:b7:87:bb:42:d5:d9:87:68:58:4e:fb:49:5d:ad:37:aa:be:
76:39:26:06:dd:23:05:3f:95:28:de:6b:61:e1:4f:71:42:d2:
e1:7e:19:06
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUKsmMvJufYLGgACPXsLxYAfXRtA0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA3MTAxMzM5MTRaFw0yNTA3MDkxMzQ0MTRaMDMxMTAvBgNV
BAMTKDI0OTM5NDREQzY0M0Y0MDY1RjBBOUI1MkY2RUYxQzk4MUFDOEEzQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAej2RsmfsKPrO4W7i0E2UnHe3
sd9yShLliBdpKvRotY8RnQ8Dx9LNFqza+RKwlksWR9bUNU3HvhBnnQ9J/gEeaSre
8fGNxRo6aFC1mTyL5lD8YutVsXP3X+hR05+NXnigw1jzid5OYxfNXGjlnZLY083s
1jCy6ghjlt6Cto6RT8A6Rul+eaWMV15lFa9KVAmqKvDws6kwq3lKLl/i5fh/WaIB
26vAKCfFnxPj8jcqPv7P28kmtu4Fvv2JaC5RvGe63ic+lHRsjuXva6Km+ERSHIlD
2plQkohHDgPPeipmaK/+lF3Fa9cNDTS3PLhD/4gxsx68EdJqmPJmUq2oXeEnAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUJJOUTcZD9AZfCptS9u8cmBrIo7YwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY1MzMzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMyMzEzNDM1MzczOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoRKcA+MDANBgkqhkiG9w0BAQsFAAOCAQEAWxuRAm+crqH4Ft09
B7gqgaijGZN/nFsLMXMdjE0oC0jDDd1zzDLhp8WqdFc8U/jHamsHPKxPSZkQ+Yh1
GFZQGPG9yc7z02buEWHZ+DawHziha6pZWOzF8t4VHftDx7OKYT93S8G+RTs+zB+F
SronULPRQS0f8ELrevUb+WTHshBwuZRPoVsROZ9dBFcUdG/Mj3HoSprq3m4I3Uak
Wiqi3YZr3N2U+3UdFf/+7WDUPOkgzGEZvZ5diTOsy4fgDVA/mQNYv1OC1/oxuQDO
SlrCGRgYnn3Ns9H7obeHu0LV2YdoWE77SV2tN6q+djkmBt0jBT+VKN5rYeFPcULS
4X4ZBg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 23:43:06 2024 by rpki-client on console-fra.rpki-client.org