Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34353a3a2f34382d3438203d3e20323134393338.roa
File: 326131313a323963303a34353a3a2f34382d3438203d3e20323134393338.roa (raw, json)
Hash identifier: eRPd7fldG8o+BDurKImOmK6o87h3pGUhR50LzvJmyek=
Subject key identifier: DA:07:BA:98:8F:04:88:C5:5E:4B:DF:4D:5F:23:59:54:95:2D:B5:A4
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 7D713A35B5DF094B73DC989EC4C3FBE502779072
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34353a3a2f34382d3438203d3e20323134393338.roa
Signing time: Fri 10 May 2024 11:03:24 +0000
ROA not before: Fri 10 May 2024 10:58:24 +0000
ROA not after: Fri 09 May 2025 11:03:24 +0000
asID: 214938
IP address blocks: 2a11:29c0:45::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:71:3a:35:b5:df:09:4b:73:dc:98:9e:c4:c3:fb:e5:02:77:90:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 10 10:58:24 2024 GMT
Not After : May 9 11:03:24 2025 GMT
Subject: CN=DA07BA988F0488C55E4BDF4D5F235954952DB5A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:be:3e:80:8a:db:9c:75:2c:a7:18:ac:ed:71:
e5:86:ad:4b:29:f1:d4:e4:95:3a:17:7e:eb:9e:49:
4d:16:60:bf:91:79:29:58:91:83:1c:86:d5:05:75:
86:20:d6:4d:9b:8e:8f:fd:12:bc:87:1f:5e:f7:b5:
7e:e0:2a:e1:be:af:de:9e:7b:6b:99:66:75:94:48:
53:fd:59:e9:29:11:fa:20:66:a3:df:c4:57:1e:18:
6e:62:65:2b:0b:64:4a:66:58:bd:12:16:53:3a:03:
81:d1:69:c2:f6:77:50:4c:03:7b:81:ae:2a:22:15:
63:ed:89:38:d5:db:e3:d9:69:85:b7:8f:03:e3:32:
64:a9:b2:81:a4:9e:07:d2:8a:53:e0:c2:40:ac:6a:
ec:d9:d4:9c:fb:1a:a0:74:57:8d:c8:c9:11:c2:8a:
db:20:3e:56:59:cb:75:d7:63:0b:6d:bb:f9:0e:b3:
a0:42:98:b9:39:8f:07:8a:08:cb:d9:22:dc:bd:53:
07:47:14:fa:0b:dd:9b:c3:ec:66:4b:b0:f5:1a:10:
83:23:3f:ee:9e:73:81:38:ab:31:3d:51:07:b9:dd:
63:b9:ba:95:8e:34:19:10:38:e0:3d:c7:b3:ba:86:
28:58:2d:d7:c5:c9:f3:39:a2:17:1a:64:ac:c9:f0:
ce:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:07:BA:98:8F:04:88:C5:5E:4B:DF:4D:5F:23:59:54:95:2D:B5:A4
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34353a3a2f34382d3438203d3e20323134393338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:45::/48
Signature Algorithm: sha256WithRSAEncryption
45:aa:9d:ba:86:44:1e:a7:0c:f6:52:de:cf:57:c0:be:51:e7:
2d:a6:32:06:cc:ba:33:5f:05:ad:82:60:eb:e0:23:25:74:37:
f0:66:f0:61:a4:37:ee:6e:23:a6:f4:c9:28:30:c6:71:8b:71:
56:dd:05:7f:1d:4b:7f:8d:a8:6b:7f:12:a1:39:49:8f:80:3f:
35:88:d1:7a:2d:ab:67:7f:ad:71:05:29:a6:85:77:e1:c9:24:
04:39:7f:e0:1a:53:59:8f:8d:75:12:fc:93:fb:18:a8:91:22:
55:34:5a:fc:53:99:86:76:98:a0:80:8c:8e:40:7a:a9:e5:c4:
a2:05:51:b8:ef:f5:38:f2:36:05:7f:75:e1:6f:77:70:26:29:
4e:4e:69:d3:0d:fe:20:cf:04:57:9d:99:fe:38:88:3e:fe:6d:
24:d3:23:bc:85:58:97:92:56:28:d5:d9:dc:7e:67:c9:d2:78:
5a:96:48:3b:bf:24:9e:d5:e4:05:76:49:e2:a0:43:59:09:a7:
6f:ab:93:22:cf:ca:4b:64:de:f5:48:62:dd:32:ba:a6:89:29:
40:82:ec:3d:75:a7:09:1a:03:36:f5:5a:d5:1e:ef:61:51:90:
b3:c6:46:ef:bc:58:4d:06:f9:8d:aa:bf:19:6b:71:95:5e:ba:
aa:a8:bc:0f
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUfXE6NbXfCUtz3JiexMP75QJ3kHIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA1MTAxMDU4MjRaFw0yNTA1MDkxMTAzMjRaMDMxMTAvBgNV
BAMTKERBMDdCQTk4OEYwNDg4QzU1RTRCREY0RDVGMjM1OTU0OTUyREI1QTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2vj6AitucdSynGKztceWGrUsp
8dTklToXfuueSU0WYL+ReSlYkYMchtUFdYYg1k2bjo/9EryHH173tX7gKuG+r96e
e2uZZnWUSFP9WekpEfogZqPfxFceGG5iZSsLZEpmWL0SFlM6A4HRacL2d1BMA3uB
rioiFWPtiTjV2+PZaYW3jwPjMmSpsoGkngfSilPgwkCsauzZ1Jz7GqB0V43IyRHC
itsgPlZZy3XXYwttu/kOs6BCmLk5jweKCMvZIty9UwdHFPoL3ZvD7GZLsPUaEIMj
P+6ec4E4qzE9UQe53WO5upWONBkQOOA9x7O6hihYLdfFyfM5ohcaZKzJ8M7HAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU2ge6mI8EiMVeS99NXyNZVJUttaQwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzNDM1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM0MzkzMzM4LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwABFMA0GCSqGSIb3DQEBCwUAA4IBAQBFqp26hkQepwz2Ut7PV8C+
UectpjIGzLozXwWtgmDr4CMldDfwZvBhpDfubiOm9MkoMMZxi3FW3QV/HUt/jahr
fxKhOUmPgD81iNF6Latnf61xBSmmhXfhySQEOX/gGlNZj411EvyT+xiokSJVNFr8
U5mGdpiggIyOQHqp5cSiBVG47/U48jYFf3Xhb3dwJilOTmnTDf4gzwRXnZn+OIg+
/m0k0yO8hViXklYo1dncfmfJ0nhalkg7vySe1eQFdknioENZCadvq5Miz8pLZN71
SGLdMrqmiSlAguw9dacJGgM29VrVHu9hUZCzxkbvvFhNBvmNqr8Za3GVXrqqqLwP
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:13 2024 by rpki-client on console-fra.rpki-client.org