Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34393a3a2f34382d3438203d3e20323134313238.roa
File: 326131313a323963303a34393a3a2f34382d3438203d3e20323134313238.roa (raw, json)
Hash identifier: GWMlVo+f9g9ExkUwMU3GNWca7DUhfNN82BhjV+PCpN4=
Subject key identifier: A6:8F:C8:FC:15:3E:C5:1F:FA:37:E4:AA:28:78:96:6A:A9:1C:90:6E
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 2162BEEFB1E787D5D3FDBA6E7AE6E9DC54E66C5E
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34393a3a2f34382d3438203d3e20323134313238.roa
Signing time: Thu 26 Sep 2024 20:56:23 +0000
ROA not before: Thu 26 Sep 2024 20:51:23 +0000
ROA not after: Thu 25 Sep 2025 20:56:23 +0000
asID: 214128
IP address blocks: 2a11:29c0:49::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:62:be:ef:b1:e7:87:d5:d3:fd:ba:6e:7a:e6:e9:dc:54:e6:6c:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Sep 26 20:51:23 2024 GMT
Not After : Sep 25 20:56:23 2025 GMT
Subject: CN=A68FC8FC153EC51FFA37E4AA2878966AA91C906E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f1:f0:33:2b:b5:07:17:de:8e:a4:22:87:ca:
a6:cf:91:97:2b:a8:19:85:ff:79:52:cf:a6:55:04:
53:8d:de:90:0f:b1:0f:06:d6:75:e8:ec:04:2f:4c:
df:48:d3:46:a4:3a:f2:b9:a4:d3:1d:c3:67:1e:12:
d4:49:d8:07:67:6c:45:43:aa:d0:ed:12:80:04:94:
88:0f:b3:76:d9:3f:4d:df:2d:d7:6a:13:ea:9c:58:
07:94:5f:52:bb:89:90:6b:22:1c:1e:02:08:8c:54:
99:6d:dd:a2:b9:98:77:27:e5:1f:c8:2a:dc:84:20:
fe:23:15:c3:72:14:7b:c5:b8:75:1a:d9:4c:cd:a5:
ca:82:04:c1:e2:ff:b9:b7:27:79:c4:97:b6:e6:c3:
8c:0f:49:63:f5:0b:54:7d:37:ac:b5:81:4d:18:e1:
62:36:b1:0e:c6:21:48:8d:a2:54:d8:d0:3e:99:04:
10:51:8e:8c:cb:48:7a:cc:f5:90:d4:ef:b2:c2:41:
fd:08:7b:c1:4c:38:53:15:f8:5b:a3:15:75:12:2f:
14:9b:96:02:c6:ea:ac:4f:1b:48:3a:bd:b4:01:b3:
ed:ce:03:85:05:cf:7d:0d:bb:91:a4:70:15:cc:98:
ef:9c:d9:4f:b0:b9:0d:c7:bc:7b:fa:91:1f:c1:ce:
03:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:8F:C8:FC:15:3E:C5:1F:FA:37:E4:AA:28:78:96:6A:A9:1C:90:6E
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34393a3a2f34382d3438203d3e20323134313238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:49::/48
Signature Algorithm: sha256WithRSAEncryption
47:1f:ec:19:71:03:f5:d1:28:95:52:d7:af:c5:e2:3b:b7:2f:
d0:62:0c:9e:49:65:96:5f:e7:ba:b8:3d:2f:fd:ee:8e:6d:bd:
b5:74:1e:b7:aa:f9:af:37:09:34:33:fa:45:84:9f:70:7d:44:
82:22:2d:b4:7f:de:cd:c6:dd:81:3a:3d:a7:7d:aa:af:93:cc:
70:9f:db:b7:e0:62:1b:50:1e:81:ac:09:2f:76:75:58:92:1e:
b7:d7:02:ee:dd:18:89:68:d2:d8:79:6d:80:6c:8c:5f:6e:bd:
7e:f1:d4:a5:31:33:92:d9:81:61:09:f6:d9:6a:90:a1:9e:50:
38:6c:a4:b8:9f:44:6c:aa:aa:c9:6c:51:75:2f:ca:36:40:98:
8a:f5:2b:b7:d7:27:1d:6c:2a:27:5b:27:81:6c:ea:5e:05:40:
a5:86:d2:25:00:20:71:72:bd:3c:38:32:9f:45:ff:37:d2:98:
e0:f6:98:02:f9:75:85:88:85:0f:f0:a9:9b:ee:16:35:f4:df:
a6:dd:5d:2c:48:6a:4f:4e:93:b3:2e:13:14:89:e4:d1:bb:a2:
3a:d9:fe:de:19:32:6d:f5:56:63:0a:c7:2d:df:59:f6:cc:a3:
d9:62:51:fc:97:e8:64:5a:28:de:26:36:4f:ca:57:14:2a:d2:
42:02:5d:de
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUIWK+77Hnh9XT/bpueubp3FTmbF4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA5MjYyMDUxMjNaFw0yNTA5MjUyMDU2MjNaMDMxMTAvBgNV
BAMTKEE2OEZDOEZDMTUzRUM1MUZGQTM3RTRBQTI4Nzg5NjZBQTkxQzkwNkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe8fAzK7UHF96OpCKHyqbPkZcr
qBmF/3lSz6ZVBFON3pAPsQ8G1nXo7AQvTN9I00akOvK5pNMdw2ceEtRJ2AdnbEVD
qtDtEoAElIgPs3bZP03fLddqE+qcWAeUX1K7iZBrIhweAgiMVJlt3aK5mHcn5R/I
KtyEIP4jFcNyFHvFuHUa2UzNpcqCBMHi/7m3J3nEl7bmw4wPSWP1C1R9N6y1gU0Y
4WI2sQ7GIUiNolTY0D6ZBBBRjozLSHrM9ZDU77LCQf0Ie8FMOFMV+FujFXUSLxSb
lgLG6qxPG0g6vbQBs+3OA4UFz30Nu5GkcBXMmO+c2U+wuQ3HvHv6kR/BzgOnAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUpo/I/BU+xR/6N+SqKHiWaqkckG4wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzNDM5M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM0MzEzMjM4LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwABJMA0GCSqGSIb3DQEBCwUAA4IBAQBHH+wZcQP10SiVUtevxeI7
ty/QYgyeSWWWX+e6uD0v/e6Obb21dB63qvmvNwk0M/pFhJ9wfUSCIi20f97Nxt2B
Oj2nfaqvk8xwn9u34GIbUB6BrAkvdnVYkh631wLu3RiJaNLYeW2AbIxfbr1+8dSl
MTOS2YFhCfbZapChnlA4bKS4n0RsqqrJbFF1L8o2QJiK9Su31ycdbConWyeBbOpe
BUClhtIlACBxcr08ODKfRf830pjg9pgC+XWFiIUP8Kmb7hY19N+m3V0sSGpPTpOz
LhMUieTRu6I62f7eGTJt9VZjCsct31n2zKPZYlH8l+hkWijeJjZPylcUKtJCAl3e
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:20 2024 by rpki-client on console-ams.rpki-client.org