Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a35313a3a2f34382d3438203d3e20323134313839.roa
File: 326131313a323963303a35313a3a2f34382d3438203d3e20323134313839.roa (raw, json)
Hash identifier: 0k7LoSNtlYrtMTcXsk4w2VcWluyLykAj7HNqOKMEd/8=
Subject key identifier: FE:7B:6F:E3:1E:48:9C:4C:45:22:78:C9:0C:36:66:10:58:68:26:FF
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 3F88372A33AD96AE09E3E204461A3CF4252A55FB
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a35313a3a2f34382d3438203d3e20323134313839.roa
Signing time: Wed 25 Sep 2024 22:50:39 +0000
ROA not before: Wed 25 Sep 2024 22:45:39 +0000
ROA not after: Wed 24 Sep 2025 22:50:39 +0000
asID: 214189
IP address blocks: 2a11:29c0:51::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:88:37:2a:33:ad:96:ae:09:e3:e2:04:46:1a:3c:f4:25:2a:55:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Sep 25 22:45:39 2024 GMT
Not After : Sep 24 22:50:39 2025 GMT
Subject: CN=FE7B6FE31E489C4C452278C90C366610586826FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:98:da:c9:f0:d0:e1:11:b8:74:27:b2:9d:5d:
1f:0e:07:e4:76:12:c6:8b:b0:3e:3b:70:39:54:1b:
fc:fe:45:42:e6:21:4c:f9:c9:ef:18:df:97:42:42:
43:b2:63:22:02:cc:f8:c7:fd:a2:aa:0b:19:72:7e:
0d:d5:5d:3b:77:c9:a8:61:f6:48:7f:43:89:1d:51:
2a:93:9f:8c:8e:bf:7b:e8:41:b3:de:ff:59:79:c9:
77:e2:93:72:f5:09:42:d0:71:81:62:af:07:0e:d4:
b1:36:39:64:da:4c:66:33:db:b7:c4:1d:c7:77:19:
e9:50:36:48:d3:fb:da:0b:16:01:8a:d1:ba:68:d9:
58:ed:0d:1a:85:59:9c:53:1f:5a:fb:f4:f8:7a:50:
ad:6d:e5:a0:4e:17:56:3f:8f:e7:24:37:29:18:ab:
2b:75:a1:29:05:ac:e0:4f:63:ad:80:1d:d8:57:51:
16:70:22:bb:a8:11:ef:1c:79:a3:cd:b8:9d:63:da:
ef:7e:e4:a2:93:86:7e:4f:fd:61:f0:77:31:cc:fd:
da:13:a6:9a:bf:19:df:09:03:ce:1d:9c:a8:a5:e2:
9d:33:dd:9a:3e:fb:2b:fc:51:9c:10:af:07:03:00:
20:a7:db:fc:53:c3:56:66:8d:9c:fc:a5:c6:4e:74:
f6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:7B:6F:E3:1E:48:9C:4C:45:22:78:C9:0C:36:66:10:58:68:26:FF
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a35313a3a2f34382d3438203d3e20323134313839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:51::/48
Signature Algorithm: sha256WithRSAEncryption
03:ca:34:e3:b1:98:55:30:70:3e:8c:d5:1a:0f:16:38:a1:22:
db:04:46:63:7a:99:92:1a:04:11:81:d8:d6:de:3c:1f:80:eb:
15:3a:3b:6c:a3:ea:1a:ff:eb:52:ee:41:1e:65:31:94:2d:77:
76:31:61:07:67:cf:99:45:3f:af:13:e1:b7:2c:38:66:5f:4a:
cb:69:4a:9d:48:8a:ff:6d:e4:ed:56:c7:20:b7:ad:9c:ed:55:
25:12:a1:53:66:23:c6:94:7f:94:e7:41:28:56:d7:de:38:49:
fe:d4:8a:17:94:ef:fe:60:89:f8:8a:63:36:cc:20:d8:9e:ee:
32:4a:fb:89:1b:d3:cb:a1:61:fd:a0:06:80:89:2a:8e:3b:75:
38:47:5c:d9:23:63:19:09:e5:78:c1:b7:95:1a:36:a6:6a:fd:
0f:21:95:16:13:bf:69:0e:b8:20:c4:37:ca:d6:3a:7a:b4:ff:
c2:4b:9e:ba:4b:6a:7d:1e:46:38:22:52:90:35:4f:68:c6:20:
2f:0b:c9:5e:db:e5:e6:53:93:67:81:1d:64:90:87:6b:51:c8:
68:29:8d:ed:ce:76:2c:c3:21:ea:97:8a:05:c8:9b:c6:25:8e:
24:25:7d:6f:10:83:91:85:86:b3:91:8f:8d:45:0b:f7:07:ef:
5b:d0:b2:d5
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUP4g3KjOtlq4J4+IERho89CUqVfswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA5MjUyMjQ1MzlaFw0yNTA5MjQyMjUwMzlaMDMxMTAvBgNV
BAMTKEZFN0I2RkUzMUU0ODlDNEM0NTIyNzhDOTBDMzY2NjEwNTg2ODI2RkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCymNrJ8NDhEbh0J7KdXR8OB+R2
EsaLsD47cDlUG/z+RULmIUz5ye8Y35dCQkOyYyICzPjH/aKqCxlyfg3VXTt3yahh
9kh/Q4kdUSqTn4yOv3voQbPe/1l5yXfik3L1CULQcYFirwcO1LE2OWTaTGYz27fE
Hcd3GelQNkjT+9oLFgGK0bpo2VjtDRqFWZxTH1r79Ph6UK1t5aBOF1Y/j+ckNykY
qyt1oSkFrOBPY62AHdhXURZwIruoEe8ceaPNuJ1j2u9+5KKThn5P/WHwdzHM/doT
ppq/Gd8JA84dnKil4p0z3Zo++yv8UZwQrwcDACCn2/xTw1ZmjZz8pcZOdPadAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU/ntv4x5InExFInjJDDZmEFhoJv8wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzNTMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM0MzEzODM5LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwABRMA0GCSqGSIb3DQEBCwUAA4IBAQADyjTjsZhVMHA+jNUaDxY4
oSLbBEZjepmSGgQRgdjW3jwfgOsVOjtso+oa/+tS7kEeZTGULXd2MWEHZ8+ZRT+v
E+G3LDhmX0rLaUqdSIr/beTtVscgt62c7VUlEqFTZiPGlH+U50EoVtfeOEn+1IoX
lO/+YIn4imM2zCDYnu4ySvuJG9PLoWH9oAaAiSqOO3U4R1zZI2MZCeV4wbeVGjam
av0PIZUWE79pDrggxDfK1jp6tP/CS566S2p9HkY4IlKQNU9oxiAvC8le2+XmU5Nn
gR1kkIdrUchoKY3tznYswyHql4oFyJvGJY4kJX1vEIORhYazkY+NRQv3B+9b0LLV
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:13 2024 by rpki-client on console-fra.rpki-client.org