Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963313a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a323963313a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: GlZctdewJmnJN53D1wvxxdbnL+mjsNYoOPKsw5Y27Ns=
Subject key identifier: 46:FF:CF:F9:7A:1E:B3:2C:E0:1B:44:B3:C9:AB:26:4B:07:01:BD:40
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 2CAA37807D0BA03FAA1FF8667FD79DA86709749A
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963313a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Wed 19 Jun 2024 14:01:18 +0000
ROA not before: Wed 19 Jun 2024 13:56:18 +0000
ROA not after: Wed 18 Jun 2025 14:01:18 +0000
asID: 212149
IP address blocks: 2a11:29c1:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:aa:37:80:7d:0b:a0:3f:aa:1f:f8:66:7f:d7:9d:a8:67:09:74:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Jun 19 13:56:18 2024 GMT
Not After : Jun 18 14:01:18 2025 GMT
Subject: CN=46FFCFF97A1EB32CE01B44B3C9AB264B0701BD40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:56:63:36:f5:fa:37:eb:46:22:66:dc:a9:9a:
d0:f5:1b:fd:1e:ac:b2:42:43:6b:d6:9d:2a:48:12:
69:ee:07:f7:a5:b4:15:cc:52:a1:d6:07:56:00:b4:
32:f4:0e:a1:81:32:8a:20:a8:ef:be:12:b0:9a:ba:
81:99:59:29:64:11:22:34:37:d5:9d:c8:7c:54:71:
94:8c:ad:1f:e8:b2:d2:d4:f9:da:4b:50:be:c4:19:
71:e3:a3:1e:e0:62:c4:9e:d7:e1:6f:e4:f2:8f:0d:
21:06:f3:23:ad:4c:00:c5:96:f8:37:9b:b0:28:53:
85:26:87:8a:70:eb:76:11:dd:c8:96:ae:22:71:a4:
12:eb:ec:2b:8f:5c:06:66:c8:dc:f5:b3:e0:05:55:
26:75:0f:c9:c0:2c:dc:6a:41:4e:54:ed:14:cf:f1:
e7:39:c5:33:29:fb:cb:0a:a4:10:bf:f1:db:50:0f:
2f:38:3d:e3:b4:47:72:7f:0f:b8:eb:56:88:be:a7:
d0:47:fa:b5:ad:4b:b1:b0:45:4e:60:38:10:8e:19:
cf:37:1d:79:7b:b3:41:cc:be:a9:15:8f:8a:30:e8:
79:ff:c3:bd:21:84:b7:cf:86:6f:5b:eb:49:17:1a:
3d:71:b2:66:23:69:19:8c:ef:28:fd:55:ca:76:36:
c4:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:FF:CF:F9:7A:1E:B3:2C:E0:1B:44:B3:C9:AB:26:4B:07:01:BD:40
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963313a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c1:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
43:04:04:5e:08:93:ee:a1:b1:e8:3a:c6:0b:dc:1a:25:52:86:
da:02:8a:57:c2:07:96:8e:1d:8d:1c:ce:67:eb:7a:4b:5d:14:
54:7d:cb:fa:d7:87:89:9a:4f:aa:e9:ac:8b:c6:3c:5e:ce:bf:
a0:0e:fc:75:91:16:02:1f:6c:3a:e8:01:bc:00:d5:2e:f9:32:
33:f7:a6:c4:4b:48:f0:97:a9:bc:dc:dd:bf:2c:fb:fd:03:9c:
d7:26:1d:f1:3f:75:73:8b:29:50:67:7d:fd:34:f7:56:86:fb:
b2:c2:a5:f9:73:b2:9a:d7:42:66:d7:b1:4c:14:ad:b7:77:f4:
63:d5:96:50:9a:55:c6:fc:bc:b4:6b:e6:88:a4:80:b2:65:0f:
25:78:4b:95:a1:d7:e2:2f:3d:61:89:72:10:99:2a:b2:6a:62:
c9:95:ba:d7:b0:3e:8d:b2:73:c7:ec:e3:80:27:48:8e:81:84:
65:05:5e:12:eb:7c:c4:71:54:0c:bf:1c:f6:c1:10:40:f2:fe:
2b:5a:8e:4a:75:99:0f:04:83:2a:f5:36:da:8f:55:48:3d:47:
7b:35:ad:e8:b9:9e:bb:8e:be:68:7c:21:9d:a9:6d:21:e0:6b:
e1:d6:00:34:54:80:62:0d:30:5c:ed:00:9e:2f:0a:01:a6:19:
30:43:3b:43
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIULKo3gH0LoD+qH/hmf9edqGcJdJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA2MTkxMzU2MThaFw0yNTA2MTgxNDAxMThaMDMxMTAvBgNV
BAMTKDQ2RkZDRkY5N0ExRUIzMkNFMDFCNDRCM0M5QUIyNjRCMDcwMUJENDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmVmM29fo360YiZtypmtD1G/0e
rLJCQ2vWnSpIEmnuB/eltBXMUqHWB1YAtDL0DqGBMoogqO++ErCauoGZWSlkESI0
N9WdyHxUcZSMrR/ostLU+dpLUL7EGXHjox7gYsSe1+Fv5PKPDSEG8yOtTADFlvg3
m7AoU4Umh4pw63YR3ciWriJxpBLr7CuPXAZmyNz1s+AFVSZ1D8nALNxqQU5U7RTP
8ec5xTMp+8sKpBC/8dtQDy84PeO0R3J/D7jrVoi+p9BH+rWtS7GwRU5gOBCOGc83
HXl7s0HMvqkVj4ow6Hn/w70hhLfPhm9b60kXGj1xsmYjaRmM7yj9Vcp2NsSRAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQURv/P+XoesyzgG0SzyasmSwcBvUAwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMx
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcGwCzANBgkqhkiG9w0BAQsFAAOCAQEAQwQEXgiT7qGx6DrG
C9waJVKG2gKKV8IHlo4djRzOZ+t6S10UVH3L+teHiZpPqumsi8Y8Xs6/oA78dZEW
Ah9sOugBvADVLvkyM/emxEtI8JepvNzdvyz7/QOc1yYd8T91c4spUGd9/TT3Vob7
ssKl+XOymtdCZtexTBStt3f0Y9WWUJpVxvy8tGvmiKSAsmUPJXhLlaHX4i89YYly
EJkqsmpiyZW617A+jbJzx+zjgCdIjoGEZQVeEut8xHFUDL8c9sEQQPL+K1qOSnWZ
DwSDKvU22o9VSD1HezWt6Lmeu46+aHwhnaltIeBr4dYANFSAYg0wXO0Ani8KAaYZ
MEM7Qw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:20 2024 by rpki-client on console-ams.rpki-client.org