Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963323a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a323963323a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: FIKkBrFVijJPO3VeC9y/gCRzlJ8kSO+DD3Qo2EyLnSA=
Subject key identifier: 5B:05:C6:1A:17:CD:CC:95:62:0A:09:42:2A:36:03:D8:68:A4:11:1A
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 56A839D79E86ACABC3EA669BD56836D74C43AD3F
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963323a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Wed 19 Jun 2024 14:01:18 +0000
ROA not before: Wed 19 Jun 2024 13:56:18 +0000
ROA not after: Wed 18 Jun 2025 14:01:18 +0000
asID: 212149
IP address blocks: 2a11:29c2:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:a8:39:d7:9e:86:ac:ab:c3:ea:66:9b:d5:68:36:d7:4c:43:ad:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Jun 19 13:56:18 2024 GMT
Not After : Jun 18 14:01:18 2025 GMT
Subject: CN=5B05C61A17CDCC95620A09422A3603D868A4111A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6d:64:71:9a:d9:a6:93:2e:ed:97:aa:f4:05:
37:67:c7:96:f1:89:9d:56:52:43:c2:a7:91:dc:67:
37:ff:ae:d1:43:c1:d9:7c:ed:8b:91:ec:95:cb:63:
e6:ff:a0:f7:26:38:71:73:ad:19:97:c6:c7:21:5d:
5b:d3:6f:42:6f:79:1d:77:95:5e:0b:f8:c9:58:55:
7d:7f:f3:7a:28:cf:76:b2:92:99:a5:e5:a7:3d:69:
aa:fd:97:ae:a8:7f:5b:f7:93:fa:68:6d:1f:73:9b:
80:b5:4e:f4:37:50:1b:95:61:95:94:9c:bd:95:cb:
0d:0d:5f:c0:4f:58:04:c1:bd:89:41:ba:b2:cc:60:
fa:43:57:5e:42:0b:e6:65:6d:3b:f3:e9:12:c3:d7:
6e:84:48:87:7b:a8:b0:36:f3:f0:34:f8:bf:52:34:
6a:50:3b:b8:47:3e:38:82:a7:5b:a5:53:42:8b:21:
46:36:c3:71:ed:cb:46:63:83:d0:e9:74:27:b4:25:
05:44:8e:b2:79:f2:3d:29:8c:9d:92:e1:6d:f3:c0:
58:87:db:e3:05:d1:f3:94:ea:6e:05:7c:ab:cd:4a:
80:c4:95:cf:f0:d9:54:a1:23:b8:4c:d2:13:53:c5:
57:6f:31:01:bd:7b:34:38:70:6e:cd:50:3d:1c:24:
fa:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:05:C6:1A:17:CD:CC:95:62:0A:09:42:2A:36:03:D8:68:A4:11:1A
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963323a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
47:29:bf:b9:5a:8e:9f:3b:63:f2:27:f4:ac:22:9e:bb:8e:e7:
7c:f9:7b:b2:ec:8a:79:e3:b7:a3:66:98:90:c1:9e:bc:19:2c:
74:7c:cb:e0:58:64:37:e1:57:fb:d9:1a:27:1e:2f:b7:3d:80:
c1:9a:3a:7f:ec:d7:2a:62:30:15:c0:53:f7:f8:d4:6b:12:1c:
4d:20:47:3f:b9:8f:b5:e9:df:2e:5c:78:7f:19:43:87:13:01:
e6:d8:41:16:2a:39:43:9f:12:07:39:61:63:7a:4c:e1:e4:e5:
03:d2:22:e4:42:c4:11:a5:88:ba:92:ec:2b:f0:88:49:02:71:
6a:78:ad:cf:a7:18:42:7c:3e:de:59:22:51:3e:70:e8:60:3b:
ce:9f:22:20:b1:5a:ef:42:db:cb:34:23:f9:68:f7:20:3d:71:
e0:d9:50:79:96:92:a4:ce:2a:bb:5a:4b:4f:b9:e2:4a:3f:19:
24:6a:95:24:33:fc:c9:16:83:47:48:95:35:2c:35:78:50:4d:
5c:6f:2c:32:e7:b1:bc:19:d0:66:f7:c9:65:ed:8a:ab:1f:ee:
5c:06:7c:b1:29:eb:b4:9c:77:f9:ac:1f:30:7f:90:be:cd:33:
75:44:cf:0d:c5:07:c6:61:b6:3b:ee:0a:59:4e:48:53:47:64:
98:b0:31:a8
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUVqg5156GrKvD6mab1Wg210xDrT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA2MTkxMzU2MThaFw0yNTA2MTgxNDAxMThaMDMxMTAvBgNV
BAMTKDVCMDVDNjFBMTdDRENDOTU2MjBBMDk0MjJBMzYwM0Q4NjhBNDExMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqbWRxmtmmky7tl6r0BTdnx5bx
iZ1WUkPCp5HcZzf/rtFDwdl87YuR7JXLY+b/oPcmOHFzrRmXxschXVvTb0JveR13
lV4L+MlYVX1/83ooz3aykpml5ac9aar9l66of1v3k/pobR9zm4C1TvQ3UBuVYZWU
nL2Vyw0NX8BPWATBvYlBurLMYPpDV15CC+ZlbTvz6RLD126ESId7qLA28/A0+L9S
NGpQO7hHPjiCp1ulU0KLIUY2w3Hty0Zjg9DpdCe0JQVEjrJ58j0pjJ2S4W3zwFiH
2+MF0fOU6m4FfKvNSoDElc/w2VShI7hM0hNTxVdvMQG9ezQ4cG7NUD0cJPp/AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUWwXGGhfNzJViCglCKjYD2GikERowHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMy
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcKwCzANBgkqhkiG9w0BAQsFAAOCAQEARym/uVqOnztj8if0
rCKeu47nfPl7suyKeeO3o2aYkMGevBksdHzL4FhkN+FX+9kaJx4vtz2AwZo6f+zX
KmIwFcBT9/jUaxIcTSBHP7mPtenfLlx4fxlDhxMB5thBFio5Q58SBzlhY3pM4eTl
A9Ii5ELEEaWIupLsK/CISQJxanitz6cYQnw+3lkiUT5w6GA7zp8iILFa70LbyzQj
+Wj3ID1x4NlQeZaSpM4qu1pLT7niSj8ZJGqVJDP8yRaDR0iVNSw1eFBNXG8sMuex
vBnQZvfJZe2Kqx/uXAZ8sSnrtJx3+awfMH+Qvs0zdUTPDcUHxmG2O+4KWU5IU0dk
mLAxqA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:20 2024 by rpki-client on console-ams.rpki-client.org