Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730313a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a353730313a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: 0WTZwkI1gTbE4KRb+6mGDktnUT17/TMnkP8qgV8AKK0=
Subject key identifier: C6:A3:D9:F3:45:64:34:8A:D5:DC:C8:E2:6E:CD:00:AB:04:DD:1F:5A
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 016AAA4E9A98FA4065DAAF610295313E5D484DAD
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730313a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Tue 25 Jul 2023 15:01:43 +0000
ROA not before: Tue 25 Jul 2023 14:56:43 +0000
ROA not after: Tue 23 Jul 2024 15:01:43 +0000
asID: 212149
IP address blocks: 2a11:5701:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:6a:aa:4e:9a:98:fa:40:65:da:af:61:02:95:31:3e:5d:48:4d:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jul 25 14:56:43 2023 GMT
Not After : Jul 23 15:01:43 2024 GMT
Subject: CN=C6A3D9F34564348AD5DCC8E26ECD00AB04DD1F5A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e4:18:83:0f:61:f1:5e:56:02:72:28:18:64:
21:18:d0:8b:55:4a:1f:11:1e:19:e9:5c:ae:0e:84:
eb:9e:d9:0f:d0:37:1c:d8:cf:03:8f:3f:1e:43:46:
99:3d:fc:ea:65:30:88:84:7a:b6:88:dd:5b:4f:69:
63:4b:ee:fc:c3:4a:c9:ca:ae:a7:cc:9b:06:db:bb:
4d:98:6e:7b:f4:b4:27:07:eb:05:4f:71:4e:5d:83:
df:1d:8b:44:2f:fc:24:64:95:10:e8:ad:61:37:c0:
fd:db:a7:3e:aa:52:00:a6:22:90:98:00:96:d9:36:
f3:e7:2d:9d:81:78:7b:d7:22:e8:52:a8:2d:9b:3c:
83:98:15:27:f5:e8:69:75:76:70:09:c2:fa:a4:61:
2f:9b:5a:ea:df:41:3b:66:56:be:9d:80:fa:6a:ab:
8d:84:98:34:83:4f:b3:28:c3:bb:cb:dc:e4:69:7d:
84:72:41:49:5d:6a:0d:71:07:79:07:5d:4d:b3:13:
78:05:e9:2f:8a:33:69:c3:eb:33:c3:be:b1:10:12:
92:33:e4:06:39:4b:f5:00:97:1b:bc:c6:57:d3:16:
d1:3d:89:13:80:5e:a0:c3:0e:88:e9:5d:7d:36:11:
ee:bc:96:92:1f:fb:43:f1:39:55:ea:97:a9:e2:03:
e0:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:A3:D9:F3:45:64:34:8A:D5:DC:C8:E2:6E:CD:00:AB:04:DD:1F:5A
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730313a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5701:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
94:ce:23:b7:31:37:42:bb:1c:e3:a9:12:0b:67:62:fd:71:a1:
00:98:84:a9:6d:b7:f2:2e:5d:0c:2a:e0:15:b8:8f:c5:0a:91:
e9:ee:4f:70:fe:15:b8:6e:3c:2d:3a:db:a3:4c:c2:61:fe:81:
17:6f:39:dd:9b:28:de:b5:05:d0:51:a5:dd:63:1c:05:b0:af:
f8:15:e5:b5:5b:11:6d:41:44:ec:d8:7f:02:d4:f0:f7:40:ed:
85:3c:44:3b:be:41:2b:7b:c9:ee:9c:c0:55:76:9b:97:71:95:
37:86:c6:a9:5d:88:87:1e:0c:65:f0:1f:5a:1f:8a:ad:ce:1c:
4d:b1:e0:72:63:b7:28:27:50:54:cf:b6:5b:fb:55:be:1e:e1:
86:ea:48:b8:72:f9:46:41:ad:f7:e5:54:d7:3a:78:c6:11:a8:
a0:2a:8b:c0:77:44:fb:24:d0:57:6d:76:68:19:8c:c6:bc:d9:
fb:2e:cc:c9:36:cf:fc:a4:5d:92:6d:43:bf:7b:ae:e7:e3:5b:
bb:a0:55:40:14:0f:66:87:2c:e3:a9:bc:80:1d:ac:da:93:ca:
ca:3b:65:04:b7:06:2b:c6:2c:0f:45:56:3a:52:93:0b:e2:09:
35:16:a4:d0:b3:d7:65:17:8e:62:c7:9a:8b:cb:b5:fd:d4:d4:
99:2f:01:82
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUAWqqTpqY+kBl2q9hApUxPl1ITa0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yMzA3MjUxNDU2NDNaFw0yNDA3MjMxNTAxNDNaMDMxMTAvBgNV
BAMTKEM2QTNEOUYzNDU2NDM0OEFENURDQzhFMjZFQ0QwMEFCMDRERDFGNUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO5BiDD2HxXlYCcigYZCEY0ItV
Sh8RHhnpXK4OhOue2Q/QNxzYzwOPPx5DRpk9/OplMIiEeraI3VtPaWNL7vzDSsnK
rqfMmwbbu02Ybnv0tCcH6wVPcU5dg98di0Qv/CRklRDorWE3wP3bpz6qUgCmIpCY
AJbZNvPnLZ2BeHvXIuhSqC2bPIOYFSf16Gl1dnAJwvqkYS+bWurfQTtmVr6dgPpq
q42EmDSDT7Mow7vL3ORpfYRyQUldag1xB3kHXU2zE3gF6S+KM2nD6zPDvrEQEpIz
5AY5S/UAlxu8xlfTFtE9iROAXqDDDojpXX02Ee68lpIf+0PxOVXql6niA+DnAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUxqPZ80VkNIrV3Mjibs0AqwTdH1owHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDMx
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRVwGwCzANBgkqhkiG9w0BAQsFAAOCAQEAlM4jtzE3Qrsc46kS
C2di/XGhAJiEqW238i5dDCrgFbiPxQqR6e5PcP4VuG48LTrbo0zCYf6BF2853Zso
3rUF0FGl3WMcBbCv+BXltVsRbUFE7Nh/AtTw90DthTxEO75BK3vJ7pzAVXabl3GV
N4bGqV2Ihx4MZfAfWh+Krc4cTbHgcmO3KCdQVM+2W/tVvh7hhupIuHL5RkGt9+VU
1zp4xhGooCqLwHdE+yTQV212aBmMxrzZ+y7MyTbP/KRdkm1Dv3uu5+Nbu6BVQBQP
Zocs46m8gB2s2pPKyjtlBLcGK8YsD0VWOlKTC+IJNRak0LPXZReOYseai8u1/dTU
mS8Bgg==
-----END CERTIFICATE-----
Generated at Fri May 17 14:34:45 2024 by rpki-client on console-ams.rpki-client.org