Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730313a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a353730313a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: 8rSYC/rmOaG6QMucx38lab+ttuAxpdA8gF20Sx392S0=
Subject key identifier: AC:C8:03:DE:77:49:C9:8B:9A:A3:12:CC:90:5A:E9:82:E0:86:63:A4
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 1A5162FACF00B8099ED8CA4C101316DAB25C97B1
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730313a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Tue 25 Jun 2024 15:49:17 +0000
ROA not before: Tue 25 Jun 2024 15:44:17 +0000
ROA not after: Tue 24 Jun 2025 15:49:17 +0000
asID: 212149
IP address blocks: 2a11:5701:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:51:62:fa:cf:00:b8:09:9e:d8:ca:4c:10:13:16:da:b2:5c:97:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jun 25 15:44:17 2024 GMT
Not After : Jun 24 15:49:17 2025 GMT
Subject: CN=ACC803DE7749C98B9AA312CC905AE982E08663A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:50:2c:e3:45:5d:89:ab:eb:0c:e7:7d:14:a1:
a4:5f:90:fc:4e:2c:7e:6b:24:84:3f:ce:6f:55:99:
e5:b7:d9:e2:e9:b3:96:b3:ed:c4:2e:99:9f:b8:5f:
96:5c:b2:64:71:52:e8:31:da:cd:4e:77:d4:02:1e:
4b:64:18:96:6f:71:c1:5a:e6:db:08:29:33:ff:80:
ea:ca:15:76:78:c3:37:d3:69:5b:2e:02:91:2a:ff:
86:5b:3f:27:39:f9:f3:8f:21:20:88:78:0e:01:4d:
f8:63:00:48:05:c6:88:c4:27:64:11:5d:39:d6:83:
f9:db:f0:e5:5b:9a:76:36:88:be:7b:0d:9b:5b:1d:
d6:07:d0:df:5d:e4:4a:dc:c2:cc:cb:ad:cb:91:c6:
1d:8b:0b:fc:9c:64:8e:cf:52:30:80:68:c2:73:00:
dc:17:2b:4a:19:50:d7:1d:3e:c0:65:46:e6:5e:0a:
ce:26:03:99:9b:f2:ce:83:cf:76:7f:f0:35:0b:20:
d0:4b:f2:37:39:bd:17:89:67:ce:81:1c:a3:97:b2:
b3:73:ca:d8:13:4f:be:92:9e:63:d3:6a:3e:2f:0c:
f4:05:4c:c8:ec:e5:d5:32:15:ae:3a:83:25:a9:3a:
30:13:12:ee:45:08:94:3f:6c:cc:b5:28:a1:2a:3e:
06:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C8:03:DE:77:49:C9:8B:9A:A3:12:CC:90:5A:E9:82:E0:86:63:A4
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730313a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5701:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
96:e3:ce:88:de:04:81:7c:84:e6:1b:bd:1b:3a:4d:66:5d:02:
d0:ff:3f:28:60:fa:5d:e1:20:e7:cd:22:02:86:9b:de:38:aa:
d4:83:5e:00:4c:9b:ad:d2:a1:4f:c9:5d:83:3e:f0:b5:f5:86:
df:8d:f9:b6:3a:bc:78:06:a3:f8:c8:29:9e:71:06:f7:35:f4:
37:1a:46:0a:4d:15:de:46:1b:e5:90:2e:28:99:56:7b:6c:21:
88:2a:a9:6d:e6:8f:a8:e7:25:a0:3d:1d:bc:85:7e:36:72:fb:
48:c3:7b:bd:e0:99:8d:89:93:a3:52:36:78:65:2a:14:67:59:
d1:f3:e8:17:50:53:e6:23:03:0b:48:db:55:46:24:3d:d8:d5:
d5:54:3c:d1:06:68:f4:99:03:a6:1e:c9:76:d2:65:e0:84:45:
5e:59:92:af:06:4b:aa:ec:c5:04:74:0c:9a:ba:97:a2:86:8d:
68:d0:40:eb:6e:09:ee:b8:c5:b4:c8:c4:17:2f:b8:61:d1:f7:
b8:e3:97:13:2e:a8:f1:ac:e3:92:89:1e:a5:3a:7b:6d:61:55:
8f:16:88:1b:ad:b5:36:6d:10:7a:d1:ac:12:82:4b:e7:66:d5:
fe:6a:a6:22:6c:e0:08:68:11:e9:41:36:0d:0c:94:f9:f0:f2:
26:02:20:fa
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUGlFi+s8AuAme2MpMEBMW2rJcl7EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNDA2MjUxNTQ0MTdaFw0yNTA2MjQxNTQ5MTdaMDMxMTAvBgNV
BAMTKEFDQzgwM0RFNzc0OUM5OEI5QUEzMTJDQzkwNUFFOTgyRTA4NjYzQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzUCzjRV2Jq+sM530UoaRfkPxO
LH5rJIQ/zm9VmeW32eLps5az7cQumZ+4X5ZcsmRxUugx2s1Od9QCHktkGJZvccFa
5tsIKTP/gOrKFXZ4wzfTaVsuApEq/4ZbPyc5+fOPISCIeA4BTfhjAEgFxojEJ2QR
XTnWg/nb8OVbmnY2iL57DZtbHdYH0N9d5ErcwszLrcuRxh2LC/ycZI7PUjCAaMJz
ANwXK0oZUNcdPsBlRuZeCs4mA5mb8s6Dz3Z/8DULINBL8jc5vReJZ86BHKOXsrNz
ytgTT76SnmPTaj4vDPQFTMjs5dUyFa46gyWpOjATEu5FCJQ/bMy1KKEqPgbDAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUrMgD3ndJyYuaoxLMkFrpguCGY6QwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDMx
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRVwGwCzANBgkqhkiG9w0BAQsFAAOCAQEAluPOiN4EgXyE5hu9
GzpNZl0C0P8/KGD6XeEg580iAoab3jiq1INeAEybrdKhT8ldgz7wtfWG3435tjq8
eAaj+MgpnnEG9zX0NxpGCk0V3kYb5ZAuKJlWe2whiCqpbeaPqOcloD0dvIV+NnL7
SMN7veCZjYmTo1I2eGUqFGdZ0fPoF1BT5iMDC0jbVUYkPdjV1VQ80QZo9JkDph7J
dtJl4IRFXlmSrwZLquzFBHQMmrqXooaNaNBA624J7rjFtMjEFy+4YdH3uOOXEy6o
8azjkokepTp7bWFVjxaIG621Nm0QetGsEoJL52bV/mqmImzgCGgR6UE2DQyU+fDy
JgIg+g==
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:51 2024 by rpki-client on console-fra.rpki-client.org