Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730323a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a353730323a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: jpJvrreRDifLrtBDiVkCHa/ih9KUqNO+TXds5XFOzYA=
Subject key identifier: 7F:A2:CB:4F:79:C5:E8:B2:29:FA:9A:CE:8F:0D:3D:B9:9F:B7:4D:08
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 556B26D8DDC1F9258AC195DCD8B76AE151AA56FB
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730323a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Tue 25 Jun 2024 15:49:19 +0000
ROA not before: Tue 25 Jun 2024 15:44:19 +0000
ROA not after: Tue 24 Jun 2025 15:49:19 +0000
asID: 212149
IP address blocks: 2a11:5702:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:6b:26:d8:dd:c1:f9:25:8a:c1:95:dc:d8:b7:6a:e1:51:aa:56:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jun 25 15:44:19 2024 GMT
Not After : Jun 24 15:49:19 2025 GMT
Subject: CN=7FA2CB4F79C5E8B229FA9ACE8F0D3DB99FB74D08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:da:12:d4:4c:b0:e9:13:00:92:b3:af:6f:ec:
1c:32:11:65:80:eb:ad:34:91:6b:d6:92:5b:d6:02:
d8:96:c4:43:ee:5a:ab:df:40:bb:19:99:cf:07:6b:
1a:61:6a:cc:e6:57:ba:fd:5b:5d:0c:bf:46:00:42:
ca:03:5a:66:0a:cd:35:e9:50:9e:c5:2f:3d:e4:65:
3c:97:0c:bd:34:95:fa:c5:64:8f:94:0e:89:e5:39:
a5:3a:1e:58:68:0b:4d:87:37:ef:e9:44:dd:53:8d:
0a:8b:19:77:a5:0c:2e:47:3f:46:fa:9d:aa:42:5a:
24:8c:29:9a:fb:ab:c6:a7:74:48:5b:d0:46:49:f8:
64:61:fc:b1:66:3b:62:41:b0:7e:41:72:d0:e5:07:
4b:df:f7:ec:89:11:bc:75:af:2f:57:45:99:87:a8:
f0:18:91:93:25:94:1b:c0:e6:3a:3d:15:11:fd:ac:
c3:8b:7d:86:ac:e1:ff:47:73:f6:bc:85:6b:d2:d2:
a3:2b:b7:df:f1:b1:a5:80:08:2e:3a:10:b8:71:e6:
fd:65:de:7e:21:f1:f2:5c:ad:1f:5b:99:6a:96:90:
c4:53:59:ba:57:6e:c5:b6:11:9b:98:a3:d3:77:20:
ae:65:41:46:14:9c:f3:b4:ba:55:e8:f9:24:73:88:
6e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:A2:CB:4F:79:C5:E8:B2:29:FA:9A:CE:8F:0D:3D:B9:9F:B7:4D:08
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730323a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5702:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
13:90:1e:fc:da:20:db:1c:34:4a:68:f2:49:a4:10:fa:cc:b7:
9d:c8:da:3e:ef:f1:f9:a5:62:25:0c:1d:b3:ee:bf:1f:bd:ea:
b7:94:25:26:54:e7:69:9a:e8:58:18:c3:46:b7:a7:89:be:98:
49:e7:7d:2b:ab:fd:e6:64:b2:3c:da:1c:08:1a:c5:b8:a4:d6:
36:43:09:f3:32:7b:bb:51:0f:4e:61:00:1c:52:5e:f7:d8:9c:
6e:b4:2a:fa:a7:3e:87:fc:de:5d:50:83:0a:66:00:45:5b:5e:
ba:07:0a:04:96:9f:43:c6:64:b7:a4:22:5c:29:48:e9:26:87:
bb:a8:d8:6b:98:bf:be:5e:7c:76:aa:8b:5f:84:79:dc:76:2f:
59:54:71:70:40:86:2c:19:33:26:5b:eb:62:3b:a2:5f:d9:96:
bb:80:07:93:3d:e1:ba:ad:59:ad:c5:5b:8e:a3:ac:c5:80:a0:
f5:0d:ba:04:e1:a1:6f:ad:ed:36:31:5e:e2:0e:e2:04:7c:eb:
52:74:cb:07:02:9d:f7:73:c2:70:90:d3:3a:50:a6:1b:60:27:
96:94:d2:3d:e8:4e:2c:69:a8:14:6f:23:ac:8e:70:79:a8:ce:
ac:36:a2:04:24:44:32:20:04:94:ce:1b:00:b8:a6:a5:64:9b:
fc:80:84:a0
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUVWsm2N3B+SWKwZXc2Ldq4VGqVvswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNDA2MjUxNTQ0MTlaFw0yNTA2MjQxNTQ5MTlaMDMxMTAvBgNV
BAMTKDdGQTJDQjRGNzlDNUU4QjIyOUZBOUFDRThGMEQzREI5OUZCNzREMDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG2hLUTLDpEwCSs69v7BwyEWWA
6600kWvWklvWAtiWxEPuWqvfQLsZmc8HaxphaszmV7r9W10Mv0YAQsoDWmYKzTXp
UJ7FLz3kZTyXDL00lfrFZI+UDonlOaU6HlhoC02HN+/pRN1TjQqLGXelDC5HP0b6
napCWiSMKZr7q8andEhb0EZJ+GRh/LFmO2JBsH5BctDlB0vf9+yJEbx1ry9XRZmH
qPAYkZMllBvA5jo9FRH9rMOLfYas4f9Hc/a8hWvS0qMrt9/xsaWACC46ELhx5v1l
3n4h8fJcrR9bmWqWkMRTWbpXbsW2EZuYo9N3IK5lQUYUnPO0ulXo+SRziG5PAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUf6LLT3nF6LIp+prOjw09uZ+3TQgwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDMy
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRVwKwCzANBgkqhkiG9w0BAQsFAAOCAQEAE5Ae/Nog2xw0Smjy
SaQQ+sy3ncjaPu/x+aViJQwds+6/H73qt5QlJlTnaZroWBjDRrenib6YSed9K6v9
5mSyPNocCBrFuKTWNkMJ8zJ7u1EPTmEAHFJe99icbrQq+qc+h/zeXVCDCmYARVte
ugcKBJafQ8Zkt6QiXClI6SaHu6jYa5i/vl58dqqLX4R53HYvWVRxcECGLBkzJlvr
YjuiX9mWu4AHkz3huq1ZrcVbjqOsxYCg9Q26BOGhb63tNjFe4g7iBHzrUnTLBwKd
93PCcJDTOlCmG2AnlpTSPehOLGmoFG8jrI5weajOrDaiBCREMiAElM4bALimpWSb
/ICEoA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:21 2024 by rpki-client on console-ams.rpki-client.org