Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730333a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a353730333a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: 4u/gNCBvytd7eZSyyMh6T2KiCJ3m+wg7l3GvlAdV7y4=
Subject key identifier: 54:12:4B:60:1C:29:42:FA:18:9B:69:D0:0A:5A:80:D5:1A:C0:81:45
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 61DEEC99C587E782E9ECDB0A33CEA13A53C4B0EF
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730333a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Tue 25 Jun 2024 15:49:18 +0000
ROA not before: Tue 25 Jun 2024 15:44:18 +0000
ROA not after: Tue 24 Jun 2025 15:49:18 +0000
asID: 212149
IP address blocks: 2a11:5703:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:de:ec:99:c5:87:e7:82:e9:ec:db:0a:33:ce:a1:3a:53:c4:b0:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jun 25 15:44:18 2024 GMT
Not After : Jun 24 15:49:18 2025 GMT
Subject: CN=54124B601C2942FA189B69D00A5A80D51AC08145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2d:b5:f5:cc:54:29:67:a2:62:61:14:f9:84:
df:ba:7a:a7:48:51:38:ab:9b:9d:b1:a2:ae:c3:a2:
f2:0c:e0:51:22:64:46:d1:fe:6a:c6:c9:72:2c:7c:
3f:90:0f:c6:3b:b3:0b:45:76:36:a1:63:21:c0:25:
1c:3d:1f:65:63:88:e1:9c:78:04:cd:cf:cb:5a:93:
9e:89:ff:05:89:04:fd:4b:b0:94:21:52:f0:94:d6:
bb:95:5e:ec:52:66:74:6f:e5:84:76:31:87:45:fa:
c5:3c:08:18:1b:6d:51:ba:4e:35:3f:4f:c9:19:5a:
6f:9e:83:ed:96:b1:d1:e4:18:42:7e:e9:0f:91:35:
a2:19:66:b8:ff:e4:87:88:6a:65:6a:46:35:36:f2:
f5:b4:b9:f5:c3:9c:89:3c:96:10:80:09:53:b6:92:
9a:7b:b3:b8:0d:bd:14:6f:f4:29:5b:29:0e:7f:b4:
5d:29:43:04:3c:d1:b8:04:8e:71:9f:16:52:8a:ee:
74:48:51:7b:c4:6b:19:96:59:51:ee:cd:27:bd:59:
36:ec:44:18:d2:74:28:47:fd:37:03:0c:18:3a:79:
be:36:71:8f:12:f5:07:72:9c:f0:cd:72:13:32:b8:
89:fc:42:e9:c7:75:31:95:da:a5:b2:c5:99:a0:dc:
b7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:12:4B:60:1C:29:42:FA:18:9B:69:D0:0A:5A:80:D5:1A:C0:81:45
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730333a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5703:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
06:74:25:b8:6b:ce:83:17:d1:4a:4d:fc:71:16:69:e7:ff:84:
20:4e:6c:eb:76:fe:dc:18:5d:80:a9:29:25:0b:e7:26:50:e1:
58:96:87:43:1f:1f:fa:3b:38:bf:2f:ec:2a:0f:51:95:01:00:
16:c2:89:9c:d3:6a:fd:02:6f:66:ee:bb:97:74:ee:39:11:5c:
9c:44:b7:42:10:8b:a8:a6:9f:bf:52:b8:ea:53:b5:2a:e1:4d:
4e:31:b5:d5:56:19:8b:8a:a6:ec:8a:38:30:00:8a:5b:50:41:
3a:4d:64:ce:3c:f3:a6:09:21:e7:5d:fa:f7:95:4f:ea:cd:ce:
05:4c:c2:c5:0a:67:c7:26:e2:b2:52:7d:fc:f3:9c:9a:be:61:
ea:d3:9c:87:0e:12:9c:0f:65:01:be:23:10:fd:0c:86:c6:2e:
70:10:02:3c:06:78:4f:4b:bf:bf:a2:26:86:73:f9:ac:5a:ad:
86:63:bf:e0:e7:55:47:32:6b:08:43:33:e8:38:22:f8:0e:08:
35:af:94:25:72:5e:c4:28:6b:6b:f4:ce:c1:28:cb:88:4e:76:
ac:e0:d2:5b:e3:a2:5b:a8:24:1f:b3:c8:55:77:52:08:55:2e:
8f:a4:50:39:68:31:6e:61:4c:b5:3d:9e:c8:05:51:1c:60:27:
cf:7b:56:3a
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUYd7smcWH54Lp7NsKM86hOlPEsO8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNDA2MjUxNTQ0MThaFw0yNTA2MjQxNTQ5MThaMDMxMTAvBgNV
BAMTKDU0MTI0QjYwMUMyOTQyRkExODlCNjlEMDBBNUE4MEQ1MUFDMDgxNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0LbX1zFQpZ6JiYRT5hN+6eqdI
UTirm52xoq7DovIM4FEiZEbR/mrGyXIsfD+QD8Y7swtFdjahYyHAJRw9H2VjiOGc
eATNz8tak56J/wWJBP1LsJQhUvCU1ruVXuxSZnRv5YR2MYdF+sU8CBgbbVG6TjU/
T8kZWm+eg+2WsdHkGEJ+6Q+RNaIZZrj/5IeIamVqRjU28vW0ufXDnIk8lhCACVO2
kpp7s7gNvRRv9ClbKQ5/tF0pQwQ80bgEjnGfFlKK7nRIUXvEaxmWWVHuzSe9WTbs
RBjSdChH/TcDDBg6eb42cY8S9QdynPDNchMyuIn8QunHdTGV2qWyxZmg3LelAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUVBJLYBwpQvoYm2nQClqA1RrAgUUwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDMz
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRVwOwCzANBgkqhkiG9w0BAQsFAAOCAQEABnQluGvOgxfRSk38
cRZp5/+EIE5s63b+3BhdgKkpJQvnJlDhWJaHQx8f+js4vy/sKg9RlQEAFsKJnNNq
/QJvZu67l3TuORFcnES3QhCLqKafv1K46lO1KuFNTjG11VYZi4qm7Io4MACKW1BB
Ok1kzjzzpgkh513695VP6s3OBUzCxQpnxybislJ9/POcmr5h6tOchw4SnA9lAb4j
EP0MhsYucBACPAZ4T0u/v6ImhnP5rFqthmO/4OdVRzJrCEMz6Dgi+A4INa+UJXJe
xChra/TOwSjLiE52rODSW+OiW6gkH7PIVXdSCFUuj6RQOWgxbmFMtT2eyAVRHGAn
z3tWOg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:21 2024 by rpki-client on console-ams.rpki-client.org