Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730333a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a353730333a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: Oy8Npsr2RbcsLCbyckJDZUc/eH4+r4t+adSFl0lBjsA=
Subject key identifier: D8:31:D3:09:D6:C2:53:15:64:79:41:44:F5:41:7F:77:A7:F7:04:E7
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 55A451862F66365C7900B62CFD2AD17EF21E3D2F
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730333a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Tue 25 Jul 2023 15:01:49 +0000
ROA not before: Tue 25 Jul 2023 14:56:49 +0000
ROA not after: Tue 23 Jul 2024 15:01:49 +0000
asID: 212149
IP address blocks: 2a11:5703:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:a4:51:86:2f:66:36:5c:79:00:b6:2c:fd:2a:d1:7e:f2:1e:3d:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jul 25 14:56:49 2023 GMT
Not After : Jul 23 15:01:49 2024 GMT
Subject: CN=D831D309D6C2531564794144F5417F77A7F704E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:10:b0:b0:37:79:3d:9b:2d:61:35:8b:da:3a:
62:ba:cb:e9:5c:82:60:ae:de:e0:57:3b:2f:7a:3c:
ec:32:66:ac:fe:b8:89:63:5d:f4:14:ac:1d:02:a7:
aa:4b:dc:6a:01:b8:9f:ff:de:4a:fe:16:ba:af:2c:
c2:a6:ac:d5:d6:2b:ef:5a:98:6b:ca:e3:5e:7a:6a:
44:65:23:3b:39:68:e2:27:81:db:6b:9d:f1:e1:43:
5b:a6:f2:b3:c2:f6:6a:65:3c:5a:46:14:be:12:b0:
c3:93:81:97:fa:49:a6:6a:e6:37:41:7a:d9:5b:bf:
af:a8:94:7d:73:55:54:f1:37:ac:32:83:75:85:a9:
ec:4d:19:6f:6f:45:63:13:6f:3b:01:7f:4e:c3:a0:
3c:26:05:b0:f5:ec:18:f4:6c:18:db:e3:ce:db:a0:
aa:80:20:d4:0a:27:24:ad:3d:6f:f8:41:3d:e7:6d:
27:38:00:e1:0c:99:4a:0d:c5:49:c7:58:e1:1a:b1:
87:a5:d1:15:0d:24:d7:5c:fd:b8:34:f3:5e:11:09:
1f:2e:b2:23:77:85:2a:0b:52:99:dc:8b:90:0f:f3:
d9:2b:54:22:fe:c9:60:88:9d:f3:4d:a4:ac:0e:cb:
a3:15:2d:0d:f3:9c:2b:3d:d0:a6:df:ca:4d:75:64:
2a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:31:D3:09:D6:C2:53:15:64:79:41:44:F5:41:7F:77:A7:F7:04:E7
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730333a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5703:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
d0:5d:39:2d:89:da:a6:a6:b1:81:5f:59:db:88:ea:6a:11:eb:
50:b9:a3:b8:be:5c:59:79:35:90:51:f9:92:e7:b7:16:1a:a1:
7e:b4:90:09:25:73:92:75:4c:4c:20:59:93:c0:21:4d:5f:85:
26:7e:62:bc:2a:9b:bc:21:78:d9:93:57:14:19:46:4f:78:a9:
50:19:14:95:ac:7c:75:2c:3f:a8:a5:98:21:64:ba:b3:69:3e:
1a:57:d8:f3:23:3f:1b:1e:90:7f:4d:7f:30:d6:87:be:0a:2e:
b4:08:6f:7b:f9:3f:57:f3:65:ea:22:d3:60:64:75:94:65:ec:
4d:28:56:41:b6:21:5f:80:0c:80:91:06:7d:71:e1:b1:ab:6d:
ca:4d:c2:40:18:21:84:86:8f:0b:1c:30:ee:9b:13:1e:37:c3:
d8:f8:14:2f:ed:f5:11:33:3b:c7:3a:99:f8:85:25:88:c6:6d:
e6:0e:fa:a7:4b:c7:cc:ec:89:cf:22:78:e5:bf:de:19:d5:ff:
a7:57:3b:0e:a3:03:5b:5f:c3:c4:ad:0c:66:58:1a:5c:41:94:
f9:ba:db:0b:6a:a1:02:a8:df:c2:99:67:60:78:b8:6c:27:7d:
12:25:c2:8a:80:06:99:40:71:30:b5:10:75:e4:7c:0f:2d:e4:
dd:eb:31:13
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUVaRRhi9mNlx5ALYs/SrRfvIePS8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yMzA3MjUxNDU2NDlaFw0yNDA3MjMxNTAxNDlaMDMxMTAvBgNV
BAMTKEQ4MzFEMzA5RDZDMjUzMTU2NDc5NDE0NEY1NDE3Rjc3QTdGNzA0RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTELCwN3k9my1hNYvaOmK6y+lc
gmCu3uBXOy96POwyZqz+uIljXfQUrB0Cp6pL3GoBuJ//3kr+FrqvLMKmrNXWK+9a
mGvK4156akRlIzs5aOIngdtrnfHhQ1um8rPC9mplPFpGFL4SsMOTgZf6SaZq5jdB
etlbv6+olH1zVVTxN6wyg3WFqexNGW9vRWMTbzsBf07DoDwmBbD17Bj0bBjb487b
oKqAINQKJyStPW/4QT3nbSc4AOEMmUoNxUnHWOEasYel0RUNJNdc/bg0814RCR8u
siN3hSoLUpnci5AP89krVCL+yWCInfNNpKwOy6MVLQ3znCs90Kbfyk11ZCqfAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU2DHTCdbCUxVkeUFE9UF/d6f3BOcwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDMz
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRVwOwCzANBgkqhkiG9w0BAQsFAAOCAQEA0F05LYnapqaxgV9Z
24jqahHrULmjuL5cWXk1kFH5kue3FhqhfrSQCSVzknVMTCBZk8AhTV+FJn5ivCqb
vCF42ZNXFBlGT3ipUBkUlax8dSw/qKWYIWS6s2k+GlfY8yM/Gx6Qf01/MNaHvgou
tAhve/k/V/Nl6iLTYGR1lGXsTShWQbYhX4AMgJEGfXHhsattyk3CQBghhIaPCxww
7psTHjfD2PgUL+31ETM7xzqZ+IUliMZt5g76p0vHzOyJzyJ45b/eGdX/p1c7DqMD
W1/DxK0MZlgaXEGU+brbC2qhAqjfwplnYHi4bCd9EiXCioAGmUBxMLUQdeR8Dy3k
3esxEw==
-----END CERTIFICATE-----
Generated at Fri May 17 14:34:45 2024 by rpki-client on console-ams.rpki-client.org