Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730343a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a353730343a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: vfJJza7tgDeLAPDMVyN5V6KQIqwick9H3Cppm/e5D7Y=
Subject key identifier: BD:17:82:3C:BC:05:39:56:6C:FA:9B:34:86:C3:8A:04:3A:1F:EE:42
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 2BD945A5B4B7BCDD8AFD73BAD1AF162D1BCBAAAE
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730343a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Tue 25 Jun 2024 15:49:19 +0000
ROA not before: Tue 25 Jun 2024 15:44:19 +0000
ROA not after: Tue 24 Jun 2025 15:49:19 +0000
asID: 212149
IP address blocks: 2a11:5704:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:d9:45:a5:b4:b7:bc:dd:8a:fd:73:ba:d1:af:16:2d:1b:cb:aa:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jun 25 15:44:19 2024 GMT
Not After : Jun 24 15:49:19 2025 GMT
Subject: CN=BD17823CBC0539566CFA9B3486C38A043A1FEE42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:0d:71:88:36:91:a2:b4:3f:df:c7:34:47:8c:
88:20:2d:b7:2d:53:68:9a:74:cb:73:36:13:0b:99:
3a:3f:08:41:8c:31:eb:91:83:27:85:84:ce:49:0f:
13:f2:f5:1c:bd:16:10:13:cc:9f:70:17:12:e3:8b:
00:83:93:50:aa:38:40:57:85:fc:c5:fc:c5:95:f1:
1a:c7:36:2f:c2:05:db:18:17:45:fb:c8:48:d0:59:
a7:b5:62:8a:44:9f:66:20:8f:98:13:bd:4b:81:6f:
fc:fe:38:59:10:1b:4f:39:2d:27:06:b5:02:bc:d4:
8f:cf:2d:ad:50:5e:a8:73:13:fd:5a:7c:1e:ac:dd:
43:2a:b4:e6:73:b7:47:82:57:8a:30:60:0c:36:ba:
43:75:9f:3f:76:77:05:a5:0d:64:93:8f:48:9f:c0:
cb:41:5b:cb:1a:fc:31:8c:a8:e5:c8:9e:56:77:71:
7a:97:ac:c9:b2:41:09:b4:68:da:9c:c3:49:b6:a7:
51:ff:e3:87:1e:a2:ee:7b:7c:35:3d:08:b3:85:64:
4f:f7:05:33:b2:0b:18:c4:af:ba:92:cd:30:55:64:
d9:ad:7f:a8:8f:eb:df:19:58:7d:4c:c9:36:6a:83:
b7:23:21:f3:98:36:2b:0d:b9:61:7e:ed:82:c9:6d:
b5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:17:82:3C:BC:05:39:56:6C:FA:9B:34:86:C3:8A:04:3A:1F:EE:42
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730343a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5704:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
63:aa:b1:4b:b3:fd:5a:22:2a:28:a2:4d:0e:67:df:d2:7a:d2:
5b:a1:34:cd:10:3b:da:79:25:ef:7e:1b:c3:37:77:fd:29:7c:
e2:d9:c0:5c:58:ea:56:9f:64:89:44:34:60:12:c1:00:70:87:
1a:a2:9c:6c:94:19:f5:d0:b7:1a:99:43:52:3f:32:f9:9a:0a:
1b:02:35:4d:64:bf:d0:3f:3e:8e:6b:96:b1:ba:df:be:23:ef:
e9:cf:5f:2f:12:4b:42:fa:26:5b:83:ba:11:7f:de:db:a2:10:
b7:62:d8:af:2e:57:51:5f:ef:2c:fd:74:51:2e:09:df:25:52:
98:f1:01:4e:2d:90:c7:a3:62:f5:ca:06:8e:89:b1:6c:16:fe:
da:47:f3:63:85:06:e0:90:92:ba:95:11:68:c4:e6:61:f9:b6:
b0:6f:b0:67:f5:15:e2:d4:0e:cd:99:d1:6b:45:d6:71:49:9f:
d7:dc:91:b0:dc:d0:39:5e:93:e7:e9:44:c1:52:8c:64:98:96:
36:48:3b:f5:df:c5:07:1c:07:be:6f:1f:6f:2d:5a:a1:79:0f:
fc:f0:83:e8:05:f7:2f:3e:f6:09:fb:bc:d0:11:d2:77:33:40:
d8:c1:c1:2c:76:14:7f:bd:cf:00:a9:2d:e9:ca:cf:02:da:fe:
51:d3:c3:aa
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUK9lFpbS3vN2K/XO60a8WLRvLqq4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNDA2MjUxNTQ0MTlaFw0yNTA2MjQxNTQ5MTlaMDMxMTAvBgNV
BAMTKEJEMTc4MjNDQkMwNTM5NTY2Q0ZBOUIzNDg2QzM4QTA0M0ExRkVFNDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvDXGINpGitD/fxzRHjIggLbct
U2iadMtzNhMLmTo/CEGMMeuRgyeFhM5JDxPy9Ry9FhATzJ9wFxLjiwCDk1CqOEBX
hfzF/MWV8RrHNi/CBdsYF0X7yEjQWae1YopEn2Ygj5gTvUuBb/z+OFkQG085LScG
tQK81I/PLa1QXqhzE/1afB6s3UMqtOZzt0eCV4owYAw2ukN1nz92dwWlDWSTj0if
wMtBW8sa/DGMqOXInlZ3cXqXrMmyQQm0aNqcw0m2p1H/44ceou57fDU9CLOFZE/3
BTOyCxjEr7qSzTBVZNmtf6iP698ZWH1MyTZqg7cjIfOYNisNuWF+7YLJbbU5AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUvReCPLwFOVZs+ps0hsOKBDof7kIwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDM0
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRVwSwCzANBgkqhkiG9w0BAQsFAAOCAQEAY6qxS7P9WiIqKKJN
Dmff0nrSW6E0zRA72nkl734bwzd3/Sl84tnAXFjqVp9kiUQ0YBLBAHCHGqKcbJQZ
9dC3GplDUj8y+ZoKGwI1TWS/0D8+jmuWsbrfviPv6c9fLxJLQvomW4O6EX/e26IQ
t2LYry5XUV/vLP10US4J3yVSmPEBTi2Qx6Ni9coGjomxbBb+2kfzY4UG4JCSupUR
aMTmYfm2sG+wZ/UV4tQOzZnRa0XWcUmf19yRsNzQOV6T5+lEwVKMZJiWNkg79d/F
BxwHvm8fby1aoXkP/PCD6AX3Lz72Cfu80BHSdzNA2MHBLHYUf73PAKkt6crPAtr+
UdPDqg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:21 2024 by rpki-client on console-ams.rpki-client.org