Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730353a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a353730353a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: abdx96bGasEt79nv1n4PdtuPD35/cpm50ioY9tC3qus=
Subject key identifier: A9:0B:73:1B:0A:DF:23:F7:2D:5E:46:5D:35:E5:8C:91:0D:9D:A9:22
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 25333429F04F9F1D176856697FEBDDB0156A0BD0
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730353a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Tue 25 Jun 2024 15:49:18 +0000
ROA not before: Tue 25 Jun 2024 15:44:18 +0000
ROA not after: Tue 24 Jun 2025 15:49:18 +0000
asID: 212149
IP address blocks: 2a11:5705:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:33:34:29:f0:4f:9f:1d:17:68:56:69:7f:eb:dd:b0:15:6a:0b:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jun 25 15:44:18 2024 GMT
Not After : Jun 24 15:49:18 2025 GMT
Subject: CN=A90B731B0ADF23F72D5E465D35E58C910D9DA922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9c:5a:e7:66:b2:73:b9:d1:5d:1d:bb:10:f3:
b3:a0:4b:e8:1b:9f:51:24:7a:25:e3:ca:01:a4:70:
9d:86:1d:5d:df:bc:2c:ee:ee:32:31:05:3a:f1:8e:
6b:05:34:a3:26:a3:a4:ee:4c:55:1c:8a:58:fe:4e:
63:44:51:f8:1e:eb:01:95:f5:ec:8e:fa:82:9a:c8:
20:1c:4b:40:0f:e3:09:9f:67:c9:0f:7d:26:e0:b2:
d7:bb:02:8e:34:f9:4e:ef:08:0a:d0:3a:22:39:a4:
ad:c9:45:49:11:3a:73:e6:86:46:0c:db:66:59:e2:
67:68:2d:e4:c6:28:b2:6f:f7:7c:1d:46:8c:e4:6d:
12:5a:d3:88:6d:87:3f:b9:3c:63:b5:31:1d:e3:3c:
91:c3:9e:95:d0:f5:ed:c7:18:bd:45:db:59:ad:92:
73:9f:61:52:66:a2:ca:23:e3:de:01:d9:09:bb:44:
99:85:a4:de:a3:47:f3:0f:fa:55:16:14:64:de:8b:
d9:c2:19:08:a6:f3:67:81:79:04:07:fe:dd:db:a9:
57:95:e6:e7:c9:b5:2a:d2:c3:02:4d:a1:36:ca:15:
6c:39:84:61:b0:3a:49:6e:8b:c7:10:20:55:b1:03:
b3:e5:dd:73:ac:36:2f:4d:ff:c5:1b:58:77:12:06:
a4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:0B:73:1B:0A:DF:23:F7:2D:5E:46:5D:35:E5:8C:91:0D:9D:A9:22
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730353a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5705:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
01:fe:81:0d:ff:15:8b:13:a5:c3:c3:55:0d:2e:3e:d5:9e:10:
20:26:d3:8b:8e:62:85:67:b6:fb:74:74:b5:ba:c7:c6:9e:1a:
1f:7a:06:52:10:3b:e7:1e:8d:cf:51:32:99:74:1c:fd:a0:24:
f9:8b:05:95:f6:82:bb:92:39:92:0a:02:65:16:f6:23:62:0b:
c8:a8:26:d1:31:ae:38:45:d8:1a:82:58:26:5e:59:c1:73:61:
00:3d:17:85:df:3b:c3:b7:0a:73:2c:88:30:2a:06:82:37:6b:
2a:4f:9a:f5:57:47:d4:93:0d:f4:1e:ac:63:55:64:79:d6:00:
5c:fe:c9:21:a5:6f:8f:9c:16:a1:9f:0b:12:92:d9:8f:00:26:
cd:30:48:83:b4:73:33:4e:06:f3:cb:55:85:4c:cd:d3:3f:1c:
f4:3e:32:c4:eb:08:0c:0a:97:c9:2f:87:5d:d6:96:e2:f4:8e:
2c:f2:8b:97:d6:c7:b1:a3:3a:30:93:c0:cc:c2:20:b6:7f:cb:
91:f4:b7:13:be:a8:7b:f1:b6:23:30:1f:aa:cd:ab:96:66:ef:
d3:2d:1e:d1:8b:2d:3c:a7:5d:e0:91:64:69:79:2a:6a:c1:ad:
4d:2e:d0:35:53:2c:97:ea:4c:0d:31:fd:bb:eb:34:5e:86:3d:
98:12:e2:3c
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUJTM0KfBPnx0XaFZpf+vdsBVqC9AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNDA2MjUxNTQ0MThaFw0yNTA2MjQxNTQ5MThaMDMxMTAvBgNV
BAMTKEE5MEI3MzFCMEFERjIzRjcyRDVFNDY1RDM1RTU4QzkxMEQ5REE5MjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMnFrnZrJzudFdHbsQ87OgS+gb
n1EkeiXjygGkcJ2GHV3fvCzu7jIxBTrxjmsFNKMmo6TuTFUcilj+TmNEUfge6wGV
9eyO+oKayCAcS0AP4wmfZ8kPfSbgste7Ao40+U7vCArQOiI5pK3JRUkROnPmhkYM
22ZZ4mdoLeTGKLJv93wdRozkbRJa04hthz+5PGO1MR3jPJHDnpXQ9e3HGL1F21mt
knOfYVJmosoj494B2Qm7RJmFpN6jR/MP+lUWFGTei9nCGQim82eBeQQH/t3bqVeV
5ufJtSrSwwJNoTbKFWw5hGGwOklui8cQIFWxA7Pl3XOsNi9N/8UbWHcSBqT/AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUqQtzGwrfI/ctXkZdNeWMkQ2dqSIwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDM1
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRVwWwCzANBgkqhkiG9w0BAQsFAAOCAQEAAf6BDf8VixOlw8NV
DS4+1Z4QICbTi45ihWe2+3R0tbrHxp4aH3oGUhA75x6Nz1EymXQc/aAk+YsFlfaC
u5I5kgoCZRb2I2ILyKgm0TGuOEXYGoJYJl5ZwXNhAD0Xhd87w7cKcyyIMCoGgjdr
Kk+a9VdH1JMN9B6sY1VkedYAXP7JIaVvj5wWoZ8LEpLZjwAmzTBIg7RzM04G88tV
hUzN0z8c9D4yxOsIDAqXyS+HXdaW4vSOLPKLl9bHsaM6MJPAzMIgtn/LkfS3E76o
e/G2IzAfqs2rlmbv0y0e0YstPKdd4JFkaXkqasGtTS7QNVMsl+pMDTH9u+s0XoY9
mBLiPA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:21 2024 by rpki-client on console-ams.rpki-client.org