Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730353a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a353730353a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: ukDSET8NWG0LCsh6IY9YH2HoV+ylNoDU9G7zgJMefjQ=
Subject key identifier: FC:D6:A9:1A:B9:0B:7E:65:A9:2C:DF:01:6D:88:70:3F:7C:E3:8A:B9
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 28080CBF6E3A905727E0929F8FD27B2CE6185A5A
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730353a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Tue 25 Jul 2023 15:01:51 +0000
ROA not before: Tue 25 Jul 2023 14:56:51 +0000
ROA not after: Tue 23 Jul 2024 15:01:51 +0000
asID: 212149
IP address blocks: 2a11:5705:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:08:0c:bf:6e:3a:90:57:27:e0:92:9f:8f:d2:7b:2c:e6:18:5a:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jul 25 14:56:51 2023 GMT
Not After : Jul 23 15:01:51 2024 GMT
Subject: CN=FCD6A91AB90B7E65A92CDF016D88703F7CE38AB9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:df:09:49:23:9d:66:26:d4:89:45:6e:b3:6d:
49:8f:6d:8b:95:b7:eb:d5:02:b5:b5:0e:d6:6f:11:
3d:02:e2:56:b2:d4:30:30:5e:a2:03:8f:ee:5e:ae:
80:a1:77:3f:b0:51:90:48:09:7a:f2:f9:8b:63:9a:
be:85:70:ed:a1:9e:02:be:50:a0:21:59:0b:bd:51:
1c:7d:5d:6b:13:ee:48:d6:6d:08:ff:59:e3:6a:39:
1b:f0:6d:f6:de:ab:a2:e9:9a:b6:28:61:2c:02:79:
45:fa:74:19:eb:39:83:7f:7c:1c:e0:00:e6:17:18:
3c:4b:a1:df:9a:aa:4e:97:c0:a1:6a:2d:99:df:77:
73:8b:14:ca:56:aa:97:c8:3a:ac:2a:32:52:9f:5a:
6d:06:eb:43:67:0f:f6:14:f9:a6:af:29:8a:06:d2:
c4:19:dd:0b:9e:ee:72:03:49:d5:d1:4e:61:c9:ae:
fc:d2:06:b9:87:08:01:bc:53:22:99:17:c1:d6:2f:
39:16:df:23:5f:c0:d0:89:4e:1f:8e:2b:78:9b:9e:
c2:3c:5d:6d:78:d4:f6:97:2b:92:4e:32:34:7f:fc:
ba:8f:e1:6a:32:03:54:b6:30:5e:6b:94:8c:10:a6:
af:bf:fd:19:91:3b:36:77:6c:0a:ae:9f:47:72:e4:
32:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:D6:A9:1A:B9:0B:7E:65:A9:2C:DF:01:6D:88:70:3F:7C:E3:8A:B9
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730353a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5705:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
c1:8a:4e:c3:43:5e:2b:1a:9c:97:28:8b:d9:21:d8:c0:04:b9:
3c:d9:ed:d0:bf:a1:19:ae:a6:cd:27:99:21:83:19:22:07:0b:
a1:60:11:c2:39:cd:4f:d9:09:b1:c3:22:b9:7c:05:6e:b4:28:
b5:b6:96:58:06:95:41:4d:98:ec:50:c1:ba:28:c9:97:ad:a7:
b6:3c:db:41:1a:be:63:f7:de:2d:b5:8e:08:0f:1f:7c:34:d5:
08:72:a7:d9:00:8c:59:a1:b3:fb:aa:ea:38:d0:d1:09:24:9f:
3e:e1:81:96:da:a4:e9:db:36:7c:e9:86:37:3c:9e:99:4b:86:
f9:89:29:95:6e:65:e4:63:d8:49:cd:45:28:1e:4c:3d:bb:e0:
99:1c:7c:9a:04:b5:cc:31:41:f9:e0:f8:90:ee:3b:d9:7c:8e:
f9:17:dd:13:72:9f:db:5e:84:cc:16:37:36:d7:b2:4c:3c:c8:
75:31:4c:d6:a8:17:23:80:30:3b:0b:62:b6:60:73:08:f4:7d:
89:80:50:38:e3:dd:e6:19:f6:1e:5e:21:71:79:6e:f8:8f:c9:
e8:96:10:cb:92:5e:af:a3:48:29:1a:38:45:90:54:62:44:e0:
ed:d5:5b:6e:03:81:54:83:f9:9f:10:f6:35:33:f0:07:6c:08:
47:48:72:07
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUKAgMv246kFcn4JKfj9J7LOYYWlowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yMzA3MjUxNDU2NTFaFw0yNDA3MjMxNTAxNTFaMDMxMTAvBgNV
BAMTKEZDRDZBOTFBQjkwQjdFNjVBOTJDREYwMTZEODg3MDNGN0NFMzhBQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDv3wlJI51mJtSJRW6zbUmPbYuV
t+vVArW1DtZvET0C4lay1DAwXqIDj+5eroChdz+wUZBICXry+Ytjmr6FcO2hngK+
UKAhWQu9URx9XWsT7kjWbQj/WeNqORvwbfbeq6LpmrYoYSwCeUX6dBnrOYN/fBzg
AOYXGDxLod+aqk6XwKFqLZnfd3OLFMpWqpfIOqwqMlKfWm0G60NnD/YU+aavKYoG
0sQZ3Que7nIDSdXRTmHJrvzSBrmHCAG8UyKZF8HWLzkW3yNfwNCJTh+OK3ibnsI8
XW141PaXK5JOMjR//LqP4WoyA1S2MF5rlIwQpq+//RmROzZ3bAqun0dy5DIxAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU/NapGrkLfmWpLN8BbYhwP3zjirkwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDM1
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRVwWwCzANBgkqhkiG9w0BAQsFAAOCAQEAwYpOw0NeKxqclyiL
2SHYwAS5PNnt0L+hGa6mzSeZIYMZIgcLoWARwjnNT9kJscMiuXwFbrQotbaWWAaV
QU2Y7FDBuijJl62ntjzbQRq+Y/feLbWOCA8ffDTVCHKn2QCMWaGz+6rqONDRCSSf
PuGBltqk6ds2fOmGNzyemUuG+YkplW5l5GPYSc1FKB5MPbvgmRx8mgS1zDFB+eD4
kO472XyO+RfdE3Kf216EzBY3NteyTDzIdTFM1qgXI4AwOwtitmBzCPR9iYBQOOPd
5hn2Hl4hcXlu+I/J6JYQy5Jer6NIKRo4RZBUYkTg7dVbbgOBVIP5nxD2NTPwB2wI
R0hyBw==
-----END CERTIFICATE-----
Generated at Tue May 21 12:17:58 2024 by rpki-client on console-ams.rpki-client.org