Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730363a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a353730363a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: AfUd0g6EM08gdKu3gWYFuswqhaPb+uAVwfADq4dSUAA=
Subject key identifier: 3F:06:69:B1:83:80:89:C7:A5:FB:CA:CB:39:36:D0:07:0F:0C:C5:F4
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 2F6646A1538FC78B3C82BF71EAB3500F93EA6F53
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730363a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Tue 25 Jun 2024 15:49:19 +0000
ROA not before: Tue 25 Jun 2024 15:44:19 +0000
ROA not after: Tue 24 Jun 2025 15:49:19 +0000
asID: 212149
IP address blocks: 2a11:5706:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:66:46:a1:53:8f:c7:8b:3c:82:bf:71:ea:b3:50:0f:93:ea:6f:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jun 25 15:44:19 2024 GMT
Not After : Jun 24 15:49:19 2025 GMT
Subject: CN=3F0669B1838089C7A5FBCACB3936D0070F0CC5F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:55:0c:c7:28:c3:89:92:23:04:11:6b:b3:9d:
14:ba:17:02:04:1e:ea:02:da:36:a5:97:c2:f3:c0:
ad:cd:06:31:8a:fc:0b:6a:31:d4:c9:d4:a1:ee:9b:
36:e9:4f:23:a1:1b:8c:b3:6b:e1:0c:ba:16:25:ef:
29:d7:85:c9:18:09:6e:ae:8b:a7:c2:00:21:a1:96:
c6:18:ad:ee:8b:8c:14:83:18:06:a0:b5:42:f6:70:
10:ab:71:5d:a6:15:30:ef:cf:68:8f:55:3b:cc:23:
01:aa:7a:f2:42:16:83:96:c1:f3:21:03:bb:69:04:
49:71:5a:d1:0b:43:3a:36:b5:29:3a:28:f9:14:c8:
21:c0:96:51:f7:90:5e:33:d1:9c:2f:c2:33:af:cf:
43:1c:a8:32:70:42:9f:8f:31:7b:c0:11:40:52:dd:
a1:17:f1:0f:52:9d:80:94:29:ca:c0:5b:e4:da:b9:
24:ef:44:9c:ab:b2:1e:f3:e2:80:57:77:85:85:d0:
53:41:80:7a:b7:a8:04:16:e9:24:8a:b4:2a:76:cb:
9b:59:ba:03:81:17:77:a0:c8:b4:cd:aa:9b:7d:a2:
8a:49:4c:2a:3e:cc:58:b0:87:3e:83:cb:d5:e9:14:
54:92:6e:c3:e2:77:62:d5:d5:d4:3d:d8:ae:92:ea:
f3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:06:69:B1:83:80:89:C7:A5:FB:CA:CB:39:36:D0:07:0F:0C:C5:F4
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730363a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5706:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
50:51:01:28:63:55:a8:f3:7f:bb:36:7b:18:29:85:ae:b4:b3:
95:fd:93:a2:61:ec:43:89:05:06:b7:20:4b:3a:f4:9d:42:98:
08:ed:4f:64:64:15:2b:92:12:fb:9d:0e:a8:b6:06:14:95:42:
ff:22:72:2a:05:9a:2d:9c:da:c6:d5:38:19:1d:7c:21:30:fe:
e3:d8:9d:c1:e2:2a:ff:73:b7:24:8d:3e:c5:84:fb:37:f0:ec:
72:89:aa:af:85:63:42:6e:49:da:7f:69:e8:98:4d:1f:06:84:
6e:d4:81:6b:55:20:d5:3e:71:6b:42:ef:25:6b:5b:42:93:a8:
64:e2:15:46:ab:85:09:4a:c4:33:c2:30:8b:a3:98:ed:0b:bf:
f2:21:f5:5c:62:b7:be:a9:8b:cb:3c:fb:37:16:1a:99:2e:09:
3f:e1:0d:70:70:fa:ee:06:f8:84:65:82:94:f5:1a:e7:71:bd:
28:cf:7c:70:0a:d3:7c:d5:0a:3c:33:14:20:07:06:40:ad:c5:
7e:01:8b:61:b1:f7:a9:6f:95:b9:7f:d0:61:2a:00:06:32:38:
58:dc:72:36:01:79:6f:76:cc:45:52:c8:cd:9e:41:95:1f:92:
37:b7:42:6f:82:79:74:80:f9:2a:e2:89:5f:70:d7:aa:38:1d:
e5:d2:95:ba
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUL2ZGoVOPx4s8gr9x6rNQD5Pqb1MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNDA2MjUxNTQ0MTlaFw0yNTA2MjQxNTQ5MTlaMDMxMTAvBgNV
BAMTKDNGMDY2OUIxODM4MDg5QzdBNUZCQ0FDQjM5MzZEMDA3MEYwQ0M1RjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdVQzHKMOJkiMEEWuznRS6FwIE
HuoC2jall8LzwK3NBjGK/AtqMdTJ1KHumzbpTyOhG4yza+EMuhYl7ynXhckYCW6u
i6fCACGhlsYYre6LjBSDGAagtUL2cBCrcV2mFTDvz2iPVTvMIwGqevJCFoOWwfMh
A7tpBElxWtELQzo2tSk6KPkUyCHAllH3kF4z0ZwvwjOvz0McqDJwQp+PMXvAEUBS
3aEX8Q9SnYCUKcrAW+TauSTvRJyrsh7z4oBXd4WF0FNBgHq3qAQW6SSKtCp2y5tZ
ugOBF3egyLTNqpt9oopJTCo+zFiwhz6Dy9XpFFSSbsPid2LV1dQ92K6S6vO1AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUPwZpsYOAicel+8rLOTbQBw8MxfQwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDM2
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRVwawCzANBgkqhkiG9w0BAQsFAAOCAQEAUFEBKGNVqPN/uzZ7
GCmFrrSzlf2TomHsQ4kFBrcgSzr0nUKYCO1PZGQVK5IS+50OqLYGFJVC/yJyKgWa
LZzaxtU4GR18ITD+49idweIq/3O3JI0+xYT7N/Dscomqr4VjQm5J2n9p6JhNHwaE
btSBa1Ug1T5xa0LvJWtbQpOoZOIVRquFCUrEM8Iwi6OY7Qu/8iH1XGK3vqmLyzz7
NxYamS4JP+ENcHD67gb4hGWClPUa53G9KM98cArTfNUKPDMUIAcGQK3FfgGLYbH3
qW+VuX/QYSoABjI4WNxyNgF5b3bMRVLIzZ5BlR+SN7dCb4J5dID5KuKJX3DXqjgd
5dKVug==
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:51 2024 by rpki-client on console-fra.rpki-client.org