Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730373a3a2f33322d3332203d3e203438303730.roa
File: 326131313a353730373a3a2f33322d3332203d3e203438303730.roa (raw, json)
Hash identifier: abkTgvFhAoj4f+KMDGBQF/dpnMqoiBMVzOOia/8N82A=
Subject key identifier: 10:57:8A:8D:E5:79:CF:19:7E:32:D4:79:E0:19:11:54:18:1C:A5:6D
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 2EE89FABD95FBE161AC78D6D73391B5EC97E82DA
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730373a3a2f33322d3332203d3e203438303730.roa
Signing time: Tue 25 Jun 2024 15:49:18 +0000
ROA not before: Tue 25 Jun 2024 15:44:18 +0000
ROA not after: Tue 24 Jun 2025 15:49:18 +0000
asID: 48070
IP address blocks: 2a11:5707::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Nov 2024 15:27:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:e8:9f:ab:d9:5f:be:16:1a:c7:8d:6d:73:39:1b:5e:c9:7e:82:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jun 25 15:44:18 2024 GMT
Not After : Jun 24 15:49:18 2025 GMT
Subject: CN=10578A8DE579CF197E32D479E0191154181CA56D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e3:c1:e5:de:55:fc:fa:69:df:f8:45:98:f8:
78:8f:69:52:76:47:fa:13:a6:4e:77:ea:6b:bf:03:
29:97:0e:f7:ec:ca:d1:bc:b0:ac:69:f8:ea:b5:d0:
b9:67:83:26:14:cd:5d:10:f1:9d:cd:cf:54:46:21:
04:76:e3:12:ee:2e:76:27:76:46:15:f2:e2:6f:7e:
ca:9f:a7:24:bc:fd:34:7e:ce:ab:dc:f5:93:eb:6f:
fd:4d:dd:0f:c3:01:03:c4:07:11:4e:30:f6:aa:c7:
f4:8f:36:b3:a1:7e:d9:63:6b:45:7e:83:9c:6b:f0:
12:39:11:32:58:2e:fa:d3:32:27:fe:a3:f1:70:8d:
12:9e:8d:a3:bf:6d:4c:53:b7:4f:8b:68:22:7d:2c:
ef:a7:27:ad:d0:4d:10:4a:88:bb:94:16:1f:10:5b:
3e:4b:dd:3f:fe:04:de:fb:f2:27:e0:8c:0a:dd:ed:
59:3e:c3:27:9b:e1:9c:16:0a:c3:33:21:d1:52:c5:
f6:f9:a7:4c:fe:4d:d9:b6:62:a1:05:4d:5e:18:08:
79:c5:4b:57:f5:e1:47:6b:e9:d7:c7:52:52:9d:11:
ba:4b:9b:41:85:09:7d:d3:24:35:7e:c2:4e:d9:b3:
d2:80:cb:c9:8f:f1:4d:89:0c:94:07:37:a0:fa:d3:
a4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:57:8A:8D:E5:79:CF:19:7E:32:D4:79:E0:19:11:54:18:1C:A5:6D
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730373a3a2f33322d3332203d3e203438303730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5707::/32
Signature Algorithm: sha256WithRSAEncryption
c6:09:84:4b:d5:8a:a4:d9:e6:43:ae:bd:65:a0:64:4d:36:00:
94:e5:1e:47:36:84:71:44:56:05:f8:7a:ba:33:28:61:62:a8:
4c:a1:a7:ac:89:d3:0d:39:27:e7:7a:6a:74:d5:6d:ec:2a:86:
77:c6:f9:77:f2:90:9a:d2:ee:cf:66:5b:98:26:62:ea:94:3d:
c4:f1:22:a5:1b:9a:31:44:ce:cc:d8:2e:7b:69:eb:0a:75:78:
cb:6d:d2:e8:90:f0:a7:19:da:18:32:34:36:14:07:f2:4e:9c:
e6:43:42:58:70:a5:e8:96:e6:3a:f8:4a:85:66:95:f8:1f:2e:
c9:dd:43:0c:15:93:2f:2c:92:fc:ae:74:09:ed:37:ea:5b:9c:
85:db:90:2f:15:e3:14:50:17:31:c1:ce:d8:e8:dc:14:b5:b2:
39:99:d0:e5:02:db:34:81:11:bb:08:2a:b0:9d:8c:0d:d4:04:
16:05:85:ad:f0:36:e4:00:a4:ab:7e:ca:0a:2f:38:9f:5a:f3:
e8:ce:fb:72:ed:7f:4e:1d:6d:5d:45:26:ea:8d:3a:a2:a7:78:
c1:24:66:82:60:00:a7:93:ac:2a:67:ee:84:85:67:58:ba:0c:
34:07:7d:df:4f:42:2a:a2:2b:fb:69:d3:8a:fe:89:51:f5:58:
75:9a:27:01
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIULuifq9lfvhYax41tczkbXsl+gtowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNDA2MjUxNTQ0MThaFw0yNTA2MjQxNTQ5MThaMDMxMTAvBgNV
BAMTKDEwNTc4QThERTU3OUNGMTk3RTMyRDQ3OUUwMTkxMTU0MTgxQ0E1NkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC148Hl3lX8+mnf+EWY+HiPaVJ2
R/oTpk536mu/AymXDvfsytG8sKxp+Oq10LlngyYUzV0Q8Z3Nz1RGIQR24xLuLnYn
dkYV8uJvfsqfpyS8/TR+zqvc9ZPrb/1N3Q/DAQPEBxFOMPaqx/SPNrOhftlja0V+
g5xr8BI5ETJYLvrTMif+o/FwjRKejaO/bUxTt0+LaCJ9LO+nJ63QTRBKiLuUFh8Q
Wz5L3T/+BN778ifgjArd7Vk+wyeb4ZwWCsMzIdFSxfb5p0z+Tdm2YqEFTV4YCHnF
S1f14Udr6dfHUlKdEbpLm0GFCX3TJDV+wk7Zs9KAy8mP8U2JDJQHN6D606S/AgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUEFeKjeV5zxl+MtR54BkRVBgcpW0wHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDM3
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzQzODMwMzczMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoR
VwcwDQYJKoZIhvcNAQELBQADggEBAMYJhEvViqTZ5kOuvWWgZE02AJTlHkc2hHFE
VgX4erozKGFiqEyhp6yJ0w05J+d6anTVbewqhnfG+XfykJrS7s9mW5gmYuqUPcTx
IqUbmjFEzszYLntp6wp1eMtt0uiQ8KcZ2hgyNDYUB/JOnOZDQlhwpeiW5jr4SoVm
lfgfLsndQwwVky8skvyudAntN+pbnIXbkC8V4xRQFzHBztjo3BS1sjmZ0OUC2zSB
EbsIKrCdjA3UBBYFha3wNuQApKt+ygovOJ9a8+jO+3Ltf04dbV1FJuqNOqKneMEk
ZoJgAKeTrCpn7oSFZ1i6DDQHfd9PQiqiK/tp04r+iVH1WHWaJwE=
-----END CERTIFICATE-----
Generated at Wed Nov 20 22:20:31 2024 by rpki-client on console-ams.rpki-client.org