Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730373a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a353730373a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: 6JcGQzE9OhBV3zfCjLBdHlMzKU5GclTIrsWZpPbpIfo=
Subject key identifier: 98:E7:98:5A:58:67:6F:A9:F5:5D:57:C8:A6:62:05:8D:20:64:12:04
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 0C1E86BF879086DDABC00F9B0A2C75C29263FFFA
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730373a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Tue 25 Jul 2023 15:01:55 +0000
ROA not before: Tue 25 Jul 2023 14:56:55 +0000
ROA not after: Tue 23 Jul 2024 15:01:55 +0000
asID: 212149
IP address blocks: 2a11:5707:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:1e:86:bf:87:90:86:dd:ab:c0:0f:9b:0a:2c:75:c2:92:63:ff:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jul 25 14:56:55 2023 GMT
Not After : Jul 23 15:01:55 2024 GMT
Subject: CN=98E7985A58676FA9F55D57C8A662058D20641204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ff:d7:cc:11:05:19:41:11:6d:c6:17:a8:a1:
49:20:9d:c4:94:c7:ad:b4:8d:a9:f9:e7:1b:e0:d2:
a6:d9:78:bd:81:29:59:d4:e0:db:f6:f3:e8:0f:6c:
62:99:4d:11:05:de:b5:74:02:db:2d:30:bf:db:eb:
e2:4c:e0:fd:b6:05:65:04:d4:55:8e:06:6f:36:5a:
de:c8:c6:e6:08:54:3a:44:23:17:97:68:c1:08:44:
9f:fa:d6:95:d0:17:26:4f:09:3e:40:49:62:88:7f:
8c:6d:00:c5:b9:64:25:0b:a1:a1:db:6e:33:5d:9a:
d4:5e:56:a0:07:43:01:02:17:b6:f5:55:a2:3e:b3:
e4:80:66:91:48:7a:9c:8d:35:6d:27:67:f1:7b:12:
23:0b:c7:01:8e:2a:7d:b7:2b:90:5b:f2:fa:9c:b0:
0d:9f:6a:68:4c:a0:bb:6b:e1:4e:e0:4b:fe:9f:68:
f6:ab:b3:aa:d1:3d:bc:6f:47:f9:49:21:ae:51:a4:
c2:40:3c:18:e3:39:ed:79:08:00:53:c1:6b:a0:7d:
e3:c5:e9:70:ee:8f:81:60:0a:75:5b:58:e4:0b:32:
37:0f:6a:3b:da:dc:c1:5e:74:ca:35:f5:b7:b7:c5:
33:be:cb:6b:42:42:43:51:6f:9f:63:36:33:5c:07:
99:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:E7:98:5A:58:67:6F:A9:F5:5D:57:C8:A6:62:05:8D:20:64:12:04
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730373a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5707:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
60:b0:bb:9e:aa:4d:56:f8:e5:23:e5:66:60:08:24:9f:74:c3:
be:e3:27:82:cb:ca:4a:06:bf:8c:e6:3e:7d:3d:1e:70:1e:2b:
7b:1a:cf:16:38:1d:3f:2c:94:12:55:53:94:ba:d9:39:ea:c0:
4c:cb:1c:69:a2:46:61:46:a4:01:0f:11:2c:da:d1:80:6a:f5:
94:fe:f7:ae:9d:07:fe:c1:b8:ea:4d:70:e2:bd:2c:c8:df:df:
53:52:2b:cb:d9:ab:fc:72:1f:2e:99:87:83:f2:9e:b5:88:69:
01:61:f7:e0:3e:63:80:77:a6:03:96:06:52:35:79:32:f3:ff:
8c:0f:87:69:9b:60:ac:c8:b7:72:77:e3:59:a1:1e:8e:22:f7:
09:ca:8a:0a:44:0c:31:65:5a:67:4d:2c:6f:5d:f7:da:17:67:
4a:4b:ec:14:92:ad:b0:48:6c:81:03:ff:50:42:9d:79:4a:d0:
07:02:e2:9c:c6:29:29:1a:68:16:98:53:8a:18:9a:a5:3d:30:
51:25:52:3b:28:bc:89:5e:d8:84:fd:87:76:b5:ad:2b:c1:d5:
6b:3e:88:88:7e:bd:0e:f0:b8:61:a7:4c:43:94:81:3b:9e:e3:
1f:b9:ad:f0:2c:bd:13:79:aa:c7:63:be:38:b8:b3:6b:6e:51:
56:c6:99:02
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUDB6Gv4eQht2rwA+bCix1wpJj//owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yMzA3MjUxNDU2NTVaFw0yNDA3MjMxNTAxNTVaMDMxMTAvBgNV
BAMTKDk4RTc5ODVBNTg2NzZGQTlGNTVENTdDOEE2NjIwNThEMjA2NDEyMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU/9fMEQUZQRFtxheooUkgncSU
x620jan55xvg0qbZeL2BKVnU4Nv28+gPbGKZTREF3rV0AtstML/b6+JM4P22BWUE
1FWOBm82Wt7IxuYIVDpEIxeXaMEIRJ/61pXQFyZPCT5ASWKIf4xtAMW5ZCULoaHb
bjNdmtReVqAHQwECF7b1VaI+s+SAZpFIepyNNW0nZ/F7EiMLxwGOKn23K5Bb8vqc
sA2famhMoLtr4U7gS/6faPars6rRPbxvR/lJIa5RpMJAPBjjOe15CABTwWugfePF
6XDuj4FgCnVbWOQLMjcPajva3MFedMo19be3xTO+y2tCQkNRb59jNjNcB5nRAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUmOeYWlhnb6n1XVfIpmIFjSBkEgQwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDM3
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRVwewCzANBgkqhkiG9w0BAQsFAAOCAQEAYLC7nqpNVvjlI+Vm
YAgkn3TDvuMngsvKSga/jOY+fT0ecB4rexrPFjgdPyyUElVTlLrZOerATMscaaJG
YUakAQ8RLNrRgGr1lP73rp0H/sG46k1w4r0syN/fU1Iry9mr/HIfLpmHg/KetYhp
AWH34D5jgHemA5YGUjV5MvP/jA+HaZtgrMi3cnfjWaEejiL3CcqKCkQMMWVaZ00s
b1332hdnSkvsFJKtsEhsgQP/UEKdeUrQBwLinMYpKRpoFphTihiapT0wUSVSOyi8
iV7YhP2HdrWtK8HVaz6IiH69DvC4YadMQ5SBO57jH7mt8Cy9E3mqx2O+OLiza25R
VsaZAg==
-----END CERTIFICATE-----
Generated at Fri May 17 15:30:35 2024 by rpki-client on console-fra.rpki-client.org