Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730373a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a353730373a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: yXrlXEmbJ+W468Anpz8E2TYdQ5p48eYhmRv8EWEFWss=
Subject key identifier: 05:5A:C2:C5:9D:10:B9:7F:C6:C7:EF:2B:E7:D4:37:D2:AD:78:7D:1A
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 1DE4BC1F09AE27DB824AF7AB38B46943828695CF
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730373a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Tue 25 Jun 2024 15:49:19 +0000
ROA not before: Tue 25 Jun 2024 15:44:19 +0000
ROA not after: Tue 24 Jun 2025 15:49:19 +0000
asID: 212149
IP address blocks: 2a11:5707:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:e4:bc:1f:09:ae:27:db:82:4a:f7:ab:38:b4:69:43:82:86:95:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jun 25 15:44:19 2024 GMT
Not After : Jun 24 15:49:19 2025 GMT
Subject: CN=055AC2C59D10B97FC6C7EF2BE7D437D2AD787D1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:15:4e:ef:8b:55:83:f1:9d:01:c6:11:67:1d:
7a:57:39:5e:e3:de:91:19:d4:db:2b:f9:22:4a:80:
f7:24:e6:08:f4:9e:ee:a6:0c:96:b8:64:94:09:69:
e1:4c:a4:9e:ad:4a:b8:45:a7:02:f8:0b:05:38:26:
a2:46:ee:99:38:82:d5:63:3a:ed:b7:59:82:23:b0:
fa:85:3b:9d:c9:01:91:ca:e8:a7:f3:db:80:8e:d2:
ea:3d:d1:c3:e7:6e:ba:f4:d4:8a:5b:d2:e0:4b:5e:
9a:ae:b2:d6:0b:85:2b:0b:4d:2b:fd:39:8a:e5:da:
be:5b:c3:d7:07:f4:fa:f7:4e:59:65:b0:25:76:75:
7e:1a:a4:f1:4a:24:fa:61:66:cc:f9:b9:ae:be:81:
16:57:c9:87:dc:b4:95:b6:86:80:53:42:fb:c8:5d:
c2:de:e2:e5:7b:dd:c3:f6:18:3e:e8:db:10:c9:63:
7b:7f:f0:7c:6a:16:60:ff:b6:9b:21:4d:ba:8a:1f:
27:3e:c9:02:54:b4:76:49:f9:6a:23:ef:b3:cc:c6:
c2:c5:76:f1:db:f6:b0:93:83:04:c6:b2:f7:56:c8:
96:3e:61:8c:f7:e6:01:06:1c:3b:74:36:e9:6b:21:
f8:7e:cb:b9:1c:50:da:7b:2f:75:47:86:f7:6e:c1:
65:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:5A:C2:C5:9D:10:B9:7F:C6:C7:EF:2B:E7:D4:37:D2:AD:78:7D:1A
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730373a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5707:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
89:96:f4:f1:16:a5:e5:87:33:db:46:b8:9d:fa:c0:12:35:3b:
06:ca:88:5f:3c:4e:7d:df:73:99:44:89:98:c6:eb:b1:5a:20:
af:52:5a:64:f1:ab:76:15:3a:23:68:4a:42:0d:c6:4b:0b:4a:
52:02:0b:80:25:83:09:01:bd:77:d2:38:9d:fa:01:c8:3f:67:
dc:4b:35:91:a9:b0:42:dc:0b:82:19:ec:70:b7:ff:f8:ee:e5:
f9:e7:44:8b:4e:dd:0a:12:fc:13:f9:39:34:2e:89:55:3c:b7:
c0:27:4b:5b:b4:65:c5:66:85:7a:12:47:30:c2:b3:b9:c2:51:
e4:87:5a:32:0b:30:1b:fa:05:df:6f:39:cc:a4:0e:82:cd:bb:
5b:22:ec:f4:a5:9f:8b:3e:29:87:db:87:e7:18:e6:1f:7a:58:
b9:2d:53:c0:59:d1:37:e1:52:1f:8d:98:5b:6e:d9:1e:6f:a1:
f8:21:28:c4:90:9d:3c:d1:1b:27:27:23:3d:4c:46:18:f3:71:
13:75:69:66:a2:0c:75:1f:40:c6:76:a3:d2:bf:48:89:ac:26:
de:2e:5f:51:a0:96:a1:e4:60:c3:20:16:af:0d:c2:da:40:55:
38:3e:2e:2b:77:a5:84:b2:f6:87:69:d4:5a:9f:f7:01:01:95:
72:ef:5c:19
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUHeS8HwmuJ9uCSverOLRpQ4KGlc8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNDA2MjUxNTQ0MTlaFw0yNTA2MjQxNTQ5MTlaMDMxMTAvBgNV
BAMTKDA1NUFDMkM1OUQxMEI5N0ZDNkM3RUYyQkU3RDQzN0QyQUQ3ODdEMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuFU7vi1WD8Z0BxhFnHXpXOV7j
3pEZ1Nsr+SJKgPck5gj0nu6mDJa4ZJQJaeFMpJ6tSrhFpwL4CwU4JqJG7pk4gtVj
Ou23WYIjsPqFO53JAZHK6Kfz24CO0uo90cPnbrr01Ipb0uBLXpqustYLhSsLTSv9
OYrl2r5bw9cH9Pr3TlllsCV2dX4apPFKJPphZsz5ua6+gRZXyYfctJW2hoBTQvvI
XcLe4uV73cP2GD7o2xDJY3t/8HxqFmD/tpshTbqKHyc+yQJUtHZJ+Woj77PMxsLF
dvHb9rCTgwTGsvdWyJY+YYz35gEGHDt0NulrIfh+y7kcUNp7L3VHhvduwWVLAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUBVrCxZ0QuX/Gx+8r59Q30q14fRowHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDM3
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRVwewCzANBgkqhkiG9w0BAQsFAAOCAQEAiZb08Ral5Ycz20a4
nfrAEjU7BsqIXzxOfd9zmUSJmMbrsVogr1JaZPGrdhU6I2hKQg3GSwtKUgILgCWD
CQG9d9I4nfoByD9n3Es1kamwQtwLghnscLf/+O7l+edEi07dChL8E/k5NC6JVTy3
wCdLW7RlxWaFehJHMMKzucJR5IdaMgswG/oF3285zKQOgs27WyLs9KWfiz4ph9uH
5xjmH3pYuS1TwFnRN+FSH42YW27ZHm+h+CEoxJCdPNEbJycjPUxGGPNxE3VpZqIM
dR9Axnaj0r9Iiawm3i5fUaCWoeRgwyAWrw3C2kBVOD4uK3elhLL2h2nUWp/3AQGV
cu9cGQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:21 2024 by rpki-client on console-ams.rpki-client.org