Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a333a3a2f34382d3438203d3e20323032333539.roa
File: 326131313a663263303a333a3a2f34382d3438203d3e20323032333539.roa (raw, json)
Hash identifier: JParsjg4712ePBFlojRG58J9Yo0/0+wuM+pEb/kcCD0=
Subject key identifier: 97:A6:05:4B:A2:A2:A7:85:23:FF:60:08:B8:D8:F0:1C:27:17:0D:50
Certificate issuer: /CN=0839a93dab544c296ffa143456844a8b2818b1d0
Certificate serial: 4114FE64A92D5C561592DC7471DBA65CC1CE3639
Authority key identifier: 08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a333a3a2f34382d3438203d3e20323032333539.roa
Signing time: Sun 30 Jun 2024 12:15:21 +0000
ROA not before: Sun 30 Jun 2024 12:10:21 +0000
ROA not after: Sun 29 Jun 2025 12:15:21 +0000
asID: 202359
IP address blocks: 2a11:f2c0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:14:fe:64:a9:2d:5c:56:15:92:dc:74:71:db:a6:5c:c1:ce:36:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0839a93dab544c296ffa143456844a8b2818b1d0
Validity
Not Before: Jun 30 12:10:21 2024 GMT
Not After : Jun 29 12:15:21 2025 GMT
Subject: CN=97A6054BA2A2A78523FF6008B8D8F01C27170D50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:86:2d:cf:cd:a8:ed:1e:b8:71:46:71:04:d7:
c1:69:4b:64:7e:e5:54:ab:3a:e7:ed:97:ce:2a:5b:
46:82:e0:43:91:b4:72:ae:85:ba:53:85:ef:b3:ba:
6e:7a:65:4c:9b:fd:70:24:d7:78:72:31:b9:fb:07:
c4:15:eb:5a:f2:84:0a:11:62:5b:60:5c:b0:4c:48:
2d:dc:3d:f3:4b:fc:c8:d2:f1:97:dc:55:35:a1:d4:
2b:80:b9:81:9d:1d:19:37:5e:2e:fb:8d:a9:d8:f8:
49:73:47:31:3d:32:dd:3a:bf:01:3a:9b:22:69:61:
e3:e8:73:c3:71:f9:24:b8:80:20:7e:00:02:20:c9:
4a:26:b9:f7:8d:7d:56:07:67:1f:7c:a8:6c:97:a4:
65:4c:ea:fb:f6:29:5e:49:3f:da:fc:59:c9:fe:dd:
f6:10:05:19:13:f4:3f:36:47:a1:d2:8b:89:86:da:
9d:cf:8e:ec:e7:4b:6c:3c:03:91:aa:e9:84:20:62:
d0:fb:d8:59:8e:40:df:7e:f1:79:ed:50:eb:b3:4c:
a3:f8:48:7d:3d:5b:11:ed:a3:c6:66:86:97:e7:82:
d9:92:cc:b6:5a:02:7f:c7:ab:cb:2c:a0:35:ea:2f:
d2:23:fd:c6:61:8e:be:2a:c4:7b:9c:c0:57:1c:25:
3e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:A6:05:4B:A2:A2:A7:85:23:FF:60:08:B8:D8:F0:1C:27:17:0D:50
X509v3 Authority Key Identifier:
keyid:08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a333a3a2f34382d3438203d3e20323032333539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:3::/48
Signature Algorithm: sha256WithRSAEncryption
bd:30:47:e6:26:f6:2b:b5:9c:8c:86:8d:86:44:00:4a:5a:db:
60:fd:84:70:2e:52:07:87:2a:4d:f8:db:06:78:e9:91:90:72:
e4:1d:e6:b1:d3:52:ca:f9:d1:d1:29:98:61:95:58:e9:58:79:
52:fd:aa:18:d4:3a:5f:29:93:69:95:a7:c5:52:c3:f1:70:49:
af:30:1b:03:c3:d1:86:e1:85:54:72:10:52:ae:bc:59:75:8e:
dc:be:79:a6:62:d3:47:8c:e1:bc:26:22:2b:2b:d3:67:8f:01:
12:3e:16:23:20:d2:6c:52:a5:90:05:6c:a1:51:0c:90:5e:77:
0f:a7:30:24:78:56:ef:96:28:00:00:f2:49:17:f6:49:ec:84:
2f:bc:8f:7b:13:6b:d2:1b:e2:1f:c3:6f:29:d0:c4:a9:50:92:
40:e3:4e:0c:01:cc:62:c9:26:78:66:64:82:eb:98:b9:27:54:
25:32:ef:65:a2:b6:64:05:a6:b0:55:37:21:cc:4f:2e:e8:fc:
98:0c:fa:42:55:0f:9b:f4:af:2b:7e:c1:8f:b2:b1:81:1d:20:
69:a4:21:cf:de:e4:17:16:7f:2c:25:07:f4:55:36:1d:d1:77:
18:6a:c2:5f:92:2d:17:de:6e:0d:ae:2f:c9:47:9a:48:84:3a:
eb:98:d4:b7
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUQRT+ZKktXFYVktx0cdumXMHONjkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDgzOWE5M2RhYjU0NGMyOTZmZmExNDM0NTY4NDRhOGIy
ODE4YjFkMDAeFw0yNDA2MzAxMjEwMjFaFw0yNTA2MjkxMjE1MjFaMDMxMTAvBgNV
BAMTKDk3QTYwNTRCQTJBMkE3ODUyM0ZGNjAwOEI4RDhGMDFDMjcxNzBENTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnhi3PzajtHrhxRnEE18FpS2R+
5VSrOuftl84qW0aC4EORtHKuhbpThe+zum56ZUyb/XAk13hyMbn7B8QV61ryhAoR
YltgXLBMSC3cPfNL/MjS8ZfcVTWh1CuAuYGdHRk3Xi77janY+ElzRzE9Mt06vwE6
myJpYePoc8Nx+SS4gCB+AAIgyUomufeNfVYHZx98qGyXpGVM6vv2KV5JP9r8Wcn+
3fYQBRkT9D82R6HSi4mG2p3PjuznS2w8A5Gq6YQgYtD72FmOQN9+8XntUOuzTKP4
SH09WxHto8ZmhpfngtmSzLZaAn/Hq8ssoDXqL9Ij/cZhjr4qxHucwFccJT5FAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUl6YFS6Kip4Uj/2AIuNjwHCcXDVAwHwYDVR0j
BBgwFoAUCDmpPatUTClv+hQ0VoRKiygYsdAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGRlODM3ZmItNjM5MC00MWI1LTgyYTAtZjBkMDJjMDNh
MmM2LzcvMDgzOUE5M0RBQjU0NEMyOTZGRkExNDM0NTY4NDRBOEIyODE4QjFEMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NEbXBQYXRVVENsdi1oUTBWb1JLaXln
WXNkQS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGRlODM3ZmIt
NjM5MC00MWI1LTgyYTAtZjBkMDJjMDNhMmM2LzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2EzMzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMjMzMzUzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoR8sAAAzANBgkqhkiG9w0BAQsFAAOCAQEAvTBH5ib2K7WcjIaNhkQASlrb
YP2EcC5SB4cqTfjbBnjpkZBy5B3msdNSyvnR0SmYYZVY6Vh5Uv2qGNQ6XymTaZWn
xVLD8XBJrzAbA8PRhuGFVHIQUq68WXWO3L55pmLTR4zhvCYiKyvTZ48BEj4WIyDS
bFKlkAVsoVEMkF53D6cwJHhW75YoAADySRf2SeyEL7yPexNr0hviH8NvKdDEqVCS
QONODAHMYskmeGZkguuYuSdUJTLvZaK2ZAWmsFU3IcxPLuj8mAz6QlUPm/SvK37B
j7KxgR0gaaQhz97kFxZ/LCUH9FU2HdF3GGrCX5ItF95uDa4vyUeaSIQ665jUtw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 06:13:28 2024 by rpki-client on console-ams.rpki-client.org