Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31303a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a31303a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: gPcIDJalA7pjB/pOREdeSGYmzDsUBg4R/h7qbR6ewvg=
Subject key identifier: 52:11:49:D1:3A:58:C8:8E:2D:6B:1D:71:02:8D:0A:8D:83:59:BD:DE
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 3A0395A18295FF1F14F88201FA1CC3FC0C95FDB1
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31303a3a2f34382d3438203d3e203239383032.roa
Signing time: Tue 02 Jan 2024 11:27:21 +0000
ROA not before: Tue 02 Jan 2024 11:22:21 +0000
ROA not after: Tue 31 Dec 2024 11:27:21 +0000
asID: 29802
IP address blocks: 2a13:9500:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:03:95:a1:82:95:ff:1f:14:f8:82:01:fa:1c:c3:fc:0c:95:fd:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Jan 2 11:22:21 2024 GMT
Not After : Dec 31 11:27:21 2024 GMT
Subject: CN=521149D13A58C88E2D6B1D71028D0A8D8359BDDE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:af:1a:47:56:f7:6b:e2:80:ab:25:4e:cd:06:
35:33:66:90:ef:28:60:fc:6d:bf:ec:7d:76:11:b6:
30:36:05:ef:f5:1a:e9:d0:db:95:70:04:4b:46:a2:
18:6e:e7:80:d1:e4:9e:ca:cc:34:aa:bf:c3:29:af:
47:70:d3:ef:30:03:44:50:50:dc:81:8f:a5:f3:71:
fd:1f:06:cc:f0:39:09:d7:f6:9f:11:66:81:6f:26:
72:e3:cc:11:2d:d5:ec:d9:ef:79:49:59:f2:9b:ff:
1a:51:3c:e0:b8:f6:b8:8d:cb:4c:c2:d3:d9:14:81:
32:f0:b9:2d:e4:c2:a4:a2:1d:dc:82:09:3e:83:dc:
4b:da:ba:c0:83:f0:cc:39:83:a7:44:22:97:ec:3a:
60:84:12:87:7d:6b:59:a0:26:69:70:50:2d:68:4c:
9f:8f:fa:8e:c6:82:66:cd:9c:ec:c0:e7:07:5b:2d:
3b:6e:c7:10:cd:9d:85:6b:f7:02:b4:54:28:31:bf:
6d:b1:c3:c2:8b:4a:b4:26:e5:2c:8f:c5:14:f9:89:
98:c4:80:fb:07:65:af:98:73:8c:d3:07:29:98:64:
93:ca:5d:5f:56:b7:ce:7f:79:27:64:5f:67:ea:78:
a8:cf:2b:45:8d:0a:bd:89:1d:53:e0:e0:a7:5c:90:
d5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:11:49:D1:3A:58:C8:8E:2D:6B:1D:71:02:8D:0A:8D:83:59:BD:DE
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31303a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:10::/48
Signature Algorithm: sha256WithRSAEncryption
61:86:47:71:f6:5d:17:d9:5c:74:c0:26:04:39:29:0a:59:e0:
59:ce:9f:2c:d5:4d:5f:ad:71:09:5d:0f:72:4b:2b:54:d7:43:
c9:92:00:5d:ad:f3:36:06:9c:98:9a:ea:50:da:39:e0:08:d9:
c2:bb:ce:89:04:38:30:86:3e:4a:b8:91:a4:af:d9:5a:54:ab:
cb:77:c9:55:e1:77:4b:76:ec:23:31:9a:fc:4c:07:ae:ca:61:
d7:5f:c2:66:8f:fb:d6:1d:e7:72:93:cd:79:d4:3d:cc:ae:4d:
a4:10:5f:fd:63:53:d6:4b:da:ac:54:8c:b2:e6:62:6a:f7:d4:
9a:a4:cd:2b:1f:f4:81:26:c1:57:ed:b2:d0:3f:27:82:b1:39:
ca:51:ec:a4:70:4e:6e:43:e6:ab:42:fe:d2:9f:de:65:39:5f:
ad:5d:ad:12:7b:99:1f:66:e5:0b:33:fa:e7:8b:36:b1:e5:21:
51:19:84:4b:9a:ce:ef:3e:4a:fd:ef:60:3e:7b:90:e9:cd:a8:
c7:37:ee:67:93:3c:9f:ad:2f:59:2c:f9:4c:cc:d6:d9:ea:f4:
cd:24:95:87:b4:04:39:9d:4c:4b:8e:84:13:83:4d:4b:87:77:
ef:28:55:a5:74:61:f2:c5:fb:c8:a0:8c:d0:7b:b5:4f:8c:6c:
88:33:26:4c
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUOgOVoYKV/x8U+IIB+hzD/AyV/bEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDAxMDIxMTIyMjFaFw0yNDEyMzExMTI3MjFaMDMxMTAvBgNV
BAMTKDUyMTE0OUQxM0E1OEM4OEUyRDZCMUQ3MTAyOEQwQThEODM1OUJEREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClrxpHVvdr4oCrJU7NBjUzZpDv
KGD8bb/sfXYRtjA2Be/1GunQ25VwBEtGohhu54DR5J7KzDSqv8Mpr0dw0+8wA0RQ
UNyBj6Xzcf0fBszwOQnX9p8RZoFvJnLjzBEt1ezZ73lJWfKb/xpRPOC49riNy0zC
09kUgTLwuS3kwqSiHdyCCT6D3EvausCD8Mw5g6dEIpfsOmCEEod9a1mgJmlwUC1o
TJ+P+o7GgmbNnOzA5wdbLTtuxxDNnYVr9wK0VCgxv22xw8KLSrQm5SyPxRT5iZjE
gPsHZa+Yc4zTBymYZJPKXV9Wt85/eSdkX2fqeKjPK0WNCr2JHVPg4KdckNUZAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUUhFJ0TpYyI4tax1xAo0KjYNZvd4wHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoTlQAAEDANBgkqhkiG9w0BAQsFAAOCAQEAYYZHcfZdF9lcdMAmBDkpClng
Wc6fLNVNX61xCV0PcksrVNdDyZIAXa3zNgacmJrqUNo54AjZwrvOiQQ4MIY+SriR
pK/ZWlSry3fJVeF3S3bsIzGa/EwHrsph11/CZo/71h3ncpPNedQ9zK5NpBBf/WNT
1kvarFSMsuZiavfUmqTNKx/0gSbBV+2y0D8ngrE5ylHspHBObkPmq0L+0p/eZTlf
rV2tEnuZH2blCzP654s2seUhURmES5rO7z5K/e9gPnuQ6c2oxzfuZ5M8n60vWSz5
TMzW2er0zSSVh7QEOZ1MS46EE4NNS4d37yhVpXRh8sX7yKCM0Hu1T4xsiDMmTA==
-----END CERTIFICATE-----
Generated at Tue Apr 30 12:15:34 2024 by rpki-client on console-fra.rpki-client.org