Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31313a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a31313a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: ymguAkvCZqkoAHsrU1ZNKc0suyBcrS+XpTrDk2BucLQ=
Subject key identifier: D9:81:9B:D6:18:E7:D2:D8:4A:A6:31:30:F5:24:3D:77:3D:48:1D:63
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 22D5D43A6D3D69EB299D7C0CF9F65E1A99E73020
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31313a3a2f34382d3438203d3e203239383032.roa
Signing time: Thu 04 Jan 2024 15:55:30 +0000
ROA not before: Thu 04 Jan 2024 15:50:30 +0000
ROA not after: Thu 02 Jan 2025 15:55:30 +0000
asID: 29802
IP address blocks: 2a13:9500:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:d5:d4:3a:6d:3d:69:eb:29:9d:7c:0c:f9:f6:5e:1a:99:e7:30:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Jan 4 15:50:30 2024 GMT
Not After : Jan 2 15:55:30 2025 GMT
Subject: CN=D9819BD618E7D2D84AA63130F5243D773D481D63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:03:23:a6:38:3a:67:e3:f1:c6:62:6f:2b:7f:
07:a1:d3:64:53:3b:ad:21:fa:d9:32:f8:de:d3:23:
9a:31:76:cc:2b:81:bc:bc:96:3a:c2:b5:c4:6f:63:
cd:a2:8c:d5:ed:eb:e4:a5:57:e9:6c:2d:37:d9:62:
ad:00:3a:e0:d4:9a:28:e8:d4:03:fa:83:37:74:e8:
90:98:01:d5:9f:dd:ea:3a:db:07:cf:ac:86:c2:0c:
91:a0:51:01:fb:fb:6f:bb:08:3a:e5:f1:f1:f0:83:
70:ff:c8:81:4d:68:81:cf:0a:45:c4:83:4b:01:6f:
f7:3b:22:3e:27:ce:ff:00:44:7a:e4:18:1d:57:bb:
a7:3a:69:62:95:0a:fb:24:0f:51:8c:73:34:1c:ca:
b6:47:ce:64:19:e9:8e:21:d7:17:49:84:7b:79:6f:
1a:8a:73:b0:62:2f:7b:3a:e2:a8:ed:b4:b6:ff:66:
1c:85:4d:ee:96:09:c7:51:35:2b:ea:c7:53:00:98:
81:44:ab:38:4e:3a:df:86:f8:bc:07:94:da:d8:4d:
93:4c:3b:0b:8a:eb:fd:ea:f1:f9:c5:bc:f8:86:d8:
95:cf:a7:e8:1d:a3:e4:a4:43:b5:10:80:8c:5b:2d:
0d:1a:17:33:a5:ca:6c:53:f7:3e:ba:ba:84:a8:96:
91:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:81:9B:D6:18:E7:D2:D8:4A:A6:31:30:F5:24:3D:77:3D:48:1D:63
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31313a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:11::/48
Signature Algorithm: sha256WithRSAEncryption
86:2b:c9:53:39:0b:de:ff:11:56:6c:0f:bb:0b:61:56:88:f3:
38:a3:af:4a:a0:04:a5:d0:03:07:bf:2b:ed:af:b0:6d:5e:8f:
91:3b:fd:f0:14:ce:cf:f5:ad:f8:5e:ad:e6:80:ef:47:6f:8f:
5f:2f:fb:0f:85:ca:a8:85:fc:ba:6e:64:f0:58:f8:1f:5c:d6:
66:89:35:dc:aa:f0:05:48:7f:bf:34:1a:de:62:22:fd:cd:08:
75:b3:64:41:3f:6c:80:d0:7a:50:73:ca:2a:10:59:81:77:a0:
f8:7f:89:0a:bf:c4:0d:aa:e5:5f:88:1b:97:4b:7c:87:fa:97:
f0:ca:77:b0:3c:c9:c1:d0:24:46:54:0a:01:62:1f:f3:95:d0:
8a:24:e9:e7:b2:b9:77:06:63:32:c9:53:1b:49:33:ba:0c:0d:
da:5e:cd:44:d4:29:a5:98:56:2e:39:3f:48:4a:1c:d4:61:f3:
ec:ac:87:0b:62:fe:80:3a:db:a4:5e:3e:4e:f4:67:06:74:30:
77:1c:24:8e:6e:51:14:83:61:de:80:16:b2:bb:a4:a5:b4:14:
b3:42:0d:56:38:2b:f0:2f:9d:71:d9:16:8b:bb:af:fe:2e:b2:
92:bc:0d:2d:4a:c5:ae:33:d2:a2:70:b9:18:5f:b4:85:99:38:
37:d1:dd:85
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUItXUOm09aespnXwM+fZeGpnnMCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDAxMDQxNTUwMzBaFw0yNTAxMDIxNTU1MzBaMDMxMTAvBgNV
BAMTKEQ5ODE5QkQ2MThFN0QyRDg0QUE2MzEzMEY1MjQzRDc3M0Q0ODFENjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWAyOmODpn4/HGYm8rfweh02RT
O60h+tky+N7TI5oxdswrgby8ljrCtcRvY82ijNXt6+SlV+lsLTfZYq0AOuDUmijo
1AP6gzd06JCYAdWf3eo62wfPrIbCDJGgUQH7+2+7CDrl8fHwg3D/yIFNaIHPCkXE
g0sBb/c7Ij4nzv8ARHrkGB1Xu6c6aWKVCvskD1GMczQcyrZHzmQZ6Y4h1xdJhHt5
bxqKc7BiL3s64qjttLb/ZhyFTe6WCcdRNSvqx1MAmIFEqzhOOt+G+LwHlNrYTZNM
OwuK6/3q8fnFvPiG2JXPp+gdo+SkQ7UQgIxbLQ0aFzOlymxT9z66uoSolpHNAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU2YGb1hjn0thKpjEw9SQ9dz1IHWMwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoTlQAAETANBgkqhkiG9w0BAQsFAAOCAQEAhivJUzkL3v8RVmwPuwthVojz
OKOvSqAEpdADB78r7a+wbV6PkTv98BTOz/Wt+F6t5oDvR2+PXy/7D4XKqIX8um5k
8Fj4H1zWZok13KrwBUh/vzQa3mIi/c0IdbNkQT9sgNB6UHPKKhBZgXeg+H+JCr/E
DarlX4gbl0t8h/qX8Mp3sDzJwdAkRlQKAWIf85XQiiTp57K5dwZjMslTG0kzugwN
2l7NRNQppZhWLjk/SEoc1GHz7KyHC2L+gDrbpF4+TvRnBnQwdxwkjm5RFINh3oAW
srukpbQUs0INVjgr8C+dcdkWi7uv/i6ykrwNLUrFrjPSonC5GF+0hZk4N9HdhQ==
-----END CERTIFICATE-----
Generated at Tue Apr 30 12:15:34 2024 by rpki-client on console-fra.rpki-client.org