Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31323a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a31323a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: kZRhD/6HDuCnaD8udGZrv/96k8/iAHgfzaKPNxd1AcI=
Subject key identifier: 44:D0:15:93:73:4F:F0:FC:CC:F7:2F:3C:D9:79:8C:F3:AC:AE:4C:73
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 64545EAC20D9FACD30B80B35FBBB86097A58F838
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31323a3a2f34382d3438203d3e203239383032.roa
Signing time: Thu 04 Jan 2024 15:55:32 +0000
ROA not before: Thu 04 Jan 2024 15:50:32 +0000
ROA not after: Thu 02 Jan 2025 15:55:32 +0000
asID: 29802
IP address blocks: 2a13:9500:12::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 14:38:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:54:5e:ac:20:d9:fa:cd:30:b8:0b:35:fb:bb:86:09:7a:58:f8:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Jan 4 15:50:32 2024 GMT
Not After : Jan 2 15:55:32 2025 GMT
Subject: CN=44D01593734FF0FCCCF72F3CD9798CF3ACAE4C73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:94:fa:5e:46:5c:57:28:cb:b2:a8:a8:41:df:
52:ba:f5:b7:0e:e4:e5:6a:4e:dc:c9:40:a3:10:b8:
27:2d:b0:ae:b5:3d:ce:57:dd:ac:d9:5c:2b:41:28:
3b:79:df:0a:bc:56:b2:f7:ae:4c:95:18:ed:47:02:
19:cc:81:f0:5a:db:8d:54:c8:30:4e:45:ff:f4:71:
ca:cd:10:5a:73:83:3e:62:30:b2:9d:25:1c:a4:b5:
81:f5:bf:e6:b7:23:55:66:3c:b1:2e:9f:f1:3b:8e:
92:9e:63:a5:9c:8d:92:5f:d7:94:cd:c0:f6:65:98:
ba:52:6c:53:63:06:8f:57:da:29:86:e6:df:49:64:
58:1f:d6:7a:44:fb:f8:39:50:04:1c:c2:9f:b2:13:
14:f8:26:94:4e:c8:18:64:f3:9c:7a:e9:1f:ff:b3:
ed:a6:55:59:de:2f:81:8f:ee:fc:64:dd:c1:bf:a3:
7b:77:a0:91:46:bd:0b:5f:3e:91:14:a4:96:11:fa:
4f:fd:03:21:63:a3:fb:6e:2a:8f:02:d1:e3:78:69:
30:d8:70:8e:7c:ae:7a:e5:f4:62:31:30:7c:5a:71:
11:66:2b:0b:41:45:34:28:1a:bf:67:69:9a:e4:37:
42:a6:89:07:6c:11:62:9c:c8:c2:5f:7b:17:98:0c:
35:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:D0:15:93:73:4F:F0:FC:CC:F7:2F:3C:D9:79:8C:F3:AC:AE:4C:73
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31323a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:12::/48
Signature Algorithm: sha256WithRSAEncryption
70:00:40:f9:c6:81:2d:5f:e8:a8:39:61:bb:87:c2:93:9a:04:
13:53:71:1d:cf:db:a4:89:e4:25:38:2c:ad:fb:b4:67:9c:d9:
87:8b:5d:dc:67:ab:90:15:e2:d0:80:8a:a3:4d:49:ed:53:a9:
1b:73:d9:83:ff:e7:83:49:ad:bc:f2:75:bd:74:01:9a:92:7a:
07:67:a8:05:e7:34:37:cf:44:2e:6e:70:ca:bd:fe:c6:6f:b4:
a9:e6:f1:be:3e:b1:a1:ea:b8:10:b4:a5:ea:6a:3b:d8:43:43:
67:75:2a:a4:3c:d7:fb:e7:60:b5:31:b5:18:2a:94:f7:04:91:
91:10:92:01:0c:eb:54:32:f0:89:6e:c0:e6:c2:e7:4d:80:e0:
c0:33:ea:5e:eb:8f:ec:f2:d2:47:67:c9:fb:ac:2e:19:98:05:
9e:38:d1:df:26:16:e4:0c:b6:be:a2:a8:4a:9c:bf:5a:b8:8a:
46:20:fb:c1:9b:1b:83:eb:4e:52:9f:62:80:35:08:0a:30:e5:
7a:16:18:02:14:97:7b:e0:2f:be:ff:7f:9c:89:c4:a1:6c:f9:
d9:60:25:fe:fc:2c:87:1b:f2:b0:05:aa:2e:cf:cc:3f:3c:ca:
9d:e5:db:42:41:db:9a:5a:3f:c6:46:72:53:9b:76:9f:8d:eb:
eb:6d:6c:a3
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUZFRerCDZ+s0wuAs1+7uGCXpY+DgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDAxMDQxNTUwMzJaFw0yNTAxMDIxNTU1MzJaMDMxMTAvBgNV
BAMTKDQ0RDAxNTkzNzM0RkYwRkNDQ0Y3MkYzQ0Q5Nzk4Q0YzQUNBRTRDNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCplPpeRlxXKMuyqKhB31K69bcO
5OVqTtzJQKMQuCctsK61Pc5X3azZXCtBKDt53wq8VrL3rkyVGO1HAhnMgfBa241U
yDBORf/0ccrNEFpzgz5iMLKdJRyktYH1v+a3I1VmPLEun/E7jpKeY6WcjZJf15TN
wPZlmLpSbFNjBo9X2imG5t9JZFgf1npE+/g5UAQcwp+yExT4JpROyBhk85x66R//
s+2mVVneL4GP7vxk3cG/o3t3oJFGvQtfPpEUpJYR+k/9AyFjo/tuKo8C0eN4aTDY
cI58rnrl9GIxMHxacRFmKwtBRTQoGr9naZrkN0KmiQdsEWKcyMJfexeYDDXXAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQURNAVk3NP8PzM9y882XmM86yuTHMwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTMyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoTlQAAEjANBgkqhkiG9w0BAQsFAAOCAQEAcABA+caBLV/oqDlhu4fCk5oE
E1NxHc/bpInkJTgsrfu0Z5zZh4td3GerkBXi0ICKo01J7VOpG3PZg//ng0mtvPJ1
vXQBmpJ6B2eoBec0N89ELm5wyr3+xm+0qebxvj6xoeq4ELSl6mo72ENDZ3UqpDzX
++dgtTG1GCqU9wSRkRCSAQzrVDLwiW7A5sLnTYDgwDPqXuuP7PLSR2fJ+6wuGZgF
njjR3yYW5Ay2vqKoSpy/WriKRiD7wZsbg+tOUp9igDUICjDlehYYAhSXe+Avvv9/
nInEoWz52WAl/vwshxvysAWqLs/MPzzKneXbQkHbmlo/xkZyU5t2n43r621sow==
-----END CERTIFICATE-----
Generated at Mon Apr 29 19:47:11 2024 by rpki-client on console-fra.rpki-client.org