Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31333a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a31333a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: jietuEKNVb+eV/TPvhmKQBO6I2kZJdfwMG0XqX/s31c=
Subject key identifier: 44:56:00:74:3C:2C:E0:D0:1C:DE:31:96:B2:26:2C:46:CA:8A:43:61
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 7A6F3C54575875BF726BFA23FAB108910CEFF715
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31333a3a2f34382d3438203d3e203239383032.roa
Signing time: Thu 04 Jan 2024 15:55:34 +0000
ROA not before: Thu 04 Jan 2024 15:50:34 +0000
ROA not after: Thu 02 Jan 2025 15:55:34 +0000
asID: 29802
IP address blocks: 2a13:9500:13::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:6f:3c:54:57:58:75:bf:72:6b:fa:23:fa:b1:08:91:0c:ef:f7:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Jan 4 15:50:34 2024 GMT
Not After : Jan 2 15:55:34 2025 GMT
Subject: CN=445600743C2CE0D01CDE3196B2262C46CA8A4361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c2:2d:87:f0:9d:37:b5:bf:68:d7:a7:dd:fe:
72:99:09:4b:e5:fb:a3:17:d1:c7:50:69:aa:3e:24:
7f:14:de:fe:97:61:92:f6:61:0c:df:a4:08:48:2c:
17:52:5c:53:01:ef:5b:85:64:f7:d8:25:20:e3:fe:
75:3e:40:02:af:45:f7:a0:74:51:9c:66:cd:2f:ef:
84:dc:4f:0e:19:58:d5:b1:3e:3f:db:0b:97:24:34:
65:78:7b:e6:73:79:f0:3b:18:30:46:92:36:00:82:
4e:d5:6a:3c:de:3c:eb:c6:d2:19:fa:1f:8f:46:85:
9a:0c:dc:12:5b:19:13:ed:db:c2:99:7f:ea:ea:4e:
0c:33:a5:24:88:a7:7e:91:ec:3e:9c:16:10:b4:53:
31:56:ce:78:b3:b2:fb:20:3a:a0:62:23:78:69:b4:
32:5a:67:85:13:18:97:a5:c6:9c:88:67:71:fa:e9:
a0:b1:23:06:a1:ae:36:52:83:74:f7:b0:31:15:02:
6b:4c:39:0c:7c:e2:80:d8:c6:30:51:09:0a:3b:81:
a1:0e:b4:45:52:7b:0e:22:0c:dc:cc:c1:37:e7:87:
86:bf:11:a4:8c:94:78:88:aa:61:dc:88:8c:4f:b6:
90:81:d0:b8:d2:a7:f7:81:d8:4f:0c:eb:99:67:cc:
5f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:56:00:74:3C:2C:E0:D0:1C:DE:31:96:B2:26:2C:46:CA:8A:43:61
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31333a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:13::/48
Signature Algorithm: sha256WithRSAEncryption
9c:33:f3:49:18:17:cd:f5:cd:0c:84:e8:e9:30:fc:8d:29:d9:
48:a9:f3:79:e1:79:40:fa:f0:b1:75:ea:59:52:25:72:6a:a9:
ae:80:e7:c1:ff:54:2e:b5:fc:89:4e:5b:f0:62:61:b0:f2:44:
db:e7:27:76:4b:a3:3d:32:03:17:18:ad:3c:66:8a:30:b5:9b:
0e:79:4b:97:11:d1:16:f8:9b:97:a2:a3:01:a8:0c:89:47:44:
24:bb:d8:70:26:c9:49:a6:d5:1f:b0:20:2f:80:66:03:fb:d0:
fb:01:3a:c2:a5:72:9f:2a:b2:9d:b7:c1:d5:44:b2:92:63:6f:
cb:2b:a1:1b:9b:20:fd:1f:3d:9f:8e:e0:4d:dd:83:bc:2d:d9:
79:87:e5:44:e6:bb:2c:f5:52:4a:7d:77:4d:fa:d6:4c:bd:5a:
83:a0:1e:87:4a:03:73:35:54:98:a6:7a:2c:52:4e:ec:7f:9e:
89:7a:cc:63:73:06:4e:37:b2:cd:9c:b4:0c:9c:73:83:d0:1c:
d7:1b:8c:cc:2b:b6:1b:18:a3:78:19:f5:10:82:be:61:8d:d3:
ed:a4:81:b0:ed:71:40:81:70:e2:8f:d8:e9:90:7c:4f:84:37:
d7:6d:2b:20:db:15:d6:0e:44:e1:a5:92:b6:e9:95:79:30:e1:
07:8a:ef:32
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUem88VFdYdb9ya/oj+rEIkQzv9xUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDAxMDQxNTUwMzRaFw0yNTAxMDIxNTU1MzRaMDMxMTAvBgNV
BAMTKDQ0NTYwMDc0M0MyQ0UwRDAxQ0RFMzE5NkIyMjYyQzQ2Q0E4QTQzNjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTwi2H8J03tb9o16fd/nKZCUvl
+6MX0cdQaao+JH8U3v6XYZL2YQzfpAhILBdSXFMB71uFZPfYJSDj/nU+QAKvRfeg
dFGcZs0v74TcTw4ZWNWxPj/bC5ckNGV4e+ZzefA7GDBGkjYAgk7VajzePOvG0hn6
H49GhZoM3BJbGRPt28KZf+rqTgwzpSSIp36R7D6cFhC0UzFWznizsvsgOqBiI3hp
tDJaZ4UTGJelxpyIZ3H66aCxIwahrjZSg3T3sDEVAmtMOQx84oDYxjBRCQo7gaEO
tEVSew4iDNzMwTfnh4a/EaSMlHiIqmHciIxPtpCB0LjSp/eB2E8M65lnzF+5AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQURFYAdDws4NAc3jGWsiYsRsqKQ2EwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoTlQAAEzANBgkqhkiG9w0BAQsFAAOCAQEAnDPzSRgXzfXNDITo6TD8jSnZ
SKnzeeF5QPrwsXXqWVIlcmqproDnwf9ULrX8iU5b8GJhsPJE2+cndkujPTIDFxit
PGaKMLWbDnlLlxHRFvibl6KjAagMiUdEJLvYcCbJSabVH7AgL4BmA/vQ+wE6wqVy
nyqynbfB1USykmNvyyuhG5sg/R89n47gTd2DvC3ZeYflROa7LPVSSn13TfrWTL1a
g6Aeh0oDczVUmKZ6LFJO7H+eiXrMY3MGTjeyzZy0DJxzg9Ac1xuMzCu2GxijeBn1
EIK+YY3T7aSBsO1xQIFw4o/Y6ZB8T4Q3120rINsV1g5E4aWStumVeTDhB4rvMg==
-----END CERTIFICATE-----
Generated at Tue Apr 30 12:15:34 2024 by rpki-client on console-fra.rpki-client.org