Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31343a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a31343a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: OL8Bbg0peC1VYHMF3U2bv5laMmbWRJAT/bIo00bGRUA=
Subject key identifier: 28:40:86:A4:18:AC:B5:91:F5:78:05:67:12:F3:D5:1B:16:89:9B:E7
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 72F1F58C92229B858ACE481D4C590E1C4407DAD6
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31343a3a2f34382d3438203d3e203239383032.roa
Signing time: Thu 04 Jan 2024 15:55:35 +0000
ROA not before: Thu 04 Jan 2024 15:50:35 +0000
ROA not after: Thu 02 Jan 2025 15:55:35 +0000
asID: 29802
IP address blocks: 2a13:9500:14::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:f1:f5:8c:92:22:9b:85:8a:ce:48:1d:4c:59:0e:1c:44:07:da:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Jan 4 15:50:35 2024 GMT
Not After : Jan 2 15:55:35 2025 GMT
Subject: CN=284086A418ACB591F578056712F3D51B16899BE7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2f:32:0a:b3:5b:82:70:f7:76:a8:91:dd:b4:
69:8b:3e:c9:e2:a5:18:a9:27:ca:eb:a6:ce:09:c1:
78:1b:64:92:f1:fd:67:16:5b:af:eb:2e:41:eb:6b:
ec:06:ac:a0:d9:2c:91:f9:c7:64:e0:31:b7:3e:67:
23:5a:e9:49:f4:fd:5d:12:ad:de:95:2d:cf:26:f5:
75:36:b8:8a:b6:62:b5:c2:57:06:79:73:04:97:5a:
62:de:e8:fa:b1:fc:2a:52:73:d9:7b:2a:c3:30:6a:
0c:17:a8:57:5a:63:ae:0e:a2:ac:89:8d:78:32:7f:
a5:17:c3:9f:a5:42:60:15:98:7f:ab:94:5a:f2:4c:
b9:5f:06:d4:0e:92:b6:90:86:2c:b5:10:5c:04:8e:
24:56:1a:a4:9f:90:7e:dc:da:90:2b:cf:f5:25:8f:
8f:25:a9:ee:11:1c:ea:55:9d:8f:75:95:c9:59:7d:
59:d7:cd:46:54:b3:de:cd:5e:a7:bd:ad:43:ac:ca:
ba:d3:59:d7:09:51:b7:c6:88:42:89:12:a3:1a:93:
92:26:10:7a:63:94:3b:7d:92:f1:4f:69:47:d5:ef:
e2:8c:c9:91:57:14:be:70:5c:2e:ab:1f:dc:7a:11:
b0:37:be:e8:ce:84:17:7d:a4:ce:f2:af:5b:53:94:
6b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:40:86:A4:18:AC:B5:91:F5:78:05:67:12:F3:D5:1B:16:89:9B:E7
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31343a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:14::/48
Signature Algorithm: sha256WithRSAEncryption
3b:f0:59:e5:82:b4:d9:10:25:ad:06:05:ac:26:c6:76:15:a4:
95:99:3c:51:d3:bd:3c:63:d7:ed:a0:12:ba:ac:59:35:c8:5e:
b8:e7:4e:fb:6c:76:d1:5e:32:4b:57:16:11:dd:47:71:75:c3:
46:58:6c:01:41:9d:b1:39:6e:4b:4c:64:15:40:36:f6:7d:cf:
00:37:47:2d:3d:ae:a0:96:68:98:48:1a:2b:f1:0d:43:81:a0:
ab:bb:f6:6c:6e:c6:14:89:fd:f6:cd:bf:42:d8:09:6e:0c:e4:
96:96:c4:ff:64:aa:6d:80:b2:7c:7f:dc:5b:5f:f3:23:68:af:
f4:b3:b7:e9:d6:31:8c:3b:e1:16:d3:58:aa:cb:7d:c4:2d:72:
97:be:e2:cd:62:f1:31:6f:a8:17:69:d1:8c:c4:c2:a4:58:5c:
78:d0:74:fa:a8:59:e1:a6:65:83:34:76:17:9b:a2:5d:37:7c:
ab:39:35:58:b0:59:e7:51:23:30:1e:38:32:45:20:96:b2:3f:
6a:9c:9f:6d:e5:dc:ab:af:dd:cf:f7:41:09:19:ef:77:c7:6c:
cc:11:40:47:22:29:41:b5:b4:ef:68:ba:49:b9:b8:6c:22:e7:
dd:4a:44:f0:77:11:d0:d2:66:d0:ad:8f:68:60:24:77:53:c6:
f3:44:45:46
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUcvH1jJIim4WKzkgdTFkOHEQH2tYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDAxMDQxNTUwMzVaFw0yNTAxMDIxNTU1MzVaMDMxMTAvBgNV
BAMTKDI4NDA4NkE0MThBQ0I1OTFGNTc4MDU2NzEyRjNENTFCMTY4OTlCRTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCULzIKs1uCcPd2qJHdtGmLPsni
pRipJ8rrps4JwXgbZJLx/WcWW6/rLkHra+wGrKDZLJH5x2TgMbc+ZyNa6Un0/V0S
rd6VLc8m9XU2uIq2YrXCVwZ5cwSXWmLe6Pqx/CpSc9l7KsMwagwXqFdaY64OoqyJ
jXgyf6UXw5+lQmAVmH+rlFryTLlfBtQOkraQhiy1EFwEjiRWGqSfkH7c2pArz/Ul
j48lqe4RHOpVnY91lclZfVnXzUZUs97NXqe9rUOsyrrTWdcJUbfGiEKJEqMak5Im
EHpjlDt9kvFPaUfV7+KMyZFXFL5wXC6rH9x6EbA3vujOhBd9pM7yr1tTlGt9AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUKECGpBistZH1eAVnEvPVGxaJm+cwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTM0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoTlQAAFDANBgkqhkiG9w0BAQsFAAOCAQEAO/BZ5YK02RAlrQYFrCbGdhWk
lZk8UdO9PGPX7aASuqxZNcheuOdO+2x20V4yS1cWEd1HcXXDRlhsAUGdsTluS0xk
FUA29n3PADdHLT2uoJZomEgaK/ENQ4Ggq7v2bG7GFIn99s2/QtgJbgzklpbE/2Sq
bYCyfH/cW1/zI2iv9LO36dYxjDvhFtNYqst9xC1yl77izWLxMW+oF2nRjMTCpFhc
eNB0+qhZ4aZlgzR2F5uiXTd8qzk1WLBZ51EjMB44MkUglrI/apyfbeXcq6/dz/dB
CRnvd8dszBFARyIpQbW072i6Sbm4bCLn3UpE8HcR0NJm0K2PaGAkd1PG80RFRg==
-----END CERTIFICATE-----
Generated at Tue Apr 30 12:15:34 2024 by rpki-client on console-fra.rpki-client.org