Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31373a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a31373a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: 9fk+EA3xpRo8Yz3BPa6qDepWJRnDx2ySP0Xnvd2qjPU=
Subject key identifier: F5:9B:53:BA:68:DA:F0:69:33:18:68:F2:45:FA:96:C8:E3:A1:69:7D
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 4EC3B32ADE3279A5F36F041AA6AF502E1700A23A
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31373a3a2f34382d3438203d3e203239383032.roa
Signing time: Mon 12 Feb 2024 16:01:15 +0000
ROA not before: Mon 12 Feb 2024 15:56:15 +0000
ROA not after: Mon 10 Feb 2025 16:01:15 +0000
asID: 29802
IP address blocks: 2a13:9500:17::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:c3:b3:2a:de:32:79:a5:f3:6f:04:1a:a6:af:50:2e:17:00:a2:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Feb 12 15:56:15 2024 GMT
Not After : Feb 10 16:01:15 2025 GMT
Subject: CN=F59B53BA68DAF069331868F245FA96C8E3A1697D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f6:77:62:07:de:52:47:3b:94:b8:0a:c1:25:
e8:aa:f9:e9:45:57:11:0e:cb:23:fb:47:29:dc:f7:
8e:1f:1f:43:29:c0:8c:34:91:fd:09:25:8e:fc:42:
a9:40:4d:a8:6a:f6:0d:fa:ab:ed:f5:5b:49:9b:bd:
e1:89:cc:1b:47:ca:2f:5e:19:c0:b0:10:1c:fc:d8:
6d:5e:0f:3f:9b:2d:82:55:c1:5f:3c:53:19:e4:9b:
6b:d5:ae:bf:66:4a:86:1e:83:1d:be:98:7d:5e:82:
d2:2b:66:cb:71:03:9b:56:96:b6:4b:f5:a3:33:fd:
b0:99:01:40:ff:09:3d:c6:7f:ee:ed:c5:74:46:74:
e9:15:3d:84:12:6f:40:0c:5e:ac:9e:59:ae:39:71:
d2:2b:5c:29:2f:74:24:2d:7f:8a:3b:57:ab:0a:54:
06:10:4b:2b:83:a7:60:a8:47:c4:52:51:de:22:ec:
31:b0:a3:2a:24:24:df:fe:27:69:29:4a:7f:8c:11:
5b:ff:e1:50:4d:3c:a2:71:a3:cf:67:3f:1f:6d:aa:
66:ca:92:82:82:e5:46:ad:d1:58:a9:84:9c:94:c7:
23:41:db:16:50:d9:97:fd:36:1a:61:f0:2f:8e:91:
be:f0:df:83:23:c3:a9:ee:b7:d8:e8:76:68:5e:64:
92:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:9B:53:BA:68:DA:F0:69:33:18:68:F2:45:FA:96:C8:E3:A1:69:7D
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31373a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:17::/48
Signature Algorithm: sha256WithRSAEncryption
13:56:80:63:cf:6b:39:ea:68:9a:a9:a1:d7:9e:e7:b9:2f:a6:
f9:99:03:a9:4c:31:f8:79:7e:2d:f3:56:ce:fc:8f:b8:ca:c4:
6f:b9:e8:ed:74:9c:34:ac:8e:9d:25:08:b4:be:46:ca:ac:ee:
a4:3a:57:c9:bf:68:ef:a6:0f:1e:84:53:5d:9c:c4:47:c3:98:
2b:61:09:05:5b:5b:1d:02:6e:b3:92:03:22:4f:02:f7:2c:ad:
12:95:be:ee:40:5e:ac:4c:03:4a:70:d4:a0:31:ae:f6:a5:59:
81:4d:b9:06:31:7e:62:91:0d:5b:6c:01:27:0a:d1:f9:38:39:
d2:fa:66:c8:50:bc:4d:60:7e:19:41:f3:70:e8:b3:01:a0:47:
6c:41:3e:23:38:1b:8a:04:98:ac:20:8c:c1:bd:07:2a:fd:4e:
9b:01:50:1a:b5:ad:71:74:37:ea:ba:3d:c2:6e:a2:44:3c:9f:
05:97:32:ac:d0:5f:1a:3e:ed:4f:d2:2f:26:40:c3:84:e6:41:
1d:b9:9b:3b:0f:16:76:01:ae:a0:4d:9d:72:a9:6a:74:14:fa:
ef:dd:cb:a9:fe:00:ee:e6:ea:11:8c:7e:e3:ca:0a:26:05:12:
4b:5c:66:15:e5:03:f9:ea:e5:7b:50:f0:ed:b2:4f:56:c4:33:
bb:bd:27:3e
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUTsOzKt4yeaXzbwQapq9QLhcAojowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDAyMTIxNTU2MTVaFw0yNTAyMTAxNjAxMTVaMDMxMTAvBgNV
BAMTKEY1OUI1M0JBNjhEQUYwNjkzMzE4NjhGMjQ1RkE5NkM4RTNBMTY5N0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC59ndiB95SRzuUuArBJeiq+elF
VxEOyyP7Rync944fH0MpwIw0kf0JJY78QqlATahq9g36q+31W0mbveGJzBtHyi9e
GcCwEBz82G1eDz+bLYJVwV88Uxnkm2vVrr9mSoYegx2+mH1egtIrZstxA5tWlrZL
9aMz/bCZAUD/CT3Gf+7txXRGdOkVPYQSb0AMXqyeWa45cdIrXCkvdCQtf4o7V6sK
VAYQSyuDp2CoR8RSUd4i7DGwoyokJN/+J2kpSn+MEVv/4VBNPKJxo89nPx9tqmbK
koKC5Uat0ViphJyUxyNB2xZQ2Zf9Nhph8C+Okb7w34Mjw6nut9jodmheZJKfAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU9ZtTumja8GkzGGjyRfqWyOOhaX0wHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTM3M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoTlQAAFzANBgkqhkiG9w0BAQsFAAOCAQEAE1aAY89rOepomqmh157nuS+m
+ZkDqUwx+Hl+LfNWzvyPuMrEb7no7XScNKyOnSUItL5GyqzupDpXyb9o76YPHoRT
XZzER8OYK2EJBVtbHQJus5IDIk8C9yytEpW+7kBerEwDSnDUoDGu9qVZgU25BjF+
YpENW2wBJwrR+Tg50vpmyFC8TWB+GUHzcOizAaBHbEE+IzgbigSYrCCMwb0HKv1O
mwFQGrWtcXQ36ro9wm6iRDyfBZcyrNBfGj7tT9IvJkDDhOZBHbmbOw8WdgGuoE2d
cqlqdBT6793Lqf4A7ubqEYx+48oKJgUSS1xmFeUD+erle1Dw7bJPVsQzu70nPg==
-----END CERTIFICATE-----
Generated at Tue Apr 30 12:15:34 2024 by rpki-client on console-fra.rpki-client.org