Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31383a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a31383a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: rPtH2R5+pqGCHdnlbaSd47ds2wAdz0rTg+lNAR2sGY4=
Subject key identifier: 99:B3:C1:27:6A:3A:B0:94:71:31:36:70:E0:3F:D6:79:9D:09:14:A3
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 175DE066D85D8D4929551552BC8FE432079EF06C
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31383a3a2f34382d3438203d3e203239383032.roa
Signing time: Mon 12 Feb 2024 16:01:20 +0000
ROA not before: Mon 12 Feb 2024 15:56:20 +0000
ROA not after: Mon 10 Feb 2025 16:01:20 +0000
asID: 29802
IP address blocks: 2a13:9500:18::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:5d:e0:66:d8:5d:8d:49:29:55:15:52:bc:8f:e4:32:07:9e:f0:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Feb 12 15:56:20 2024 GMT
Not After : Feb 10 16:01:20 2025 GMT
Subject: CN=99B3C1276A3AB09471313670E03FD6799D0914A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ad:3a:f5:d0:e0:52:37:fe:fc:a9:7f:6b:0f:
cb:3b:ba:3b:57:55:af:ce:22:49:5c:c2:8c:16:e6:
d4:e4:b8:61:7a:2c:2b:a5:ef:7e:e1:b3:97:af:ef:
dd:6f:c9:f8:92:4c:c0:48:15:a6:13:e8:6a:f0:79:
3b:03:b8:ec:75:f1:dc:d0:9e:05:b8:1d:5a:01:ed:
0c:60:2f:65:ed:02:21:51:78:ed:be:31:3c:32:21:
fa:0d:5c:ce:d6:8a:32:ab:2a:34:b1:81:8f:ec:60:
65:cb:3b:1e:a7:84:29:6b:3f:7c:2f:fa:26:86:8b:
d2:2a:fd:6b:53:1e:07:5c:49:1d:04:38:d4:cf:32:
57:c9:b0:d9:69:e4:88:2b:96:79:52:df:ec:09:22:
19:10:5d:25:57:3f:64:af:6b:0f:e6:45:41:98:66:
31:df:96:4c:94:0d:4d:4c:7f:5b:c8:64:c0:88:19:
01:9b:5c:f3:6b:e9:fe:f1:08:c1:75:70:b2:e8:08:
a2:95:2a:04:1f:a7:e4:0b:bc:aa:e8:42:3c:ab:9f:
ef:21:62:42:da:8b:e1:57:e2:fd:4a:c2:c1:38:f2:
78:85:1f:14:e1:de:6f:2c:84:cd:02:e8:b6:dc:ec:
98:e3:98:21:d3:31:b7:34:13:96:d9:f6:8d:7e:47:
52:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B3:C1:27:6A:3A:B0:94:71:31:36:70:E0:3F:D6:79:9D:09:14:A3
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31383a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:18::/48
Signature Algorithm: sha256WithRSAEncryption
a8:ce:3a:f4:c8:9c:78:68:75:5f:3f:d7:2a:91:bb:86:91:53:
5c:79:c8:d9:53:fb:f5:ab:a5:46:0f:6f:9a:6b:a9:d8:81:a9:
fc:34:15:a4:b6:8a:51:59:7f:6e:0c:0d:7d:39:45:50:8f:0b:
cc:67:4b:86:f6:33:b1:0e:2e:0b:f4:7d:38:94:4d:fc:49:a2:
e2:4e:7d:56:bf:b0:1b:4b:c5:00:e5:9a:08:51:e5:a6:35:57:
27:88:c1:29:50:81:fa:76:f6:6c:e9:2e:c8:11:b3:3b:c5:93:
11:f6:65:96:b8:8d:0e:03:c0:cc:ac:b6:31:2b:04:2d:ac:b3:
b0:30:0a:25:83:21:c4:4b:c5:9b:1b:1a:f6:f9:7c:57:dc:f3:
5c:aa:25:62:91:81:8c:37:fb:3d:92:fb:16:f7:15:34:7a:ea:
59:6d:6a:b6:06:9a:21:81:63:10:8e:b8:8b:86:97:e5:7e:9a:
68:25:25:07:26:67:f3:39:e4:11:18:fb:c8:6a:b9:b4:1f:a5:
74:5b:9a:6e:2b:a6:7b:ac:7f:b5:5b:18:fc:35:86:ce:cf:34:
28:8a:49:5b:1e:ec:5c:18:7e:09:2b:48:21:e0:94:58:be:08:
bb:2e:d4:0b:ca:4c:55:c1:7e:05:4b:54:bc:ce:01:27:86:50:
6c:46:7f:f0
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUF13gZthdjUkpVRVSvI/kMgee8GwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDAyMTIxNTU2MjBaFw0yNTAyMTAxNjAxMjBaMDMxMTAvBgNV
BAMTKDk5QjNDMTI3NkEzQUIwOTQ3MTMxMzY3MEUwM0ZENjc5OUQwOTE0QTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsrTr10OBSN/78qX9rD8s7ujtX
Va/OIklcwowW5tTkuGF6LCul737hs5ev791vyfiSTMBIFaYT6GrweTsDuOx18dzQ
ngW4HVoB7QxgL2XtAiFReO2+MTwyIfoNXM7WijKrKjSxgY/sYGXLOx6nhClrP3wv
+iaGi9Iq/WtTHgdcSR0EONTPMlfJsNlp5IgrlnlS3+wJIhkQXSVXP2Svaw/mRUGY
ZjHflkyUDU1Mf1vIZMCIGQGbXPNr6f7xCMF1cLLoCKKVKgQfp+QLvKroQjyrn+8h
YkLai+FX4v1KwsE48niFHxTh3m8shM0C6Lbc7JjjmCHTMbc0E5bZ9o1+R1I3AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUmbPBJ2o6sJRxMTZw4D/WeZ0JFKMwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoTlQAAGDANBgkqhkiG9w0BAQsFAAOCAQEAqM469MiceGh1Xz/XKpG7hpFT
XHnI2VP79aulRg9vmmup2IGp/DQVpLaKUVl/bgwNfTlFUI8LzGdLhvYzsQ4uC/R9
OJRN/Emi4k59Vr+wG0vFAOWaCFHlpjVXJ4jBKVCB+nb2bOkuyBGzO8WTEfZllriN
DgPAzKy2MSsELayzsDAKJYMhxEvFmxsa9vl8V9zzXKolYpGBjDf7PZL7FvcVNHrq
WW1qtgaaIYFjEI64i4aX5X6aaCUlByZn8znkERj7yGq5tB+ldFuabiume6x/tVsY
/DWGzs80KIpJWx7sXBh+CStIIeCUWL4Iuy7UC8pMVcF+BUtUvM4BJ4ZQbEZ/8A==
-----END CERTIFICATE-----
Generated at Sun Apr 28 22:52:42 2024 by rpki-client on console-ams.rpki-client.org