Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31613a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a31613a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: sinp2bABgF6jNxBdulGpYYJiOvLOI2USAcdD7wQsRz4=
Subject key identifier: 94:13:E9:AF:93:5A:7C:DB:A4:93:D2:C0:BB:3F:F1:64:87:69:B4:D9
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 17139982BF38F59165B17411F5D16827920910E3
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31613a3a2f34382d3438203d3e203239383032.roa
Signing time: Mon 12 Feb 2024 16:01:32 +0000
ROA not before: Mon 12 Feb 2024 15:56:32 +0000
ROA not after: Mon 10 Feb 2025 16:01:32 +0000
asID: 29802
IP address blocks: 2a13:9500:1a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 14:38:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:13:99:82:bf:38:f5:91:65:b1:74:11:f5:d1:68:27:92:09:10:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Feb 12 15:56:32 2024 GMT
Not After : Feb 10 16:01:32 2025 GMT
Subject: CN=9413E9AF935A7CDBA493D2C0BB3FF1648769B4D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d3:2c:ea:2b:3b:81:1a:7b:ae:db:49:80:04:
1c:01:1d:8c:a1:8e:6b:0d:6f:3b:df:73:df:cc:5b:
b0:21:39:f8:be:cd:91:cc:79:ba:a6:49:df:27:87:
9a:93:b1:be:e1:21:03:82:c3:af:e8:2f:99:09:fc:
86:b7:c9:26:a8:a2:87:a0:00:72:47:c6:9e:8f:9d:
2b:8a:da:3b:f8:49:4c:cf:7a:be:64:67:e3:d3:a0:
ec:48:34:b3:99:f8:af:36:5d:e9:44:64:95:bb:ce:
b2:9d:66:32:4d:5c:a6:b3:6d:6c:5d:61:0c:4f:c8:
2c:c9:af:c5:2b:c8:f3:16:9e:c4:6e:7f:8e:37:26:
5a:35:9c:61:0e:bc:cc:b5:a2:92:69:d9:e6:df:2b:
8d:6f:c9:6c:72:c6:39:a3:64:9c:5f:7d:0f:40:c6:
4d:3e:9c:69:f9:31:a9:bc:2f:d6:ed:db:3a:cd:65:
de:6a:b7:3b:54:3b:df:56:8f:a6:12:41:e8:e2:6e:
8f:a3:26:28:81:b2:90:2b:2c:5f:32:87:89:a8:2c:
62:65:e2:e2:7f:b1:bd:2a:b9:4e:9c:19:8a:16:41:
51:4c:48:22:da:30:a3:f7:2f:cb:f1:26:56:e4:e1:
4d:1c:95:91:04:83:e3:5a:77:40:55:5e:47:c0:e0:
78:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:13:E9:AF:93:5A:7C:DB:A4:93:D2:C0:BB:3F:F1:64:87:69:B4:D9
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31613a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:1a::/48
Signature Algorithm: sha256WithRSAEncryption
08:04:7b:31:0f:b8:2a:20:9c:0a:b4:7d:f1:de:e6:98:42:37:
80:3b:f4:11:d6:2a:cc:15:0e:e9:e2:a0:f1:62:da:5c:6d:40:
fb:e9:09:0e:1b:f9:12:cd:6a:1b:ef:dd:ae:b2:03:0a:a3:9f:
4a:1c:1d:ab:09:9d:1d:2a:1b:14:08:87:e3:cb:67:f3:da:a9:
d1:f6:8e:b4:e9:1f:42:bf:2b:f7:4f:c4:9c:4b:4c:e1:c2:c7:
ad:a6:04:24:fb:cd:31:a5:0d:99:2d:2d:a6:d1:7b:3d:d0:0c:
ac:b3:15:e4:d1:d1:93:17:36:d3:23:f2:7c:4b:b1:8d:76:42:
99:d8:0f:55:7a:60:45:1a:07:4b:bd:86:b2:4f:da:ad:0b:d5:
05:95:42:03:7c:94:c0:54:3d:ca:9d:72:0d:cc:cf:e5:06:eb:
ac:82:c1:3c:bc:7a:00:3f:42:9e:67:c0:e1:1a:11:1d:67:7b:
23:ad:1d:19:91:11:3b:ea:84:4b:80:69:02:76:3b:c2:a6:22:
a6:ae:5d:b1:9c:93:a6:ca:64:0d:24:7f:f1:3e:f0:c2:af:6b:
10:16:63:c5:ca:bd:e8:7e:a6:12:52:84:58:cf:14:60:a4:af:
ac:23:36:96:11:79:55:8c:3e:a3:2f:e3:5b:48:8a:30:fd:4f:
23:49:82:8d
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUFxOZgr849ZFlsXQR9dFoJ5IJEOMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDAyMTIxNTU2MzJaFw0yNTAyMTAxNjAxMzJaMDMxMTAvBgNV
BAMTKDk0MTNFOUFGOTM1QTdDREJBNDkzRDJDMEJCM0ZGMTY0ODc2OUI0RDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr0yzqKzuBGnuu20mABBwBHYyh
jmsNbzvfc9/MW7AhOfi+zZHMebqmSd8nh5qTsb7hIQOCw6/oL5kJ/Ia3ySaoooeg
AHJHxp6PnSuK2jv4SUzPer5kZ+PToOxINLOZ+K82XelEZJW7zrKdZjJNXKazbWxd
YQxPyCzJr8UryPMWnsRuf443Jlo1nGEOvMy1opJp2ebfK41vyWxyxjmjZJxffQ9A
xk0+nGn5Mam8L9bt2zrNZd5qtztUO99Wj6YSQejibo+jJiiBspArLF8yh4moLGJl
4uJ/sb0quU6cGYoWQVFMSCLaMKP3L8vxJlbk4U0clZEEg+Nad0BVXkfA4HgFAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUlBPpr5NafNukk9LAuz/xZIdptNkwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTYxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoTlQAAGjANBgkqhkiG9w0BAQsFAAOCAQEACAR7MQ+4KiCcCrR98d7mmEI3
gDv0EdYqzBUO6eKg8WLaXG1A++kJDhv5Es1qG+/drrIDCqOfShwdqwmdHSobFAiH
48tn89qp0faOtOkfQr8r90/EnEtM4cLHraYEJPvNMaUNmS0tptF7PdAMrLMV5NHR
kxc20yPyfEuxjXZCmdgPVXpgRRoHS72Gsk/arQvVBZVCA3yUwFQ9yp1yDczP5Qbr
rILBPLx6AD9CnmfA4RoRHWd7I60dGZERO+qES4BpAnY7wqYipq5dsZyTpspkDSR/
8T7wwq9rEBZjxcq96H6mElKEWM8UYKSvrCM2lhF5VYw+oy/jW0iKMP1PI0mCjQ==
-----END CERTIFICATE-----
Generated at Mon Apr 29 19:47:11 2024 by rpki-client on console-fra.rpki-client.org