Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31623a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a31623a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: PtBAODsWqDW110nm1REoGFgsplqa7BvWsoLxEup7aSQ=
Subject key identifier: 46:2D:95:18:43:B7:0F:DC:28:93:41:19:24:A9:EC:BE:3C:28:D3:C5
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 35C8D582E314B041DDD1EF7C04403B3D299D7A2F
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31623a3a2f34382d3438203d3e203239383032.roa
Signing time: Mon 12 Feb 2024 16:01:37 +0000
ROA not before: Mon 12 Feb 2024 15:56:37 +0000
ROA not after: Mon 10 Feb 2025 16:01:37 +0000
asID: 29802
IP address blocks: 2a13:9500:1b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 14:38:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:c8:d5:82:e3:14:b0:41:dd:d1:ef:7c:04:40:3b:3d:29:9d:7a:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Feb 12 15:56:37 2024 GMT
Not After : Feb 10 16:01:37 2025 GMT
Subject: CN=462D951843B70FDC2893411924A9ECBE3C28D3C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2f:97:8f:24:ea:9f:6c:2a:c0:51:64:81:33:
d5:ca:6c:fe:21:9f:fe:cb:83:b4:87:13:c1:1b:9f:
39:a4:5e:80:53:69:fc:8a:9c:3a:e6:79:f5:7c:0a:
75:e2:e1:2a:2d:99:5f:94:a1:14:17:29:90:44:30:
fd:0c:01:c5:69:68:ee:9f:78:ff:fb:cf:8c:0a:a7:
40:c2:16:d4:05:f0:e7:cd:50:99:02:4d:2e:d9:a4:
32:cb:f1:49:b4:ee:59:db:a9:97:9a:7f:8c:b3:f0:
4f:2f:fd:07:2b:e5:3d:ad:95:c0:b8:2d:5f:74:8b:
95:de:f8:a6:3a:bd:d3:d9:a5:92:5b:22:4b:4d:d1:
7a:91:84:fe:99:c6:5b:be:5a:ed:fe:6b:e7:0c:b5:
6c:e6:ef:03:be:cd:fe:7f:59:68:38:f3:fa:ab:a2:
21:0b:c0:0d:ab:ab:ac:c2:88:da:1c:35:ed:a9:f1:
e8:18:51:7f:4f:40:01:0f:e8:ec:5b:94:c5:a6:3b:
09:d2:32:f6:ef:27:a6:70:b1:5a:76:bf:4e:09:2d:
d7:d4:e7:77:64:0d:0b:29:20:78:5c:4a:21:e3:2c:
08:f8:b1:a0:3b:90:be:e1:d2:64:6b:77:2a:5d:cf:
9a:e4:52:fd:3f:0b:1f:bb:3b:47:23:0e:98:c3:3c:
f1:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:2D:95:18:43:B7:0F:DC:28:93:41:19:24:A9:EC:BE:3C:28:D3:C5
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31623a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:1b::/48
Signature Algorithm: sha256WithRSAEncryption
97:f8:4b:b3:e7:36:b9:60:ab:76:6f:d9:c6:20:02:bb:61:a3:
90:8d:d8:75:7a:9f:97:bb:af:2a:21:c7:6c:d9:24:a4:22:98:
23:12:e5:dc:e5:a0:da:0e:bf:f8:93:68:bb:91:f6:b9:a3:eb:
cb:f9:17:7f:c5:9d:24:7a:5c:65:03:ab:25:5a:a7:d1:5b:99:
50:f1:b5:6f:88:68:0b:fa:24:64:25:3f:8c:e2:2f:33:72:f8:
e2:34:cd:e2:d9:f0:8e:9a:f6:19:33:7c:53:8f:8d:d3:86:43:
4c:f6:0b:44:ae:0d:d8:8f:ee:24:dc:be:b6:a4:ba:70:1c:fd:
8c:fc:c4:cd:cf:c0:54:62:ac:71:0a:fd:64:e4:c5:d9:ce:26:
cc:84:b3:c4:42:7c:2d:12:6b:3d:aa:14:c7:08:b3:d6:08:0d:
8e:81:d6:3a:bf:b5:21:5f:d6:99:3b:84:0a:ec:f2:a7:4e:aa:
b2:27:06:18:e1:59:f4:07:76:fc:21:d0:08:1f:33:28:87:1e:
fe:9d:bb:98:06:5f:48:0d:b4:79:dd:3a:87:f8:c0:69:fb:a3:
58:f7:1a:8b:31:60:b9:94:7d:f5:a8:de:97:7c:25:38:b6:c2:
d8:f6:bb:b6:9b:60:05:a4:6c:e3:fa:3e:55:a4:bf:6b:b3:e0:
70:b6:dc:ee
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUNcjVguMUsEHd0e98BEA7PSmdei8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDAyMTIxNTU2MzdaFw0yNTAyMTAxNjAxMzdaMDMxMTAvBgNV
BAMTKDQ2MkQ5NTE4NDNCNzBGREMyODkzNDExOTI0QTlFQ0JFM0MyOEQzQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGL5ePJOqfbCrAUWSBM9XKbP4h
n/7Lg7SHE8EbnzmkXoBTafyKnDrmefV8CnXi4SotmV+UoRQXKZBEMP0MAcVpaO6f
eP/7z4wKp0DCFtQF8OfNUJkCTS7ZpDLL8Um07lnbqZeaf4yz8E8v/Qcr5T2tlcC4
LV90i5Xe+KY6vdPZpZJbIktN0XqRhP6Zxlu+Wu3+a+cMtWzm7wO+zf5/WWg48/qr
oiELwA2rq6zCiNocNe2p8egYUX9PQAEP6OxblMWmOwnSMvbvJ6ZwsVp2v04JLdfU
53dkDQspIHhcSiHjLAj4saA7kL7h0mRrdypdz5rkUv0/Cx+7O0cjDpjDPPFrAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQURi2VGEO3D9wok0EZJKnsvjwo08UwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTYyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoTlQAAGzANBgkqhkiG9w0BAQsFAAOCAQEAl/hLs+c2uWCrdm/ZxiACu2Gj
kI3YdXqfl7uvKiHHbNkkpCKYIxLl3OWg2g6/+JNou5H2uaPry/kXf8WdJHpcZQOr
JVqn0VuZUPG1b4hoC/okZCU/jOIvM3L44jTN4tnwjpr2GTN8U4+N04ZDTPYLRK4N
2I/uJNy+tqS6cBz9jPzEzc/AVGKscQr9ZOTF2c4mzISzxEJ8LRJrPaoUxwiz1ggN
joHWOr+1IV/WmTuECuzyp06qsicGGOFZ9Ad2/CHQCB8zKIce/p27mAZfSA20ed06
h/jAafujWPcaizFguZR99ajel3wlOLbC2Pa7tptgBaRs4/o+VaS/a7PgcLbc7g==
-----END CERTIFICATE-----
Generated at Mon Apr 29 19:47:11 2024 by rpki-client on console-fra.rpki-client.org