Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31643a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a31643a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: ltggp1l5EuYmFlnJm4R3rO3uDOFGcnGHYD0DUyloDHU=
Subject key identifier: 4A:05:CB:9D:E7:E4:37:50:D9:B3:1C:32:76:C9:C4:25:15:B8:F0:B7
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 532956C39E240FF1D43E1410F68875D82A43F54C
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31643a3a2f34382d3438203d3e203239383032.roa
Signing time: Fri 26 Apr 2024 12:20:13 +0000
ROA not before: Fri 26 Apr 2024 12:15:13 +0000
ROA not after: Fri 25 Apr 2025 12:20:13 +0000
asID: 29802
IP address blocks: 2a13:9500:1d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 22:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:29:56:c3:9e:24:0f:f1:d4:3e:14:10:f6:88:75:d8:2a:43:f5:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Apr 26 12:15:13 2024 GMT
Not After : Apr 25 12:20:13 2025 GMT
Subject: CN=4A05CB9DE7E43750D9B31C3276C9C42515B8F0B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:04:07:3d:10:43:7e:7b:40:cd:fb:2f:71:fe:
b4:8a:74:59:fb:ce:49:76:08:5d:7f:8b:8f:58:d1:
47:7d:89:ab:72:48:b1:c9:dd:f3:74:8a:db:cb:36:
2a:77:31:90:76:c9:58:19:3b:d1:42:a3:d5:26:ba:
ce:1a:6b:7f:55:26:46:a4:f2:b8:9b:03:67:d7:a3:
13:dd:f0:de:f2:ab:ff:64:3c:24:5b:58:1b:8d:74:
a0:05:74:63:7f:8c:f2:b1:b8:6e:1e:7a:13:c7:d7:
0c:85:19:27:f5:9a:69:cb:aa:85:14:f8:9f:1f:80:
16:93:d0:c3:d1:3e:3a:d0:a2:47:56:c7:b5:da:ba:
8e:1c:3f:12:27:33:f6:f6:e8:76:4b:83:49:11:9e:
4b:c3:0b:db:39:c7:54:3c:e3:8e:78:58:8c:92:5d:
b0:0d:da:a1:e3:2c:74:82:34:ab:90:d9:1d:1e:65:
d4:ca:fb:da:08:a5:9a:45:0d:3f:bc:6c:1a:58:01:
ec:2d:56:38:9f:fb:0c:1c:ed:9f:36:61:98:8e:d8:
48:00:19:5d:c1:63:47:5f:8f:cb:3e:d6:13:6f:59:
9c:cc:25:f8:b0:fb:a6:eb:c9:d0:b6:7d:72:6c:88:
2a:a8:6c:2a:15:f3:11:2d:16:6e:b0:7e:2b:14:d5:
53:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:05:CB:9D:E7:E4:37:50:D9:B3:1C:32:76:C9:C4:25:15:B8:F0:B7
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31643a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:1d::/48
Signature Algorithm: sha256WithRSAEncryption
2f:d3:39:4e:a0:92:2d:dc:46:d5:57:38:2c:ff:41:70:3d:fe:
67:fe:e4:ff:83:f2:19:7e:db:0a:9a:50:05:9d:c1:a4:bb:d0:
1b:cc:cd:4d:09:52:55:dd:e3:db:4f:e4:93:42:84:12:26:e8:
a7:cf:4a:9f:8a:79:10:51:f5:90:63:13:42:e4:52:ba:30:6c:
92:06:a4:80:3f:6d:26:f2:6c:7c:f9:ac:9b:c9:22:5b:d1:7c:
f8:47:76:fa:6d:95:68:30:ce:86:24:b8:88:40:17:15:06:73:
17:43:95:37:2b:b5:28:aa:6e:83:ad:87:8f:0a:54:a5:75:13:
89:b6:99:34:4c:29:34:22:e7:7f:b5:16:24:da:04:7c:07:6d:
ad:c7:c4:0c:a6:d8:e4:20:8a:5c:c5:dd:5c:72:53:a7:98:65:
0e:e1:96:23:86:18:e0:3d:2e:a4:bf:57:94:8f:3c:a3:57:e1:
2d:00:fe:3e:b7:5f:3f:7e:c8:71:0f:aa:b7:55:59:93:74:b5:
3f:44:98:f1:8f:1e:5f:8a:6f:5c:2d:5e:f3:da:48:7f:b8:f4:
35:22:eb:43:5e:23:0c:75:4c:d7:10:41:ef:d3:a1:0c:b0:76:
3c:22:df:a1:88:c2:20:f9:67:ff:32:3a:df:2a:37:98:b4:2c:
ef:0f:96:cf
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUUylWw54kD/HUPhQQ9oh12CpD9UwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDA0MjYxMjE1MTNaFw0yNTA0MjUxMjIwMTNaMDMxMTAvBgNV
BAMTKDRBMDVDQjlERTdFNDM3NTBEOUIzMUMzMjc2QzlDNDI1MTVCOEYwQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMBAc9EEN+e0DN+y9x/rSKdFn7
zkl2CF1/i49Y0Ud9iatySLHJ3fN0itvLNip3MZB2yVgZO9FCo9Umus4aa39VJkak
8ribA2fXoxPd8N7yq/9kPCRbWBuNdKAFdGN/jPKxuG4eehPH1wyFGSf1mmnLqoUU
+J8fgBaT0MPRPjrQokdWx7Xauo4cPxInM/b26HZLg0kRnkvDC9s5x1Q84454WIyS
XbAN2qHjLHSCNKuQ2R0eZdTK+9oIpZpFDT+8bBpYAewtVjif+wwc7Z82YZiO2EgA
GV3BY0dfj8s+1hNvWZzMJfiw+6brydC2fXJsiCqobCoV8xEtFm6wfisU1VO9AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUSgXLnefkN1DZsxwydsnEJRW48LcwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTY0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoTlQAAHTANBgkqhkiG9w0BAQsFAAOCAQEAL9M5TqCSLdxG1Vc4LP9BcD3+
Z/7k/4PyGX7bCppQBZ3BpLvQG8zNTQlSVd3j20/kk0KEEibop89Kn4p5EFH1kGMT
QuRSujBskgakgD9tJvJsfPmsm8kiW9F8+Ed2+m2VaDDOhiS4iEAXFQZzF0OVNyu1
KKpug62HjwpUpXUTibaZNEwpNCLnf7UWJNoEfAdtrcfEDKbY5CCKXMXdXHJTp5hl
DuGWI4YY4D0upL9XlI88o1fhLQD+PrdfP37IcQ+qt1VZk3S1P0SY8Y8eX4pvXC1e
89pIf7j0NSLrQ14jDHVM1xBB79OhDLB2PCLfoYjCIPln/zI63yo3mLQs7w+Wzw==
-----END CERTIFICATE-----
Generated at Mon Jun 3 01:41:12 2024 by rpki-client on console-fra.rpki-client.org