Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a333a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a333a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: 0b/T5bCsIJiSdVpHaXKMFmjXm7DDnLCXAsQ9I0rEX8o=
Subject key identifier: AA:EC:BD:7D:0E:2D:AC:DE:1C:CB:70:FA:9D:6A:E0:6E:CC:93:D6:CC
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 5769816DA159CBE284CA20DFBDE16944679DD3C0
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a333a3a2f34382d3438203d3e203239383032.roa
Signing time: Fri 01 Dec 2023 07:43:20 +0000
ROA not before: Fri 01 Dec 2023 07:38:20 +0000
ROA not after: Fri 29 Nov 2024 07:43:20 +0000
asID: 29802
IP address blocks: 2a13:9500:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:69:81:6d:a1:59:cb:e2:84:ca:20:df:bd:e1:69:44:67:9d:d3:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Dec 1 07:38:20 2023 GMT
Not After : Nov 29 07:43:20 2024 GMT
Subject: CN=AAECBD7D0E2DACDE1CCB70FA9D6AE06ECC93D6CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ba:e5:9d:2c:46:f9:91:e7:cd:16:4a:b2:72:
65:d0:19:ff:91:a9:cd:11:53:86:23:d2:45:f0:b8:
9d:ac:a6:8a:5e:0e:db:7c:a4:4a:89:c4:1c:05:9d:
58:e8:d8:95:f1:87:16:b1:0b:b7:4d:29:e0:22:46:
ee:b2:26:c7:68:86:db:cb:4d:11:21:37:da:52:52:
0f:87:7a:1b:d9:5a:f2:6e:97:fd:b3:f5:40:32:35:
05:f9:2f:48:f5:18:7f:0e:96:35:d0:dc:3f:6c:2e:
74:ff:6d:40:58:1a:7a:16:8c:d5:2e:33:89:f5:c6:
2d:1c:29:2b:10:95:87:1e:38:50:9a:05:ef:d4:25:
51:fc:e7:9e:30:2e:0c:81:bc:16:6f:8a:14:0d:c0:
3b:35:a3:fc:72:24:70:3e:1d:50:f8:03:06:38:84:
f0:08:64:97:3b:57:10:09:11:d1:e8:9d:66:e0:44:
8a:16:7a:52:2e:91:73:93:42:11:e1:2a:b1:0d:e5:
aa:e7:36:7c:21:bc:23:4b:c3:b9:87:43:97:71:92:
20:9c:02:29:c1:17:99:1d:e6:bd:4c:0f:df:da:54:
6f:a6:ee:f7:9c:a0:26:43:a6:1a:9f:ca:36:67:5a:
49:92:81:88:c3:12:10:9b:e5:8f:db:e6:7c:51:a4:
f2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:EC:BD:7D:0E:2D:AC:DE:1C:CB:70:FA:9D:6A:E0:6E:CC:93:D6:CC
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a333a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:3::/48
Signature Algorithm: sha256WithRSAEncryption
9d:ff:7b:a3:ec:c1:8b:22:19:0e:22:e9:dc:35:2c:e9:f1:8a:
2e:91:79:bf:0b:c3:5b:ee:22:c7:8c:83:20:71:53:84:53:aa:
ea:c3:3c:a1:66:2b:7a:f1:a1:e1:e9:98:b1:2e:91:a5:b5:17:
be:29:86:53:34:20:42:d0:ef:10:92:d7:f3:73:81:fc:57:e1:
48:c0:3e:72:e0:88:d7:ff:42:3d:40:a3:11:5c:3d:84:c7:cb:
fa:84:0a:67:6e:7f:0e:fd:a5:a7:a1:fd:9d:bd:5e:c6:03:25:
c3:df:82:d8:85:50:25:36:d1:62:47:d2:d1:5d:2c:52:cb:2e:
f1:0f:40:08:64:df:19:2e:75:c2:10:0b:4c:01:dd:c8:80:ab:
40:f4:2a:c9:18:c7:f7:fb:1b:48:80:38:cf:4d:5e:08:97:77:
6e:60:7c:a4:32:4d:2c:9a:84:de:2d:b7:8c:83:6e:fe:79:83:
b9:28:a9:ef:93:f5:4c:ce:57:b4:3a:ff:7f:5f:a2:30:7d:b7:
cd:ea:e3:b3:af:9a:2f:68:41:5d:10:24:fb:f3:81:c2:16:cd:
a7:82:c5:d4:2d:c2:04:a6:35:4e:6d:82:b8:6e:11:8f:8d:8d:
37:37:3c:8d:f6:9c:24:6c:ce:fa:22:8c:57:1b:23:c2:77:31:
ad:14:2b:00
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUV2mBbaFZy+KEyiDfveFpRGed08AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yMzEyMDEwNzM4MjBaFw0yNDExMjkwNzQzMjBaMDMxMTAvBgNV
BAMTKEFBRUNCRDdEMEUyREFDREUxQ0NCNzBGQTlENkFFMDZFQ0M5M0Q2Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7uuWdLEb5kefNFkqycmXQGf+R
qc0RU4Yj0kXwuJ2spopeDtt8pEqJxBwFnVjo2JXxhxaxC7dNKeAiRu6yJsdohtvL
TREhN9pSUg+HehvZWvJul/2z9UAyNQX5L0j1GH8OljXQ3D9sLnT/bUBYGnoWjNUu
M4n1xi0cKSsQlYceOFCaBe/UJVH8554wLgyBvBZvihQNwDs1o/xyJHA+HVD4AwY4
hPAIZJc7VxAJEdHonWbgRIoWelIukXOTQhHhKrEN5arnNnwhvCNLw7mHQ5dxkiCc
AinBF5kd5r1MD9/aVG+m7vecoCZDphqfyjZnWkmSgYjDEhCb5Y/b5nxRpPJtAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUquy9fQ4trN4cy3D6nWrgbsyT1swwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAAAMwDQYJKoZIhvcNAQELBQADggEBAJ3/e6PswYsiGQ4i6dw1LOnxii6R
eb8Lw1vuIseMgyBxU4RTqurDPKFmK3rxoeHpmLEukaW1F74phlM0IELQ7xCS1/Nz
gfxX4UjAPnLgiNf/Qj1AoxFcPYTHy/qECmdufw79paeh/Z29XsYDJcPfgtiFUCU2
0WJH0tFdLFLLLvEPQAhk3xkudcIQC0wB3ciAq0D0KskYx/f7G0iAOM9NXgiXd25g
fKQyTSyahN4tt4yDbv55g7koqe+T9UzOV7Q6/39fojB9t83q47Ovmi9oQV0QJPvz
gcIWzaeCxdQtwgSmNU5tgrhuEY+NjTc3PI32nCRszvoijFcbI8J3Ma0UKwA=
-----END CERTIFICATE-----
Generated at Tue Apr 30 12:15:34 2024 by rpki-client on console-fra.rpki-client.org