Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a353a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a353a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: ExS0W5bccSr06aS1TlBiaVByAUIeQoEEQStSdN5pk0M=
Subject key identifier: AD:31:FC:9F:DB:80:F7:31:2E:18:31:B4:22:54:8D:18:17:A3:BB:0C
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 3AF0E13E4DF3DC04A7AF6683DF59B31FF5CA5562
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a353a3a2f34382d3438203d3e203239383032.roa
Signing time: Fri 01 Dec 2023 07:44:11 +0000
ROA not before: Fri 01 Dec 2023 07:39:11 +0000
ROA not after: Fri 29 Nov 2024 07:44:11 +0000
asID: 29802
IP address blocks: 2a13:9500:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:f0:e1:3e:4d:f3:dc:04:a7:af:66:83:df:59:b3:1f:f5:ca:55:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Dec 1 07:39:11 2023 GMT
Not After : Nov 29 07:44:11 2024 GMT
Subject: CN=AD31FC9FDB80F7312E1831B422548D1817A3BB0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7e:ef:0d:4b:72:a5:22:39:d6:3a:49:0a:cb:
95:1d:b3:58:47:4f:b6:c1:9a:cf:15:36:6f:50:67:
2b:f8:82:8f:cf:4b:f9:27:c2:dc:53:09:f3:73:eb:
18:21:b2:53:70:d4:4b:6f:45:14:f8:46:9c:16:c5:
9b:13:8b:e8:6b:a7:9f:9f:7b:ea:27:46:8e:ea:d5:
45:3e:1b:02:6d:d3:c5:f2:f8:68:73:ac:cd:c8:75:
70:dc:5e:4e:e5:5a:e9:99:00:32:91:ed:5e:8d:b6:
18:a5:5a:b0:15:4f:39:11:01:70:f1:dc:62:bd:da:
75:fc:75:43:2a:a2:0f:d1:9f:d7:18:17:e4:aa:d3:
e3:61:1f:9f:22:e9:88:9f:c0:69:0b:e6:88:0d:bc:
b5:6c:dd:80:d6:a3:b3:69:97:a9:8c:a7:64:ab:56:
04:90:44:4b:fa:83:b9:ac:6e:d2:45:cb:7a:6b:4b:
e4:e6:53:3c:4d:bf:3d:bb:e4:00:da:c5:85:a6:5e:
16:1d:80:d5:2d:43:9b:a3:44:b5:57:9f:92:f5:e9:
7a:99:ab:f3:bd:a1:0c:d0:ec:53:8a:de:45:04:b1:
30:04:c4:c6:b6:63:5a:21:f5:12:67:d5:07:8c:e8:
bc:3c:3b:2f:0b:fc:8a:73:38:bb:3a:9a:bc:db:85:
aa:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:31:FC:9F:DB:80:F7:31:2E:18:31:B4:22:54:8D:18:17:A3:BB:0C
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a353a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:5::/48
Signature Algorithm: sha256WithRSAEncryption
4d:28:ff:47:f2:bd:80:9b:c6:56:50:6c:80:33:be:40:24:d3:
bd:6a:36:0f:5f:de:33:6c:67:a0:6c:2e:28:75:2b:62:ac:85:
b2:69:a1:b8:26:d3:7f:96:7e:1d:f8:3a:f8:e5:02:f9:a5:14:
39:61:4d:98:fd:09:c7:84:ca:00:d4:28:82:a9:45:01:c5:82:
2a:ee:88:f9:a4:99:a3:40:cf:16:94:8e:bf:42:13:cf:86:5c:
36:8c:74:5d:bc:6b:e1:b8:86:5d:cb:10:4a:df:92:0c:e3:39:
23:0f:b0:ef:c3:18:d7:cc:c1:6e:67:82:0a:41:09:94:f8:22:
ba:ec:9b:78:9d:55:d7:d5:0a:d4:ef:55:bf:ac:0d:01:ef:35:
51:c5:92:99:7f:bf:ef:00:18:a9:96:a6:2c:47:f9:68:49:4a:
00:ae:57:20:e0:7a:7d:be:cb:69:a1:ff:c7:0a:26:74:9b:8e:
d4:07:e0:89:33:d4:84:e6:46:7e:29:91:6f:16:41:07:33:2e:
5a:01:5f:bd:7e:37:ff:e5:4d:49:fd:22:e1:b2:50:5e:ae:80:
ac:47:22:5a:da:f5:80:09:f9:58:03:53:56:6a:d5:e6:eb:23:
c0:79:5b:c8:2b:f7:b0:7c:a6:1e:0e:46:89:90:bd:0d:94:09:
a0:7c:3a:24
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUOvDhPk3z3ASnr2aD31mzH/XKVWIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yMzEyMDEwNzM5MTFaFw0yNDExMjkwNzQ0MTFaMDMxMTAvBgNV
BAMTKEFEMzFGQzlGREI4MEY3MzEyRTE4MzFCNDIyNTQ4RDE4MTdBM0JCMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5fu8NS3KlIjnWOkkKy5Uds1hH
T7bBms8VNm9QZyv4go/PS/knwtxTCfNz6xghslNw1EtvRRT4RpwWxZsTi+hrp5+f
e+onRo7q1UU+GwJt08Xy+GhzrM3IdXDcXk7lWumZADKR7V6NthilWrAVTzkRAXDx
3GK92nX8dUMqog/Rn9cYF+Sq0+NhH58i6YifwGkL5ogNvLVs3YDWo7Npl6mMp2Sr
VgSQREv6g7msbtJFy3prS+TmUzxNvz275ADaxYWmXhYdgNUtQ5ujRLVXn5L16XqZ
q/O9oQzQ7FOK3kUEsTAExMa2Y1oh9RJn1QeM6Lw8Oy8L/IpzOLs6mrzbharDAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUrTH8n9uA9zEuGDG0IlSNGBejuwwwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzNTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAAAUwDQYJKoZIhvcNAQELBQADggEBAE0o/0fyvYCbxlZQbIAzvkAk071q
Ng9f3jNsZ6BsLih1K2KshbJpobgm03+Wfh34OvjlAvmlFDlhTZj9CceEygDUKIKp
RQHFgiruiPmkmaNAzxaUjr9CE8+GXDaMdF28a+G4hl3LEErfkgzjOSMPsO/DGNfM
wW5nggpBCZT4Irrsm3idVdfVCtTvVb+sDQHvNVHFkpl/v+8AGKmWpixH+WhJSgCu
VyDgen2+y2mh/8cKJnSbjtQH4Ikz1ITmRn4pkW8WQQczLloBX71+N//lTUn9IuGy
UF6ugKxHIlra9YAJ+VgDU1Zq1ebrI8B5W8gr97B8ph4ORomQvQ2UCaB8OiQ=
-----END CERTIFICATE-----
Generated at Tue Apr 30 12:15:34 2024 by rpki-client on console-fra.rpki-client.org