Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a363a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a363a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: bAhNvXAilT+yXbJtITHWmkUt0XgyOTNCbhzF8F5xTLs=
Subject key identifier: 3F:C9:01:37:B6:56:19:58:26:B1:F5:94:FF:68:01:AC:1B:C3:8B:F8
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 05CA7BC2F4316148AD2FB63E0809FB4E5114A32E
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a363a3a2f34382d3438203d3e203239383032.roa
Signing time: Tue 02 Jan 2024 11:25:37 +0000
ROA not before: Tue 02 Jan 2024 11:20:37 +0000
ROA not after: Tue 31 Dec 2024 11:25:37 +0000
asID: 29802
IP address blocks: 2a13:9500:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 14:38:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:ca:7b:c2:f4:31:61:48:ad:2f:b6:3e:08:09:fb:4e:51:14:a3:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Jan 2 11:20:37 2024 GMT
Not After : Dec 31 11:25:37 2024 GMT
Subject: CN=3FC90137B656195826B1F594FF6801AC1BC38BF8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:a9:37:0b:9b:f1:fd:27:85:ac:5e:c1:2b:2f:
ad:7f:03:77:23:f5:52:7a:ea:d2:0e:f5:b7:11:f8:
38:7d:80:3a:97:22:aa:99:84:2a:16:44:fd:9d:e7:
09:0e:df:dc:77:2c:dd:05:78:6d:77:5b:8a:14:22:
1b:9c:14:df:dc:ee:d9:08:99:52:43:a6:e2:83:1b:
25:14:14:cd:b3:66:98:8f:b3:0b:e9:fe:0a:c6:64:
60:72:0b:b7:6c:e4:d7:7a:ab:89:5b:ff:93:10:c2:
31:30:3d:4c:d6:97:df:ab:53:82:b7:a0:af:16:3a:
07:a4:c1:c3:ea:35:d8:84:1c:1a:b8:14:71:6c:dc:
a6:81:fc:88:0f:d5:5e:f8:b1:8e:f9:53:22:e8:c6:
ee:b6:76:81:9a:69:00:6e:ab:68:3a:43:c6:dc:05:
41:af:95:79:c1:0b:13:90:58:ae:e6:e5:17:62:06:
73:0e:2d:af:ce:d3:e1:4c:bf:44:ad:09:c3:7e:18:
8f:60:ec:1e:d5:3d:5a:d0:93:32:83:a3:2c:7e:27:
b2:a2:73:57:84:66:2f:2e:b2:5f:e4:a3:54:2d:3c:
99:3a:27:58:77:87:be:25:38:8e:a4:1b:36:e3:9c:
f4:8b:c6:b7:4e:0d:90:20:92:6d:80:2e:94:9f:d6:
90:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C9:01:37:B6:56:19:58:26:B1:F5:94:FF:68:01:AC:1B:C3:8B:F8
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a363a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:6::/48
Signature Algorithm: sha256WithRSAEncryption
6c:da:fe:70:94:f5:97:39:ac:be:1b:9d:3f:4f:5b:35:54:f0:
b2:13:59:b0:16:df:1f:0c:18:ba:03:9f:d9:0f:de:9c:3c:95:
e3:17:a2:55:42:be:be:da:5b:76:f8:eb:01:5b:40:a0:d3:7e:
8b:96:d0:2a:39:ee:f2:cf:72:8b:e2:10:dc:74:59:d8:85:49:
c2:10:51:97:4b:21:de:4c:06:46:b7:6d:fc:94:e8:7e:ab:ac:
2a:9e:f7:d6:28:15:44:aa:d3:6d:c5:2c:8e:67:c1:7c:e4:73:
8a:43:6f:cd:6a:c6:b9:29:24:91:ca:a4:86:02:e0:c5:6f:cb:
d3:20:9b:41:a3:65:6b:91:2d:45:ef:2b:f0:a0:3e:09:fe:2e:
5a:09:87:fd:4d:f5:1f:ed:90:69:8e:a5:22:0a:c6:3b:25:1e:
24:a4:a1:9f:4e:52:80:54:db:01:02:24:91:e0:93:27:57:87:
39:3e:2c:d6:d2:04:df:6f:78:6a:20:04:fe:47:3d:81:fe:ec:
05:ef:b4:08:80:c5:64:b0:f2:7e:3d:b7:95:8c:5b:5a:e7:7c:
4e:81:f1:19:62:40:c1:e0:a1:0d:f6:32:48:56:45:a9:e8:d3:
5f:f5:b1:0d:1c:76:de:3e:b4:c7:fa:07:be:b2:ca:36:e9:e9:
7b:e1:a2:ac
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUBcp7wvQxYUitL7Y+CAn7TlEUoy4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDAxMDIxMTIwMzdaFw0yNDEyMzExMTI1MzdaMDMxMTAvBgNV
BAMTKDNGQzkwMTM3QjY1NjE5NTgyNkIxRjU5NEZGNjgwMUFDMUJDMzhCRjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvqTcLm/H9J4WsXsErL61/A3cj
9VJ66tIO9bcR+Dh9gDqXIqqZhCoWRP2d5wkO39x3LN0FeG13W4oUIhucFN/c7tkI
mVJDpuKDGyUUFM2zZpiPswvp/grGZGByC7ds5Nd6q4lb/5MQwjEwPUzWl9+rU4K3
oK8WOgekwcPqNdiEHBq4FHFs3KaB/IgP1V74sY75UyLoxu62doGaaQBuq2g6Q8bc
BUGvlXnBCxOQWK7m5RdiBnMOLa/O0+FMv0StCcN+GI9g7B7VPVrQkzKDoyx+J7Ki
c1eEZi8usl/ko1QtPJk6J1h3h74lOI6kGzbjnPSLxrdODZAgkm2ALpSf1pCnAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUP8kBN7ZWGVgmsfWU/2gBrBvDi/gwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzNjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAAAYwDQYJKoZIhvcNAQELBQADggEBAGza/nCU9Zc5rL4bnT9PWzVU8LIT
WbAW3x8MGLoDn9kP3pw8leMXolVCvr7aW3b46wFbQKDTfouW0Co57vLPcoviENx0
WdiFScIQUZdLId5MBka3bfyU6H6rrCqe99YoFUSq023FLI5nwXzkc4pDb81qxrkp
JJHKpIYC4MVvy9Mgm0GjZWuRLUXvK/CgPgn+LloJh/1N9R/tkGmOpSIKxjslHiSk
oZ9OUoBU2wECJJHgkydXhzk+LNbSBN9veGogBP5HPYH+7AXvtAiAxWSw8n49t5WM
W1rnfE6B8RliQMHgoQ32MkhWRano01/1sQ0cdt4+tMf6B76yyjbp6Xvhoqw=
-----END CERTIFICATE-----
Generated at Mon Apr 29 19:47:11 2024 by rpki-client on console-fra.rpki-client.org