Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a373a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a373a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: /9I+1DUArKvr0g9TeOBpjSQL54ZAiKVL5hIflTxPA9k=
Subject key identifier: D2:6B:B1:23:1F:1A:DE:43:DC:E9:C0:FC:96:A4:E8:27:1C:CC:88:12
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 11349E765390C82023394FE5C4BFB790C9478861
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a373a3a2f34382d3438203d3e203239383032.roa
Signing time: Tue 02 Jan 2024 11:26:07 +0000
ROA not before: Tue 02 Jan 2024 11:21:07 +0000
ROA not after: Tue 31 Dec 2024 11:26:07 +0000
asID: 29802
IP address blocks: 2a13:9500:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 14:38:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:34:9e:76:53:90:c8:20:23:39:4f:e5:c4:bf:b7:90:c9:47:88:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Jan 2 11:21:07 2024 GMT
Not After : Dec 31 11:26:07 2024 GMT
Subject: CN=D26BB1231F1ADE43DCE9C0FC96A4E8271CCC8812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b4:dc:16:4c:86:99:fc:4a:5f:91:29:38:4c:
6b:76:bb:62:9a:93:1d:05:a1:f6:ae:c2:fd:50:6e:
7d:fd:03:9e:a8:75:49:79:09:43:65:6d:44:a7:4f:
0e:82:68:e8:62:be:a5:f6:83:97:78:dc:2f:7e:7b:
62:da:b3:24:b1:f0:ec:7c:af:b0:8f:ed:32:1b:f6:
ac:31:98:75:4c:a3:13:e0:86:16:ee:2a:5b:d5:ab:
30:55:34:fd:7e:24:14:06:52:9b:21:28:1b:af:07:
3a:d6:7e:df:84:93:a1:69:95:c6:ac:e9:3b:75:be:
fd:c9:6a:6f:5c:b4:0b:e6:6f:b5:1f:b1:73:f8:6f:
1b:67:94:ef:43:26:d5:9f:69:9c:64:d1:7a:5e:f3:
98:90:fd:8e:d8:34:19:c4:02:69:c4:99:f4:6b:36:
0d:7d:3d:00:a3:74:d7:b6:9c:2b:46:b8:85:c4:30:
15:04:f9:f6:a0:af:72:60:d0:b2:20:a3:61:33:e4:
de:52:7f:47:69:a0:0c:3b:e9:f3:c3:e0:12:6f:f9:
b7:93:35:06:e4:ff:bf:d7:ce:c2:46:e4:f6:0e:9d:
9f:75:1a:22:97:8f:e6:52:95:38:4e:a6:ad:2b:b5:
fe:79:dd:2c:03:e0:2a:8d:f5:c9:b5:79:5e:7d:d2:
3b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:6B:B1:23:1F:1A:DE:43:DC:E9:C0:FC:96:A4:E8:27:1C:CC:88:12
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a373a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:7::/48
Signature Algorithm: sha256WithRSAEncryption
61:49:e7:43:84:22:f5:3d:40:0e:36:c9:bc:c6:cc:58:7e:15:
1f:70:54:de:1b:b2:b2:ce:39:25:d2:b2:bc:7b:7e:49:13:12:
52:e9:75:d6:57:b2:82:c0:6a:ce:72:e8:03:52:7c:a8:b8:db:
9a:6a:80:9e:89:2c:c7:69:29:d0:9f:7b:3e:40:0c:93:fd:d2:
9e:66:fb:1b:da:52:e9:f3:17:b3:8c:c2:49:ed:f1:d3:69:96:
cd:5a:55:4d:bb:44:9b:b0:70:cb:ea:ec:b0:33:0e:e1:03:67:
1a:ea:03:c6:da:cb:d7:72:98:ad:ac:66:c1:32:5f:0f:79:8c:
85:d3:ba:6a:c2:aa:2e:90:b1:92:17:2d:e2:b5:c9:9c:aa:13:
90:92:c5:95:3e:59:8a:18:16:f5:86:4a:1c:fd:23:4b:48:3e:
05:2a:7c:1b:5f:d4:a3:66:51:7e:36:4f:66:3d:31:23:b4:68:
f2:57:a6:55:a6:f3:1b:71:6f:5c:3c:64:73:43:a1:69:b2:67:
3d:a6:4f:89:34:45:a4:7f:78:8a:69:7b:8d:00:f3:2c:d4:29:
38:4e:e9:1a:8e:b5:8d:41:88:7d:37:51:d3:22:e6:4f:fb:e0:
a5:ce:48:a0:b0:0f:9f:16:f1:2a:3c:4d:39:1f:ea:a8:8b:23:
3f:c2:2f:cf
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUETSedlOQyCAjOU/lxL+3kMlHiGEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDAxMDIxMTIxMDdaFw0yNDEyMzExMTI2MDdaMDMxMTAvBgNV
BAMTKEQyNkJCMTIzMUYxQURFNDNEQ0U5QzBGQzk2QTRFODI3MUNDQzg4MTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRtNwWTIaZ/EpfkSk4TGt2u2Ka
kx0Fofauwv1Qbn39A56odUl5CUNlbUSnTw6CaOhivqX2g5d43C9+e2LasySx8Ox8
r7CP7TIb9qwxmHVMoxPghhbuKlvVqzBVNP1+JBQGUpshKBuvBzrWft+Ek6Fplcas
6Tt1vv3Jam9ctAvmb7UfsXP4bxtnlO9DJtWfaZxk0Xpe85iQ/Y7YNBnEAmnEmfRr
Ng19PQCjdNe2nCtGuIXEMBUE+fagr3Jg0LIgo2Ez5N5Sf0dpoAw76fPD4BJv+beT
NQbk/7/XzsJG5PYOnZ91GiKXj+ZSlThOpq0rtf553SwD4CqN9cm1eV590juLAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU0muxIx8a3kPc6cD8lqToJxzMiBIwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzNzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAAAcwDQYJKoZIhvcNAQELBQADggEBAGFJ50OEIvU9QA42ybzGzFh+FR9w
VN4bsrLOOSXSsrx7fkkTElLpddZXsoLAas5y6ANSfKi425pqgJ6JLMdpKdCfez5A
DJP90p5m+xvaUunzF7OMwknt8dNpls1aVU27RJuwcMvq7LAzDuEDZxrqA8bay9dy
mK2sZsEyXw95jIXTumrCqi6QsZIXLeK1yZyqE5CSxZU+WYoYFvWGShz9I0tIPgUq
fBtf1KNmUX42T2Y9MSO0aPJXplWm8xtxb1w8ZHNDoWmyZz2mT4k0RaR/eIppe40A
8yzUKThO6RqOtY1BiH03UdMi5k/74KXOSKCwD58W8So8TTkf6qiLIz/CL88=
-----END CERTIFICATE-----
Generated at Mon Apr 29 19:47:11 2024 by rpki-client on console-fra.rpki-client.org