Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a393a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a393a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: p7Cg5eySdAXwC8ms3OKdA7BXfN76yBomq5PDylifITc=
Subject key identifier: 24:46:A1:B3:08:9B:2B:06:C4:ED:D6:4C:BD:62:95:FF:0F:7C:B9:65
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 1CE53285633C254A5CC51E2F7DC1BFC3B2FCEB13
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a393a3a2f34382d3438203d3e203239383032.roa
Signing time: Tue 02 Jan 2024 11:26:52 +0000
ROA not before: Tue 02 Jan 2024 11:21:52 +0000
ROA not after: Tue 31 Dec 2024 11:26:52 +0000
asID: 29802
IP address blocks: 2a13:9500:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:e5:32:85:63:3c:25:4a:5c:c5:1e:2f:7d:c1:bf:c3:b2:fc:eb:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Jan 2 11:21:52 2024 GMT
Not After : Dec 31 11:26:52 2024 GMT
Subject: CN=2446A1B3089B2B06C4EDD64CBD6295FF0F7CB965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0e:9e:d4:99:40:74:6c:97:99:95:cd:39:0e:
aa:68:eb:b4:8e:4b:dd:5d:5a:13:6a:07:d7:58:b4:
6b:5e:9d:12:fb:88:b3:3e:70:f2:5f:d8:55:8b:aa:
0d:06:66:b8:0f:b8:2e:ad:3c:41:6b:79:ab:8b:40:
f1:3e:69:c7:8c:49:12:6e:52:0e:21:03:e1:e6:13:
ae:26:f2:95:59:43:d4:9e:73:b2:80:6d:19:86:a4:
e5:1e:c8:8d:9e:c8:b6:8e:ca:34:40:c3:a3:1c:da:
07:c4:2c:2e:36:cb:5a:44:fc:2e:94:8f:db:7c:1e:
20:82:ca:4a:42:f2:ef:74:ca:52:5f:e9:34:20:12:
91:d0:5a:53:1e:f0:b8:7d:e2:4e:37:c2:e1:3a:95:
fa:f9:b7:20:64:46:6b:99:19:10:4c:d1:77:8f:f6:
cc:34:ec:b3:8b:0b:a0:82:0a:71:39:e4:90:77:6f:
60:62:71:81:1d:78:77:d8:55:c8:bf:e9:79:5a:25:
96:28:e0:47:cb:b7:f5:fe:bf:c4:ce:bb:fe:f1:24:
27:ab:86:6c:b9:7c:bc:ef:94:a4:39:b8:64:94:88:
dc:1e:63:80:eb:8f:15:f0:a4:9c:bc:4a:36:ca:28:
df:a9:2a:8d:00:c8:1c:47:98:d7:c7:1b:c1:e7:6e:
7f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:46:A1:B3:08:9B:2B:06:C4:ED:D6:4C:BD:62:95:FF:0F:7C:B9:65
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a393a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:9::/48
Signature Algorithm: sha256WithRSAEncryption
09:cb:d2:13:57:29:64:01:45:46:56:c7:7c:95:d6:85:9f:7b:
fa:35:49:ec:66:a6:81:bf:21:e5:d2:f5:4f:ab:d1:5a:ec:e4:
a5:18:d9:ca:c0:ae:7d:4f:cf:bb:73:ea:a7:4d:7b:25:18:fd:
53:61:23:c6:db:4f:07:01:56:56:93:08:5b:fd:a9:88:3b:a3:
8d:29:f1:82:88:d0:77:20:9b:7a:bc:42:14:11:74:eb:79:73:
9e:07:85:c0:1e:6c:3d:36:c2:5c:d4:f8:1a:66:d6:fa:49:ed:
b6:8f:d7:5d:16:6e:aa:06:06:7f:ef:e6:73:cd:8a:c4:a1:6d:
b9:b3:c9:f3:5b:1a:c8:4b:b9:46:d6:34:c4:ad:8c:6b:af:5c:
f4:d4:54:17:c8:fe:90:ee:69:05:9a:6d:fb:00:04:6b:6d:78:
70:c2:81:0b:77:c5:c0:b5:0c:96:c0:18:bc:cc:50:03:35:0f:
9f:76:af:69:ae:88:66:44:ac:18:5a:ed:d5:79:a5:fc:e5:f0:
af:8f:cb:5f:f3:df:f6:95:6a:1e:3f:13:13:42:f5:a7:ab:7c:
5b:28:8e:1f:c2:86:6a:d4:9c:81:bf:ab:8f:2d:b0:d6:a5:da:
67:01:1d:8b:38:53:27:d8:03:e9:b6:f7:9d:dd:17:af:77:6a:
e6:ed:bd:59
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUHOUyhWM8JUpcxR4vfcG/w7L86xMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDAxMDIxMTIxNTJaFw0yNDEyMzExMTI2NTJaMDMxMTAvBgNV
BAMTKDI0NDZBMUIzMDg5QjJCMDZDNEVERDY0Q0JENjI5NUZGMEY3Q0I5NjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsDp7UmUB0bJeZlc05Dqpo67SO
S91dWhNqB9dYtGtenRL7iLM+cPJf2FWLqg0GZrgPuC6tPEFreauLQPE+aceMSRJu
Ug4hA+HmE64m8pVZQ9Sec7KAbRmGpOUeyI2eyLaOyjRAw6Mc2gfELC42y1pE/C6U
j9t8HiCCykpC8u90ylJf6TQgEpHQWlMe8Lh94k43wuE6lfr5tyBkRmuZGRBM0XeP
9sw07LOLC6CCCnE55JB3b2BicYEdeHfYVci/6XlaJZYo4EfLt/X+v8TOu/7xJCer
hmy5fLzvlKQ5uGSUiNweY4DrjxXwpJy8SjbKKN+pKo0AyBxHmNfHG8Hnbn+PAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUJEahswibKwbE7dZMvWKV/w98uWUwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzOTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAAAkwDQYJKoZIhvcNAQELBQADggEBAAnL0hNXKWQBRUZWx3yV1oWfe/o1
SexmpoG/IeXS9U+r0Vrs5KUY2crArn1Pz7tz6qdNeyUY/VNhI8bbTwcBVlaTCFv9
qYg7o40p8YKI0Hcgm3q8QhQRdOt5c54HhcAebD02wlzU+Bpm1vpJ7baP110WbqoG
Bn/v5nPNisShbbmzyfNbGshLuUbWNMStjGuvXPTUVBfI/pDuaQWabfsABGtteHDC
gQt3xcC1DJbAGLzMUAM1D592r2muiGZErBha7dV5pfzl8K+Py1/z3/aVah4/ExNC
9aerfFsojh/ChmrUnIG/q48tsNal2mcBHYs4UyfYA+m2953dF693aubtvVk=
-----END CERTIFICATE-----
Generated at Tue Apr 30 12:15:34 2024 by rpki-client on console-fra.rpki-client.org