Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a623a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a623a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: vu18NBJqPpzuRXIeyTHklDKVdjPgHmg0Ds1iEc9S3pc=
Subject key identifier: 9C:DB:DD:20:5D:83:4B:94:F6:30:FD:A6:9A:81:87:8C:0A:C1:36:FF
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 064DA2C69A0DFE550DF6842B09A1E4D8D42686D8
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a623a3a2f34382d3438203d3e203239383032.roa
Signing time: Mon 12 Feb 2024 16:00:36 +0000
ROA not before: Mon 12 Feb 2024 15:55:36 +0000
ROA not after: Mon 10 Feb 2025 16:00:36 +0000
asID: 29802
IP address blocks: 2a13:9500:b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:4d:a2:c6:9a:0d:fe:55:0d:f6:84:2b:09:a1:e4:d8:d4:26:86:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Feb 12 15:55:36 2024 GMT
Not After : Feb 10 16:00:36 2025 GMT
Subject: CN=9CDBDD205D834B94F630FDA69A81878C0AC136FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:33:a4:e4:42:30:b4:01:f7:8c:19:16:8e:4f:
f6:54:a9:ec:3b:59:fc:d6:a1:5d:5c:df:8e:a3:a9:
c9:af:60:af:40:6c:2c:17:19:23:ae:1c:37:70:b7:
b5:96:f5:76:63:58:09:81:f0:37:ed:56:96:05:d9:
33:8a:a3:cb:fa:d9:34:9f:4b:94:51:9a:a6:42:40:
79:9a:2d:d3:30:35:c4:31:c1:fa:e1:f2:ab:09:b9:
ad:3d:12:f0:4e:52:6f:57:b0:bb:ab:16:59:40:b9:
0f:84:8b:ae:9d:aa:01:9c:59:66:52:9d:8a:c6:9a:
a7:47:d3:a0:47:53:03:d0:87:d0:55:31:17:9b:a5:
4d:e7:45:7b:8b:cc:cc:67:47:7b:64:90:70:09:6e:
60:30:bd:81:02:36:22:9d:35:cd:c0:ad:64:41:09:
a4:66:03:6c:32:60:dc:49:b5:a9:f6:67:51:2c:6a:
1d:ba:ce:43:7f:dc:73:2a:27:06:fb:eb:b8:05:2c:
72:c1:64:10:9f:18:48:55:3c:f7:4d:9e:6d:57:81:
0f:11:fa:ad:a6:3d:5a:aa:87:2a:9e:42:08:19:78:
c3:4f:ec:78:92:89:17:1e:b6:3f:0d:61:18:3f:b6:
ee:7c:20:fd:0a:bd:41:06:b0:83:db:c9:3d:69:fc:
bd:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:DB:DD:20:5D:83:4B:94:F6:30:FD:A6:9A:81:87:8C:0A:C1:36:FF
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a623a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:b::/48
Signature Algorithm: sha256WithRSAEncryption
90:6a:0c:d4:ca:af:ff:a5:63:0a:83:e2:a0:18:a2:b8:0b:d1:
25:11:29:f2:ef:a0:ec:b2:61:ef:4e:6c:36:16:89:ad:70:d5:
46:93:d5:02:bb:ab:1b:46:c0:31:64:ac:20:67:c8:6b:94:53:
6f:18:3b:1a:5c:10:4d:a1:b9:07:1f:cf:a7:c7:ec:1b:fa:d0:
fe:5c:9a:4c:49:6a:32:d3:24:9a:35:3d:81:3f:07:ff:e1:f2:
73:97:fc:cd:b3:07:71:0f:9d:cc:c5:9d:22:0b:f0:2c:19:5c:
0c:2c:87:a8:9f:37:18:93:0d:58:f5:af:45:b0:ab:86:ee:2a:
c3:92:24:ff:b7:0d:b4:3f:3e:ea:05:f1:77:34:74:d8:29:93:
ef:5b:73:7a:d1:fc:d0:45:c1:4e:24:96:4c:c9:8b:43:8c:36:
f6:15:e0:aa:16:7a:ce:24:ff:52:b9:ea:55:f7:d2:47:b7:9c:
a4:3f:0f:24:08:1f:35:50:88:49:88:40:d1:a6:3b:c9:28:16:
b9:d4:a4:01:3b:28:a6:62:33:da:6f:b0:d9:ed:05:db:28:99:
0e:4e:e0:cc:17:57:1b:f4:e4:d7:3f:12:68:9c:86:29:0a:56:
23:cf:74:7e:b0:05:fb:e1:21:09:42:bc:1b:c2:1a:c8:07:b7:
c6:e2:22:c9
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUBk2ixpoN/lUN9oQrCaHk2NQmhtgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDAyMTIxNTU1MzZaFw0yNTAyMTAxNjAwMzZaMDMxMTAvBgNV
BAMTKDlDREJERDIwNUQ4MzRCOTRGNjMwRkRBNjlBODE4NzhDMEFDMTM2RkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdM6TkQjC0AfeMGRaOT/ZUqew7
WfzWoV1c346jqcmvYK9AbCwXGSOuHDdwt7WW9XZjWAmB8DftVpYF2TOKo8v62TSf
S5RRmqZCQHmaLdMwNcQxwfrh8qsJua09EvBOUm9XsLurFllAuQ+Ei66dqgGcWWZS
nYrGmqdH06BHUwPQh9BVMRebpU3nRXuLzMxnR3tkkHAJbmAwvYECNiKdNc3ArWRB
CaRmA2wyYNxJtan2Z1Esah26zkN/3HMqJwb767gFLHLBZBCfGEhVPPdNnm1XgQ8R
+q2mPVqqhyqeQggZeMNP7HiSiRcetj8NYRg/tu58IP0KvUEGsIPbyT1p/L3VAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUnNvdIF2DS5T2MP2mmoGHjArBNv8wHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2E2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAAAswDQYJKoZIhvcNAQELBQADggEBAJBqDNTKr/+lYwqD4qAYorgL0SUR
KfLvoOyyYe9ObDYWia1w1UaT1QK7qxtGwDFkrCBnyGuUU28YOxpcEE2huQcfz6fH
7Bv60P5cmkxJajLTJJo1PYE/B//h8nOX/M2zB3EPnczFnSIL8CwZXAwsh6ifNxiT
DVj1r0Wwq4buKsOSJP+3DbQ/PuoF8Xc0dNgpk+9bc3rR/NBFwU4klkzJi0OMNvYV
4KoWes4k/1K56lX30ke3nKQ/DyQIHzVQiEmIQNGmO8koFrnUpAE7KKZiM9pvsNnt
BdsomQ5O4MwXVxv05Nc/EmichikKViPPdH6wBfvhIQlCvBvCGsgHt8biIsk=
-----END CERTIFICATE-----
Generated at Tue Apr 30 12:15:34 2024 by rpki-client on console-fra.rpki-client.org