Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a633a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a633a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: XemSnl1D+kIYJPzqeqo7nZ3C1EK/cF3V8e4Oh4rCK9Q=
Subject key identifier: DF:7C:25:FD:09:70:E8:C3:33:F0:6B:6A:9A:A2:FA:C1:DF:9C:37:E0
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 392F804C3097EFE898582C8E3303AD5FB8FEBEB4
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a633a3a2f34382d3438203d3e203239383032.roa
Signing time: Mon 12 Feb 2024 16:00:42 +0000
ROA not before: Mon 12 Feb 2024 15:55:42 +0000
ROA not after: Mon 10 Feb 2025 16:00:42 +0000
asID: 29802
IP address blocks: 2a13:9500:c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 14:38:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:2f:80:4c:30:97:ef:e8:98:58:2c:8e:33:03:ad:5f:b8:fe:be:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Feb 12 15:55:42 2024 GMT
Not After : Feb 10 16:00:42 2025 GMT
Subject: CN=DF7C25FD0970E8C333F06B6A9AA2FAC1DF9C37E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:5a:55:a4:c2:35:b5:10:d6:5e:77:84:10:7b:
02:db:0e:0d:9c:db:c6:0f:c8:35:d7:d5:fd:4d:b7:
56:38:67:bc:b1:0f:da:0a:13:43:12:14:5f:83:45:
07:aa:68:c8:4e:bc:8a:0e:5e:ef:a3:b9:46:3a:d8:
3b:79:0f:97:6d:23:c5:72:80:87:2e:6f:47:e3:33:
a1:2c:57:d8:bb:44:ba:5b:92:e7:38:63:42:7e:2b:
cd:ee:1c:d2:58:04:93:53:44:07:ae:ca:ab:06:5e:
24:9c:02:f0:e5:5e:fc:48:18:9d:d6:b6:1a:62:38:
ea:d5:b1:e2:fe:9f:df:10:3b:0d:a4:2b:eb:ae:13:
02:bc:d2:39:df:a0:6e:55:30:c1:3f:2b:3a:2e:54:
89:cb:13:a7:e6:c4:2b:cb:e6:fa:40:27:87:fa:13:
3d:10:d6:97:aa:5a:9a:a1:20:73:eb:b4:85:4f:39:
4a:16:5c:f9:cf:e7:5a:dd:72:1c:43:f1:63:26:ec:
29:2e:00:35:9b:da:c3:db:d8:f0:53:71:41:c3:be:
ef:e3:bf:87:78:43:7a:12:02:8e:91:8b:48:09:68:
b2:0c:b1:f9:0e:df:49:f3:e7:33:8a:59:c8:6d:89:
22:22:d8:71:66:61:fb:77:f9:ab:6d:0c:3e:51:6c:
9b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:7C:25:FD:09:70:E8:C3:33:F0:6B:6A:9A:A2:FA:C1:DF:9C:37:E0
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a633a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:c::/48
Signature Algorithm: sha256WithRSAEncryption
70:eb:07:7f:b6:de:48:0a:50:81:91:f2:24:7d:29:99:f9:95:
e6:6e:e0:dd:e3:8a:23:e1:50:c5:71:99:7c:5c:f8:13:5a:6d:
14:82:e6:44:64:8c:96:a9:94:6d:68:02:b5:b3:f4:d7:88:f8:
57:a9:27:31:e5:c6:f4:4f:dd:51:06:4f:6d:00:4e:6a:fa:8f:
94:78:c8:5a:2a:ba:82:fc:e7:f2:39:74:b5:65:e6:aa:9c:2e:
8d:3d:02:26:f9:15:65:43:2e:bf:fe:f4:d9:3d:ec:cc:df:1c:
a3:b6:92:38:13:c1:13:91:2e:df:9f:14:e7:6b:fb:8d:c9:3b:
bd:d5:5f:44:83:23:ea:33:39:e2:62:9c:1d:23:0c:36:c2:e4:
24:88:93:72:ad:da:61:df:3b:5f:a8:a9:60:c2:0d:32:a2:f4:
1f:31:22:d6:b2:fc:99:3c:7b:18:ec:bc:c7:49:85:b8:7b:8d:
69:62:62:b9:5a:55:1e:72:18:b3:c7:0d:cd:c7:ea:e3:3d:b1:
71:14:20:0b:b6:7e:8a:51:dc:95:2b:26:fe:87:60:b9:01:ef:
c8:d5:f8:66:be:9c:68:e7:eb:27:7c:ea:db:9e:50:a3:14:8a:
8f:42:66:ce:ea:76:25:77:ff:3b:55:ef:b2:6d:7d:88:97:9a:
2b:0c:18:79
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUOS+ATDCX7+iYWCyOMwOtX7j+vrQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDAyMTIxNTU1NDJaFw0yNTAyMTAxNjAwNDJaMDMxMTAvBgNV
BAMTKERGN0MyNUZEMDk3MEU4QzMzM0YwNkI2QTlBQTJGQUMxREY5QzM3RTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcWlWkwjW1ENZed4QQewLbDg2c
28YPyDXX1f1Nt1Y4Z7yxD9oKE0MSFF+DRQeqaMhOvIoOXu+juUY62Dt5D5dtI8Vy
gIcub0fjM6EsV9i7RLpbkuc4Y0J+K83uHNJYBJNTRAeuyqsGXiScAvDlXvxIGJ3W
thpiOOrVseL+n98QOw2kK+uuEwK80jnfoG5VMME/KzouVInLE6fmxCvL5vpAJ4f6
Ez0Q1peqWpqhIHPrtIVPOUoWXPnP51rdchxD8WMm7CkuADWb2sPb2PBTcUHDvu/j
v4d4Q3oSAo6Ri0gJaLIMsfkO30nz5zOKWchtiSIi2HFmYft3+attDD5RbJvBAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU33wl/Qlw6MMz8GtqmqL6wd+cN+AwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2E2MzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAAAwwDQYJKoZIhvcNAQELBQADggEBAHDrB3+23kgKUIGR8iR9KZn5leZu
4N3jiiPhUMVxmXxc+BNabRSC5kRkjJaplG1oArWz9NeI+FepJzHlxvRP3VEGT20A
Tmr6j5R4yFoquoL85/I5dLVl5qqcLo09Aib5FWVDLr/+9Nk97MzfHKO2kjgTwROR
Lt+fFOdr+43JO73VX0SDI+ozOeJinB0jDDbC5CSIk3Kt2mHfO1+oqWDCDTKi9B8x
Itay/Jk8exjsvMdJhbh7jWliYrlaVR5yGLPHDc3H6uM9sXEUIAu2fopR3JUrJv6H
YLkB78jV+Ga+nGjn6yd86tueUKMUio9CZs7qdiV3/ztV77JtfYiXmisMGHk=
-----END CERTIFICATE-----
Generated at Mon Apr 29 19:47:11 2024 by rpki-client on console-fra.rpki-client.org