Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a643a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a643a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: 280iJPhpkndb9tx0BRX8E20z8jbpo3EDBkS4cGbufP0=
Subject key identifier: 0C:D6:38:42:A7:1B:85:84:01:97:ED:48:C9:B8:09:7B:84:E6:8A:92
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 7A225E28E085D5510217374E51E3A1CDBECB927A
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a643a3a2f34382d3438203d3e203239383032.roa
Signing time: Mon 12 Feb 2024 16:00:48 +0000
ROA not before: Mon 12 Feb 2024 15:55:48 +0000
ROA not after: Mon 10 Feb 2025 16:00:48 +0000
asID: 29802
IP address blocks: 2a13:9500:d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:22:5e:28:e0:85:d5:51:02:17:37:4e:51:e3:a1:cd:be:cb:92:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Feb 12 15:55:48 2024 GMT
Not After : Feb 10 16:00:48 2025 GMT
Subject: CN=0CD63842A71B85840197ED48C9B8097B84E68A92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d4:8f:c5:19:c6:dd:5e:8a:0f:d4:8e:65:75:
5b:6c:40:6c:73:92:50:5b:fe:9a:76:11:8c:22:53:
67:8c:6c:a8:37:32:6d:53:c8:a1:76:a9:97:94:45:
d8:65:72:ab:d9:ec:af:39:16:fd:a3:dc:76:9f:8b:
89:eb:e9:cb:ec:6b:39:19:2b:4e:44:04:0c:b7:1d:
7d:e1:dd:b5:f8:ed:a9:eb:ae:bc:c4:b3:c4:f4:b9:
b2:42:3b:85:a6:5d:2a:b9:9a:fe:79:e1:a6:8a:cf:
a4:ca:ba:d5:a2:9d:e6:48:55:86:7c:3e:a6:f1:4e:
32:ea:af:58:33:b4:5a:1b:82:75:40:4f:07:1e:ac:
20:1a:26:db:da:a5:b4:01:79:9b:85:01:60:a5:8f:
a6:c2:ad:da:44:09:00:76:a6:75:c3:e3:0b:71:90:
01:f6:be:eb:10:e8:5d:4d:4f:74:d8:1a:86:24:79:
e1:0b:7a:6e:7f:13:a4:eb:d3:cb:e8:95:91:e0:ff:
d6:d9:00:41:1c:17:c4:75:3e:a5:4d:b0:fc:84:35:
3d:4e:c6:4d:6d:38:90:6d:84:1f:b0:15:1f:66:20:
cb:d3:9d:ad:1e:8a:4f:88:d7:58:64:0b:3e:93:f1:
d6:e8:54:0b:9b:a5:a2:87:0c:ae:64:5b:3d:6f:ff:
08:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:D6:38:42:A7:1B:85:84:01:97:ED:48:C9:B8:09:7B:84:E6:8A:92
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a643a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:d::/48
Signature Algorithm: sha256WithRSAEncryption
8c:f8:83:ef:13:22:be:f4:a2:27:c3:c7:56:51:61:aa:f1:7a:
e2:3b:83:8b:a5:57:d1:89:29:d1:c9:51:b4:69:c6:d9:dd:51:
80:d1:29:13:35:b0:59:3f:49:1c:f0:f2:6b:91:3c:e8:5c:6f:
0e:ef:c4:c5:db:27:37:63:47:d3:ae:c5:58:df:16:38:46:49:
dd:68:3a:e8:50:9b:b8:fc:9a:27:28:b1:81:81:24:cf:46:2f:
eb:1e:b3:74:f7:d7:f7:da:49:88:ea:3a:e4:48:18:68:0c:ed:
e6:96:08:5a:53:76:31:53:01:1f:86:f7:87:f2:d3:58:ef:b6:
4c:13:be:cd:a5:95:bf:b4:c1:6d:e4:b4:7e:24:10:9a:a2:86:
d0:61:91:72:59:5e:2e:85:df:92:86:d1:a1:15:71:c7:d9:c1:
7e:ca:05:e9:92:da:40:a4:05:94:db:8c:27:92:ee:f3:5e:02:
a5:8a:49:59:76:28:d6:7f:5c:d6:72:32:44:74:c7:e3:11:a3:
e7:e0:17:ad:4b:6e:46:7f:7f:91:5f:cf:61:ec:46:a7:c4:81:
29:69:07:78:d8:25:87:9d:b5:53:ab:03:2f:1f:39:f4:63:35:
2e:42:7f:2b:fd:81:68:3f:bc:a2:a2:bd:49:0f:ed:82:f5:60:
72:dd:9a:4c
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUeiJeKOCF1VECFzdOUeOhzb7LknowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDAyMTIxNTU1NDhaFw0yNTAyMTAxNjAwNDhaMDMxMTAvBgNV
BAMTKDBDRDYzODQyQTcxQjg1ODQwMTk3RUQ0OEM5QjgwOTdCODRFNjhBOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw1I/FGcbdXooP1I5ldVtsQGxz
klBb/pp2EYwiU2eMbKg3Mm1TyKF2qZeURdhlcqvZ7K85Fv2j3Hafi4nr6cvsazkZ
K05EBAy3HX3h3bX47anrrrzEs8T0ubJCO4WmXSq5mv554aaKz6TKutWineZIVYZ8
PqbxTjLqr1gztFobgnVATwcerCAaJtvapbQBeZuFAWClj6bCrdpECQB2pnXD4wtx
kAH2vusQ6F1NT3TYGoYkeeELem5/E6Tr08volZHg/9bZAEEcF8R1PqVNsPyENT1O
xk1tOJBthB+wFR9mIMvTna0eik+I11hkCz6T8dboVAubpaKHDK5kWz1v/whhAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUDNY4QqcbhYQBl+1IybgJe4TmipIwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2E2NDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAAA0wDQYJKoZIhvcNAQELBQADggEBAIz4g+8TIr70oifDx1ZRYarxeuI7
g4ulV9GJKdHJUbRpxtndUYDRKRM1sFk/SRzw8muRPOhcbw7vxMXbJzdjR9OuxVjf
FjhGSd1oOuhQm7j8micosYGBJM9GL+ses3T31/faSYjqOuRIGGgM7eaWCFpTdjFT
AR+G94fy01jvtkwTvs2llb+0wW3ktH4kEJqihtBhkXJZXi6F35KG0aEVccfZwX7K
BemS2kCkBZTbjCeS7vNeAqWKSVl2KNZ/XNZyMkR0x+MRo+fgF61LbkZ/f5Ffz2Hs
RqfEgSlpB3jYJYedtVOrAy8fOfRjNS5Cfyv9gWg/vKKivUkP7YL1YHLdmkw=
-----END CERTIFICATE-----
Generated at Tue Apr 30 12:15:34 2024 by rpki-client on console-fra.rpki-client.org