Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a663a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a663a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: PPwqD9ZmZTPD7zitvEsC/3XbZ9O10BqTcc2ydQ5G5Qg=
Subject key identifier: BF:76:58:F0:D6:19:9E:C7:78:0F:8E:34:75:A3:8E:B2:97:A8:1B:49
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 67B80BCE1714572E0B4BF41BEDF461F52E6BF401
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a663a3a2f34382d3438203d3e203239383032.roa
Signing time: Mon 12 Feb 2024 16:01:03 +0000
ROA not before: Mon 12 Feb 2024 15:56:03 +0000
ROA not after: Mon 10 Feb 2025 16:01:03 +0000
asID: 29802
IP address blocks: 2a13:9500:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:b8:0b:ce:17:14:57:2e:0b:4b:f4:1b:ed:f4:61:f5:2e:6b:f4:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Feb 12 15:56:03 2024 GMT
Not After : Feb 10 16:01:03 2025 GMT
Subject: CN=BF7658F0D6199EC7780F8E3475A38EB297A81B49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:af:e9:81:29:eb:65:11:89:b8:4d:b3:22:46:
a3:89:26:c0:97:8a:9d:53:3b:4d:6b:1f:fd:ef:db:
c0:7d:a0:f4:55:6e:b7:c4:41:c9:bd:bd:c1:b5:e5:
21:43:0a:b3:51:9a:5c:b2:d9:96:14:6d:41:94:36:
fa:80:59:04:b0:48:b6:e9:6a:19:86:93:d5:85:e4:
3e:8c:1e:4e:2d:b5:a7:ec:60:2d:b9:c6:50:70:11:
f6:a7:6f:93:25:b0:81:87:18:8f:0f:ef:ee:42:88:
07:a6:c7:5a:23:9c:5e:84:8f:61:6a:03:f5:9c:1b:
ea:d1:22:40:7c:65:8a:c0:48:4e:29:7a:25:46:91:
25:65:69:b9:fa:97:aa:6c:9c:a2:4d:88:32:0e:4a:
ec:b8:82:b8:a6:16:2f:fb:b8:04:7b:bd:95:c7:56:
49:99:c9:e6:04:94:e6:ba:5a:a8:c1:21:0e:45:c2:
30:98:e9:e4:cf:dc:18:fb:f7:76:6b:2c:cc:ab:e0:
a5:ed:50:36:fb:cc:53:28:5a:86:b4:60:0f:38:cc:
2c:8f:94:48:ce:58:73:8a:93:5c:a7:0e:ec:a2:6d:
41:a0:e6:7e:1f:b4:11:fd:e6:91:11:bf:ec:27:3d:
ed:5b:59:8d:14:b1:01:e2:52:f7:7d:15:3b:c1:89:
04:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:76:58:F0:D6:19:9E:C7:78:0F:8E:34:75:A3:8E:B2:97:A8:1B:49
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a663a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:f::/48
Signature Algorithm: sha256WithRSAEncryption
58:55:7f:9c:45:77:4a:37:9f:17:4d:87:70:2d:cf:3f:00:9e:
56:6c:9e:88:15:16:6e:d0:74:55:c0:4e:0f:28:d7:f4:f8:a8:
61:cf:56:0b:9d:07:8f:43:e5:e0:b5:b7:c1:4b:1d:5f:4d:77:
d6:de:90:c4:f8:b3:9a:2d:90:dd:fc:d1:3f:36:c6:6f:a8:60:
64:09:d2:28:64:0d:35:2a:51:5f:28:41:d6:f2:13:64:d7:7b:
6f:72:25:f2:61:80:ca:70:bb:b5:df:65:ad:84:8e:dc:7a:54:
b5:3b:7c:3d:49:44:33:49:a2:72:87:75:83:90:d1:61:77:e6:
58:12:19:9d:18:aa:49:8a:a7:43:14:b4:d7:4d:64:45:14:92:
34:f2:de:28:4b:e4:1f:04:9b:20:7d:15:86:bc:3a:cb:e1:7d:
14:4d:34:fc:da:9d:f8:c5:76:ab:f6:19:3c:6e:72:28:b2:a7:
41:62:a0:1c:85:cc:28:f9:01:9e:89:b7:e9:9f:a0:92:c7:b0:
72:5c:d7:ab:7b:8e:68:7c:ac:c4:53:cf:fb:0e:87:d8:de:87:
ea:1a:3d:6a:8c:0c:0a:9c:cb:30:2f:94:66:a1:69:f3:a3:d3:
b3:b8:51:ca:42:27:10:9c:4c:e7:b2:19:40:57:fc:28:40:4b:
fe:7a:11:23
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUZ7gLzhcUVy4LS/Qb7fRh9S5r9AEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDAyMTIxNTU2MDNaFw0yNTAyMTAxNjAxMDNaMDMxMTAvBgNV
BAMTKEJGNzY1OEYwRDYxOTlFQzc3ODBGOEUzNDc1QTM4RUIyOTdBODFCNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCer+mBKetlEYm4TbMiRqOJJsCX
ip1TO01rH/3v28B9oPRVbrfEQcm9vcG15SFDCrNRmlyy2ZYUbUGUNvqAWQSwSLbp
ahmGk9WF5D6MHk4ttafsYC25xlBwEfanb5MlsIGHGI8P7+5CiAemx1ojnF6Ej2Fq
A/WcG+rRIkB8ZYrASE4peiVGkSVlabn6l6psnKJNiDIOSuy4grimFi/7uAR7vZXH
VkmZyeYElOa6WqjBIQ5FwjCY6eTP3Bj793ZrLMyr4KXtUDb7zFMoWoa0YA84zCyP
lEjOWHOKk1ynDuyibUGg5n4ftBH95pERv+wnPe1bWY0UsQHiUvd9FTvBiQQ/AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUv3ZY8NYZnsd4D440daOOspeoG0kwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2E2NjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAAA8wDQYJKoZIhvcNAQELBQADggEBAFhVf5xFd0o3nxdNh3Atzz8AnlZs
nogVFm7QdFXATg8o1/T4qGHPVgudB49D5eC1t8FLHV9Nd9bekMT4s5otkN380T82
xm+oYGQJ0ihkDTUqUV8oQdbyE2TXe29yJfJhgMpwu7XfZa2Ejtx6VLU7fD1JRDNJ
onKHdYOQ0WF35lgSGZ0YqkmKp0MUtNdNZEUUkjTy3ihL5B8EmyB9FYa8OsvhfRRN
NPzanfjFdqv2GTxuciiyp0FioByFzCj5AZ6Jt+mfoJLHsHJc16t7jmh8rMRTz/sO
h9jeh+oaPWqMDAqcyzAvlGahafOj07O4UcpCJxCcTOeyGUBX/ChAS/56ESM=
-----END CERTIFICATE-----
Generated at Tue Apr 30 12:15:34 2024 by rpki-client on console-fra.rpki-client.org