Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/326130303a386530303a313a3a2f34382d3438203d3e203230373132.roa
File: 326130303a386530303a313a3a2f34382d3438203d3e203230373132.roa (raw, json)
Hash identifier: 3UlnCQXkfXu+2GZ5Bl7s6bSNz4Mx8TSa01kcYDPKMyM=
Subject key identifier: CF:4E:FA:A2:BB:FE:57:AF:6A:A5:0F:A3:82:40:58:AD:34:08:5D:EF
Certificate issuer: /CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Certificate serial: 69CDF7A29AB6DBB0502423386D3A4A9FBD967F3F
Authority key identifier: F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/326130303a386530303a313a3a2f34382d3438203d3e203230373132.roa
Signing time: Sat 11 Nov 2023 18:07:33 +0000
ROA not before: Sat 11 Nov 2023 18:02:33 +0000
ROA not after: Sat 09 Nov 2024 18:07:33 +0000
asID: 20712
IP address blocks: 2a00:8e00:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.mft
rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:cd:f7:a2:9a:b6:db:b0:50:24:23:38:6d:3a:4a:9f:bd:96:7f:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Validity
Not Before: Nov 11 18:02:33 2023 GMT
Not After : Nov 9 18:07:33 2024 GMT
Subject: CN=CF4EFAA2BBFE57AF6AA50FA3824058AD34085DEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4f:ee:00:30:a0:f8:33:71:2b:9e:ee:ee:a7:
e6:b1:ff:46:60:75:3d:a4:cd:82:aa:33:b5:41:ee:
00:5a:c8:25:38:af:89:7c:6b:66:ba:31:c3:29:69:
84:ce:b5:b3:cd:92:d3:fd:10:f6:0e:49:fb:f1:e0:
12:1e:7d:40:1b:80:8c:67:5b:fb:cf:cd:34:20:1e:
bb:5e:db:2a:23:4f:5f:38:01:9a:6a:6a:82:1d:d3:
0b:a5:07:ee:66:c1:0f:b0:4c:07:9b:89:db:0d:06:
cf:33:c7:92:13:ab:f8:cb:80:b2:27:38:39:aa:21:
6b:be:4d:b6:d0:55:2b:ae:bc:bb:69:21:d4:8e:c2:
63:a6:90:c7:86:72:84:88:2a:64:b2:aa:1b:ee:99:
5b:68:4e:e5:90:14:75:37:bd:94:5c:39:2a:ea:74:
c6:44:f3:fb:0a:75:c2:fa:b0:38:87:7f:a7:1d:b4:
17:05:ff:67:b5:a1:2d:d5:3e:48:7d:75:aa:b5:59:
83:77:b4:1f:04:32:fc:ec:88:8f:bd:47:93:a6:6b:
31:80:af:3c:7c:88:f8:e6:9f:2c:aa:2d:d0:f7:62:
04:2d:5d:74:1e:8d:67:26:07:35:16:c0:54:d2:f7:
8a:52:10:52:ea:c5:33:e2:fa:40:3e:db:40:d1:48:
8e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:4E:FA:A2:BB:FE:57:AF:6A:A5:0F:A3:82:40:58:AD:34:08:5D:EF
X509v3 Authority Key Identifier:
keyid:F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/326130303a386530303a313a3a2f34382d3438203d3e203230373132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:8e00:1::/48
Signature Algorithm: sha256WithRSAEncryption
d4:ea:ba:7f:7b:17:4c:96:7c:9d:b9:9d:46:10:c8:40:18:f5:
b7:3a:01:53:45:56:ac:e5:80:a2:e2:30:c3:7e:12:bf:92:e7:
db:36:75:92:9f:05:31:6b:e4:9b:ef:cf:1d:8b:80:0b:58:74:
b3:ce:b9:73:2a:39:3d:25:b3:e4:51:0b:2d:d0:be:96:6b:ba:
02:2d:bf:ee:e6:0b:35:b9:4e:7c:69:0d:8a:68:20:af:47:43:
91:82:2f:84:7f:b8:42:5d:90:e6:6b:e9:bb:8c:7f:19:75:c3:
7a:db:c8:cb:ee:69:95:4e:fe:e0:9f:24:a7:82:64:dd:7f:dc:
7f:f4:ae:ec:65:9a:65:51:82:dd:07:0d:05:79:e8:44:ee:25:
37:ef:0c:fb:00:c1:26:64:22:60:3f:16:d8:69:4e:7e:91:75:
7d:26:fe:b4:3f:de:ce:e4:c1:67:22:b2:94:7e:8d:eb:e5:8c:
58:19:81:fe:61:5d:d9:bc:c3:b4:12:b0:7f:e1:4b:dd:29:8e:
e6:e8:40:15:27:8d:28:9d:1a:05:5f:c7:2e:c3:a2:aa:8c:78:
3b:17:56:52:77:aa:98:ad:b5:cd:34:45:f5:a6:02:d2:07:76:
4f:fa:ae:32:1c:1c:70:c3:0f:70:30:6a:78:71:dd:94:2d:9f:
ae:eb:bf:72
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUac33opq227BQJCM4bTpKn72Wfz8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjI5ZmJhYjRkYjg2N2Y2YmQ5YTdlZmY2YWE1NWQ5OGMx
NjJlMWFhZDAeFw0yMzExMTExODAyMzNaFw0yNDExMDkxODA3MzNaMDMxMTAvBgNV
BAMTKENGNEVGQUEyQkJGRTU3QUY2QUE1MEZBMzgyNDA1OEFEMzQwODVERUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIT+4AMKD4M3Ernu7up+ax/0Zg
dT2kzYKqM7VB7gBayCU4r4l8a2a6McMpaYTOtbPNktP9EPYOSfvx4BIefUAbgIxn
W/vPzTQgHrte2yojT184AZpqaoId0wulB+5mwQ+wTAebidsNBs8zx5ITq/jLgLIn
ODmqIWu+TbbQVSuuvLtpIdSOwmOmkMeGcoSIKmSyqhvumVtoTuWQFHU3vZRcOSrq
dMZE8/sKdcL6sDiHf6cdtBcF/2e1oS3VPkh9daq1WYN3tB8EMvzsiI+9R5OmazGA
rzx8iPjmnyyqLdD3YgQtXXQejWcmBzUWwFTS94pSEFLqxTPi+kA+20DRSI63AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUz076orv+V69qpQ+jgkBYrTQIXe8wHwYDVR0j
BBgwFoAU8p+6tNuGf2vZp+/2qlXZjBYuGq0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQtM2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0
OTEyLzAvRjI5RkJBQjREQjg2N0Y2QkQ5QTdFRkY2QUE1NUQ5OEMxNjJFMUFBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhwLTZ0TnVHZjJ2WnAtXzJxbFhaakJZ
dUdxMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQt
M2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0OTEyLzAvMzI2MTMwMzAzYTM4NjUzMDMw
M2EzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNzMxMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqAI4AAAEwDQYJKoZIhvcNAQELBQADggEBANTqun97F0yWfJ25nUYQyEAY9bc6
AVNFVqzlgKLiMMN+Er+S59s2dZKfBTFr5Jvvzx2LgAtYdLPOuXMqOT0ls+RRCy3Q
vpZrugItv+7mCzW5TnxpDYpoIK9HQ5GCL4R/uEJdkOZr6buMfxl1w3rbyMvuaZVO
/uCfJKeCZN1/3H/0ruxlmmVRgt0HDQV56ETuJTfvDPsAwSZkImA/FthpTn6RdX0m
/rQ/3s7kwWcispR+jevljFgZgf5hXdm8w7QSsH/hS90pjuboQBUnjSidGgVfxy7D
oqqMeDsXVlJ3qpittc00RfWmAtIHdk/6rjIcHHDDD3Awanhx3ZQtn67rv3I=
-----END CERTIFICATE-----
Generated at Fri May 17 07:36:28 2024 by rpki-client on console-fra.rpki-client.org