Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31303a3a2f34382d3438203d3e2039303039.roa
File: 326131333a393530303a31303a3a2f34382d3438203d3e2039303039.roa (raw, json)
Hash identifier: PzLQFCdYJ510yey4Z2Bp9vIjeAwMPPfzWyPI1/Rst3A=
Subject key identifier: B3:BD:1E:39:0F:03:06:27:31:8F:EB:2A:8B:D0:1F:63:08:D4:8A:BC
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 4369ADFAE6207DB07A679D25B5CA079A406D7A3C
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31303a3a2f34382d3438203d3e2039303039.roa
Signing time: Tue 04 Jun 2024 11:56:36 +0000
ROA not before: Tue 04 Jun 2024 11:51:36 +0000
ROA not after: Tue 03 Jun 2025 11:56:36 +0000
asID: 9009
IP address blocks: 2a13:9500:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:69:ad:fa:e6:20:7d:b0:7a:67:9d:25:b5:ca:07:9a:40:6d:7a:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Jun 4 11:51:36 2024 GMT
Not After : Jun 3 11:56:36 2025 GMT
Subject: CN=B3BD1E390F030627318FEB2A8BD01F6308D48ABC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0e:d8:f5:a5:b0:3e:94:d5:39:8b:5d:cc:df:
31:67:7c:14:7c:92:ea:26:14:bf:40:06:ad:d4:6d:
be:50:82:22:da:58:92:f9:18:0c:76:45:07:6d:25:
7c:10:87:bf:86:19:b9:ad:d6:41:7e:f1:0d:f8:3b:
25:3e:e3:1f:78:a9:d3:aa:a5:a4:d8:b0:a4:fa:f1:
9e:99:bf:2e:3d:77:a1:9d:42:9a:85:15:b7:db:70:
d3:74:b0:b1:d4:4a:f4:08:b0:62:21:82:5a:d7:d8:
fb:0c:e2:4a:a0:20:6a:bd:3b:51:38:1d:28:19:8a:
c0:53:02:89:81:3f:84:0a:4f:ab:13:0a:62:da:c2:
70:f7:13:8d:94:9f:80:e1:6c:b7:3f:0b:d0:aa:3f:
e1:94:74:f6:8a:d3:cb:45:46:48:63:65:f1:1d:ff:
d2:9d:40:e8:19:c9:e6:44:c7:d0:09:c2:79:39:70:
5e:43:4a:4d:9b:12:43:d1:2c:e7:b5:f1:35:cf:88:
1f:22:c7:a2:44:39:32:4a:5f:7f:04:24:bb:9b:e7:
a0:d1:5f:69:9c:cd:44:b2:25:1e:4d:00:ad:36:78:
ad:52:ec:de:e0:36:7e:9b:b6:13:41:45:aa:11:29:
7c:e2:af:41:8c:b4:97:be:e0:2d:b6:17:17:d4:d6:
cf:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:BD:1E:39:0F:03:06:27:31:8F:EB:2A:8B:D0:1F:63:08:D4:8A:BC
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31303a3a2f34382d3438203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:10::/48
Signature Algorithm: sha256WithRSAEncryption
5a:1e:20:ba:45:85:da:8c:8b:5b:0a:f9:e3:3a:f9:a3:62:56:
26:47:1e:c2:9b:0b:56:1a:1d:95:2a:da:06:c1:47:1c:db:d4:
2a:79:c8:eb:d5:30:b1:b4:a1:74:83:87:04:4d:3e:b6:26:3c:
61:19:7a:e3:78:46:41:85:44:aa:e9:ca:93:64:d9:80:52:7c:
d4:9e:a5:7a:3a:e1:33:51:34:c9:67:54:fd:eb:62:70:30:6a:
4a:08:fb:30:ca:64:8a:a7:c3:52:a9:64:74:8e:a7:12:7a:42:
cf:f6:42:80:93:57:3a:9d:af:e9:30:af:a4:c7:6e:92:bb:d6:
95:cd:fb:0f:af:2e:ed:9f:98:3b:75:4a:22:07:58:ab:66:e9:
5c:1d:4a:f3:1a:ce:3a:72:fd:ae:f0:3e:46:8f:bb:ad:03:50:
3d:72:ab:b6:b5:24:49:87:46:73:d9:e2:a4:53:eb:43:df:de:
17:ba:4d:a5:16:7a:93:0e:ec:db:9f:b3:5d:02:69:04:bd:32:
7f:9f:fa:f8:ab:72:0b:a8:b0:3f:6f:ae:29:f6:ca:30:77:03:
56:c5:bb:30:99:59:67:4c:a9:ed:f0:bd:08:b1:71:cc:67:d8:
6b:fd:2d:54:a2:fc:0f:5e:58:d0:78:d9:16:8f:f4:16:75:c4:
a5:5a:bf:9d
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUQ2mt+uYgfbB6Z50ltcoHmkBtejwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDA2MDQxMTUxMzZaFw0yNTA2MDMxMTU2MzZaMDMxMTAvBgNV
BAMTKEIzQkQxRTM5MEYwMzA2MjczMThGRUIyQThCRDAxRjYzMDhENDhBQkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlDtj1pbA+lNU5i13M3zFnfBR8
kuomFL9ABq3Ubb5QgiLaWJL5GAx2RQdtJXwQh7+GGbmt1kF+8Q34OyU+4x94qdOq
paTYsKT68Z6Zvy49d6GdQpqFFbfbcNN0sLHUSvQIsGIhglrX2PsM4kqgIGq9O1E4
HSgZisBTAomBP4QKT6sTCmLawnD3E42Un4DhbLc/C9CqP+GUdPaK08tFRkhjZfEd
/9KdQOgZyeZEx9AJwnk5cF5DSk2bEkPRLOe18TXPiB8ix6JEOTJKX38EJLub56DR
X2mczUSyJR5NAK02eK1S7N7gNn6bthNBRaoRKXzir0GMtJe+4C22FxfU1s9vAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUs70eOQ8DBicxj+sqi9AfYwjUirwwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzkzMDMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAABAwDQYJKoZIhvcNAQELBQADggEBAFoeILpFhdqMi1sK+eM6+aNiViZH
HsKbC1YaHZUq2gbBRxzb1Cp5yOvVMLG0oXSDhwRNPrYmPGEZeuN4RkGFRKrpypNk
2YBSfNSepXo64TNRNMlnVP3rYnAwakoI+zDKZIqnw1KpZHSOpxJ6Qs/2QoCTVzqd
r+kwr6THbpK71pXN+w+vLu2fmDt1SiIHWKtm6VwdSvMazjpy/a7wPkaPu60DUD1y
q7a1JEmHRnPZ4qRT60Pf3he6TaUWepMO7Nufs10CaQS9Mn+f+vircguosD9vrin2
yjB3A1bFuzCZWWdMqe3wvQixccxn2Gv9LVSi/A9eWNB42RaP9BZ1xKVav50=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:59:20 2024 by rpki-client on console-fra.rpki-client.org