Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31333a3a2f34382d3438203d3e2039303039.roa
File: 326131333a393530303a31333a3a2f34382d3438203d3e2039303039.roa (raw, json)
Hash identifier: keYmBA/O3mQVVkRMSqdRaJ2d5PYeeAMbkagP150/DbY=
Subject key identifier: AF:CE:96:00:F8:C6:62:23:B3:87:15:EA:8D:87:53:D0:F2:95:EA:C8
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 45E8E38887F2F70597C898BEC7617543E44B1A1E
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31333a3a2f34382d3438203d3e2039303039.roa
Signing time: Wed 15 May 2024 12:02:36 +0000
ROA not before: Wed 15 May 2024 11:57:36 +0000
ROA not after: Wed 14 May 2025 12:02:36 +0000
asID: 9009
IP address blocks: 2a13:9500:13::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:e8:e3:88:87:f2:f7:05:97:c8:98:be:c7:61:75:43:e4:4b:1a:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: May 15 11:57:36 2024 GMT
Not After : May 14 12:02:36 2025 GMT
Subject: CN=AFCE9600F8C66223B38715EA8D8753D0F295EAC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:29:b1:de:85:0a:07:4c:ca:a4:4a:25:87:32:
5e:05:90:bf:00:86:d5:f3:d5:bd:18:f3:7e:88:67:
76:f3:3c:aa:2e:43:5d:d6:3d:85:0c:70:91:b3:83:
ff:b1:f3:81:15:e6:77:f9:13:b3:69:ef:d7:1a:c5:
70:fc:c8:7b:eb:8c:04:81:6a:e3:39:85:d1:60:42:
ad:15:bc:cb:c9:ff:44:58:81:0c:fc:cd:b8:49:03:
32:28:42:76:51:32:d7:58:be:bf:08:34:c4:27:b9:
85:8f:ae:c0:5e:47:10:5a:d7:32:4e:1f:f0:6e:71:
c4:e9:3d:14:21:c7:6a:eb:da:1a:ee:c4:2d:9d:67:
d1:d5:c5:6a:75:9d:e7:58:91:ef:75:68:5c:54:ff:
a6:04:ab:1c:b8:d9:a9:b1:77:ea:02:4c:12:0f:50:
36:ad:c3:d2:56:f4:c6:be:e7:18:48:8f:d1:85:1e:
f2:0e:4c:ab:46:89:43:16:f2:32:5c:dc:6d:3d:ba:
e2:9e:6d:0d:84:8c:6e:1f:44:c5:5a:dd:0c:9b:b3:
1f:ac:c3:e0:65:42:3d:30:70:2c:91:a7:88:d5:91:
4d:8b:de:15:02:ea:22:5b:8a:9d:a9:c5:ff:68:13:
7e:bb:1a:e1:47:82:83:21:d8:4b:45:a5:e9:28:fa:
54:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:CE:96:00:F8:C6:62:23:B3:87:15:EA:8D:87:53:D0:F2:95:EA:C8
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31333a3a2f34382d3438203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:13::/48
Signature Algorithm: sha256WithRSAEncryption
48:33:75:6a:81:b2:0a:5c:ee:de:d3:2f:59:d6:73:61:92:17:
7e:38:13:96:31:fc:b7:33:e0:09:f4:d2:d0:94:c1:59:a9:c2:
57:b9:09:01:ad:bc:fd:90:41:59:20:56:6c:b0:64:e0:69:36:
32:fb:56:58:52:cd:0c:ec:38:7a:eb:31:aa:6e:77:7a:66:98:
fd:93:1b:ff:c7:a8:fa:87:f6:70:2d:32:52:40:a6:a4:5d:96:
e7:a0:e0:d3:bb:d5:7c:f2:39:c3:c8:c3:54:59:9f:cb:64:b0:
af:99:37:a5:37:c7:e6:dd:b3:f7:0f:75:7a:4c:ab:b9:ed:ed:
eb:60:f8:ff:b0:28:41:df:a4:f5:a7:0e:93:08:2c:cf:19:a8:
06:cc:a8:0b:fe:d0:9e:c8:ee:39:c0:3c:75:d2:8d:5e:74:af:
c0:7d:81:b4:45:d5:7a:49:68:e4:12:9a:a2:84:08:27:31:27:
5a:ca:18:f9:8f:73:01:60:06:51:a8:68:bf:d4:03:cf:68:72:
6f:c5:7a:73:22:c5:b7:85:c1:bb:48:0e:df:77:c1:84:7c:66:
18:cb:7f:3a:b1:5b:d8:57:9e:d7:c0:d0:d0:93:2d:b9:85:7f:
66:99:ce:a7:df:30:44:ae:fa:90:84:a8:3e:93:17:6e:e6:a6:
09:2f:d0:97
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIURejjiIfy9wWXyJi+x2F1Q+RLGh4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDA1MTUxMTU3MzZaFw0yNTA1MTQxMjAyMzZaMDMxMTAvBgNV
BAMTKEFGQ0U5NjAwRjhDNjYyMjNCMzg3MTVFQThEODc1M0QwRjI5NUVBQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyKbHehQoHTMqkSiWHMl4FkL8A
htXz1b0Y836IZ3bzPKouQ13WPYUMcJGzg/+x84EV5nf5E7Np79caxXD8yHvrjASB
auM5hdFgQq0VvMvJ/0RYgQz8zbhJAzIoQnZRMtdYvr8INMQnuYWPrsBeRxBa1zJO
H/BuccTpPRQhx2rr2hruxC2dZ9HVxWp1nedYke91aFxU/6YEqxy42amxd+oCTBIP
UDatw9JW9Ma+5xhIj9GFHvIOTKtGiUMW8jJc3G09uuKebQ2EjG4fRMVa3Qybsx+s
w+BlQj0wcCyRp4jVkU2L3hUC6iJbip2pxf9oE367GuFHgoMh2EtFpeko+lSNAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUr86WAPjGYiOzhxXqjYdT0PKV6sgwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzkzMDMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAABMwDQYJKoZIhvcNAQELBQADggEBAEgzdWqBsgpc7t7TL1nWc2GSF344
E5Yx/Lcz4An00tCUwVmpwle5CQGtvP2QQVkgVmywZOBpNjL7VlhSzQzsOHrrMapu
d3pmmP2TG//HqPqH9nAtMlJApqRdlueg4NO71XzyOcPIw1RZn8tksK+ZN6U3x+bd
s/cPdXpMq7nt7etg+P+wKEHfpPWnDpMILM8ZqAbMqAv+0J7I7jnAPHXSjV50r8B9
gbRF1XpJaOQSmqKECCcxJ1rKGPmPcwFgBlGoaL/UA89ocm/FenMixbeFwbtIDt93
wYR8ZhjLfzqxW9hXntfA0NCTLbmFf2aZzqffMESu+pCEqD6TF27mpgkv0Jc=
-----END CERTIFICATE-----
Generated at Thu Nov 21 06:13:28 2024 by rpki-client on console-ams.rpki-client.org