Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31353a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a31353a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: HHLnsJaIER0sTTcTdow5hCrLHGsAg0xMYoH9WM5/5J0=
Subject key identifier: C6:AC:31:76:DF:13:F2:B0:92:F6:23:C6:C7:B4:9C:1B:BC:CF:CA:CD
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 4FA1E5B21B3B3354694267F163B06849692FD62D
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31353a3a2f34382d3438203d3e203239383032.roa
Signing time: Thu 04 Jan 2024 15:55:38 +0000
ROA not before: Thu 04 Jan 2024 15:50:38 +0000
ROA not after: Thu 02 Jan 2025 15:55:38 +0000
asID: 29802
IP address blocks: 2a13:9500:15::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:a1:e5:b2:1b:3b:33:54:69:42:67:f1:63:b0:68:49:69:2f:d6:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Jan 4 15:50:38 2024 GMT
Not After : Jan 2 15:55:38 2025 GMT
Subject: CN=C6AC3176DF13F2B092F623C6C7B49C1BBCCFCACD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:91:7c:10:f0:d6:4b:ab:8d:53:3f:9b:2f:65:
74:74:59:fb:a7:29:6d:bf:00:7a:c3:a8:39:19:fc:
ad:02:c4:0d:b8:ee:a8:35:91:b9:c4:88:2c:81:28:
1c:04:d5:c4:05:da:5f:6e:7b:7a:2e:74:31:07:15:
4d:7c:ff:0a:5b:ad:53:71:2c:7f:ba:3b:63:3e:b9:
77:54:46:61:f5:a7:07:42:30:04:ce:e0:11:c1:2e:
72:58:cc:11:ec:41:27:75:40:eb:3c:05:cb:9d:1b:
a2:72:cf:93:08:87:25:65:ec:a1:c4:a7:95:a5:91:
50:ff:d8:9c:a1:18:18:f7:07:52:12:c2:0c:d3:6d:
ea:0b:d4:8b:66:bc:81:df:94:e1:1c:51:9e:ae:4d:
67:26:84:74:5a:81:ec:a8:f7:cc:88:66:13:92:79:
0c:4b:9f:9b:68:b4:ab:89:1a:96:20:c0:4c:fc:e4:
30:b8:04:88:46:f1:cc:49:b2:a6:96:3f:f2:29:a1:
42:16:14:e4:c3:8c:cf:33:e1:40:02:28:08:fa:f1:
f6:9e:bf:06:7f:0d:aa:bc:42:84:a4:2f:dd:31:dd:
7b:47:83:c1:0c:ca:8a:05:c3:6a:0b:24:b2:ee:38:
3d:b2:d9:28:42:c2:9b:b8:43:63:6e:92:e5:76:a6:
1e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:AC:31:76:DF:13:F2:B0:92:F6:23:C6:C7:B4:9C:1B:BC:CF:CA:CD
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31353a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:15::/48
Signature Algorithm: sha256WithRSAEncryption
6d:69:3d:bb:8b:e9:f4:84:b2:85:06:90:21:6f:da:b3:23:da:
62:6d:86:08:0c:a5:78:ef:db:8c:78:25:04:be:50:ff:d3:ab:
79:b7:3a:c7:05:a2:92:8e:ad:46:61:fb:d4:50:36:c9:bc:55:
84:f1:c6:ca:62:bf:2b:25:0e:89:15:4c:7b:d2:b0:d5:f8:06:
a5:56:4a:6e:b9:b4:11:dd:26:4d:b1:de:f0:a0:9a:bd:1d:3c:
65:7e:37:6d:91:29:de:c0:ea:e1:97:87:16:a8:cf:9f:cb:fd:
09:1a:1f:e5:06:f8:62:0b:d8:8b:e6:3b:b6:e0:41:41:2a:f7:
85:20:a7:c6:51:0c:3e:11:14:ad:e8:5c:2b:42:db:a0:59:6c:
19:3e:ce:9d:fa:c4:69:05:68:88:b4:50:58:db:8e:33:5f:f9:
6b:8a:74:7b:86:1b:46:1b:a9:e6:00:30:b5:c3:07:9b:de:ce:
62:6c:ef:df:49:8e:d8:46:f7:1c:99:35:e7:b0:2f:b4:73:bd:
3e:b2:85:48:64:ac:aa:89:f6:b9:37:3d:a5:36:08:1e:68:71:
ad:9f:ba:f1:5e:72:6d:24:91:cf:c8:dc:d1:07:89:47:0b:93:
23:a7:49:53:6c:05:a7:fd:9d:cc:ef:c5:ac:62:63:2e:67:06:
6e:ad:50:74
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUT6Hlshs7M1RpQmfxY7BoSWkv1i0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDAxMDQxNTUwMzhaFw0yNTAxMDIxNTU1MzhaMDMxMTAvBgNV
BAMTKEM2QUMzMTc2REYxM0YyQjA5MkY2MjNDNkM3QjQ5QzFCQkNDRkNBQ0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZkXwQ8NZLq41TP5svZXR0Wfun
KW2/AHrDqDkZ/K0CxA247qg1kbnEiCyBKBwE1cQF2l9ue3oudDEHFU18/wpbrVNx
LH+6O2M+uXdURmH1pwdCMATO4BHBLnJYzBHsQSd1QOs8BcudG6Jyz5MIhyVl7KHE
p5WlkVD/2JyhGBj3B1ISwgzTbeoL1ItmvIHflOEcUZ6uTWcmhHRageyo98yIZhOS
eQxLn5totKuJGpYgwEz85DC4BIhG8cxJsqaWP/IpoUIWFOTDjM8z4UACKAj68fae
vwZ/Daq8QoSkL90x3XtHg8EMyooFw2oLJLLuOD2y2ShCwpu4Q2NukuV2ph4hAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUxqwxdt8T8rCS9iPGx7ScG7zPys0wHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTM1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoTlQAAFTANBgkqhkiG9w0BAQsFAAOCAQEAbWk9u4vp9ISyhQaQIW/asyPa
Ym2GCAyleO/bjHglBL5Q/9Orebc6xwWiko6tRmH71FA2ybxVhPHGymK/KyUOiRVM
e9Kw1fgGpVZKbrm0Ed0mTbHe8KCavR08ZX43bZEp3sDq4ZeHFqjPn8v9CRof5Qb4
YgvYi+Y7tuBBQSr3hSCnxlEMPhEUrehcK0LboFlsGT7OnfrEaQVoiLRQWNuOM1/5
a4p0e4YbRhup5gAwtcMHm97OYmzv30mO2Eb3HJk157AvtHO9PrKFSGSsqon2uTc9
pTYIHmhxrZ+68V5ybSSRz8jc0QeJRwuTI6dJU2wFp/2dzO/FrGJjLmcGbq1QdA==
-----END CERTIFICATE-----
Generated at Thu May 2 20:05:49 2024 by rpki-client on console-fra.rpki-client.org