Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31373a3a2f34382d3438203d3e2039303039.roa
File: 326131333a393530303a31373a3a2f34382d3438203d3e2039303039.roa (raw, json)
Hash identifier: TxdxBuzEGfc1MqnBnevVzF1RJ8+8a6z6nvUIoiEnGK8=
Subject key identifier: DA:EA:B8:78:04:68:B3:5A:5E:7C:5F:4F:F2:CD:A5:82:09:0D:21:80
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 2AE21A899F0FB3FCC16561B53CF04A42AB684FCB
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31373a3a2f34382d3438203d3e2039303039.roa
Signing time: Wed 29 May 2024 09:29:13 +0000
ROA not before: Wed 29 May 2024 09:24:13 +0000
ROA not after: Wed 28 May 2025 09:29:13 +0000
asID: 9009
IP address blocks: 2a13:9500:17::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:e2:1a:89:9f:0f:b3:fc:c1:65:61:b5:3c:f0:4a:42:ab:68:4f:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: May 29 09:24:13 2024 GMT
Not After : May 28 09:29:13 2025 GMT
Subject: CN=DAEAB8780468B35A5E7C5F4FF2CDA582090D2180
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:04:d1:54:6d:dd:29:9b:1a:ab:30:f1:c7:aa:
bc:a4:28:00:7c:48:f0:cd:b4:5a:aa:74:9f:47:31:
6c:ff:ba:a1:e2:83:eb:c0:d0:0d:b4:2e:de:d7:db:
a2:9f:e2:4e:ab:c1:80:e3:90:90:2e:a6:5c:6f:a0:
fe:d9:be:6c:67:a6:6e:27:5f:f8:27:a1:f7:78:9f:
0c:f7:b2:8f:04:19:31:19:a7:9c:b8:18:f5:c2:09:
da:8a:f4:f3:81:b0:e8:b3:2f:69:f0:9d:b2:89:fe:
f7:21:13:5f:8a:f7:be:e2:dc:61:e7:e7:12:54:f1:
59:a6:9e:d6:3d:46:d9:e2:8d:56:a9:cf:c8:0c:b9:
03:5f:f5:14:01:8e:76:3e:7e:5f:5f:94:98:71:c4:
2a:19:a4:03:ec:e3:83:cf:f4:21:20:50:dc:90:0c:
1b:4f:87:fc:5b:8b:3f:a2:f4:4d:e9:cb:40:46:2e:
11:44:67:74:40:41:33:50:f9:b0:eb:e5:07:ff:30:
93:b0:61:9c:6d:7d:3c:08:6a:9d:8c:cb:4e:40:b3:
32:07:99:1f:55:3c:6f:11:83:f7:e1:81:12:92:4a:
42:9b:e7:ff:71:4b:d4:ec:1a:66:fd:69:63:db:a8:
32:d2:a8:f8:4c:91:61:36:3c:44:99:51:5b:7d:52:
eb:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:EA:B8:78:04:68:B3:5A:5E:7C:5F:4F:F2:CD:A5:82:09:0D:21:80
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31373a3a2f34382d3438203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:17::/48
Signature Algorithm: sha256WithRSAEncryption
9e:c5:74:1a:79:6c:3e:40:e9:58:3a:09:3a:ec:66:41:25:a5:
04:b3:12:19:f9:0e:e6:a4:fe:c9:9c:3b:44:07:7d:5c:a9:90:
76:bf:0e:b0:a3:f9:3a:3e:27:86:fc:74:2f:14:19:fb:f0:89:
43:ff:7f:3d:ac:5a:cf:38:16:f0:c2:10:0c:7b:65:db:f7:0e:
0c:ad:5c:90:1a:d6:42:5e:d5:fe:16:27:c2:c2:a7:24:ec:68:
69:c6:8c:75:c1:92:eb:b2:12:bd:e2:bf:bc:ef:04:2c:c5:90:
17:1b:76:fb:a2:d0:a2:6a:8d:8e:15:fd:3c:ee:b0:5f:d2:ee:
73:77:c3:a3:4e:2a:ea:2b:67:6b:c1:aa:f7:66:7d:a5:cd:ab:
96:a5:93:fa:cd:0b:97:8c:36:66:3b:7b:ec:48:c0:5a:b8:50:
78:eb:51:cf:9d:c6:7e:ea:72:45:3d:79:12:e2:4a:8c:8b:86:
93:e4:85:2b:d8:25:5e:1d:27:03:ca:29:cb:60:11:bf:dc:9a:
ca:13:2e:19:f3:26:f1:b6:83:69:f5:2a:22:dd:92:91:03:e7:
9a:cd:6b:aa:c9:2a:a7:87:b1:29:ef:c5:65:33:29:75:2c:19:
f6:68:c2:8a:21:1b:b5:55:80:7c:36:b0:52:40:58:67:48:b3:
34:50:2f:af
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUKuIaiZ8Ps/zBZWG1PPBKQqtoT8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDA1MjkwOTI0MTNaFw0yNTA1MjgwOTI5MTNaMDMxMTAvBgNV
BAMTKERBRUFCODc4MDQ2OEIzNUE1RTdDNUY0RkYyQ0RBNTgyMDkwRDIxODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVBNFUbd0pmxqrMPHHqrykKAB8
SPDNtFqqdJ9HMWz/uqHig+vA0A20Lt7X26Kf4k6rwYDjkJAuplxvoP7Zvmxnpm4n
X/gnofd4nwz3so8EGTEZp5y4GPXCCdqK9POBsOizL2nwnbKJ/vchE1+K977i3GHn
5xJU8VmmntY9RtnijVapz8gMuQNf9RQBjnY+fl9flJhxxCoZpAPs44PP9CEgUNyQ
DBtPh/xbiz+i9E3py0BGLhFEZ3RAQTNQ+bDr5Qf/MJOwYZxtfTwIap2My05AszIH
mR9VPG8Rg/fhgRKSSkKb5/9xS9TsGmb9aWPbqDLSqPhMkWE2PESZUVt9UuuXAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU2uq4eARos1pefF9P8s2lggkNIYAwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTM3M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzkzMDMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAABcwDQYJKoZIhvcNAQELBQADggEBAJ7FdBp5bD5A6Vg6CTrsZkElpQSz
Ehn5Duak/smcO0QHfVypkHa/DrCj+To+J4b8dC8UGfvwiUP/fz2sWs84FvDCEAx7
Zdv3DgytXJAa1kJe1f4WJ8LCpyTsaGnGjHXBkuuyEr3iv7zvBCzFkBcbdvui0KJq
jY4V/TzusF/S7nN3w6NOKuorZ2vBqvdmfaXNq5alk/rNC5eMNmY7e+xIwFq4UHjr
Uc+dxn7qckU9eRLiSoyLhpPkhSvYJV4dJwPKKctgEb/cmsoTLhnzJvG2g2n1KiLd
kpED55rNa6rJKqeHsSnvxWUzKXUsGfZowoohG7VVgHw2sFJAWGdIszRQL68=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:59:20 2024 by rpki-client on console-fra.rpki-client.org