Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31653a3a2f34382d3438203d3e20333936333536.roa
File: 326131333a393530303a31653a3a2f34382d3438203d3e20333936333536.roa (raw, json)
Hash identifier: Dioo5O/pJPhMRMj2c/nQiZllVoySUeO16bRXvJ9aP/0=
Subject key identifier: 7F:2E:0C:C5:71:D6:06:BA:97:6D:E3:A1:B9:B9:BC:75:3E:73:D5:F3
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 43BE456AB2984662F91FD9CC46E3CB80A2140A5B
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31653a3a2f34382d3438203d3e20333936333536.roa
Signing time: Tue 11 Jun 2024 10:02:04 +0000
ROA not before: Tue 11 Jun 2024 09:57:04 +0000
ROA not after: Tue 10 Jun 2025 10:02:04 +0000
asID: 396356
IP address blocks: 2a13:9500:1e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:be:45:6a:b2:98:46:62:f9:1f:d9:cc:46:e3:cb:80:a2:14:0a:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Jun 11 09:57:04 2024 GMT
Not After : Jun 10 10:02:04 2025 GMT
Subject: CN=7F2E0CC571D606BA976DE3A1B9B9BC753E73D5F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:83:a8:ed:3f:0a:71:bd:3b:0c:b6:74:f2:92:
53:eb:31:07:74:f2:75:10:f3:94:99:72:27:7e:27:
48:aa:ab:dd:b7:8f:04:d3:0f:80:7e:cb:5a:92:ac:
ca:1c:74:9c:95:ef:38:3c:9a:e5:2e:8f:4a:df:fd:
e0:3f:31:ae:5a:93:b4:cf:56:64:92:6e:82:49:dd:
bf:e1:d3:6c:92:37:25:d0:69:ce:e2:ed:8b:ee:13:
78:15:0b:11:30:e3:98:19:96:87:9a:e0:5c:8f:13:
4d:1c:1e:a3:7e:9a:c2:cb:6a:7a:cd:2a:a5:0f:2c:
c0:9c:c0:b8:38:56:b3:6f:92:63:d9:dd:10:5d:57:
b4:65:48:e2:fe:b6:ea:67:36:e7:2a:39:b5:ab:af:
f8:51:04:0e:c1:81:ee:62:e1:f0:e9:77:58:8c:5f:
94:30:e7:6f:74:69:20:2f:5e:f1:c7:c2:a3:c5:08:
7c:01:0f:57:88:f2:a8:0c:e1:85:42:25:b3:35:aa:
a9:eb:7a:d9:8b:f9:15:45:e5:92:61:e3:7f:84:9d:
84:a9:69:ec:5e:60:a2:e9:2e:a3:e8:0c:66:13:25:
1b:30:8d:d4:94:c7:30:3a:e3:d6:5d:f7:aa:31:f8:
87:20:87:6f:2e:38:b1:30:4c:6a:11:76:34:54:ec:
76:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:2E:0C:C5:71:D6:06:BA:97:6D:E3:A1:B9:B9:BC:75:3E:73:D5:F3
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a31653a3a2f34382d3438203d3e20333936333536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:1e::/48
Signature Algorithm: sha256WithRSAEncryption
4d:a0:6a:bb:ff:e3:a1:9e:d2:da:7b:3b:fa:af:5b:38:18:c5:
65:b6:f8:9a:79:25:f3:a8:73:57:33:07:9d:2a:d8:ad:23:f0:
50:49:af:dd:a4:f6:2e:43:b3:27:0f:7e:55:2e:19:a9:33:15:
3e:7f:43:bb:7a:94:04:c6:fd:19:7e:58:dd:d8:5b:7b:5c:34:
96:a7:7a:40:55:06:be:b4:9e:bc:a1:3e:b8:c7:d1:db:76:1d:
53:03:d6:0c:98:a7:a6:23:96:36:5f:bd:85:67:97:5f:d0:41:
5d:52:80:b5:bc:d2:1b:36:98:14:e5:75:0c:a7:8e:cb:af:e5:
2c:15:71:71:f0:91:70:4c:cb:da:8f:5e:cb:e5:02:3d:e9:87:
10:fc:70:37:44:1f:c1:97:7d:fd:0f:4b:97:a3:8d:44:cf:51:
29:e3:0b:e0:0d:41:1e:e4:2b:14:02:55:25:77:43:73:24:e1:
8b:fd:3a:50:fa:6f:53:ca:ed:ce:e9:30:7c:c4:6f:3a:b4:32:
f4:f3:20:22:07:66:cb:2c:30:de:6a:48:31:dd:77:f6:ab:25:
78:73:fb:87:b3:33:9b:89:d9:c3:49:42:85:b1:d1:5e:cd:dc:
14:32:d7:9e:20:22:a3:f5:c8:0c:84:2e:b2:87:92:66:5d:af:
ea:e5:d3:de
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUQ75FarKYRmL5H9nMRuPLgKIUClswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDA2MTEwOTU3MDRaFw0yNTA2MTAxMDAyMDRaMDMxMTAvBgNV
BAMTKDdGMkUwQ0M1NzFENjA2QkE5NzZERTNBMUI5QjlCQzc1M0U3M0Q1RjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0g6jtPwpxvTsMtnTyklPrMQd0
8nUQ85SZcid+J0iqq923jwTTD4B+y1qSrMocdJyV7zg8muUuj0rf/eA/Ma5ak7TP
VmSSboJJ3b/h02ySNyXQac7i7YvuE3gVCxEw45gZloea4FyPE00cHqN+msLLanrN
KqUPLMCcwLg4VrNvkmPZ3RBdV7RlSOL+tupnNucqObWrr/hRBA7Bge5i4fDpd1iM
X5Qw5290aSAvXvHHwqPFCHwBD1eI8qgM4YVCJbM1qqnretmL+RVF5ZJh43+EnYSp
aexeYKLpLqPoDGYTJRswjdSUxzA649Zd96ox+Icgh28uOLEwTGoRdjRU7HbJAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUfy4MxXHWBrqXbeOhubm8dT5z1fMwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTY1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzMzOTM2MzMzNTM2LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhOVAAAeMA0GCSqGSIb3DQEBCwUAA4IBAQBNoGq7/+OhntLaezv6r1s4
GMVltviaeSXzqHNXMwedKtitI/BQSa/dpPYuQ7MnD35VLhmpMxU+f0O7epQExv0Z
fljd2Ft7XDSWp3pAVQa+tJ68oT64x9Hbdh1TA9YMmKemI5Y2X72FZ5df0EFdUoC1
vNIbNpgU5XUMp47Lr+UsFXFx8JFwTMvaj17L5QI96YcQ/HA3RB/Bl339D0uXo41E
z1Ep4wvgDUEe5CsUAlUld0NzJOGL/TpQ+m9Tyu3O6TB8xG86tDL08yAiB2bLLDDe
akgx3Xf2qyV4c/uHszObidnDSUKFsdFezdwUMteeICKj9cgMhC6yh5JmXa/q5dPe
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:59:20 2024 by rpki-client on console-fra.rpki-client.org