Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32303a3a2f34382d3438203d3e20323632323837.roa
File: 326131333a393530303a32303a3a2f34382d3438203d3e20323632323837.roa (raw, json)
Hash identifier: DkBe28SmfAdeVDsJg6sFwczUNaHc81z3W3hHdpgc9x4=
Subject key identifier: 0F:DC:98:90:FA:0A:20:09:F7:0E:B8:AB:E0:ED:06:93:E0:0D:9A:DA
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 79BA6FB584DA003988551EDCDE9E1B9D707E4A01
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32303a3a2f34382d3438203d3e20323632323837.roa
Signing time: Wed 15 May 2024 12:02:44 +0000
ROA not before: Wed 15 May 2024 11:57:44 +0000
ROA not after: Wed 14 May 2025 12:02:44 +0000
asID: 262287
IP address blocks: 2a13:9500:20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:ba:6f:b5:84:da:00:39:88:55:1e:dc:de:9e:1b:9d:70:7e:4a:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: May 15 11:57:44 2024 GMT
Not After : May 14 12:02:44 2025 GMT
Subject: CN=0FDC9890FA0A2009F70EB8ABE0ED0693E00D9ADA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:88:4f:0d:e2:93:1f:57:d8:87:7f:95:f4:0d:
a3:8f:66:f3:d6:23:06:f0:04:89:85:77:7c:36:c4:
bc:f3:6b:18:1e:cd:8b:bc:7d:56:bd:b9:04:4e:df:
85:9e:6c:8c:48:78:0a:a9:ef:85:98:80:48:6a:28:
c2:35:ea:87:f7:8a:5e:5a:ff:48:4a:83:3c:f0:28:
8a:1b:bd:ee:0a:ba:e2:e6:38:08:d8:81:f6:18:1a:
6f:60:a5:cf:34:ef:17:d7:cf:49:b0:d3:ac:c6:6b:
07:2d:6e:f6:47:37:fa:27:1a:15:7d:72:78:4a:76:
31:d1:4e:ae:49:ad:aa:05:ea:6e:7e:c6:a8:f9:fe:
3a:13:82:43:03:fc:52:fb:57:b0:3c:6e:78:9a:45:
17:89:d4:2c:32:b5:97:04:de:b9:6c:78:48:4a:d0:
61:bd:5b:58:d3:73:5c:b2:6b:2f:b9:35:24:84:fd:
42:7b:1f:36:1f:14:05:81:ef:2e:0a:90:a5:7f:7b:
f1:6c:31:a4:88:f1:20:b3:8e:68:82:10:75:1f:47:
2c:66:d6:b7:fa:29:62:94:dc:c9:ba:b3:79:33:99:
72:d5:5c:e3:bf:18:b0:6f:7a:f5:bd:0f:69:65:dc:
f2:f9:2d:60:0f:ea:41:b0:11:4d:12:53:4f:e6:af:
fa:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:DC:98:90:FA:0A:20:09:F7:0E:B8:AB:E0:ED:06:93:E0:0D:9A:DA
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32303a3a2f34382d3438203d3e20323632323837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:20::/48
Signature Algorithm: sha256WithRSAEncryption
91:ed:2c:15:7c:fc:4b:66:df:9e:8c:b5:66:8d:00:c4:02:15:
a6:bf:4c:e2:de:28:b4:5f:9c:64:dc:d8:4f:96:5f:f5:4c:2e:
55:06:f5:c9:ff:ca:9d:e8:00:89:19:b4:d0:c6:7e:23:15:f3:
28:da:8c:0e:52:c1:3f:d6:41:76:90:25:80:6c:25:99:78:65:
31:5a:12:fd:34:b0:a1:bc:01:88:89:6e:78:09:8f:f1:bf:fc:
c0:f4:da:c0:be:39:bd:3c:a8:38:09:c2:00:2f:79:fb:54:16:
39:7e:4f:8f:c3:1d:0d:2a:b3:e0:c3:e3:b0:2e:79:ab:ae:8a:
81:33:37:2b:fa:79:17:c7:f3:2f:ce:03:37:cf:19:84:c2:bf:
54:bb:cc:a7:7f:fc:af:45:e4:c9:ab:9b:47:5a:88:f1:4a:ef:
49:be:2f:a3:dc:b3:69:84:c3:19:8c:4f:26:6f:ad:b9:3a:8a:
28:89:c6:75:d7:ca:09:b2:43:6a:c3:d2:97:21:8c:e6:16:5c:
3f:88:8b:bc:dd:cc:34:0d:3f:3e:8a:94:d5:7c:ee:f0:54:07:
61:ee:1c:de:76:42:59:5d:47:71:7d:97:7a:27:6c:49:8a:50:
c8:15:c8:1e:61:d3:73:39:6f:b7:71:d5:1a:a0:7c:cc:4d:9a:
97:f4:19:b5
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUebpvtYTaADmIVR7c3p4bnXB+SgEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDA1MTUxMTU3NDRaFw0yNTA1MTQxMjAyNDRaMDMxMTAvBgNV
BAMTKDBGREM5ODkwRkEwQTIwMDlGNzBFQjhBQkUwRUQwNjkzRTAwRDlBREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0iE8N4pMfV9iHf5X0DaOPZvPW
IwbwBImFd3w2xLzzaxgezYu8fVa9uQRO34WebIxIeAqp74WYgEhqKMI16of3il5a
/0hKgzzwKIobve4KuuLmOAjYgfYYGm9gpc807xfXz0mw06zGawctbvZHN/onGhV9
cnhKdjHRTq5JraoF6m5+xqj5/joTgkMD/FL7V7A8bniaRReJ1CwytZcE3rlseEhK
0GG9W1jTc1yyay+5NSSE/UJ7HzYfFAWB7y4KkKV/e/FsMaSI8SCzjmiCEHUfRyxm
1rf6KWKU3Mm6s3kzmXLVXOO/GLBvevW9D2ll3PL5LWAP6kGwEU0SU0/mr/pRAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUD9yYkPoKIAn3Drir4O0Gk+ANmtowHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMjMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzNjMyMzIzODM3LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhOVAAAgMA0GCSqGSIb3DQEBCwUAA4IBAQCR7SwVfPxLZt+ejLVmjQDE
AhWmv0zi3ii0X5xk3NhPll/1TC5VBvXJ/8qd6ACJGbTQxn4jFfMo2owOUsE/1kF2
kCWAbCWZeGUxWhL9NLChvAGIiW54CY/xv/zA9NrAvjm9PKg4CcIAL3n7VBY5fk+P
wx0NKrPgw+OwLnmrroqBMzcr+nkXx/MvzgM3zxmEwr9Uu8ynf/yvReTJq5tHWojx
Su9Jvi+j3LNphMMZjE8mb625OoooicZ118oJskNqw9KXIYzmFlw/iIu83cw0DT8+
ipTVfO7wVAdh7hzedkJZXUdxfZd6J2xJilDIFcgeYdNzOW+3cdUaoHzMTZqX9Bm1
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:59:20 2024 by rpki-client on console-fra.rpki-client.org