Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32303a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a32303a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: +ZeWE/voX32gleX6Oz8DfnP0fOaefPAFE5Z8c6ZDLig=
Subject key identifier: 3E:48:80:41:ED:42:38:E7:97:A9:E3:49:1C:EF:D4:DA:72:01:EE:75
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 61D8A76FCD8FA0EEACA2AAF52E063079C9E1793D
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32303a3a2f34382d3438203d3e203239383032.roa
Signing time: Fri 26 Apr 2024 12:20:23 +0000
ROA not before: Fri 26 Apr 2024 12:15:23 +0000
ROA not after: Fri 25 Apr 2025 12:20:23 +0000
asID: 29802
IP address blocks: 2a13:9500:20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:d8:a7:6f:cd:8f:a0:ee:ac:a2:aa:f5:2e:06:30:79:c9:e1:79:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Apr 26 12:15:23 2024 GMT
Not After : Apr 25 12:20:23 2025 GMT
Subject: CN=3E488041ED4238E797A9E3491CEFD4DA7201EE75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:20:14:97:4d:59:74:6d:be:12:ff:18:21:4e:
55:9e:9f:55:78:30:f8:19:ea:6e:df:26:4f:03:cd:
5d:3c:59:fb:67:9d:1b:a5:81:e1:59:c2:60:ea:7c:
39:93:d2:de:89:6c:04:bb:7a:74:6f:b4:26:82:e6:
68:05:7a:b6:81:e2:31:69:b4:f9:f7:87:48:f1:e1:
c6:10:f2:d2:4a:e8:58:a2:e3:5f:52:d1:06:f1:a4:
04:39:97:96:76:1e:18:77:58:3c:d3:27:99:ea:45:
03:39:90:0e:ce:dd:aa:58:48:91:79:d0:a7:68:19:
8e:5e:3e:e7:4e:17:48:29:77:b0:a3:52:86:7a:bd:
d4:0e:ed:fe:f7:5d:7b:b8:1e:11:95:73:f4:65:2a:
c8:b1:06:70:ef:d2:24:00:1d:5b:bb:14:d2:12:ef:
3c:c4:2a:62:6e:f4:14:cf:e4:ae:1b:dc:99:52:35:
ae:2c:bd:5e:47:d3:79:a3:2e:9d:e6:cd:f4:06:88:
14:78:e4:fa:20:0e:c3:6c:7b:92:db:c1:dc:db:88:
3d:3a:82:55:67:96:6b:58:46:cd:16:52:6f:fa:81:
df:30:0a:f3:27:3a:cb:1f:62:7e:b9:a7:b3:41:e7:
3d:cd:ff:87:7d:f6:ec:f7:4a:17:08:71:25:d1:b3:
98:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:48:80:41:ED:42:38:E7:97:A9:E3:49:1C:EF:D4:DA:72:01:EE:75
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32303a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:20::/48
Signature Algorithm: sha256WithRSAEncryption
ab:18:df:88:e1:35:73:5d:01:d4:c6:85:db:92:62:3a:13:1a:
d5:2b:82:61:09:41:e4:5e:fd:f3:f4:41:a5:0b:0e:1c:26:db:
4c:eb:ed:db:b9:30:09:38:17:cc:48:88:69:39:fc:ce:46:22:
03:cf:23:5f:54:ac:78:d2:53:1a:bb:b7:ee:51:d4:91:8c:74:
d4:24:61:7e:7e:8a:95:07:ab:cd:fb:84:ed:51:21:76:b3:78:
fa:37:45:65:f0:77:b1:93:46:4f:47:63:23:08:cf:aa:24:23:
6d:a9:48:e0:3e:a9:96:27:c9:5c:c9:64:3a:aa:71:cd:4a:fa:
89:f9:e4:9a:61:e3:c8:40:a8:33:d8:83:a9:3a:ec:14:ec:ee:
63:6f:17:9d:76:ba:35:38:f9:a4:2d:b7:a6:6b:62:54:4a:fd:
67:d9:fe:1a:82:24:3d:77:ff:f4:4f:e5:33:6a:5a:01:2b:f1:
26:f6:a9:e8:03:a6:4d:d3:c6:17:19:8a:12:6b:6b:28:d5:3f:
de:ac:d4:54:96:4e:d3:40:94:3d:06:9d:d0:95:80:9a:88:ee:
2b:cc:01:20:e6:a6:18:3c:fe:a8:f9:7b:45:c1:e9:f1:4c:4c:
b9:28:fa:42:ea:9d:e4:15:e9:17:88:00:51:c7:82:25:14:de:
b0:64:a8:14
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUYdinb82PoO6soqr1LgYwecnheT0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDA0MjYxMjE1MjNaFw0yNTA0MjUxMjIwMjNaMDMxMTAvBgNV
BAMTKDNFNDg4MDQxRUQ0MjM4RTc5N0E5RTM0OTFDRUZENERBNzIwMUVFNzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNIBSXTVl0bb4S/xghTlWen1V4
MPgZ6m7fJk8DzV08WftnnRulgeFZwmDqfDmT0t6JbAS7enRvtCaC5mgFeraB4jFp
tPn3h0jx4cYQ8tJK6Fii419S0QbxpAQ5l5Z2Hhh3WDzTJ5nqRQM5kA7O3apYSJF5
0KdoGY5ePudOF0gpd7CjUoZ6vdQO7f73XXu4HhGVc/RlKsixBnDv0iQAHVu7FNIS
7zzEKmJu9BTP5K4b3JlSNa4svV5H03mjLp3mzfQGiBR45PogDsNse5LbwdzbiD06
glVnlmtYRs0WUm/6gd8wCvMnOssfYn65p7NB5z3N/4d99uz3ShcIcSXRs5g3AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUPkiAQe1COOeXqeNJHO/U2nIB7nUwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMjMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoTlQAAIDANBgkqhkiG9w0BAQsFAAOCAQEAqxjfiOE1c10B1MaF25JiOhMa
1SuCYQlB5F798/RBpQsOHCbbTOvt27kwCTgXzEiIaTn8zkYiA88jX1SseNJTGru3
7lHUkYx01CRhfn6KlQerzfuE7VEhdrN4+jdFZfB3sZNGT0djIwjPqiQjbalI4D6p
lifJXMlkOqpxzUr6ifnkmmHjyECoM9iDqTrsFOzuY28XnXa6NTj5pC23pmtiVEr9
Z9n+GoIkPXf/9E/lM2paASvxJvap6AOmTdPGFxmKEmtrKNU/3qzUVJZO00CUPQad
0JWAmojuK8wBIOamGDz+qPl7RcHp8UxMuSj6Quqd5BXpF4gAUceCJRTesGSoFA==
-----END CERTIFICATE-----
Generated at Sun Apr 28 22:52:42 2024 by rpki-client on console-ams.rpki-client.org