Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32313a3a2f34382d3438203d3e20323632323837.roa
File: 326131333a393530303a32313a3a2f34382d3438203d3e20323632323837.roa (raw, json)
Hash identifier: G7Lfa76ttKm8p+k7lUThchq7SmVPXAtoi2q3obxdcX4=
Subject key identifier: E5:8F:EF:8B:0B:76:0B:38:7A:A0:34:00:97:D6:72:F7:FF:40:65:18
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 7D43C6489BDD9555C49D9AD0E466E0CEC1F17E08
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32313a3a2f34382d3438203d3e20323632323837.roa
Signing time: Wed 15 May 2024 12:02:46 +0000
ROA not before: Wed 15 May 2024 11:57:46 +0000
ROA not after: Wed 14 May 2025 12:02:46 +0000
asID: 262287
IP address blocks: 2a13:9500:21::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:43:c6:48:9b:dd:95:55:c4:9d:9a:d0:e4:66:e0:ce:c1:f1:7e:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: May 15 11:57:46 2024 GMT
Not After : May 14 12:02:46 2025 GMT
Subject: CN=E58FEF8B0B760B387AA0340097D672F7FF406518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:01:69:74:eb:08:5b:80:28:2f:d5:71:e6:85:
a0:4c:5c:f4:fa:93:82:85:cc:0a:1f:fc:2c:55:e4:
7b:41:56:14:ca:ac:87:cf:03:c1:06:92:21:6b:9c:
8a:e6:6d:ee:3f:af:f1:12:33:43:76:95:2a:7a:e2:
8f:b0:d2:d2:be:19:8f:ad:aa:5e:d5:73:dc:e2:e8:
fe:e0:a2:89:27:f6:80:6b:70:67:3d:1b:ef:a4:19:
a7:d4:31:7c:94:96:95:ec:14:1e:0c:2e:75:04:2e:
68:ed:fd:91:db:ec:2b:b9:cd:a5:92:67:5b:d0:b5:
43:b2:ab:ad:77:ac:f5:e7:c6:be:fb:52:08:ac:80:
8b:71:91:29:45:2c:01:3e:85:4d:8f:a6:d3:97:03:
78:90:63:72:2e:f1:7b:c4:96:c8:8c:e7:ec:ad:fa:
4f:1a:18:5c:4a:19:35:df:57:b5:84:1c:c1:5f:e3:
7b:34:b6:29:89:43:6a:05:cf:ed:57:43:cf:9b:de:
7d:94:69:92:6e:d2:a5:8c:4a:c0:5b:cd:a4:c1:e3:
c0:ec:57:c2:df:f9:bb:60:5e:b7:88:ee:d9:d7:1c:
0f:cd:61:c1:3e:dc:31:20:4a:a2:95:91:a9:1c:7d:
a1:e6:23:d1:ea:8a:8e:54:c7:86:0f:34:9f:3a:03:
e9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:8F:EF:8B:0B:76:0B:38:7A:A0:34:00:97:D6:72:F7:FF:40:65:18
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32313a3a2f34382d3438203d3e20323632323837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:21::/48
Signature Algorithm: sha256WithRSAEncryption
82:21:71:1f:41:22:f6:4b:0d:93:51:74:16:98:c9:50:40:74:
7d:f8:3e:17:fc:64:ca:7a:16:1f:f3:9e:c2:31:49:5b:86:73:
b7:5a:85:1f:a4:1c:8a:52:85:5d:c4:38:6a:14:52:70:0e:d1:
19:c0:20:c8:8c:e7:82:6c:06:e1:45:ff:a6:8a:e0:75:1b:05:
e1:0a:47:86:07:a9:77:e1:24:03:ec:3b:e2:99:e7:05:20:56:
46:0c:b2:be:3e:ee:99:ea:89:81:d4:51:a4:ea:e7:05:d8:c3:
39:e1:fa:a8:74:5c:66:e1:e6:c1:75:e7:fd:93:b1:88:9b:1f:
09:2d:c0:cd:93:9f:72:10:b0:dd:b5:bf:60:07:04:df:a9:c2:
59:97:e5:e2:81:be:55:f4:55:ba:38:35:ae:35:41:a3:cc:db:
b0:cc:a3:9c:3e:ba:59:32:4d:81:7b:1b:55:a6:07:92:31:81:
e6:48:70:a4:e9:99:48:34:9f:cf:7b:db:54:bf:79:15:9f:11:
55:13:26:b0:5c:8f:31:51:70:c6:3f:bc:c8:05:9d:ff:eb:85:
b9:f2:d1:0c:f4:74:ef:d8:f6:15:c8:99:6a:b8:0a:1d:95:cf:
75:60:c9:f2:c1:75:88:64:10:b3:6a:f4:61:0a:92:a7:bc:e5:
7a:58:ad:28
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUfUPGSJvdlVXEnZrQ5GbgzsHxfggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDA1MTUxMTU3NDZaFw0yNTA1MTQxMjAyNDZaMDMxMTAvBgNV
BAMTKEU1OEZFRjhCMEI3NjBCMzg3QUEwMzQwMDk3RDY3MkY3RkY0MDY1MTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0AWl06whbgCgv1XHmhaBMXPT6
k4KFzAof/CxV5HtBVhTKrIfPA8EGkiFrnIrmbe4/r/ESM0N2lSp64o+w0tK+GY+t
ql7Vc9zi6P7gookn9oBrcGc9G++kGafUMXyUlpXsFB4MLnUELmjt/ZHb7Cu5zaWS
Z1vQtUOyq613rPXnxr77UgisgItxkSlFLAE+hU2PptOXA3iQY3Iu8XvElsiM5+yt
+k8aGFxKGTXfV7WEHMFf43s0timJQ2oFz+1XQ8+b3n2UaZJu0qWMSsBbzaTB48Ds
V8Lf+btgXreI7tnXHA/NYcE+3DEgSqKVkakcfaHmI9Hqio5Ux4YPNJ86A+mnAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU5Y/viwt2Czh6oDQAl9Zy9/9AZRgwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMjMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzNjMyMzIzODM3LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhOVAAAhMA0GCSqGSIb3DQEBCwUAA4IBAQCCIXEfQSL2Sw2TUXQWmMlQ
QHR9+D4X/GTKehYf857CMUlbhnO3WoUfpByKUoVdxDhqFFJwDtEZwCDIjOeCbAbh
Rf+miuB1GwXhCkeGB6l34SQD7DvimecFIFZGDLK+Pu6Z6omB1FGk6ucF2MM54fqo
dFxm4ebBdef9k7GImx8JLcDNk59yELDdtb9gBwTfqcJZl+Xigb5V9FW6ODWuNUGj
zNuwzKOcPrpZMk2BextVpgeSMYHmSHCk6ZlINJ/Pe9tUv3kVnxFVEyawXI8xUXDG
P7zIBZ3/64W58tEM9HTv2PYVyJlquAodlc91YMnywXWIZBCzavRhCpKnvOV6WK0o
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:40:01 2024 by rpki-client on console-ams.rpki-client.org