Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32323a3a2f34382d3438203d3e20323632323837.roa
File:                     326131333a393530303a32323a3a2f34382d3438203d3e20323632323837.roa (raw, json)
Hash identifier:          dUT60zS9tplhM8hS/vStfOveMQLSpo8P1mO1Bb2DEG0=
Subject key identifier:   79:2B:48:68:0F:17:78:3F:95:DE:4E:57:B3:C4:B1:E7:41:77:09:D2
Certificate issuer:       /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial:       1CDA05A6FCEF967ECD40711DC65CB7291B8EE0C7
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32323a3a2f34382d3438203d3e20323632323837.roa
Signing time:             Wed 15 May 2024 12:02:48 +0000
ROA not before:           Wed 15 May 2024 11:57:48 +0000
ROA not after:            Wed 14 May 2025 12:02:48 +0000
asID:                     262287
IP address blocks:        2a13:9500:22::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:da:05:a6:fc:ef:96:7e:cd:40:71:1d:c6:5c:b7:29:1b:8e:e0:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
        Validity
            Not Before: May 15 11:57:48 2024 GMT
            Not After : May 14 12:02:48 2025 GMT
        Subject: CN=792B48680F17783F95DE4E57B3C4B1E7417709D2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:08:97:61:d0:48:22:0e:57:ef:6e:c3:bf:a3:
                    d2:7e:35:5b:35:3c:c6:d7:55:41:06:bd:35:a7:ea:
                    3d:54:ac:51:11:34:b5:72:7d:76:c2:93:e7:e4:a1:
                    5c:dd:6c:71:f3:50:12:52:18:fa:75:29:54:d1:40:
                    a4:eb:26:a3:63:de:1e:7a:fc:3b:80:5b:b1:60:7f:
                    63:12:ee:7f:df:2b:14:ad:bd:ed:4b:a1:50:c5:63:
                    9e:47:59:48:65:90:33:d5:bc:2a:3d:f5:2c:4a:d3:
                    ab:4c:90:b5:a2:b1:3a:ce:ba:2a:a1:48:cb:53:dc:
                    9a:69:be:ce:70:49:08:70:63:84:0a:fe:26:4b:54:
                    25:b2:9b:25:8d:68:6c:26:55:40:e0:71:53:0b:00:
                    17:9a:3a:f4:7e:34:d1:ce:29:be:69:3f:b0:a8:1d:
                    7a:9e:a1:59:86:95:27:9e:45:e0:73:0d:4e:22:68:
                    50:cd:c2:c5:9c:dc:02:b8:8b:4f:ae:ea:b7:70:5e:
                    54:a2:91:70:b3:6b:51:40:81:dc:cf:3a:e4:86:59:
                    fd:37:02:3b:b4:72:d7:46:14:9e:f6:24:7e:33:3c:
                    7c:c4:6f:9c:50:21:1d:a4:e6:c3:83:72:e7:72:cb:
                    ac:46:98:b1:f6:7a:3d:b2:82:eb:2d:22:33:b8:66:
                    6a:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:2B:48:68:0F:17:78:3F:95:DE:4E:57:B3:C4:B1:E7:41:77:09:D2
            X509v3 Authority Key Identifier:
                keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32323a3a2f34382d3438203d3e20323632323837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:9500:22::/48

    Signature Algorithm: sha256WithRSAEncryption
         1c:5e:6b:ac:9f:7e:5c:71:d8:f6:e4:d8:d6:1f:50:82:59:58:
         ff:d9:bb:86:03:20:e2:0d:84:96:7e:db:66:61:91:7b:7c:51:
         e8:d1:ee:aa:54:1c:d6:6d:ab:6c:ef:f6:10:1a:a5:f9:49:b8:
         07:a0:9c:b2:2f:0b:86:f9:6b:2b:5a:1d:a6:53:c3:5c:ae:b5:
         24:3b:74:a1:d6:db:4c:69:39:41:7d:e1:60:5d:60:2e:a8:7b:
         b0:1c:06:56:33:5d:5a:ed:16:46:e9:fd:f2:78:3e:b3:05:1f:
         fc:6e:62:7a:db:4f:f4:62:67:e1:40:92:b3:2c:46:f6:50:f5:
         83:25:ae:e0:47:09:8b:99:dd:dd:a5:8e:4a:86:9b:aa:a2:19:
         c8:ef:ac:f5:c1:33:0d:1e:fd:46:67:b3:00:e6:94:40:35:5a:
         92:67:6b:a7:ac:d3:04:fa:f6:37:53:7d:c4:19:3a:cd:8f:89:
         ef:ed:db:e5:94:a4:cf:15:17:a4:c5:23:13:df:f8:92:d5:7a:
         09:53:19:7b:6b:44:44:bd:fe:43:df:10:73:38:3f:ad:26:01:
         2b:b8:24:25:7f:ff:2d:ce:37:e6:c3:54:2a:a7:ab:bd:fe:73:
         20:a6:3a:a7:41:98:4a:59:35:62:74:a5:3f:34:34:e9:b6:21:
         97:3a:6d:34
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUHNoFpvzvln7NQHEdxly3KRuO4McwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDA1MTUxMTU3NDhaFw0yNTA1MTQxMjAyNDhaMDMxMTAvBgNV
BAMTKDc5MkI0ODY4MEYxNzc4M0Y5NURFNEU1N0IzQzRCMUU3NDE3NzA5RDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5CJdh0EgiDlfvbsO/o9J+NVs1
PMbXVUEGvTWn6j1UrFERNLVyfXbCk+fkoVzdbHHzUBJSGPp1KVTRQKTrJqNj3h56
/DuAW7Fgf2MS7n/fKxStve1LoVDFY55HWUhlkDPVvCo99SxK06tMkLWisTrOuiqh
SMtT3Jppvs5wSQhwY4QK/iZLVCWymyWNaGwmVUDgcVMLABeaOvR+NNHOKb5pP7Co
HXqeoVmGlSeeReBzDU4iaFDNwsWc3AK4i0+u6rdwXlSikXCza1FAgdzPOuSGWf03
Aju0ctdGFJ72JH4zPHzEb5xQIR2k5sODcudyy6xGmLH2ej2ygustIjO4ZmpFAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUeStIaA8XeD+V3k5Xs8Sx50F3CdIwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMjMyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzNjMyMzIzODM3LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhOVAAAiMA0GCSqGSIb3DQEBCwUAA4IBAQAcXmusn35ccdj25NjWH1CC
WVj/2buGAyDiDYSWfttmYZF7fFHo0e6qVBzWbats7/YQGqX5SbgHoJyyLwuG+Wsr
Wh2mU8NcrrUkO3Sh1ttMaTlBfeFgXWAuqHuwHAZWM11a7RZG6f3yeD6zBR/8bmJ6
20/0YmfhQJKzLEb2UPWDJa7gRwmLmd3dpY5KhpuqohnI76z1wTMNHv1GZ7MA5pRA
NVqSZ2unrNME+vY3U33EGTrNj4nv7dvllKTPFRekxSMT3/iS1XoJUxl7a0REvf5D
3xBzOD+tJgEruCQlf/8tzjfmw1Qqp6u9/nMgpjqnQZhKWTVidKU/NDTptiGXOm00
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:59:20 2024 by rpki-client on console-fra.rpki-client.org