Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32333a3a2f34382d3438203d3e20323632323837.roa
File: 326131333a393530303a32333a3a2f34382d3438203d3e20323632323837.roa (raw, json)
Hash identifier: adUYJ91mFd+bkTW959q1C0oxBpIMJQhrVVy9ajPc540=
Subject key identifier: DB:44:48:25:B6:9F:4B:23:54:60:E2:0C:49:DF:4F:6A:95:A2:E5:12
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 4D61A613FFB80E86D3A21E9B4E2F57DDCB995FAA
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32333a3a2f34382d3438203d3e20323632323837.roa
Signing time: Wed 15 May 2024 12:02:50 +0000
ROA not before: Wed 15 May 2024 11:57:50 +0000
ROA not after: Wed 14 May 2025 12:02:50 +0000
asID: 262287
IP address blocks: 2a13:9500:23::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:61:a6:13:ff:b8:0e:86:d3:a2:1e:9b:4e:2f:57:dd:cb:99:5f:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: May 15 11:57:50 2024 GMT
Not After : May 14 12:02:50 2025 GMT
Subject: CN=DB444825B69F4B235460E20C49DF4F6A95A2E512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f7:1c:f2:65:15:ee:eb:20:e1:9e:90:02:86:
e6:b9:20:0e:6e:d5:4a:7b:5d:0a:59:b2:22:32:b4:
d9:cf:1c:28:8b:48:c2:0d:78:20:85:51:0f:ec:7c:
e7:4f:1e:a3:bc:9f:98:b2:5b:f8:53:bd:f2:88:39:
a9:3e:9a:d9:b6:72:49:72:1a:b4:9a:54:79:b3:2e:
64:17:ee:04:56:7f:c5:d7:8e:99:07:9e:34:90:9e:
68:eb:1a:e9:95:a6:7d:d3:dd:bc:2d:83:50:b9:e7:
80:90:f7:13:0c:3f:aa:0c:42:e7:57:5b:9f:95:96:
47:54:0f:fb:98:37:e2:aa:49:56:f6:58:89:13:6b:
79:89:ab:9d:30:79:0f:b5:4a:b8:56:08:07:4e:00:
38:c5:e2:1e:63:7e:90:b2:17:9d:32:1d:75:8d:1d:
db:a1:9c:d8:90:21:65:b5:df:6b:b1:c2:6b:45:22:
4c:7e:ae:74:cb:c7:69:f4:a5:80:06:ab:47:6a:bd:
7b:65:56:bd:21:13:7c:80:97:65:3d:85:33:c6:1a:
53:d5:91:1a:22:fa:09:de:88:09:b1:40:ad:5a:51:
74:61:0d:a2:9a:d4:fe:68:13:c9:d8:e4:d1:35:7b:
36:73:f4:eb:f6:7a:0e:4b:ae:ea:6b:40:8a:4b:44:
67:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:44:48:25:B6:9F:4B:23:54:60:E2:0C:49:DF:4F:6A:95:A2:E5:12
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32333a3a2f34382d3438203d3e20323632323837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:23::/48
Signature Algorithm: sha256WithRSAEncryption
08:d0:03:0c:4a:7b:45:6b:f0:d1:e4:38:d8:a3:d7:c4:e6:85:
cd:1c:32:99:33:eb:bc:2b:eb:82:7a:1d:dc:b8:99:2a:cc:2b:
cb:6e:bc:25:90:b0:e6:d3:3a:26:81:fb:40:01:9a:1a:49:51:
eb:89:e6:91:a3:35:87:78:20:34:a2:17:d3:8f:93:ea:42:02:
39:6a:58:48:54:8e:83:0f:5c:d3:1d:db:a4:dd:88:bc:6b:ba:
c5:8a:89:a2:b1:60:42:10:96:af:94:33:b9:75:f3:8b:6a:84:
b4:80:db:b4:b7:69:72:e3:88:db:a3:3c:18:aa:2d:ee:d4:e9:
16:60:fb:80:07:8e:7b:57:75:80:ca:6f:b6:c5:8d:89:10:d6:
89:54:f8:8e:f5:7a:4f:43:74:5e:a8:ea:82:16:2d:0e:e4:5d:
47:f3:a3:e8:a8:63:18:6b:7a:13:71:85:a4:81:05:c9:79:70:
51:cf:ad:ff:d5:dc:bb:fc:b6:1f:83:f0:82:ab:c5:a6:90:a3:
8f:13:19:ee:01:01:01:23:82:db:48:3e:73:30:f3:86:d7:c5:
4d:3b:6e:f2:ca:08:07:51:b3:19:9d:fb:59:5a:8c:cc:a8:ed:
1e:a2:1b:ca:e3:b0:41:3e:a7:87:19:ca:9f:78:d3:db:25:bb:
71:a6:29:86
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUTWGmE/+4DobToh6bTi9X3cuZX6owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDA1MTUxMTU3NTBaFw0yNTA1MTQxMjAyNTBaMDMxMTAvBgNV
BAMTKERCNDQ0ODI1QjY5RjRCMjM1NDYwRTIwQzQ5REY0RjZBOTVBMkU1MTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCR9xzyZRXu6yDhnpAChua5IA5u
1Up7XQpZsiIytNnPHCiLSMINeCCFUQ/sfOdPHqO8n5iyW/hTvfKIOak+mtm2ckly
GrSaVHmzLmQX7gRWf8XXjpkHnjSQnmjrGumVpn3T3bwtg1C554CQ9xMMP6oMQudX
W5+VlkdUD/uYN+KqSVb2WIkTa3mJq50weQ+1SrhWCAdOADjF4h5jfpCyF50yHXWN
HduhnNiQIWW132uxwmtFIkx+rnTLx2n0pYAGq0dqvXtlVr0hE3yAl2U9hTPGGlPV
kRoi+gneiAmxQK1aUXRhDaKa1P5oE8nY5NE1ezZz9Ov2eg5LruprQIpLRGfFAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU20RIJbafSyNUYOIMSd9PapWi5RIwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMjMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzNjMyMzIzODM3LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhOVAAAjMA0GCSqGSIb3DQEBCwUAA4IBAQAI0AMMSntFa/DR5DjYo9fE
5oXNHDKZM+u8K+uCeh3cuJkqzCvLbrwlkLDm0zomgftAAZoaSVHrieaRozWHeCA0
ohfTj5PqQgI5alhIVI6DD1zTHduk3Yi8a7rFiomisWBCEJavlDO5dfOLaoS0gNu0
t2ly44jbozwYqi3u1OkWYPuAB457V3WAym+2xY2JENaJVPiO9XpPQ3ReqOqCFi0O
5F1H86PoqGMYa3oTcYWkgQXJeXBRz63/1dy7/LYfg/CCq8WmkKOPExnuAQEBI4Lb
SD5zMPOG18VNO27yyggHUbMZnftZWozMqO0eohvK47BBPqeHGcqfeNPbJbtxpimG
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:59:20 2024 by rpki-client on console-fra.rpki-client.org