Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32333a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a32333a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: HwabfwlQajDfn8jQihq863uGo25zK4vWTOFSPaOIDSE=
Subject key identifier: E9:3D:E4:2E:1B:5F:F1:C1:1F:D5:46:A7:4E:F9:DE:37:43:F2:33:64
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 0C463270BFEB0257C38540A7A990E5C19D7A71E6
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32333a3a2f34382d3438203d3e203239383032.roa
Signing time: Fri 26 Apr 2024 12:20:34 +0000
ROA not before: Fri 26 Apr 2024 12:15:34 +0000
ROA not after: Fri 25 Apr 2025 12:20:34 +0000
asID: 29802
IP address blocks: 2a13:9500:23::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:46:32:70:bf:eb:02:57:c3:85:40:a7:a9:90:e5:c1:9d:7a:71:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Apr 26 12:15:34 2024 GMT
Not After : Apr 25 12:20:34 2025 GMT
Subject: CN=E93DE42E1B5FF1C11FD546A74EF9DE3743F23364
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2e:70:31:f0:a4:8d:7c:38:7b:5c:f4:54:32:
38:45:4d:8c:26:ec:e7:00:8d:1f:57:ea:0e:c8:69:
52:02:5f:11:b9:47:c2:aa:37:15:57:92:0b:ee:23:
88:7e:2e:5d:f7:ff:f5:ab:fd:c8:5a:72:87:b9:99:
8e:0b:4b:30:85:ff:7a:c9:c7:77:ff:37:23:ef:f8:
17:b1:3d:2d:80:fe:38:73:7e:11:49:c0:47:5b:fb:
8a:c0:97:65:d4:fd:ba:06:93:03:0d:48:73:f1:22:
26:3f:06:47:47:22:29:6f:4b:4d:d6:0a:0e:cd:80:
e7:73:46:40:a3:7a:5d:76:cb:0b:e4:5a:ea:f0:de:
72:5e:45:9a:f7:c5:ec:31:18:10:03:ec:c7:e0:84:
11:b5:0e:39:50:58:c6:ca:cd:62:03:83:3a:19:2e:
43:98:51:f7:31:9a:0c:3a:ee:91:5c:9f:1e:8a:eb:
5d:f6:81:0a:9d:9a:90:ac:2d:48:2f:ff:6f:e9:ac:
64:18:d5:90:78:b8:b4:fa:48:aa:e8:87:8a:d7:30:
1e:73:35:6f:60:b2:4f:8b:1d:5f:f9:3b:a4:91:ab:
e1:84:6b:14:92:4d:7e:2d:e7:b3:d5:57:cb:06:bf:
73:73:f9:4f:40:1a:4d:24:67:99:de:19:ca:60:97:
b1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:3D:E4:2E:1B:5F:F1:C1:1F:D5:46:A7:4E:F9:DE:37:43:F2:33:64
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32333a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:23::/48
Signature Algorithm: sha256WithRSAEncryption
66:7c:66:b2:aa:fd:f7:31:49:3d:30:87:57:8e:d5:b5:b7:ef:
f1:df:33:21:8e:34:e5:b6:0e:1e:fb:c4:e0:71:bc:39:cf:5d:
e9:8e:eb:d7:c4:86:e8:cd:01:54:fb:cb:5c:bf:17:6d:c0:81:
45:10:08:6e:04:51:d8:19:94:a6:b2:67:7c:5c:c0:ad:f4:f4:
74:3d:83:b6:0e:fc:0e:9a:02:6f:b8:8c:2c:14:c8:c2:5c:33:
c5:60:9f:e7:47:b7:d3:7a:57:ad:9a:71:40:83:7e:9e:f3:5b:
4f:b8:82:d9:b8:37:20:94:c6:53:ad:d7:fe:3a:62:82:9a:f1:
c8:1d:10:28:f1:e9:36:9a:14:cd:a7:fb:8f:2f:11:68:ad:8b:
42:f5:4f:b4:fb:26:cf:db:2d:8e:ef:98:01:50:e3:7b:90:9d:
21:61:65:c1:c6:f2:c4:bb:0b:19:47:74:06:67:4a:58:75:fd:
77:cb:a7:c8:df:e5:cd:bb:6b:51:0a:7e:8a:79:79:6c:01:aa:
3f:e4:5b:c9:5d:b3:38:66:34:ef:d7:9d:a7:99:44:3b:31:f0:
51:5f:eb:f0:80:73:b0:2b:27:f0:42:95:fa:d4:26:ea:cd:98:
0a:6a:3a:c9:c6:c2:a1:09:2b:d3:2c:e1:30:ba:a3:09:03:3f:
99:4c:a1:67
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUDEYycL/rAlfDhUCnqZDlwZ16ceYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDA0MjYxMjE1MzRaFw0yNTA0MjUxMjIwMzRaMDMxMTAvBgNV
BAMTKEU5M0RFNDJFMUI1RkYxQzExRkQ1NDZBNzRFRjlERTM3NDNGMjMzNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGLnAx8KSNfDh7XPRUMjhFTYwm
7OcAjR9X6g7IaVICXxG5R8KqNxVXkgvuI4h+Ll33//Wr/chacoe5mY4LSzCF/3rJ
x3f/NyPv+BexPS2A/jhzfhFJwEdb+4rAl2XU/boGkwMNSHPxIiY/BkdHIilvS03W
Cg7NgOdzRkCjel12ywvkWurw3nJeRZr3xewxGBAD7MfghBG1DjlQWMbKzWIDgzoZ
LkOYUfcxmgw67pFcnx6K6132gQqdmpCsLUgv/2/prGQY1ZB4uLT6SKroh4rXMB5z
NW9gsk+LHV/5O6SRq+GEaxSSTX4t57PVV8sGv3Nz+U9AGk0kZ5neGcpgl7FtAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU6T3kLhtf8cEf1UanTvneN0PyM2QwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMjMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoTlQAAIzANBgkqhkiG9w0BAQsFAAOCAQEAZnxmsqr99zFJPTCHV47Vtbfv
8d8zIY405bYOHvvE4HG8Oc9d6Y7r18SG6M0BVPvLXL8XbcCBRRAIbgRR2BmUprJn
fFzArfT0dD2Dtg78DpoCb7iMLBTIwlwzxWCf50e303pXrZpxQIN+nvNbT7iC2bg3
IJTGU63X/jpigprxyB0QKPHpNpoUzaf7jy8RaK2LQvVPtPsmz9stju+YAVDje5Cd
IWFlwcbyxLsLGUd0BmdKWHX9d8unyN/lzbtrUQp+inl5bAGqP+RbyV2zOGY079ed
p5lEOzHwUV/r8IBzsCsn8EKV+tQm6s2YCmo6ycbCoQkr0yzhMLqjCQM/mUyhZw==
-----END CERTIFICATE-----
Generated at Sun Apr 28 22:52:42 2024 by rpki-client on console-ams.rpki-client.org