Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32383a3a2f34382d3438203d3e203133323133.roa
File: 326131333a393530303a32383a3a2f34382d3438203d3e203133323133.roa (raw, json)
Hash identifier: dwGZjq4dxZ+nREdZvmBwYsGw8jsPqFz1dx8FQjf2fH0=
Subject key identifier: 32:AF:23:BE:0D:77:08:F2:2F:2D:37:1F:DA:D1:BE:D5:DA:42:25:C9
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 7AE59F7DCC7C2273B8A634BF3DBF320EE36A666E
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32383a3a2f34382d3438203d3e203133323133.roa
Signing time: Thu 30 May 2024 12:39:59 +0000
ROA not before: Thu 30 May 2024 12:34:59 +0000
ROA not after: Thu 29 May 2025 12:39:59 +0000
asID: 13213
IP address blocks: 2a13:9500:28::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:e5:9f:7d:cc:7c:22:73:b8:a6:34:bf:3d:bf:32:0e:e3:6a:66:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: May 30 12:34:59 2024 GMT
Not After : May 29 12:39:59 2025 GMT
Subject: CN=32AF23BE0D7708F22F2D371FDAD1BED5DA4225C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f3:d0:32:30:42:14:2f:21:d4:7d:5f:7f:f0:
9c:fb:8e:f9:77:12:70:76:2e:82:33:6e:14:aa:d0:
20:35:a9:51:80:8e:42:16:aa:db:33:17:e4:15:db:
03:3b:77:2f:e7:4a:a7:2f:17:f2:ea:af:30:99:2f:
2c:f8:d5:dc:1d:30:a3:a4:e8:dc:5b:79:bf:1d:31:
97:76:20:cc:9d:94:cc:d4:d7:7f:5d:e8:fc:14:b9:
a9:03:04:f8:76:55:20:f4:5d:f7:c3:ca:d5:7a:16:
3c:21:13:05:10:ce:9b:a0:2e:55:9e:b0:65:56:9b:
7c:81:80:9f:c6:fa:aa:ef:18:2f:0f:9e:79:00:d2:
fc:79:d3:68:db:cf:13:cf:d2:1b:ef:c9:df:66:70:
69:3d:b1:5c:dc:ee:93:59:46:2b:12:d5:ae:2c:0e:
e6:43:8a:5f:17:44:fd:02:b7:b7:8e:29:5e:b9:8f:
54:96:99:60:60:d1:d4:e9:8c:2e:3e:43:32:17:3a:
1d:8f:47:5d:01:3c:8d:8d:07:0b:35:c0:de:99:34:
2f:3c:1f:f7:e9:a3:49:26:f1:33:9a:cd:a8:2e:72:
a3:2b:59:0d:7c:d0:fb:15:f7:b5:ca:e6:9c:39:d7:
0c:f7:e8:d2:62:3a:2a:de:39:39:68:64:5d:d9:90:
2b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:AF:23:BE:0D:77:08:F2:2F:2D:37:1F:DA:D1:BE:D5:DA:42:25:C9
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32383a3a2f34382d3438203d3e203133323133.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:28::/48
Signature Algorithm: sha256WithRSAEncryption
0c:6b:2f:fe:3a:5c:47:f9:04:92:f9:18:1e:b0:7a:a4:60:3d:
30:20:81:f1:b1:7d:4f:9e:f1:f7:41:54:b7:46:21:f1:f6:f6:
5f:26:3c:e6:ac:6d:e7:ea:27:aa:3f:d1:ce:2d:42:46:6c:b9:
ae:d3:05:58:d3:06:09:d7:53:aa:b1:8d:64:98:8b:f9:d9:d9:
bb:4b:ae:42:65:f0:0f:cc:8b:e7:6b:b1:a7:a5:90:d3:6e:70:
59:c3:fb:4a:93:de:a8:ed:79:71:f7:0a:a0:a5:37:5a:38:e7:
88:92:77:43:d9:21:91:c3:97:74:13:7b:e3:1d:22:b9:f4:b6:
2e:e2:08:27:90:1c:f3:e7:76:d5:a9:e7:52:6e:c4:8c:50:0a:
45:28:52:2d:be:fd:20:3c:c6:a3:d2:05:3b:4a:ea:f5:19:3c:
b5:8e:da:be:dd:d4:b2:f6:12:cf:57:1f:58:c2:d1:2a:b9:16:
25:33:5d:36:8f:51:3c:3f:21:0f:d6:d1:29:7e:f5:6c:eb:d1:
b0:8c:68:3e:fd:66:99:d5:99:d5:f3:ed:75:4b:f1:34:94:3a:
50:03:a3:2f:93:e2:09:4a:65:41:5d:ac:42:9f:6a:ad:df:95:
61:26:9d:50:f9:97:0f:e5:1a:0b:b9:6c:e3:60:61:81:79:ce:
2d:fe:08:91
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUeuWffcx8InO4pjS/Pb8yDuNqZm4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDA1MzAxMjM0NTlaFw0yNTA1MjkxMjM5NTlaMDMxMTAvBgNV
BAMTKDMyQUYyM0JFMEQ3NzA4RjIyRjJEMzcxRkRBRDFCRUQ1REE0MjI1QzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDh89AyMEIULyHUfV9/8Jz7jvl3
EnB2LoIzbhSq0CA1qVGAjkIWqtszF+QV2wM7dy/nSqcvF/LqrzCZLyz41dwdMKOk
6Nxbeb8dMZd2IMydlMzU139d6PwUuakDBPh2VSD0XffDytV6FjwhEwUQzpugLlWe
sGVWm3yBgJ/G+qrvGC8PnnkA0vx502jbzxPP0hvvyd9mcGk9sVzc7pNZRisS1a4s
DuZDil8XRP0Ct7eOKV65j1SWmWBg0dTpjC4+QzIXOh2PR10BPI2NBws1wN6ZNC88
H/fpo0km8TOazagucqMrWQ180PsV97XK5pw51wz36NJiOireOTloZF3ZkCs1AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUMq8jvg13CPIvLTcf2tG+1dpCJckwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMjM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzEzMzMyMzEzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoTlQAAKDANBgkqhkiG9w0BAQsFAAOCAQEADGsv/jpcR/kEkvkYHrB6pGA9
MCCB8bF9T57x90FUt0Yh8fb2XyY85qxt5+onqj/Rzi1CRmy5rtMFWNMGCddTqrGN
ZJiL+dnZu0uuQmXwD8yL52uxp6WQ025wWcP7SpPeqO15cfcKoKU3WjjniJJ3Q9kh
kcOXdBN74x0iufS2LuIIJ5Ac8+d21annUm7EjFAKRShSLb79IDzGo9IFO0rq9Rk8
tY7avt3UsvYSz1cfWMLRKrkWJTNdNo9RPD8hD9bRKX71bOvRsIxoPv1mmdWZ1fPt
dUvxNJQ6UAOjL5PiCUplQV2sQp9qrd+VYSadUPmXD+UaC7ls42BhgXnOLf4IkQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:12 2024 by rpki-client on console-ams.rpki-client.org