Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32613a3a2f34382d3438203d3e2039303039.roa
File: 326131333a393530303a32613a3a2f34382d3438203d3e2039303039.roa (raw, json)
Hash identifier: WkZsHqR4GGgWQdUl8uMgaoJBkVBSCcOIf/utOQwG6bk=
Subject key identifier: 5C:59:51:B0:DD:CE:26:EA:85:D3:0A:DB:5F:C6:18:16:2A:AA:A7:67
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 54FC40ED1046122B0523C98859F7D0BEEA49F7BD
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32613a3a2f34382d3438203d3e2039303039.roa
Signing time: Tue 04 Jun 2024 11:56:38 +0000
ROA not before: Tue 04 Jun 2024 11:51:38 +0000
ROA not after: Tue 03 Jun 2025 11:56:38 +0000
asID: 9009
IP address blocks: 2a13:9500:2a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:fc:40:ed:10:46:12:2b:05:23:c9:88:59:f7:d0:be:ea:49:f7:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Jun 4 11:51:38 2024 GMT
Not After : Jun 3 11:56:38 2025 GMT
Subject: CN=5C5951B0DDCE26EA85D30ADB5FC618162AAAA767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:91:f9:60:52:8a:5f:23:cc:a0:52:eb:f2:66:
04:39:80:06:9e:1b:c6:77:9e:36:30:b0:e3:3a:bb:
0b:f6:96:99:35:45:e9:8f:c7:69:13:af:20:ee:60:
07:95:ea:53:5e:97:5b:18:fa:40:85:0d:b8:93:39:
fa:a3:25:01:c0:7e:d0:8b:fe:f3:6d:85:31:e7:4e:
fb:e9:78:0c:f7:79:20:72:8c:c7:4e:e0:b2:ce:6b:
fd:46:79:f0:4f:ac:4e:01:89:2f:2a:44:18:a1:3e:
3f:10:c2:1f:fa:23:7a:8b:fe:88:e3:30:f8:43:fa:
50:01:30:be:d9:30:f0:3e:cc:21:d0:af:cd:6a:7b:
94:06:b2:84:4f:e2:b3:94:9d:12:bd:89:1e:8d:00:
f9:d2:54:62:76:2a:7e:aa:05:11:62:0b:92:87:f7:
4a:8a:66:50:35:f3:76:30:7b:8a:a1:4f:5a:be:1e:
06:57:56:a9:de:2e:58:d7:52:16:5b:f6:f1:fb:89:
d7:0a:2f:80:7a:2c:e0:54:88:cd:4d:bb:55:af:35:
65:3e:09:dd:df:e8:14:f6:22:3c:97:92:92:7c:2f:
fe:40:6a:68:68:67:10:5c:30:67:13:61:de:06:7c:
dc:c0:1f:53:ec:35:f8:f6:1d:e2:30:37:78:7f:0c:
16:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:59:51:B0:DD:CE:26:EA:85:D3:0A:DB:5F:C6:18:16:2A:AA:A7:67
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32613a3a2f34382d3438203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:2a::/48
Signature Algorithm: sha256WithRSAEncryption
97:9e:d8:57:8b:90:5b:e9:62:b2:80:1f:9c:d6:45:06:f8:49:
88:5b:96:1b:da:26:e4:3a:ab:60:58:2f:87:4f:71:f6:76:e5:
c1:73:c6:12:dc:c6:81:bd:0e:64:21:71:b7:c9:0c:e0:63:9b:
03:94:36:df:c0:6c:ba:38:55:20:a2:b1:2b:5a:e7:b6:3d:c6:
7f:7f:07:fc:50:33:96:2d:a2:bd:94:31:c2:9d:7e:c8:82:ba:
4b:f5:39:b1:7b:b7:a4:bd:41:5b:d9:ea:cc:40:02:60:09:da:
95:ac:8d:c0:fd:06:a7:66:90:7f:a8:3b:e9:7f:49:1f:33:36:
aa:b8:b0:d1:7b:42:95:3f:c4:71:40:81:19:34:15:94:bb:d3:
4a:f4:e5:b2:1f:e2:1a:75:4d:2b:eb:b9:c2:80:1f:d9:26:a5:
44:d1:e2:e2:50:4e:de:4e:f0:f2:13:d4:54:8f:22:b2:3f:74:
c9:52:40:f4:cc:be:a6:7d:ee:93:d2:17:58:57:96:33:49:b8:
80:1c:f1:0e:99:a1:47:8b:20:48:5e:2d:c0:ce:b0:31:a2:c6:
50:19:37:df:c3:12:85:8b:e3:2d:0e:94:1a:42:82:e8:b5:76:
3d:88:02:b1:c0:26:66:5c:b2:c1:4f:b9:b4:88:67:da:1b:47:
08:63:0c:83
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUVPxA7RBGEisFI8mIWffQvupJ970wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDA2MDQxMTUxMzhaFw0yNTA2MDMxMTU2MzhaMDMxMTAvBgNV
BAMTKDVDNTk1MUIwRERDRTI2RUE4NUQzMEFEQjVGQzYxODE2MkFBQUE3NjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgkflgUopfI8ygUuvyZgQ5gAae
G8Z3njYwsOM6uwv2lpk1RemPx2kTryDuYAeV6lNel1sY+kCFDbiTOfqjJQHAftCL
/vNthTHnTvvpeAz3eSByjMdO4LLOa/1GefBPrE4BiS8qRBihPj8Qwh/6I3qL/ojj
MPhD+lABML7ZMPA+zCHQr81qe5QGsoRP4rOUnRK9iR6NAPnSVGJ2Kn6qBRFiC5KH
90qKZlA183Ywe4qhT1q+HgZXVqneLljXUhZb9vH7idcKL4B6LOBUiM1Nu1WvNWU+
Cd3f6BT2IjyXkpJ8L/5AamhoZxBcMGcTYd4GfNzAH1PsNfj2HeIwN3h/DBZHAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUXFlRsN3OJuqF0wrbX8YYFiqqp2cwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMjYxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzkzMDMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAACowDQYJKoZIhvcNAQELBQADggEBAJee2FeLkFvpYrKAH5zWRQb4SYhb
lhvaJuQ6q2BYL4dPcfZ25cFzxhLcxoG9DmQhcbfJDOBjmwOUNt/AbLo4VSCisSta
57Y9xn9/B/xQM5Ytor2UMcKdfsiCukv1ObF7t6S9QVvZ6sxAAmAJ2pWsjcD9Bqdm
kH+oO+l/SR8zNqq4sNF7QpU/xHFAgRk0FZS700r05bIf4hp1TSvrucKAH9kmpUTR
4uJQTt5O8PIT1FSPIrI/dMlSQPTMvqZ97pPSF1hXljNJuIAc8Q6ZoUeLIEheLcDO
sDGixlAZN9/DEoWL4y0OlBpCgui1dj2IArHAJmZcssFPubSIZ9obRwhjDIM=
-----END CERTIFICATE-----
Generated at Thu Nov 21 06:13:28 2024 by rpki-client on console-ams.rpki-client.org