Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32623a3a2f34382d3438203d3e2039303039.roa
File: 326131333a393530303a32623a3a2f34382d3438203d3e2039303039.roa (raw, json)
Hash identifier: XDofz2k5VHV4h3BSvlz/cCeU5yuK0SUhQbAEyf0gKNc=
Subject key identifier: C5:DD:FC:2A:3C:4C:89:CF:AA:95:06:86:1E:44:67:2B:27:4F:53:2A
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 06D83852D09223AF15A0B1F98696A4A62EC3A9F5
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32623a3a2f34382d3438203d3e2039303039.roa
Signing time: Tue 04 Jun 2024 11:56:40 +0000
ROA not before: Tue 04 Jun 2024 11:51:40 +0000
ROA not after: Tue 03 Jun 2025 11:56:40 +0000
asID: 9009
IP address blocks: 2a13:9500:2b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:d8:38:52:d0:92:23:af:15:a0:b1:f9:86:96:a4:a6:2e:c3:a9:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Jun 4 11:51:40 2024 GMT
Not After : Jun 3 11:56:40 2025 GMT
Subject: CN=C5DDFC2A3C4C89CFAA9506861E44672B274F532A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:82:26:fc:57:56:37:c9:d2:eb:c5:95:42:4f:
3b:b6:ec:7d:14:f9:92:a4:87:77:e7:6e:b3:74:bb:
76:d6:41:59:d6:a5:98:59:32:b0:4d:db:9d:06:f0:
09:3d:38:49:6c:ab:1c:15:e6:14:86:58:e7:b4:55:
d7:f1:e8:4a:61:9d:f5:24:19:d6:b8:a7:f2:f6:c5:
25:70:fa:6a:97:ab:54:4b:bf:35:35:d9:90:4a:e2:
33:6d:18:c2:4b:98:74:60:2d:b8:3d:9e:c5:8c:0a:
48:fb:27:66:bc:d1:70:0f:e8:28:16:c6:4e:08:82:
50:0e:1e:00:b7:db:6a:3b:01:f7:1c:75:80:a4:a4:
5f:13:e7:61:9d:2a:5e:83:e8:e8:0d:e0:0e:9c:12:
f5:a4:fc:6f:05:fd:12:8a:a6:6f:4d:6d:2f:43:61:
59:84:fa:95:68:76:01:57:03:77:47:af:fd:ce:c8:
e5:fb:a9:b7:78:a4:2a:ae:a1:09:e1:6c:f6:1a:70:
d0:3c:f9:cb:72:52:0d:df:a9:2c:4b:27:b4:b6:c1:
05:e6:7c:af:7a:66:5c:26:7b:92:9e:5d:61:b2:d7:
f1:56:26:8e:b1:82:49:d4:60:b8:41:dc:1e:18:a3:
ff:c3:93:ce:74:8a:d7:0a:08:25:14:bc:be:b8:57:
5d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:DD:FC:2A:3C:4C:89:CF:AA:95:06:86:1E:44:67:2B:27:4F:53:2A
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32623a3a2f34382d3438203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:2b::/48
Signature Algorithm: sha256WithRSAEncryption
60:39:5f:81:c5:0f:65:43:c3:b4:d2:b8:cc:c9:90:d6:c6:8d:
a9:37:86:6c:f1:89:3d:05:bc:52:75:fa:40:eb:b2:2f:00:48:
12:38:23:1b:5f:7e:83:ff:ab:8e:69:62:b0:51:79:87:a7:37:
61:94:eb:16:fe:46:fb:7c:2c:a1:66:00:e2:50:f4:63:40:1f:
72:22:2a:c3:86:1f:63:87:06:09:e6:e0:8d:fc:8c:ce:c1:7d:
7f:4e:7a:32:ca:d8:c9:04:6b:c3:fb:2c:fb:c1:f8:3e:04:a3:
02:e4:39:61:d8:05:83:73:20:c4:e5:1c:0f:90:ef:3f:23:47:
3d:2f:7b:a2:c0:2c:e6:2e:25:4d:9d:ac:9c:5f:94:33:2d:02:
15:a2:b6:ad:3d:5f:84:3d:c0:26:35:b4:06:a6:7c:e7:26:a2:
97:47:37:07:5f:16:3d:25:03:d3:e6:65:22:b1:14:9c:eb:53:
3d:81:19:4b:02:80:85:87:c0:3d:2a:53:67:84:37:c2:01:aa:
e2:17:5d:38:f9:0a:3c:ce:63:07:7f:05:6b:58:a7:63:3f:72:
0e:26:ea:d1:28:4a:76:41:6f:2b:e7:08:ee:f1:ce:d2:ec:aa:
5e:6f:47:04:07:bf:e5:f6:03:62:0f:56:8d:ad:cb:60:24:30:
be:56:a5:3b
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUBtg4UtCSI68VoLH5hpakpi7DqfUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDA2MDQxMTUxNDBaFw0yNTA2MDMxMTU2NDBaMDMxMTAvBgNV
BAMTKEM1RERGQzJBM0M0Qzg5Q0ZBQTk1MDY4NjFFNDQ2NzJCMjc0RjUzMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4gib8V1Y3ydLrxZVCTzu27H0U
+ZKkh3fnbrN0u3bWQVnWpZhZMrBN250G8Ak9OElsqxwV5hSGWOe0Vdfx6EphnfUk
Gda4p/L2xSVw+mqXq1RLvzU12ZBK4jNtGMJLmHRgLbg9nsWMCkj7J2a80XAP6CgW
xk4IglAOHgC322o7AfccdYCkpF8T52GdKl6D6OgN4A6cEvWk/G8F/RKKpm9NbS9D
YVmE+pVodgFXA3dHr/3OyOX7qbd4pCquoQnhbPYacNA8+ctyUg3fqSxLJ7S2wQXm
fK96Zlwme5KeXWGy1/FWJo6xgknUYLhB3B4Yo//Dk850itcKCCUUvL64V10bAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUxd38KjxMic+qlQaGHkRnKydPUyowHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMjYyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzkzMDMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAACswDQYJKoZIhvcNAQELBQADggEBAGA5X4HFD2VDw7TSuMzJkNbGjak3
hmzxiT0FvFJ1+kDrsi8ASBI4IxtffoP/q45pYrBReYenN2GU6xb+Rvt8LKFmAOJQ
9GNAH3IiKsOGH2OHBgnm4I38jM7BfX9OejLK2MkEa8P7LPvB+D4EowLkOWHYBYNz
IMTlHA+Q7z8jRz0ve6LALOYuJU2drJxflDMtAhWitq09X4Q9wCY1tAamfOcmopdH
NwdfFj0lA9PmZSKxFJzrUz2BGUsCgIWHwD0qU2eEN8IBquIXXTj5CjzOYwd/BWtY
p2M/cg4m6tEoSnZBbyvnCO7xztLsql5vRwQHv+X2A2IPVo2ty2AkML5WpTs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:59:20 2024 by rpki-client on console-fra.rpki-client.org