Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32633a3a2f34382d3438203d3e2039303039.roa
File: 326131333a393530303a32633a3a2f34382d3438203d3e2039303039.roa (raw, json)
Hash identifier: v9eit1zqsRKAxvzovlu0LwDD6nrmRRxSOYNu92IdGEQ=
Subject key identifier: BE:2B:C9:E5:E1:2C:4E:11:11:69:A0:28:B0:7F:A8:E4:3C:9A:0F:38
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 12ADB47CF8F98237B332DAA364704EE3DF56C483
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32633a3a2f34382d3438203d3e2039303039.roa
Signing time: Tue 04 Jun 2024 11:56:42 +0000
ROA not before: Tue 04 Jun 2024 11:51:42 +0000
ROA not after: Tue 03 Jun 2025 11:56:42 +0000
asID: 9009
IP address blocks: 2a13:9500:2c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:ad:b4:7c:f8:f9:82:37:b3:32:da:a3:64:70:4e:e3:df:56:c4:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Jun 4 11:51:42 2024 GMT
Not After : Jun 3 11:56:42 2025 GMT
Subject: CN=BE2BC9E5E12C4E111169A028B07FA8E43C9A0F38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:da:27:9c:37:43:4f:ef:56:c4:bf:f4:d8:ab:
1e:cb:c2:3a:01:48:13:ed:ac:b6:1a:b9:d9:24:d9:
f4:b8:cc:83:19:50:4d:74:9e:49:6c:5e:f4:70:9f:
c4:ec:78:da:11:cc:03:5e:f7:6d:d5:f5:2e:d2:f6:
1a:25:df:71:56:f8:c8:63:c4:5d:44:0b:a5:77:1e:
bc:78:9f:92:36:4d:85:56:89:5d:6e:85:e2:c5:62:
ee:75:01:a6:96:58:16:cc:d3:d8:e4:3d:20:61:a9:
94:d9:20:eb:10:75:f4:da:50:77:ff:27:76:b6:6f:
4c:1d:86:a2:12:bf:78:fa:d1:6c:95:ab:21:8b:5e:
a7:fa:ee:46:8a:4a:ed:67:f4:4a:02:64:99:53:a6:
37:97:d2:cb:c3:04:bd:91:06:a4:de:10:d3:df:67:
b8:00:8e:4a:e4:9d:5a:2e:46:80:8e:99:07:63:88:
5a:ad:74:87:f5:e7:bc:83:18:84:34:22:50:e7:c5:
55:45:fc:aa:0e:55:7e:9a:8a:e4:34:e9:8b:69:3c:
b1:d6:84:31:b4:c2:c2:d3:83:fe:2d:2f:11:3d:94:
08:e1:51:d4:f5:fe:1b:57:96:6c:6c:da:e3:be:c4:
37:a8:7a:2b:ca:a8:d9:3c:48:a7:b1:ba:8e:f0:8c:
9e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:2B:C9:E5:E1:2C:4E:11:11:69:A0:28:B0:7F:A8:E4:3C:9A:0F:38
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32633a3a2f34382d3438203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:2c::/48
Signature Algorithm: sha256WithRSAEncryption
05:f1:7e:15:5c:33:2e:f8:78:49:0e:10:75:e7:eb:0a:aa:cf:
60:d5:1f:cb:65:b2:e2:bb:37:eb:c9:5e:79:fc:cf:89:0a:44:
59:e2:4d:c5:eb:87:f5:31:a7:5a:33:43:e1:15:f9:23:3e:ea:
63:b8:ab:cd:18:ae:81:ad:e8:72:5a:e9:7e:12:20:88:70:68:
18:bb:88:1d:b0:4f:d8:49:87:9d:00:80:86:51:34:72:f2:ee:
87:49:ba:cf:c0:f4:97:0c:b3:d0:3b:21:a3:93:84:ef:63:e5:
2e:4b:17:88:61:22:47:2a:c4:52:ec:7f:33:2f:5e:20:2c:9c:
8f:80:dd:1d:d8:70:e5:fd:0b:19:f4:4b:07:fd:18:78:e5:5c:
66:10:44:fb:f1:8a:ba:ec:1a:54:1a:d5:3b:5c:15:6e:f1:d7:
5d:e7:02:ba:12:80:5c:5e:83:d4:53:75:d4:9d:72:0b:a7:6c:
2b:da:8f:b3:ec:35:cd:63:b9:e4:24:93:f1:d7:4c:ca:bb:aa:
e3:61:a2:5f:af:1a:4d:14:d5:51:ef:b0:a9:c3:86:e6:aa:fd:
82:56:a8:79:42:a2:a5:d7:39:e0:73:1b:6a:4d:fe:79:45:32:
68:52:ca:f1:9d:ae:86:5f:b5:67:60:f8:e8:33:85:b0:18:2e:
b7:8a:22:30
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUEq20fPj5gjezMtqjZHBO499WxIMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDA2MDQxMTUxNDJaFw0yNTA2MDMxMTU2NDJaMDMxMTAvBgNV
BAMTKEJFMkJDOUU1RTEyQzRFMTExMTY5QTAyOEIwN0ZBOEU0M0M5QTBGMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg2iecN0NP71bEv/TYqx7LwjoB
SBPtrLYaudkk2fS4zIMZUE10nklsXvRwn8TseNoRzANe923V9S7S9hol33FW+Mhj
xF1EC6V3Hrx4n5I2TYVWiV1uheLFYu51AaaWWBbM09jkPSBhqZTZIOsQdfTaUHf/
J3a2b0wdhqISv3j60WyVqyGLXqf67kaKSu1n9EoCZJlTpjeX0svDBL2RBqTeENPf
Z7gAjkrknVouRoCOmQdjiFqtdIf157yDGIQ0IlDnxVVF/KoOVX6aiuQ06YtpPLHW
hDG0wsLTg/4tLxE9lAjhUdT1/htXlmxs2uO+xDeoeivKqNk8SKexuo7wjJ7XAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUvivJ5eEsThERaaAosH+o5DyaDzgwHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMjYzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzkzMDMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAACwwDQYJKoZIhvcNAQELBQADggEBAAXxfhVcMy74eEkOEHXn6wqqz2DV
H8tlsuK7N+vJXnn8z4kKRFniTcXrh/Uxp1ozQ+EV+SM+6mO4q80YroGt6HJa6X4S
IIhwaBi7iB2wT9hJh50AgIZRNHLy7odJus/A9JcMs9A7IaOThO9j5S5LF4hhIkcq
xFLsfzMvXiAsnI+A3R3YcOX9Cxn0Swf9GHjlXGYQRPvxirrsGlQa1TtcFW7x113n
AroSgFxeg9RTddSdcgunbCvaj7PsNc1jueQkk/HXTMq7quNhol+vGk0U1VHvsKnD
huaq/YJWqHlCoqXXOeBzG2pN/nlFMmhSyvGdroZftWdg+OgzhbAYLreKIjA=
-----END CERTIFICATE-----
Generated at Thu Nov 21 06:13:28 2024 by rpki-client on console-ams.rpki-client.org