Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32643a3a2f34382d3438203d3e20323039313831.roa
File: 326131333a393530303a32643a3a2f34382d3438203d3e20323039313831.roa (raw, json)
Hash identifier: 0Cg39+OYPZURqs2A3r0Dl/j/f0BxMyWWZhgHcT4zO9s=
Subject key identifier: CA:77:34:D4:21:34:F0:12:10:64:35:8A:AE:CA:B8:44:51:FA:38:9D
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 4919281345B719E525924ECFB45BC49CE09FA7A8
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32643a3a2f34382d3438203d3e20323039313831.roa
Signing time: Wed 24 Jul 2024 13:40:27 +0000
ROA not before: Wed 24 Jul 2024 13:35:27 +0000
ROA not after: Wed 23 Jul 2025 13:40:27 +0000
asID: 209181
IP address blocks: 2a13:9500:2d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:19:28:13:45:b7:19:e5:25:92:4e:cf:b4:5b:c4:9c:e0:9f:a7:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Jul 24 13:35:27 2024 GMT
Not After : Jul 23 13:40:27 2025 GMT
Subject: CN=CA7734D42134F0121064358AAECAB84451FA389D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2d:10:03:03:d7:db:36:eb:4d:15:49:61:8a:
07:2d:65:19:c3:44:a4:dc:c7:99:5d:30:5a:40:43:
8b:3d:3e:e1:47:a2:57:51:08:f7:d1:b3:fb:b8:19:
5f:e7:2a:00:ea:8a:ce:93:9b:45:61:87:f5:fc:bd:
a1:1f:51:8d:41:e5:be:a8:a6:b0:0d:af:eb:54:72:
ba:64:71:71:7c:ca:2b:e2:69:d1:64:92:91:01:d1:
c0:2e:5c:20:a8:6d:88:1d:9a:c1:31:80:b9:e9:d5:
02:f4:0b:25:18:9c:de:2b:c0:5d:03:dd:23:ed:2a:
8c:6a:2e:df:65:f5:6f:75:9d:8a:36:9d:c4:bc:57:
85:aa:f5:41:fb:68:8e:e7:b1:76:9c:7d:b8:35:0d:
22:75:b9:b1:7e:a1:08:54:e7:af:02:97:54:b1:f1:
65:7c:68:60:b6:ab:d1:05:60:70:7d:d2:6f:87:7a:
55:8b:1a:14:f5:65:35:80:c2:21:71:d2:6a:cd:1d:
94:da:6a:92:7a:5f:19:cb:01:de:61:ab:7d:19:ad:
d0:ad:a5:35:04:66:29:e6:77:f7:b0:81:4e:2e:b8:
13:4a:f7:61:77:b8:45:46:73:8b:81:0f:81:b9:89:
7e:0d:1c:66:b5:9d:52:dc:de:fa:9d:99:64:85:41:
5a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:77:34:D4:21:34:F0:12:10:64:35:8A:AE:CA:B8:44:51:FA:38:9D
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a32643a3a2f34382d3438203d3e20323039313831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:2d::/48
Signature Algorithm: sha256WithRSAEncryption
a1:ad:e0:0f:3b:d9:2d:19:a6:a8:a6:0b:e2:22:d6:de:7e:08:
50:4c:40:9a:9a:5a:1e:32:c8:92:a7:3b:25:a0:7a:87:54:3b:
13:2c:5e:8e:6e:3a:0b:a5:66:50:30:85:2d:d2:06:0c:c5:fc:
54:b0:49:9b:e1:28:0a:9a:b1:e5:62:4f:df:a7:ad:41:e7:8e:
25:cc:96:b7:c0:a8:82:56:98:dc:c8:29:9e:ff:cf:2c:04:19:
0f:74:64:6f:e8:6b:5b:7b:be:81:40:78:f4:31:d2:d8:5b:65:
ed:c8:51:1b:40:71:18:c1:56:69:ba:31:2a:2d:8b:30:f1:2c:
66:d9:2d:9b:4e:6d:f4:41:14:c1:a1:fc:ae:e2:75:3d:92:85:
d4:e9:da:4a:d6:84:f8:8b:18:ec:13:13:57:27:65:86:30:91:
db:c1:db:bf:a8:31:76:2f:a3:1a:93:d6:8b:a8:fd:e4:c9:13:
79:7e:a8:ac:f9:f6:b5:b4:c6:38:1a:15:71:8d:74:25:fb:83:
d5:8d:04:17:6e:91:6c:ec:14:ac:64:7f:1f:c1:7a:5b:9e:51:
7e:33:62:66:33:f2:a4:2a:f8:da:03:92:a6:e0:a1:66:38:65:
e0:5d:f5:51:0b:70:4a:fc:a0:af:1e:d7:7b:21:37:69:e4:6c:
53:37:e8:45
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUSRkoE0W3GeUlkk7PtFvEnOCfp6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDA3MjQxMzM1MjdaFw0yNTA3MjMxMzQwMjdaMDMxMTAvBgNV
BAMTKENBNzczNEQ0MjEzNEYwMTIxMDY0MzU4QUFFQ0FCODQ0NTFGQTM4OUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtLRADA9fbNutNFUlhigctZRnD
RKTcx5ldMFpAQ4s9PuFHoldRCPfRs/u4GV/nKgDqis6Tm0Vhh/X8vaEfUY1B5b6o
prANr+tUcrpkcXF8yiviadFkkpEB0cAuXCCobYgdmsExgLnp1QL0CyUYnN4rwF0D
3SPtKoxqLt9l9W91nYo2ncS8V4Wq9UH7aI7nsXacfbg1DSJ1ubF+oQhU568Cl1Sx
8WV8aGC2q9EFYHB90m+HelWLGhT1ZTWAwiFx0mrNHZTaapJ6XxnLAd5hq30ZrdCt
pTUEZinmd/ewgU4uuBNK92F3uEVGc4uBD4G5iX4NHGa1nVLc3vqdmWSFQVqJAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUync01CE08BIQZDWKrsq4RFH6OJ0wHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMjY0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDM5MzEzODMxLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhOVAAAtMA0GCSqGSIb3DQEBCwUAA4IBAQChreAPO9ktGaaopgviItbe
fghQTECamloeMsiSpzsloHqHVDsTLF6ObjoLpWZQMIUt0gYMxfxUsEmb4SgKmrHl
Yk/fp61B544lzJa3wKiCVpjcyCme/88sBBkPdGRv6Gtbe76BQHj0MdLYW2XtyFEb
QHEYwVZpujEqLYsw8Sxm2S2bTm30QRTBofyu4nU9koXU6dpK1oT4ixjsExNXJ2WG
MJHbwdu/qDF2L6Mak9aLqP3kyRN5fqis+fa1tMY4GhVxjXQl+4PVjQQXbpFs7BSs
ZH8fwXpbnlF+M2JmM/KkKvjaA5Km4KFmOGXgXfVRC3BK/KCvHtd7ITdp5GxTN+hF
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:59:20 2024 by rpki-client on console-fra.rpki-client.org