Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a333a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a333a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: JIzJ/zHctyGFGSPomVMadFVGQwv5ElWDXW56dG70Bao=
Subject key identifier: 47:C2:64:78:DD:7A:D4:B4:AB:19:0D:82:9D:F6:08:A7:57:A2:48:CB
Certificate issuer: /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial: 448249E5D682C2F91339F0DAA5C3CE99668CAF87
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a333a3a2f34382d3438203d3e203239383032.roa
Signing time: Fri 01 Nov 2024 07:43:27 +0000
ROA not before: Fri 01 Nov 2024 07:38:27 +0000
ROA not after: Fri 31 Oct 2025 07:43:27 +0000
asID: 29802
IP address blocks: 2a13:9500:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:82:49:e5:d6:82:c2:f9:13:39:f0:da:a5:c3:ce:99:66:8c:af:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Validity
Not Before: Nov 1 07:38:27 2024 GMT
Not After : Oct 31 07:43:27 2025 GMT
Subject: CN=47C26478DD7AD4B4AB190D829DF608A757A248CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:98:63:0e:d6:e4:2f:09:33:cd:fc:4c:e0:7d:
14:ea:22:8a:2c:e4:ba:c4:0f:b0:0d:8b:69:f7:be:
be:53:3f:e9:5c:ee:d3:d2:70:18:c8:fe:a5:33:fe:
68:9c:0b:d7:46:44:dc:1c:ae:ba:2e:a4:62:ae:ba:
6e:76:2a:db:9a:b9:4a:81:8b:2b:c7:ff:b7:ed:2f:
99:8d:15:55:9c:58:76:e3:38:20:f7:e3:b0:e2:c8:
f0:90:13:42:bb:fe:de:2f:f1:54:0a:25:89:8c:a5:
76:c7:18:20:80:be:a9:c6:d0:aa:b5:95:fc:26:c4:
bb:c5:09:98:b3:9c:71:27:82:5b:63:ac:0c:12:7b:
ef:fa:d3:49:1d:59:f4:a2:df:8e:aa:db:f5:31:38:
e0:3b:76:d5:82:87:86:0a:2f:7a:1b:57:c2:64:bb:
ec:8e:6c:20:0b:d7:78:9d:1a:21:8c:fb:10:d2:ea:
ff:c5:28:71:78:0e:c1:76:88:97:9c:ef:32:28:67:
12:7c:e3:fe:3c:5a:3b:34:fe:34:83:88:bd:b2:2a:
6e:f4:54:aa:39:04:27:c6:8c:bf:01:e1:2c:7a:96:
9f:0a:50:35:56:0b:5a:ef:25:32:5c:8a:cc:a0:0d:
7c:6b:fd:7f:ce:99:24:ac:27:43:21:f8:97:bb:7d:
5e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:C2:64:78:DD:7A:D4:B4:AB:19:0D:82:9D:F6:08:A7:57:A2:48:CB
X509v3 Authority Key Identifier:
keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530303a333a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:3::/48
Signature Algorithm: sha256WithRSAEncryption
1f:d8:dc:c6:0a:b2:3d:de:40:68:2d:e2:8c:68:f6:b1:50:da:
d0:35:77:4a:27:d9:a7:a6:49:1d:78:f0:a4:6d:14:5b:7d:08:
11:56:26:91:80:e0:58:c2:e5:79:34:d1:b7:18:e6:97:4f:e9:
3e:c5:36:de:aa:e8:c4:93:72:9a:34:d2:6b:03:69:0d:ac:31:
c5:ec:44:ba:f2:04:0e:8e:bc:27:1d:ac:78:6e:53:9e:f7:36:
ca:a5:6d:c5:43:49:63:a3:56:a1:88:b4:32:e4:97:b4:5e:4b:
6b:dc:b2:2d:f3:f6:ff:08:60:e5:aa:67:de:79:a4:ad:26:98:
5e:35:59:2b:78:29:96:0c:7b:ae:95:28:b9:3b:9e:89:ce:87:
b8:67:00:c9:ca:9a:0a:a4:48:f9:20:81:a0:a7:e0:3e:05:44:
7c:32:32:f8:8d:2c:be:97:5c:86:58:aa:3f:4d:b6:75:32:63:
73:36:9f:23:43:d3:0a:c5:5c:0b:3f:6c:a0:6a:80:d3:86:4d:
57:6a:c0:e5:56:ee:c8:b3:2f:15:40:ef:ef:17:04:b9:a0:e0:
ad:c7:4c:86:77:4d:ab:6e:36:71:0c:28:4b:22:3e:5d:cb:c2:
03:f1:79:68:0d:58:4c:aa:53:8e:22:9f:58:2b:25:d2:ac:3f:
2a:92:ae:3e
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIURIJJ5daCwvkTOfDapcPOmWaMr4cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDExMDEwNzM4MjdaFw0yNTEwMzEwNzQzMjdaMDMxMTAvBgNV
BAMTKDQ3QzI2NDc4REQ3QUQ0QjRBQjE5MEQ4MjlERjYwOEE3NTdBMjQ4Q0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtmGMO1uQvCTPN/EzgfRTqIoos
5LrED7ANi2n3vr5TP+lc7tPScBjI/qUz/micC9dGRNwcrroupGKuum52KtuauUqB
iyvH/7ftL5mNFVWcWHbjOCD347DiyPCQE0K7/t4v8VQKJYmMpXbHGCCAvqnG0Kq1
lfwmxLvFCZiznHEngltjrAwSe+/600kdWfSi346q2/UxOOA7dtWCh4YKL3obV8Jk
u+yObCAL13idGiGM+xDS6v/FKHF4DsF2iJec7zIoZxJ84/48Wjs0/jSDiL2yKm70
VKo5BCfGjL8B4Sx6lp8KUDVWC1rvJTJcisygDXxr/X/OmSSsJ0Mh+Je7fV7JAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUR8JkeN161LSrGQ2CnfYIp1eiSMswHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAAAMwDQYJKoZIhvcNAQELBQADggEBAB/Y3MYKsj3eQGgt4oxo9rFQ2tA1
d0on2aemSR148KRtFFt9CBFWJpGA4FjC5Xk00bcY5pdP6T7FNt6q6MSTcpo00msD
aQ2sMcXsRLryBA6OvCcdrHhuU573NsqlbcVDSWOjVqGItDLkl7ReS2vcsi3z9v8I
YOWqZ955pK0mmF41WSt4KZYMe66VKLk7nonOh7hnAMnKmgqkSPkggaCn4D4FRHwy
MviNLL6XXIZYqj9NtnUyY3M2nyND0wrFXAs/bKBqgNOGTVdqwOVW7sizLxVA7+8X
BLmg4K3HTIZ3TatuNnEMKEsiPl3LwgPxeWgNWEyqU44in1grJdKsPyqSrj4=
-----END CERTIFICATE-----
Generated at Thu Nov 21 06:13:28 2024 by rpki-client on console-ams.rpki-client.org