Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa
File: 326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa (raw, json)
Hash identifier: 2yKfO2WqsfZLWhFp8Vgn43JsqJJGZp0JL5E1MzApx8g=
Subject key identifier: 8E:99:54:60:97:DE:1E:69:DC:3A:72:43:76:77:2A:DF:3F:4C:1D:1A
Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial: 0244DC04FF52D26A82DF71889DBB15DF45C2CAC1
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa
Signing time: Thu 08 Aug 2024 15:13:40 +0000
ROA not before: Thu 08 Aug 2024 15:08:40 +0000
ROA not after: Thu 07 Aug 2025 15:13:40 +0000
asID: 48194
IP address blocks: 2a13:9644:10::/46 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:44:dc:04:ff:52:d2:6a:82:df:71:88:9d:bb:15:df:45:c2:ca:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
Validity
Not Before: Aug 8 15:08:40 2024 GMT
Not After : Aug 7 15:13:40 2025 GMT
Subject: CN=8E99546097DE1E69DC3A724376772ADF3F4C1D1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:9d:ec:be:69:04:a5:eb:65:ea:ab:73:78:43:
c4:39:1d:fb:8f:70:58:b8:4a:e6:5d:a1:3c:f5:85:
0d:ff:b5:fe:d0:b8:0c:4c:df:bd:d8:45:6b:90:5e:
ab:48:27:a4:95:db:2b:aa:d9:81:f7:93:c3:f2:dc:
10:e2:50:50:02:cb:ce:70:7d:70:07:a5:de:a7:5f:
33:5e:c9:67:5a:c7:73:a3:e5:49:84:fb:3c:f0:98:
a5:dd:7f:f6:19:1c:0d:1b:3a:98:e9:a7:91:2a:bd:
0f:e2:06:1a:00:c8:0e:cc:83:75:e2:93:e9:7e:92:
b8:7a:da:86:d1:4d:93:83:29:57:21:94:eb:a1:f4:
e1:1e:7c:3b:95:83:33:80:b2:8c:5b:ad:03:2f:86:
90:e3:c7:b7:ee:46:6d:08:c4:d4:fd:fb:96:62:3d:
31:9e:12:84:da:d3:f0:4d:2e:29:80:07:b4:70:de:
4b:25:90:48:46:14:e4:0d:23:cf:ec:bf:ba:5e:45:
18:95:98:35:c7:1e:b9:78:6b:9e:54:97:d5:70:16:
af:b7:b4:3e:90:01:ff:b1:80:ed:14:3e:27:1c:b2:
06:79:82:9a:72:2c:5c:c5:a5:c4:a7:21:1d:46:bc:
b9:68:8f:14:fb:8e:fe:fd:55:ed:22:d5:32:be:69:
05:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:99:54:60:97:DE:1E:69:DC:3A:72:43:76:77:2A:DF:3F:4C:1D:1A
X509v3 Authority Key Identifier:
keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9644:10::/46
Signature Algorithm: sha256WithRSAEncryption
4a:57:bd:63:a8:4c:17:0f:1f:04:8b:ba:fe:2e:ca:f4:98:80:
82:5b:10:58:17:14:3c:d0:26:ef:96:63:7d:7e:96:c9:98:f0:
95:76:b9:93:5e:1b:14:b8:33:23:d1:3c:e9:6c:84:69:89:67:
51:86:d8:f9:9b:4f:75:13:6c:aa:c0:4b:fc:4c:50:76:86:fe:
56:11:7c:84:e0:82:78:f8:52:b2:4e:cf:44:50:35:ab:87:4f:
09:33:a1:40:a4:37:b1:70:5b:18:b1:4a:b6:87:26:2f:40:6f:
b2:5b:6b:b6:4d:43:9b:e9:3a:15:c3:19:7a:4f:7a:80:42:ee:
3b:0a:54:3a:a9:c7:f1:7a:03:b1:72:0c:9f:12:79:fc:5a:c6:
63:8a:16:d9:9d:7a:92:f2:b1:08:dd:ef:12:fa:89:37:a7:73:
63:05:0c:07:fc:9b:72:80:eb:59:25:55:3a:82:9d:52:a5:7b:
f4:01:13:f4:23:50:aa:53:72:59:c2:a5:43:70:52:67:35:29:
31:fd:4f:6c:89:35:70:a5:fa:10:fa:02:d9:2b:22:f5:cd:a3:
de:85:f9:62:91:8e:f1:61:0c:db:eb:c1:ab:f7:6a:80:06:f8:
00:84:54:2a:41:86:11:58:8f:7c:77:8a:7a:04:90:41:69:8e:
45:57:79:ec
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUAkTcBP9S0mqC33GInbsV30XCysEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNDA4MDgxNTA4NDBaFw0yNTA4MDcxNTEzNDBaMDMxMTAvBgNV
BAMTKDhFOTk1NDYwOTdERTFFNjlEQzNBNzI0Mzc2NzcyQURGM0Y0QzFEMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLney+aQSl62Xqq3N4Q8Q5HfuP
cFi4SuZdoTz1hQ3/tf7QuAxM373YRWuQXqtIJ6SV2yuq2YH3k8Py3BDiUFACy85w
fXAHpd6nXzNeyWdax3Oj5UmE+zzwmKXdf/YZHA0bOpjpp5EqvQ/iBhoAyA7Mg3Xi
k+l+krh62obRTZODKVchlOuh9OEefDuVgzOAsoxbrQMvhpDjx7fuRm0IxNT9+5Zi
PTGeEoTa0/BNLimAB7Rw3kslkEhGFOQNI8/sv7peRRiVmDXHHrl4a55Ul9VwFq+3
tD6QAf+xgO0UPiccsgZ5gppyLFzFpcSnIR1GvLlojxT7jv79Ve0i1TK+aQX/AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUjplUYJfeHmncOnJDdncq3z9MHRowHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTMwZGU4NGIt
NDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1YjQ5LzAvMzI2MTMxMzMzYTM5MzYzNDM0
M2EzMTMwM2EzYTJmMzQzNjJkMzQzODIwM2QzZTIwMzQzODMxMzkzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHAioTlkQAEDANBgkqhkiG9w0BAQsFAAOCAQEASle9Y6hMFw8fBIu6/i7K9JiA
glsQWBcUPNAm75ZjfX6WyZjwlXa5k14bFLgzI9E86WyEaYlnUYbY+ZtPdRNsqsBL
/ExQdob+VhF8hOCCePhSsk7PRFA1q4dPCTOhQKQ3sXBbGLFKtocmL0Bvsltrtk1D
m+k6FcMZek96gELuOwpUOqnH8XoDsXIMnxJ5/FrGY4oW2Z16kvKxCN3vEvqJN6dz
YwUMB/ybcoDrWSVVOoKdUqV79AET9CNQqlNyWcKlQ3BSZzUpMf1PbIk1cKX6EPoC
2Ssi9c2j3oX5YpGO8WEM2+vBq/dqgAb4AIRUKkGGEViPfHeKegSQQWmORVd57A==
-----END CERTIFICATE-----
Generated at Sat Sep 28 19:49:41 2024 by rpki-client on console-fra.rpki-client.org