Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa
File: 326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa (raw, json)
Hash identifier: 8/2mbGbaC4ennlzI7y1e8hUNr9fsr7Pr+/K69/OYKQg=
Subject key identifier: 34:3A:9F:F5:CE:0C:62:27:54:70:53:FF:88:67:25:0B:03:5A:DB:16
Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial: 5B8A71AD4D89EEB45E67703BAEEB630DCCAE17CB
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa
Signing time: Mon 02 Dec 2024 18:33:15 +0000
ROA not before: Mon 02 Dec 2024 18:28:15 +0000
ROA not after: Mon 01 Dec 2025 18:33:15 +0000
asID: 13335
IP address blocks: 2a13:9644:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:33:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:8a:71:ad:4d:89:ee:b4:5e:67:70:3b:ae:eb:63:0d:cc:ae:17:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
Validity
Not Before: Dec 2 18:28:15 2024 GMT
Not After : Dec 1 18:33:15 2025 GMT
Subject: CN=343A9FF5CE0C6227547053FF8867250B035ADB16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:89:99:94:e9:e0:33:37:bc:44:88:2e:8c:6d:
eb:bf:3c:8a:95:a7:0a:4f:c2:8c:a0:d7:cf:ad:66:
e6:db:c1:92:67:08:e0:63:8f:06:d8:d0:fb:7d:ec:
83:ee:14:b4:be:a4:ce:a4:a1:ce:34:55:11:24:9d:
70:c4:ca:4b:30:ff:75:ad:47:7f:a3:f4:ec:27:b6:
c9:6c:0b:cf:3c:de:e7:5b:44:11:aa:6f:ad:37:ff:
f1:c2:b3:e5:6a:63:2a:53:c3:f1:5e:59:15:2a:60:
1c:37:98:56:ba:f8:e7:4d:10:bd:c5:5c:14:46:d0:
b4:80:4b:4c:37:01:2b:8c:a5:36:43:1f:7c:74:88:
ee:a1:06:f9:fc:57:db:89:e9:f8:df:02:76:5b:97:
b3:34:d8:3a:8d:33:dc:05:ea:d2:41:84:3f:92:34:
fa:40:15:9c:4f:84:75:9e:b6:6e:97:3b:f4:00:c3:
1a:74:0e:aa:bd:63:86:0d:68:dd:bd:7c:8f:86:f5:
02:0d:5d:01:6a:f0:b3:e1:99:00:36:e8:88:8c:e4:
4a:a5:8b:b9:7d:00:96:59:41:b3:a1:3d:9a:00:31:
be:c6:89:66:04:c9:28:ed:d0:78:12:c6:31:72:9d:
f0:ad:96:6b:04:c3:0c:f4:cb:13:57:22:03:cb:4d:
c4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:3A:9F:F5:CE:0C:62:27:54:70:53:FF:88:67:25:0B:03:5A:DB:16
X509v3 Authority Key Identifier:
keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9644:4000::/40
Signature Algorithm: sha256WithRSAEncryption
3d:04:17:6a:b1:48:42:0a:d5:9b:f2:52:ba:a1:ca:36:35:1d:
c3:07:f8:77:6c:a8:f3:ad:45:67:4f:c3:14:02:70:b0:46:2d:
14:04:3c:8a:1b:b6:ac:4b:9a:e7:d9:2b:a4:f1:17:76:29:f3:
9f:fd:8e:ad:7d:9e:be:07:38:36:1d:5f:ab:93:02:46:4c:e7:
65:0d:8c:7a:ef:5d:45:a0:58:61:2a:9b:88:8c:16:4f:1a:66:
9e:68:8f:41:73:81:c9:12:82:5f:ab:99:7c:bf:a6:2c:a5:38:
09:9f:67:61:77:0b:b8:6c:45:7b:b8:9c:1f:07:7d:73:14:40:
45:61:bd:49:4c:54:59:b7:cf:af:cc:da:fb:b6:e0:cb:84:89:
3e:0a:9f:98:57:61:37:bb:d5:fd:d3:5d:85:a4:ba:f2:ee:60:
05:e1:ef:5e:af:29:03:85:b2:12:e8:eb:cc:70:43:f4:2b:31:
4b:d2:1a:0a:e4:33:c2:b2:1b:b0:ae:73:b7:28:bf:ba:39:9d:
2c:1c:56:8a:2a:d9:c1:dc:ae:3a:10:da:84:7f:91:10:65:6c:
4b:d9:54:5c:70:39:b5:43:40:10:02:33:bb:f5:3a:8d:64:93:
3e:7b:ef:2d:e6:cf:c0:21:d6:57:83:22:77:5c:44:8d:ac:ec:
83:da:7e:0f
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUW4pxrU2J7rReZ3A7rutjDcyuF8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNDEyMDIxODI4MTVaFw0yNTEyMDExODMzMTVaMDMxMTAvBgNV
BAMTKDM0M0E5RkY1Q0UwQzYyMjc1NDcwNTNGRjg4NjcyNTBCMDM1QURCMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTiZmU6eAzN7xEiC6Mbeu/PIqV
pwpPwoyg18+tZubbwZJnCOBjjwbY0Pt97IPuFLS+pM6koc40VREknXDEyksw/3Wt
R3+j9OwntslsC8883udbRBGqb603//HCs+VqYypTw/FeWRUqYBw3mFa6+OdNEL3F
XBRG0LSAS0w3ASuMpTZDH3x0iO6hBvn8V9uJ6fjfAnZbl7M02DqNM9wF6tJBhD+S
NPpAFZxPhHWetm6XO/QAwxp0Dqq9Y4YNaN29fI+G9QINXQFq8LPhmQA26IiM5Eql
i7l9AJZZQbOhPZoAMb7GiWYEySjt0HgSxjFynfCtlmsEwwz0yxNXIgPLTcRJAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUNDqf9c4MYidUcFP/iGclCwNa2xYwHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTMwZGU4NGIt
NDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1YjQ5LzAvMzI2MTMxMzMzYTM5MzYzNDM0
M2EzNDMwMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMxMzMzMzMzMzUucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqE5ZEQDANBgkqhkiG9w0BAQsFAAOCAQEAPQQXarFIQgrVm/JSuqHK
NjUdwwf4d2yo861FZ0/DFAJwsEYtFAQ8ihu2rEua59krpPEXdinzn/2OrX2evgc4
Nh1fq5MCRkznZQ2Meu9dRaBYYSqbiIwWTxpmnmiPQXOByRKCX6uZfL+mLKU4CZ9n
YXcLuGxFe7icHwd9cxRARWG9SUxUWbfPr8za+7bgy4SJPgqfmFdhN7vV/dNdhaS6
8u5gBeHvXq8pA4WyEujrzHBD9CsxS9IaCuQzwrIbsK5ztyi/ujmdLBxWiirZwdyu
OhDahH+REGVsS9lUXHA5tUNAEAIzu/U6jWSTPnvvLebPwCHWV4Mid1xEjazsg9p+
Dw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:38 2025 by rpki-client