Route Origin Authorization
$ rpki-client -vvf repo.rpki.space/repo/Infiniroute/1/326131343a3763373a3a2f33322d3332203d3e203533333536.roa
File: 326131343a3763373a3a2f33322d3332203d3e203533333536.roa (raw, json)
Hash identifier: 8cAm5TJe5fE34+Vyex8gLvlKwXvr8z5OkfSU/KUF7IQ=
Subject key identifier: 4B:AD:4C:78:47:70:9F:40:FE:C9:86:55:E1:6F:4F:9C:2A:21:33:D7
Certificate issuer: /CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
Certificate serial: 57BD497759FB087345FEFF38BE42FA2340A9285C
Authority key identifier: 5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
Subject info access: rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763373a3a2f33322d3332203d3e203533333536.roa
Signing time: Tue 28 May 2024 14:57:39 +0000
ROA not before: Tue 28 May 2024 14:52:39 +0000
ROA not after: Tue 27 May 2025 14:57:39 +0000
asID: 53356
IP address blocks: 2a14:7c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 21:43:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:bd:49:77:59:fb:08:73:45:fe:ff:38:be:42:fa:23:40:a9:28:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
Validity
Not Before: May 28 14:52:39 2024 GMT
Not After : May 27 14:57:39 2025 GMT
Subject: CN=4BAD4C7847709F40FEC98655E16F4F9C2A2133D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:aa:38:0f:28:b4:58:3a:0f:9c:86:f3:5b:39:
0d:0a:92:58:72:c2:18:1b:e9:74:8d:00:2b:b3:ea:
e4:b3:24:78:05:ec:27:f8:2e:d9:f9:6d:ab:a2:32:
f1:d3:f6:97:a8:88:fe:b3:ae:0d:58:08:f3:01:b3:
86:7c:72:4c:4a:e5:65:fe:9f:38:dd:d6:9c:30:28:
3a:d6:c1:90:89:dc:e2:1a:98:c4:30:a4:a8:43:4e:
eb:01:78:95:51:97:a2:55:16:41:5a:16:c2:78:a5:
96:ca:cb:9b:59:7a:a0:ab:1f:3e:d8:1e:d8:09:d7:
97:cd:3b:5f:61:db:1b:45:a7:05:9b:5f:19:e2:c8:
0d:ba:75:45:ce:87:7c:b0:e9:14:77:67:8f:ac:d5:
c0:a7:cf:bb:08:76:55:93:28:ed:24:e9:4b:ea:a0:
7f:18:6b:40:6e:3a:cd:67:f7:88:43:c8:a2:5b:a1:
96:9f:91:6d:18:59:01:71:2f:78:3e:a8:1b:e7:8c:
c2:99:b5:ae:2a:3d:09:23:a3:d8:d8:04:bd:ff:98:
62:94:2d:6e:72:e6:d4:90:3d:53:d6:45:d9:68:d9:
5f:89:2f:91:ac:6f:82:aa:26:45:01:4d:48:d0:31:
ec:cd:a1:2c:be:94:a6:29:ed:b5:c6:c7:00:53:85:
fe:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:AD:4C:78:47:70:9F:40:FE:C9:86:55:E1:6F:4F:9C:2A:21:33:D7
X509v3 Authority Key Identifier:
keyid:5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
Subject Information Access:
Signed Object - URI:rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763373a3a2f33322d3332203d3e203533333536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7c7::/32
Signature Algorithm: sha256WithRSAEncryption
92:a0:1e:2b:68:89:81:fb:28:64:b9:31:53:cb:e2:ee:d1:87:
c0:59:54:80:52:70:22:be:aa:e3:32:30:03:87:f3:fc:9a:04:
03:84:8a:65:3d:81:01:1a:2a:60:c2:dd:6a:b5:74:74:5f:21:
7b:11:ab:02:ce:20:ad:46:e4:8d:02:55:a3:8e:e5:e2:49:7e:
b6:b7:ce:0d:24:a4:8f:29:4f:9b:c4:30:62:f4:4e:0a:e9:13:
9a:54:e6:e8:96:88:ea:cf:75:e0:97:aa:a0:e7:db:fe:73:98:
dc:73:11:a5:2c:05:bc:d8:16:f6:c9:03:2b:7d:47:d2:50:11:
d3:66:c7:c9:f6:ed:3e:52:6d:4b:49:95:5b:15:04:e3:3b:e8:
43:5c:96:36:3b:0c:5a:22:fd:a7:bf:70:8a:fb:e9:44:4c:93:
8a:b2:d4:4e:01:85:ba:1f:cf:bb:72:5c:8e:5e:40:d1:69:16:
40:f3:ac:a4:7c:b4:92:40:ac:16:9f:aa:b3:d6:af:99:1c:62:
74:0e:79:c7:53:74:63:ec:74:cf:d4:c6:41:1a:64:90:6a:13:
f2:9c:66:a4:c3:d5:22:49:e4:e6:3f:3e:9e:40:c3:5b:66:0e:
c1:a1:a2:f6:df:b0:70:a7:fb:51:9e:d7:0e:54:23:08:6f:2b:
5b:a9:6d:d5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIUV71Jd1n7CHNF/v84vkL6I0CpKFwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWI4ZTIxYzY4OTBiZDc5YWI3NjRkOTFiNjBjMzljM2I3
ZTQ5ODVlMTAeFw0yNDA1MjgxNDUyMzlaFw0yNTA1MjcxNDU3MzlaMDMxMTAvBgNV
BAMTKDRCQUQ0Qzc4NDc3MDlGNDBGRUM5ODY1NUUxNkY0RjlDMkEyMTMzRDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTqjgPKLRYOg+chvNbOQ0Kklhy
whgb6XSNACuz6uSzJHgF7Cf4Ltn5bauiMvHT9peoiP6zrg1YCPMBs4Z8ckxK5WX+
nzjd1pwwKDrWwZCJ3OIamMQwpKhDTusBeJVRl6JVFkFaFsJ4pZbKy5tZeqCrHz7Y
HtgJ15fNO19h2xtFpwWbXxniyA26dUXOh3yw6RR3Z4+s1cCnz7sIdlWTKO0k6Uvq
oH8Ya0BuOs1n94hDyKJboZafkW0YWQFxL3g+qBvnjMKZta4qPQkjo9jYBL3/mGKU
LW5y5tSQPVPWRdlo2V+JL5Gsb4KqJkUBTUjQMezNoSy+lKYp7bXGxwBThf4RAgMB
AAGjggHfMIIB2zAdBgNVHQ4EFgQUS61MeEdwn0D+yYZV4W9PnCohM9cwHwYDVR0j
BBgwFoAUW44hxokL15q3ZNkbYMOcO35JheEwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5p
cm91dGUvMS81QjhFMjFDNjg5MEJENzlBQjc2NEQ5MUI2MEMzOUMzQjdFNDk4NUUx
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVzQ0aHhva0wxNXEzWk5rYllNT2NP
MzVKaGVFLmNlcjB9BggrBgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5jOi8v
cmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5pcm91dGUvMS8zMjYxMzEzNDNhMzc2
MzM3M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzUzMzMzMzUzNi5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
ACoUB8cwDQYJKoZIhvcNAQELBQADggEBAJKgHitoiYH7KGS5MVPL4u7Rh8BZVIBS
cCK+quMyMAOH8/yaBAOEimU9gQEaKmDC3Wq1dHRfIXsRqwLOIK1G5I0CVaOO5eJJ
fra3zg0kpI8pT5vEMGL0TgrpE5pU5uiWiOrPdeCXqqDn2/5zmNxzEaUsBbzYFvbJ
Ayt9R9JQEdNmx8n27T5SbUtJlVsVBOM76ENcljY7DFoi/ae/cIr76URMk4qy1E4B
hbofz7tyXI5eQNFpFkDzrKR8tJJArBafqrPWr5kcYnQOecdTdGPsdM/UxkEaZJBq
E/KcZqTD1SJJ5OY/Pp5Aw1tmDsGhovbfsHCn+1Ge1w5UIwhvK1upbdU=
-----END CERTIFICATE-----
Generated at Tue Jul 2 00:07:29 2024 by rpki-client on console-fra.rpki-client.org