Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/flPRgr2FlEYPjuYGeZBp_RKrbJg.roa
File: flPRgr2FlEYPjuYGeZBp_RKrbJg.roa (raw, json)
Hash identifier: 2aLVVTXVBjJVt01gfSsfxhQ8R5jE9429y3f+CqeTtHQ=
Subject key identifier: 7E:53:D1:82:BD:85:94:46:0F:8E:E6:06:79:90:69:FD:12:AB:6C:98
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 018E0D31A55526AC45D1EA17C814E14B34B1
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/flPRgr2FlEYPjuYGeZBp_RKrbJg.roa
Signing time: Tue 05 Mar 2024 05:59:01 +0000
ROA not before: Tue 05 Mar 2024 05:59:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215568
IP address blocks: 2a13:dfc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 07:02:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0d:31:a5:55:26:ac:45:d1:ea:17:c8:14:e1:4b:34:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Mar 5 05:59:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e53d182bd8594460f8ee606799069fd12ab6c98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:70:8b:dc:29:ce:b8:7d:cd:f9:31:4a:cc:e4:
11:1e:89:ae:e1:96:18:62:f5:55:58:b6:2d:68:20:
e9:db:7e:17:b0:37:ea:60:8c:74:dd:92:ed:89:fd:
75:a6:ab:83:f8:5a:d9:cb:2d:45:ed:c4:d6:07:6d:
ac:4b:28:e3:ca:ca:94:31:97:e0:2d:a4:e3:92:eb:
cd:e4:6b:61:55:37:d8:e1:46:f6:14:69:38:0e:c1:
da:48:a3:04:aa:03:4f:4e:f5:e3:93:69:b9:e5:ba:
15:f5:bd:17:5e:9f:e5:7c:f8:03:a8:b0:85:a5:84:
45:20:00:5e:e3:69:1b:66:d7:e3:4e:05:f7:d4:83:
69:84:f5:09:24:60:51:5e:0d:80:2e:90:b5:bc:fd:
9b:7f:4a:0e:f4:12:0e:07:60:e4:6a:c2:bd:17:74:
f4:bb:56:bd:aa:3c:84:95:e8:b7:dc:9f:d9:d0:b9:
de:fc:02:9e:b5:99:f6:08:8b:4e:d0:89:8c:35:e2:
67:e1:b2:e7:8f:d1:af:78:2e:b9:e2:cc:63:12:cf:
fa:d9:39:72:d2:71:03:91:58:cd:76:db:e5:54:e8:
3c:e7:f2:55:b9:2f:0e:8d:67:a1:f1:18:bb:04:1f:
0f:13:f1:9e:f6:be:bb:cc:0e:b3:26:49:1f:f1:34:
82:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:53:D1:82:BD:85:94:46:0F:8E:E6:06:79:90:69:FD:12:AB:6C:98
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/flPRgr2FlEYPjuYGeZBp_RKrbJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:dfc0::/29
Signature Algorithm: sha256WithRSAEncryption
b7:a4:6c:ee:26:9e:17:14:ee:5e:cd:5b:bd:7f:aa:da:46:9e:
32:ae:68:07:bf:05:d8:68:a0:ad:38:c2:fd:2f:f5:7e:4c:33:
65:45:6a:16:cb:ed:ec:6a:ce:31:55:ca:b3:14:08:71:fc:77:
ea:5d:44:fa:22:4f:6d:2b:3b:ad:24:59:d0:cb:82:35:01:68:
bc:ba:d1:fa:a3:9b:90:9c:d3:62:9a:f5:3b:db:0b:80:22:e7:
1f:91:12:ad:e3:43:ab:84:41:58:bd:fb:d5:7e:2d:4a:c1:fd:
49:df:53:c3:26:da:04:54:0c:2a:cc:50:3e:56:9b:12:78:a4:
87:f9:9e:d4:c8:ea:d1:64:49:32:d3:49:ad:3a:c0:74:c0:4e:
82:8b:14:f5:52:cf:41:13:49:16:90:2e:89:c3:41:69:80:1b:
d6:af:da:d8:b2:f4:02:35:bd:b7:c8:78:cd:6c:4f:f8:e7:84:
f6:a9:ce:5e:eb:eb:f1:ee:3c:cc:02:a5:08:02:21:06:fb:bc:
af:5f:24:e6:a8:f7:63:d0:6b:26:5d:81:f2:8e:01:73:0a:53:
a2:bf:42:b7:6c:76:a1:91:ed:c5:e9:fa:7f:26:29:45:13:e1:
83:81:85:69:24:cd:60:60:11:e5:bd:86:66:c8:7c:32:a8:28:
a6:06:2b:aa
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY4NMaVVJqxF0eoXyBThSzSxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjQwMzA1MDU1OTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTUzZDE4MmJkODU5NDQ2MGY4ZWU2MDY3OTkwNjlmZDEyYWI2Yzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHCL3CnOuH3N+TFKzOQRHomu4ZYY
YvVVWLYtaCDp234XsDfqYIx03ZLtif11pquD+FrZyy1F7cTWB22sSyjjysqUMZfg
LaTjkuvN5GthVTfY4Ub2FGk4DsHaSKMEqgNPTvXjk2m55boV9b0XXp/lfPgDqLCF
pYRFIABe42kbZtfjTgX31INphPUJJGBRXg2ALpC1vP2bf0oO9BIOB2DkasK9F3T0
u1a9qjyElei33J/Z0Lne/AKetZn2CItO0ImMNeJn4bLnj9GveC654sxjEs/62Tly
0nEDkVjNdtvlVOg85/JVuS8OjWeh8Ri7BB8PE/Ge9r67zA6zJkkf8TSCPwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFH5T0YK9hZRGD47mBnmQaf0Sq2yYMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvZmxQUmdyMkZsRVlQanVZR2VaQnBfUktyYkpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPfwDAN
BgkqhkiG9w0BAQsFAAOCAQEAt6Rs7iaeFxTuXs1bvX+q2kaeMq5oB78F2GigrTjC
/S/1fkwzZUVqFsvt7GrOMVXKsxQIcfx36l1E+iJPbSs7rSRZ0MuCNQFovLrR+qOb
kJzTYpr1O9sLgCLnH5ESreNDq4RBWL371X4tSsH9Sd9TwybaBFQMKsxQPlabEnik
h/me1Mjq0WRJMtNJrTrAdMBOgosU9VLPQRNJFpAuicNBaYAb1q/a2LL0AjW9t8h4
zWxP+OeE9qnOXuvr8e48zAKlCAIhBvu8r18k5qj3Y9BrJl2B8o4BcwpTor9Ct2x2
oZHtxen6fyYpRRPhg4GFaSTNYGAR5b2GZsh8MqgopgYrqg==
-----END CERTIFICATE-----
Generated at Mon May 20 15:56:45 2024 by rpki-client on console-ams.rpki-client.org