Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/Z97uEXyHiYNVchLluvaU_uUhyXQ.roa
File: Z97uEXyHiYNVchLluvaU_uUhyXQ.roa (raw, json)
Hash identifier: k7oWDcUB+tiV6klmzGiSljdbbj//d2LywFueuMo3SHA=
Subject key identifier: 67:DE:EE:11:7C:87:89:83:55:72:12:E5:BA:F6:94:FE:E5:21:C9:74
Certificate issuer: /CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Certificate serial: 018E3DEE34986919F4760015303870809F82
Authority key identifier: BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/Z97uEXyHiYNVchLluvaU_uUhyXQ.roa
Signing time: Thu 14 Mar 2024 17:06:44 +0000
ROA not before: Thu 14 Mar 2024 17:06:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34318
IP address blocks: 2.58.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3d:ee:34:98:69:19:f4:76:00:15:30:38:70:80:9f:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Validity
Not Before: Mar 14 17:06:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67deee117c878983557212e5baf694fee521c974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:02:64:bc:ea:c3:69:d9:1c:d6:c9:d2:ff:51:
5f:3f:fc:59:8b:d3:b4:2f:13:47:32:05:ee:f1:0e:
50:5c:fb:84:e0:cc:3d:4e:f3:19:7f:b5:a0:25:85:
89:25:7f:a8:49:e6:71:da:52:d7:6c:0a:b0:91:83:
0f:a4:80:b1:dd:49:11:cc:ce:4d:3f:64:e7:96:b0:
61:59:aa:4e:b4:35:ec:7e:30:3b:8a:ce:e9:45:86:
71:5c:1c:b6:91:bd:0a:0a:9e:a5:bf:d3:d9:27:e6:
c5:80:23:a7:d4:88:fb:ea:a9:3c:95:f2:cb:cb:7c:
4b:41:93:82:d4:57:98:6b:f5:a3:b4:4c:89:c4:e8:
30:56:68:64:13:17:03:02:95:db:1a:73:b0:fa:a0:
3b:ea:b1:be:98:7f:c2:87:17:92:b8:67:49:b5:1c:
4f:5f:56:9f:23:a2:03:5b:63:1c:43:eb:1b:95:0e:
a7:44:21:b0:2d:4f:0a:05:c9:d6:86:66:a1:63:f0:
2d:f7:9f:14:00:46:ed:48:4e:26:f6:64:af:52:a5:
35:c7:0f:44:20:83:73:4d:f8:65:0a:da:f7:ed:8d:
72:0b:0c:27:c7:50:41:63:63:b3:8f:3e:4c:03:d9:
7f:63:82:88:95:49:e4:1e:5b:c4:9c:b3:e8:6f:db:
5c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:DE:EE:11:7C:87:89:83:55:72:12:E5:BA:F6:94:FE:E5:21:C9:74
X509v3 Authority Key Identifier:
keyid:BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/Z97uEXyHiYNVchLluvaU_uUhyXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.114.0/24
Signature Algorithm: sha256WithRSAEncryption
89:e8:a0:6f:ab:6e:34:d4:be:1b:a3:fc:f4:34:02:07:3b:72:
64:df:a6:75:8b:bf:9b:8e:38:bb:5a:52:da:9e:a2:7c:ca:20:
a3:89:ca:02:76:07:d0:fe:6e:a0:e5:f7:f6:37:c9:17:8d:89:
02:57:47:67:42:f5:f3:30:76:6b:35:f0:37:32:64:98:5e:0b:
8f:c7:84:df:a9:5b:aa:6f:bd:51:76:f8:5d:69:c4:74:ae:14:
b3:ee:c9:2e:01:13:7e:1d:a4:79:86:ab:42:4d:a9:32:2e:95:
c6:f0:a7:80:3a:49:72:fb:9c:92:06:26:5a:4e:63:81:91:10:
81:b1:03:dd:b8:8f:87:10:b3:72:74:7f:cf:5c:25:44:dc:1f:
17:29:35:8c:e3:9a:0a:da:98:51:e7:54:45:16:c2:d2:78:5e:
e2:f2:20:d7:e2:bf:05:2d:6a:92:63:a0:73:bc:e3:76:06:04:
1e:d9:10:ef:8c:c2:a9:8c:a2:b5:e7:d0:84:99:40:6f:39:cb:
68:65:9f:fc:52:70:6c:96:67:22:ed:2c:e6:ed:26:0d:6d:e3:
10:14:e7:10:21:00:ee:fb:dc:1d:33:4d:62:76:4c:79:e7:5d:
93:4a:17:6d:f1:84:3f:ac:7c:ad:95:e0:20:5c:6a:fc:06:8b:
04:02:c6:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY497jSYaRn0dgAVMDhwgJ+CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjBhNGQ4NzRkOTYwMWM4MTQyYzM1MmY4MGM1NmE0MzI3
NmNkNDcwHhcNMjQwMzE0MTcwNjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2RlZWUxMTdjODc4OTgzNTU3MjEyZTViYWY2OTRmZWU1MjFjOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgJkvOrDadkc1snS/1FfP/xZi9O0
LxNHMgXu8Q5QXPuE4Mw9TvMZf7WgJYWJJX+oSeZx2lLXbAqwkYMPpICx3UkRzM5N
P2TnlrBhWapOtDXsfjA7is7pRYZxXBy2kb0KCp6lv9PZJ+bFgCOn1Ij76qk8lfLL
y3xLQZOC1FeYa/WjtEyJxOgwVmhkExcDApXbGnOw+qA76rG+mH/ChxeSuGdJtRxP
X1afI6IDW2McQ+sblQ6nRCGwLU8KBcnWhmahY/At958UAEbtSE4m9mSvUqU1xw9E
IINzTfhlCtr37Y1yCwwnx1BBY2Ozjz5MA9l/Y4KIlUnkHlvEnLPob9tcIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGfe7hF8h4mDVXIS5br2lP7lIcl0MB8GA1UdIwQY
MBaAFLpgpNh02WAcgULDUvgMVqQyds1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWIt
ZTVhMzc3OGJlM2FkLzEvWjk3dUVYeUhpWU5WY2hMbHV2YVVfdVVoeVhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWItZTVhMzc3OGJlM2Fk
LzEvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjpyMA0G
CSqGSIb3DQEBCwUAA4IBAQCJ6KBvq2401L4bo/z0NAIHO3Jk36Z1i7+bjji7WlLa
nqJ8yiCjicoCdgfQ/m6g5ff2N8kXjYkCV0dnQvXzMHZrNfA3MmSYXguPx4TfqVuq
b71RdvhdacR0rhSz7skuARN+HaR5hqtCTakyLpXG8KeAOkly+5ySBiZaTmOBkRCB
sQPduI+HELNydH/PXCVE3B8XKTWM45oK2phR51RFFsLSeF7i8iDX4r8FLWqSY6Bz
vON2BgQe2RDvjMKpjKK159CEmUBvOctoZZ/8UnBslmci7Szm7SYNbeMQFOcQIQDu
+9wdM01idkx5512TShdt8YQ/rHytleAgXGr8BosEAsYc
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:55:32 2024 by rpki-client on console-ams.rpki-client.org