Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/jiKl7KXy7uDZcCf0jONPCCanmjQ.roa
File: jiKl7KXy7uDZcCf0jONPCCanmjQ.roa (raw, json)
Hash identifier: I2URJ4U8fPQvh8mFEeeFkmio7q2u3stHu9cWTRW1I2s=
Subject key identifier: 8E:22:A5:EC:A5:F2:EE:E0:D9:70:27:F4:8C:E3:4F:08:26:A7:9A:34
Certificate issuer: /CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Certificate serial: 018CC56EA45C543636D7EB046C105376C50D
Authority key identifier: BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/jiKl7KXy7uDZcCf0jONPCCanmjQ.roa
Signing time: Mon 01 Jan 2024 14:30:11 +0000
ROA not before: Mon 01 Jan 2024 14:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44592
IP address blocks: 2.58.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:a4:5c:54:36:36:d7:eb:04:6c:10:53:76:c5:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Validity
Not Before: Jan 1 14:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e22a5eca5f2eee0d97027f48ce34f0826a79a34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:93:c2:01:bf:46:c1:19:8c:7a:c9:79:84:94:
b4:db:d6:6a:14:7d:bc:77:20:a1:43:f6:dc:02:71:
72:43:15:63:a3:11:3b:da:b8:01:c7:3a:3e:9e:47:
c8:73:6f:d6:e3:35:21:6f:e6:8c:6c:a4:a9:f3:3a:
df:31:4e:1e:20:f7:22:bf:17:e9:32:75:33:42:64:
97:a9:03:9b:2c:b8:17:97:b8:31:22:42:e6:eb:5b:
ae:2e:3c:4c:5b:2d:29:52:3a:f6:50:7a:18:44:fd:
8e:da:d1:10:88:17:e0:50:a2:e5:20:ef:dd:b3:b0:
7f:72:8b:f9:3c:3a:49:fd:bc:43:10:e8:da:78:46:
b1:3b:49:7f:f7:97:84:47:1f:dc:1a:8a:3a:dc:c7:
39:78:cd:f8:05:2b:55:7b:d9:d3:45:44:77:31:2a:
7c:31:f3:ce:b5:16:0c:f9:fb:91:c1:8f:e0:16:a6:
f8:8b:bc:ca:ea:93:9f:90:ee:32:66:61:dc:e0:bd:
02:15:89:39:a7:4f:7a:4d:da:e0:6d:89:41:bd:2f:
80:dd:95:c5:bf:24:d9:ae:db:4f:ec:a9:b8:28:70:
43:1a:b7:aa:99:ca:05:dc:c8:0d:78:04:76:d9:96:
d8:80:da:aa:d2:f2:0f:8d:ab:cb:47:be:43:b6:1b:
e9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:22:A5:EC:A5:F2:EE:E0:D9:70:27:F4:8C:E3:4F:08:26:A7:9A:34
X509v3 Authority Key Identifier:
keyid:BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/jiKl7KXy7uDZcCf0jONPCCanmjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.113.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:8d:73:ed:04:71:37:de:9a:70:95:58:02:05:c2:c7:dd:28:
c1:2a:a2:32:6d:76:b9:21:84:4f:4b:1f:9e:08:22:7e:8a:54:
86:14:ab:f4:57:48:68:ac:ab:24:66:0a:13:c4:58:13:07:68:
ff:0f:7e:57:b2:b5:72:1c:e3:a6:03:26:cb:fd:e4:99:cd:a7:
7e:eb:08:13:87:f5:e1:c4:d5:14:ad:02:a7:c4:39:40:55:47:
1d:01:36:a9:8f:40:a0:3b:04:e8:83:30:2a:18:00:af:31:6a:
f1:9a:5f:ff:14:a7:21:42:e3:d0:cc:70:ca:57:6f:9e:72:7d:
69:7c:60:e7:7e:81:42:7a:d6:5e:3f:28:6b:18:da:fb:87:2a:
e0:52:ba:c6:69:3d:82:79:db:59:d5:7b:b1:81:93:27:47:45:
d4:81:ef:e4:3a:97:23:71:98:7e:c1:69:eb:d2:ab:42:8a:a1:
5b:03:ae:ba:40:c8:79:3b:72:09:c2:ed:fd:ee:7b:22:f6:f1:
0b:43:85:7e:90:e2:a7:d0:d5:fd:04:5f:a2:6b:a4:e8:52:ff:
45:fd:5f:e5:6a:8b:79:13:04:76:14:8c:f1:a4:47:9b:1f:dd:
fb:86:b7:67:83:ea:b0:70:81:09:81:da:ae:02:c3:ac:d1:b8:
c7:c0:0f:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbqRcVDY21+sEbBBTdsUNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjBhNGQ4NzRkOTYwMWM4MTQyYzM1MmY4MGM1NmE0MzI3
NmNkNDcwHhcNMjQwMTAxMTQzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTIyYTVlY2E1ZjJlZWUwZDk3MDI3ZjQ4Y2UzNGYwODI2YTc5YTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpPCAb9GwRmMesl5hJS029ZqFH28
dyChQ/bcAnFyQxVjoxE72rgBxzo+nkfIc2/W4zUhb+aMbKSp8zrfMU4eIPcivxfp
MnUzQmSXqQObLLgXl7gxIkLm61uuLjxMWy0pUjr2UHoYRP2O2tEQiBfgUKLlIO/d
s7B/cov5PDpJ/bxDEOjaeEaxO0l/95eERx/cGoo63Mc5eM34BStVe9nTRUR3MSp8
MfPOtRYM+fuRwY/gFqb4i7zK6pOfkO4yZmHc4L0CFYk5p096TdrgbYlBvS+A3ZXF
vyTZrttP7Km4KHBDGreqmcoF3MgNeAR22ZbYgNqq0vIPjavLR75DthvpgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI4ipeyl8u7g2XAn9IzjTwgmp5o0MB8GA1UdIwQY
MBaAFLpgpNh02WAcgULDUvgMVqQyds1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWIt
ZTVhMzc3OGJlM2FkLzEvamlLbDdLWHk3dURaY0NmMGpPTlBDQ2FubWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWItZTVhMzc3OGJlM2Fk
LzEvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjpxMA0G
CSqGSIb3DQEBCwUAA4IBAQB7jXPtBHE33ppwlVgCBcLH3SjBKqIybXa5IYRPSx+e
CCJ+ilSGFKv0V0horKskZgoTxFgTB2j/D35XsrVyHOOmAybL/eSZzad+6wgTh/Xh
xNUUrQKnxDlAVUcdATapj0CgOwTogzAqGACvMWrxml//FKchQuPQzHDKV2+ecn1p
fGDnfoFCetZePyhrGNr7hyrgUrrGaT2CedtZ1XuxgZMnR0XUge/kOpcjcZh+wWnr
0qtCiqFbA666QMh5O3IJwu397nsi9vELQ4V+kOKn0NX9BF+ia6ToUv9F/V/laot5
EwR2FIzxpEebH937hrdng+qwcIEJgdquAsOs0bjHwA/K
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:43:29 2024 by rpki-client on console-fra.rpki-client.org