Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/3iXA6yiaW4FBAgQoW_vm-9bfWJM.roa
File: 3iXA6yiaW4FBAgQoW_vm-9bfWJM.roa (raw, json)
Hash identifier: /lQH8QWXd7BH6S2tlvvdo5Nn4HgG/VjZ0JevJm5XSNM=
Subject key identifier: DE:25:C0:EB:28:9A:5B:81:41:02:04:28:5B:FB:E6:FB:D6:DF:58:93
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 01905EF6003CAE4034C664B90C76576AE4A8
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/3iXA6yiaW4FBAgQoW_vm-9bfWJM.roa
Signing time: Fri 28 Jun 2024 13:08:18 +0000
ROA not before: Fri 28 Jun 2024 13:08:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215568
IP address blocks: 2a13:bf40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5e:f6:00:3c:ae:40:34:c6:64:b9:0c:76:57:6a:e4:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Jun 28 13:08:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de25c0eb289a5b81410204285bfbe6fbd6df5893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0b:50:7d:e5:4d:5d:11:07:07:8c:06:a0:22:
77:f3:86:6d:e1:9c:85:f3:01:bc:af:21:99:84:d7:
84:cf:b9:75:4a:3f:68:86:b3:e3:4e:4b:a9:7b:54:
b2:d9:3c:e4:ab:e8:45:29:b2:ee:1a:a3:4b:94:15:
5c:13:71:ba:3c:57:9d:53:d9:e1:52:99:07:73:fe:
ba:16:8d:4e:3d:d4:8a:e4:79:2b:1f:2e:31:f0:42:
48:bc:89:50:b5:4f:f0:e4:28:57:f2:97:d5:8c:15:
73:e3:e4:db:5c:3d:7f:a4:41:0d:00:0d:83:2e:d3:
fb:95:55:92:11:da:56:d8:0a:03:68:8b:7b:ce:b8:
00:a1:e9:5c:48:c6:4e:9a:42:f8:8d:d8:9f:e4:bc:
8c:85:5e:60:a6:9a:1e:56:80:4d:c7:6d:aa:05:99:
09:81:92:6a:54:68:92:41:e0:f0:b7:05:8a:30:7b:
10:d7:89:19:ee:ec:c6:00:22:a5:95:9b:c7:67:8c:
ec:bd:a1:4b:12:eb:2c:cf:f5:6c:14:cb:20:dd:95:
24:ff:da:90:99:86:4c:9b:82:a3:76:f1:60:fe:a3:
fd:6a:f2:e6:5e:32:43:f2:fb:59:d2:2f:dd:cb:3f:
c7:70:0a:92:22:80:95:28:90:e3:ca:9a:4a:84:0a:
0d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:25:C0:EB:28:9A:5B:81:41:02:04:28:5B:FB:E6:FB:D6:DF:58:93
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/3iXA6yiaW4FBAgQoW_vm-9bfWJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:bf40::/29
Signature Algorithm: sha256WithRSAEncryption
85:91:92:44:0f:58:f3:51:d7:fa:28:ed:fa:5a:8d:e6:7f:66:
5b:73:c0:20:07:64:d1:8a:4f:aa:cd:08:ab:77:d4:84:91:05:
41:02:d2:36:19:b0:08:bf:76:c3:d9:29:e0:29:e9:2b:14:60:
bd:e5:d9:ae:75:b9:e2:e8:4a:ad:1a:e4:8f:53:0c:32:d9:b3:
c8:11:52:5d:90:c3:d3:ad:58:84:16:34:b2:aa:a7:38:3e:50:
fb:a3:01:c3:79:ee:59:81:51:43:a7:18:bd:9c:b9:ab:01:c5:
b1:a1:48:41:e2:3e:7b:f0:10:5c:4e:57:3f:70:28:b5:16:05:
b2:2d:2c:fb:e2:ad:9c:76:ff:78:24:d1:3d:4d:d8:1d:de:b3:
2b:bd:02:77:1b:74:a0:84:c7:de:26:e8:b6:ca:4f:bf:a2:d5:
43:4a:fc:9a:80:27:88:f4:92:f1:11:c3:62:e3:46:62:e7:91:
d0:81:c8:d0:fc:af:bd:76:3f:28:96:f8:6b:b9:57:b3:1b:a1:
a7:41:b5:60:fb:8a:4b:2f:d6:1d:b8:8d:d8:b8:f7:d6:0b:6b:
e1:38:84:4c:55:cd:31:2e:5e:19:5d:a1:48:58:67:81:e0:25:
d6:e5:6e:e1:03:2d:32:7f:a2:07:64:b0:25:bb:75:55:b8:a3:
25:88:cb:fe
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZBe9gA8rkA0xmS5DHZXauSoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjQwNjI4MTMwODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTI1YzBlYjI4OWE1YjgxNDEwMjA0Mjg1YmZiZTZmYmQ2ZGY1ODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygtQfeVNXREHB4wGoCJ384Zt4ZyF
8wG8ryGZhNeEz7l1Sj9ohrPjTkupe1Sy2Tzkq+hFKbLuGqNLlBVcE3G6PFedU9nh
UpkHc/66Fo1OPdSK5HkrHy4x8EJIvIlQtU/w5ChX8pfVjBVz4+TbXD1/pEENAA2D
LtP7lVWSEdpW2AoDaIt7zrgAoelcSMZOmkL4jdif5LyMhV5gppoeVoBNx22qBZkJ
gZJqVGiSQeDwtwWKMHsQ14kZ7uzGACKllZvHZ4zsvaFLEussz/VsFMsg3ZUk/9qQ
mYZMm4KjdvFg/qP9avLmXjJD8vtZ0i/dyz/HcAqSIoCVKJDjyppKhAoNzQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFN4lwOsomluBQQIEKFv75vvW31iTMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvM2lYQTZ5aWFXNEZCQWdRb1dfdm0tOWJmV0pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhO/QDAN
BgkqhkiG9w0BAQsFAAOCAQEAhZGSRA9Y81HX+ijt+lqN5n9mW3PAIAdk0YpPqs0I
q3fUhJEFQQLSNhmwCL92w9kp4CnpKxRgveXZrnW54uhKrRrkj1MMMtmzyBFSXZDD
061YhBY0sqqnOD5Q+6MBw3nuWYFRQ6cYvZy5qwHFsaFIQeI+e/AQXE5XP3AotRYF
si0s++KtnHb/eCTRPU3YHd6zK70Cdxt0oITH3ibotspPv6LVQ0r8moAniPSS8RHD
YuNGYueR0IHI0PyvvXY/KJb4a7lXsxuhp0G1YPuKSy/WHbiN2Lj31gtr4TiETFXN
MS5eGV2hSFhngeAl1uVu4QMtMn+iB2SwJbt1VbijJYjL/g==
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:03:49 2024 by rpki-client on console-fra.rpki-client.org