Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/8IPlYHI3LVnwEd_4JVSg_cYqoDU.roa
File: 8IPlYHI3LVnwEd_4JVSg_cYqoDU.roa (raw, json)
Hash identifier: r7LsVfU2dP8Fguwr3LQ/9Jz4V89CfzCGyRsy4w1gXm8=
Subject key identifier: F0:83:E5:60:72:37:2D:59:F0:11:DF:F8:25:54:A0:FD:C6:2A:A0:35
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0190D94ED2428C00B176FFB6B8E258C15DA6
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/8IPlYHI3LVnwEd_4JVSg_cYqoDU.roa
Signing time: Mon 22 Jul 2024 07:18:59 +0000
ROA not before: Mon 22 Jul 2024 07:18:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200216
IP address blocks: 2a13:bcc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d9:4e:d2:42:8c:00:b1:76:ff:b6:b8:e2:58:c1:5d:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Jul 22 07:18:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f083e56072372d59f011dff82554a0fdc62aa035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:96:3a:8b:ee:6d:06:c6:80:24:6d:00:2e:10:
e3:c7:c6:fa:6b:ff:10:bd:59:9c:5b:15:45:03:ec:
ae:22:4c:b8:1f:59:a8:07:30:ce:da:ac:b4:3f:52:
e8:7d:32:67:a3:ab:b4:09:ff:3f:9e:c7:38:e1:10:
57:16:ff:91:3f:83:c2:04:63:a8:e0:67:cc:12:bc:
7c:1f:a6:0c:af:73:c1:80:ef:c4:0b:d9:e1:67:00:
d6:af:2b:c1:ff:f4:a1:1d:3d:fe:7e:a9:d0:c5:aa:
1b:5d:2f:43:30:59:0e:bd:ce:19:d3:5d:10:b5:78:
55:2a:4e:63:3d:99:6d:33:c9:1a:50:01:b1:9d:4b:
9c:2f:2c:2d:b4:c4:da:99:85:00:20:88:5d:92:0e:
ae:98:97:ef:ac:b1:96:e9:8c:85:5d:83:f2:79:83:
b5:a2:f8:e4:0a:cc:15:8e:ae:ac:82:b4:6d:3a:7b:
26:88:12:ab:65:22:35:59:29:b2:28:16:84:8b:4d:
8d:38:50:5a:89:9b:b7:e3:f1:a9:e2:d4:d4:2a:29:
98:f2:40:63:26:55:f8:ef:4c:d2:f9:a8:80:35:ca:
02:20:27:a5:09:10:79:01:47:11:b8:6a:f8:10:a3:
39:60:58:c8:f8:e9:c3:76:a0:ba:ad:20:09:b4:cc:
47:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:83:E5:60:72:37:2D:59:F0:11:DF:F8:25:54:A0:FD:C6:2A:A0:35
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/8IPlYHI3LVnwEd_4JVSg_cYqoDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:bcc0::/29
Signature Algorithm: sha256WithRSAEncryption
5b:58:e6:ff:d3:be:16:8f:1f:b4:8f:b5:eb:8a:54:be:d2:17:
ab:3b:4d:02:77:51:59:4c:4f:18:a9:52:5d:b5:12:31:77:ed:
3f:7f:37:11:68:fd:b1:fc:74:ed:a5:96:8c:69:fe:39:4a:ed:
ab:7d:ad:67:d8:78:85:20:69:e3:f3:8b:28:2a:de:06:58:c4:
80:33:d6:d3:26:02:46:fd:bd:8d:db:c3:48:56:18:0a:23:64:
e8:71:64:1b:63:d7:8d:24:21:02:43:63:43:68:07:2e:25:1f:
5e:af:75:c2:55:e8:ea:c7:cb:11:6a:f3:5e:02:b3:43:f3:52:
46:ae:39:11:68:38:e2:e1:dd:23:45:fc:d1:19:56:8c:09:06:
09:01:06:7d:b2:7b:a4:d9:d9:d9:af:a7:57:d6:51:09:35:4f:
00:cc:c6:0e:ba:3a:33:25:73:25:da:b5:07:9f:26:64:ef:cb:
fc:5e:47:dc:2c:f9:4e:7e:47:86:36:91:b9:15:60:49:92:8e:
1a:5b:ca:1a:20:32:ff:f7:ae:e2:30:ec:24:08:b5:38:1b:d0:
cc:4f:ae:0b:a5:4a:fc:da:00:38:0b:e4:dd:14:06:a9:89:86:
70:58:09:7f:6f:7e:5d:a0:07:39:d6:fa:13:6b:7c:5c:42:94:
5c:79:d4:1a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZDZTtJCjACxdv+2uOJYwV2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjQwNzIyMDcxODU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDgzZTU2MDcyMzcyZDU5ZjAxMWRmZjgyNTU0YTBmZGM2MmFhMDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZY6i+5tBsaAJG0ALhDjx8b6a/8Q
vVmcWxVFA+yuIky4H1moBzDO2qy0P1LofTJno6u0Cf8/nsc44RBXFv+RP4PCBGOo
4GfMErx8H6YMr3PBgO/EC9nhZwDWryvB//ShHT3+fqnQxaobXS9DMFkOvc4Z010Q
tXhVKk5jPZltM8kaUAGxnUucLywttMTamYUAIIhdkg6umJfvrLGW6YyFXYPyeYO1
ovjkCswVjq6sgrRtOnsmiBKrZSI1WSmyKBaEi02NOFBaiZu34/Gp4tTUKimY8kBj
JlX470zS+aiANcoCICelCRB5AUcRuGr4EKM5YFjI+OnDdqC6rSAJtMxHTQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPCD5WByNy1Z8BHf+CVUoP3GKqA1MB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvOElQbFlISTNMVm53RWRfNEpWU2dfY1lxb0RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhO8wDAN
BgkqhkiG9w0BAQsFAAOCAQEAW1jm/9O+Fo8ftI+164pUvtIXqztNAndRWUxPGKlS
XbUSMXftP383EWj9sfx07aWWjGn+OUrtq32tZ9h4hSBp4/OLKCreBljEgDPW0yYC
Rv29jdvDSFYYCiNk6HFkG2PXjSQhAkNjQ2gHLiUfXq91wlXo6sfLEWrzXgKzQ/NS
Rq45EWg44uHdI0X80RlWjAkGCQEGfbJ7pNnZ2a+nV9ZRCTVPAMzGDro6MyVzJdq1
B58mZO/L/F5H3Cz5Tn5HhjaRuRVgSZKOGlvKGiAy//eu4jDsJAi1OBvQzE+uC6VK
/NoAOAvk3RQGqYmGcFgJf29+XaAHOdb6E2t8XEKUXHnUGg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:40:02 2024 by rpki-client on console-fra.rpki-client.org