Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/O8r1pmhaPSmMdkxELTdx1242t7c.roa
File: O8r1pmhaPSmMdkxELTdx1242t7c.roa (raw, json)
Hash identifier: wzXy9RDRmH9f4znX0wrEx08e8oRJ2l8sC68l5knBcrA=
Subject key identifier: 3B:CA:F5:A6:68:5A:3D:29:8C:76:4C:44:2D:37:71:D7:6E:36:B7:B7
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 01925E80BEFAA1A12D344D76C04982D152F4
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/O8r1pmhaPSmMdkxELTdx1242t7c.roa
Signing time: Sat 05 Oct 2024 21:05:48 +0000
ROA not before: Sat 05 Oct 2024 21:05:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201207
IP address blocks: 2a13:bd40::/29 maxlen: 29
2a13:bec0::/29 maxlen: 29
2a13:cdc0::/29 maxlen: 29
2a13:d140::/29 maxlen: 29
2a13:dcc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:5e:80:be:fa:a1:a1:2d:34:4d:76:c0:49:82:d1:52:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Oct 5 21:05:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bcaf5a6685a3d298c764c442d3771d76e36b7b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:46:de:1e:a0:84:9e:e0:52:76:fe:3c:94:99:
ba:b6:26:97:54:8a:85:a3:8c:c9:c4:fa:48:e9:ed:
bc:f9:fa:ec:5d:b6:eb:80:42:15:58:82:24:be:4d:
d2:c1:1e:bd:c5:ad:f5:d1:5a:64:6d:52:ff:59:9e:
ba:6d:63:03:b4:c8:c6:2a:8a:71:25:ab:a0:61:c5:
cf:94:8e:3e:f9:ba:93:38:35:bf:8b:90:c3:50:6e:
93:95:30:60:f1:ab:5e:30:c8:93:96:85:47:22:23:
44:08:81:06:72:ca:46:2e:f4:ed:be:6c:0c:8a:54:
3c:26:76:20:3b:c7:a2:5c:01:4f:9b:b6:41:28:86:
b3:4f:f1:56:c6:1e:de:64:06:9f:0a:25:3a:9c:7c:
8e:57:25:ab:b6:38:32:57:3d:56:3a:5a:c2:7d:2c:
2a:9b:46:d1:a7:ff:28:0d:a0:46:9e:79:d2:ac:e1:
90:b3:1e:be:b7:49:65:bd:a0:49:57:c4:04:36:03:
23:27:a1:fa:7a:e5:c5:64:10:ef:20:84:56:b3:ec:
67:65:7a:0f:4e:85:2e:0e:82:1b:c3:18:2e:d1:03:
5d:e0:f5:0c:6b:4c:ed:b0:3e:ae:1c:1a:2b:6b:bf:
69:33:f5:cc:dd:98:0f:a8:94:9e:39:0a:33:b2:bb:
5f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:CA:F5:A6:68:5A:3D:29:8C:76:4C:44:2D:37:71:D7:6E:36:B7:B7
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/O8r1pmhaPSmMdkxELTdx1242t7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:bd40::/29
2a13:bec0::/29
2a13:cdc0::/29
2a13:d140::/29
2a13:dcc0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:d8:8c:a9:83:87:53:13:2a:87:f2:06:56:3a:23:90:b0:3a:
04:6f:39:c7:d9:86:36:91:33:16:32:a6:be:bc:55:c0:ab:17:
79:54:96:5e:5a:07:e7:13:4d:d1:97:52:fe:5a:e7:fe:5e:7f:
b9:0b:c6:c9:fb:db:1d:11:5b:50:b9:72:b4:89:88:ab:bc:f7:
a4:1a:9e:14:f3:5c:51:ba:ed:0d:c2:08:99:c2:96:44:9f:d8:
e3:eb:d0:1e:ea:1a:cc:dd:86:90:03:aa:65:a5:b7:95:61:7a:
18:93:7e:b2:0f:e1:c9:1e:73:f8:26:79:4f:31:fa:46:a1:01:
0f:46:2d:16:53:c1:12:f9:86:ae:54:de:6b:27:c9:7c:a8:77:
d0:68:59:47:c3:14:d6:24:9a:99:6f:4d:aa:a7:1a:7d:4a:58:
f3:17:c9:42:cd:1d:47:9a:ab:1e:84:53:48:4a:6e:11:12:3f:
a0:2b:74:45:df:68:5f:61:ac:a0:72:93:0c:2a:cb:a6:5c:4c:
ba:fa:f5:f3:62:a6:b3:02:6e:5d:6b:c7:d1:b3:fb:4c:34:71:
d6:4d:f6:85:2b:81:5a:35:9b:64:49:f8:6c:dd:b2:45:d0:81:
70:36:3e:49:6d:43:60:68:cb:16:0e:08:d7:ff:0e:8b:c0:54:
5b:29:8c:c4
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZJegL76oaEtNE12wEmC0VL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjQxMDA1MjEwNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmNhZjVhNjY4NWEzZDI5OGM3NjRjNDQyZDM3NzFkNzZlMzZiN2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5UbeHqCEnuBSdv48lJm6tiaXVIqF
o4zJxPpI6e28+frsXbbrgEIVWIIkvk3SwR69xa310VpkbVL/WZ66bWMDtMjGKopx
JaugYcXPlI4++bqTODW/i5DDUG6TlTBg8ateMMiTloVHIiNECIEGcspGLvTtvmwM
ilQ8JnYgO8eiXAFPm7ZBKIazT/FWxh7eZAafCiU6nHyOVyWrtjgyVz1WOlrCfSwq
m0bRp/8oDaBGnnnSrOGQsx6+t0llvaBJV8QENgMjJ6H6euXFZBDvIIRWs+xnZXoP
ToUuDoIbwxgu0QNd4PUMa0ztsD6uHBora79pM/XM3ZgPqJSeOQozsrtf1QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDvK9aZoWj0pjHZMRC03cdduNre3MB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvTzhyMXBtaGFQU21NZGt4RUxUZHgxMjQydDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKhO9QAMF
AyoTvsADBQMqE83AAwUDKhPRQAMFAyoT3MAwDQYJKoZIhvcNAQELBQADggEBAIvY
jKmDh1MTKofyBlY6I5CwOgRvOcfZhjaRMxYypr68VcCrF3lUll5aB+cTTdGXUv5a
5/5ef7kLxsn72x0RW1C5crSJiKu896QanhTzXFG67Q3CCJnClkSf2OPr0B7qGszd
hpADqmWlt5VhehiTfrIP4ckec/gmeU8x+kahAQ9GLRZTwRL5hq5U3msnyXyod9Bo
WUfDFNYkmplvTaqnGn1KWPMXyULNHUeaqx6EU0hKbhESP6ArdEXfaF9hrKBykwwq
y6ZcTLr69fNiprMCbl1rx9Gz+0w0cdZN9oUrgVo1m2RJ+GzdskXQgXA2PkltQ2Bo
yxYOCNf/DovAVFspjMQ=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:40:02 2024 by rpki-client on console-fra.rpki-client.org