Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f67177-78d5-4388-a21a-28263656c6de/1/58P-JXKI8JWCoZG5ldULuHTucC0.roa
File: 58P-JXKI8JWCoZG5ldULuHTucC0.roa (raw, json)
Hash identifier: KA9tQBnzmkwTiuwynFwFLmSPvrYIvdFDiJgV56/vf5A=
Subject key identifier: E7:C3:FE:25:72:88:F0:95:82:A1:91:B9:95:D5:0B:B8:74:EE:70:2D
Certificate issuer: /CN=b48184549e12e9934bffb7615bca3d0c25681360
Certificate serial: 018CCA2AEEDC4E89DD87887507455CDE3E51
Authority key identifier: B4:81:84:54:9E:12:E9:93:4B:FF:B7:61:5B:CA:3D:0C:25:68:13:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIGEVJ4S6ZNL_7dhW8o9DCVoE2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f67177-78d5-4388-a21a-28263656c6de/1/58P-JXKI8JWCoZG5ldULuHTucC0.roa
Signing time: Tue 02 Jan 2024 12:34:20 +0000
ROA not before: Tue 02 Jan 2024 12:34:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5409
IP address blocks: 213.218.0.0/19 maxlen: 19
212.126.192.0/19 maxlen: 19
195.2.160.0/19 maxlen: 19
185.95.80.0/22 maxlen: 22
2001:4180::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/f67177-78d5-4388-a21a-28263656c6de/1/tIGEVJ4S6ZNL_7dhW8o9DCVoE2A.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/f67177-78d5-4388-a21a-28263656c6de/1/tIGEVJ4S6ZNL_7dhW8o9DCVoE2A.mft
rsync://rpki.ripe.net/repository/DEFAULT/tIGEVJ4S6ZNL_7dhW8o9DCVoE2A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:ee:dc:4e:89:dd:87:88:75:07:45:5c:de:3e:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b48184549e12e9934bffb7615bca3d0c25681360
Validity
Not Before: Jan 2 12:34:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7c3fe257288f09582a191b995d50bb874ee702d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:47:fc:f3:6e:2f:0e:a5:b5:4e:f7:90:dd:45:
2e:c2:17:4d:f7:b5:99:b2:d4:5e:a8:84:1b:58:f7:
c1:ca:07:c5:08:b6:b2:27:d6:cc:7b:38:50:7b:06:
06:e1:b6:7f:cd:c1:76:c9:0d:38:d0:97:09:51:7e:
6f:82:f2:03:53:bb:20:26:ed:a7:53:70:12:5e:0a:
97:ba:e3:36:16:89:e9:9d:92:19:29:4c:23:0f:03:
f0:1b:3c:cb:13:1a:73:40:b7:fe:f3:c3:ba:fa:4d:
72:48:47:d3:05:78:9f:16:fe:bb:8c:00:07:ca:2c:
a4:d0:eb:57:99:dc:f9:5e:b2:86:32:72:63:9b:50:
7f:af:7e:e6:31:2a:79:3c:68:6f:1d:68:61:cb:e3:
d3:f9:87:25:12:f3:8e:d2:dc:c1:1b:b6:7d:43:4e:
3c:6c:a0:32:01:a7:5d:51:f3:c5:18:52:d5:e8:3c:
b4:ab:89:e7:dd:32:a2:8c:3c:03:81:a8:51:7a:a6:
d7:6b:80:8a:e5:0d:ae:2a:9e:9b:ed:47:87:30:ea:
d2:25:73:a5:56:da:de:74:32:48:fb:11:0b:bd:c2:
f6:44:f0:0c:f4:fa:cb:3b:0d:30:b2:66:a3:33:f3:
97:e4:07:f1:d4:ea:fe:7a:b9:21:5e:e6:8c:6d:3e:
b5:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:C3:FE:25:72:88:F0:95:82:A1:91:B9:95:D5:0B:B8:74:EE:70:2D
X509v3 Authority Key Identifier:
keyid:B4:81:84:54:9E:12:E9:93:4B:FF:B7:61:5B:CA:3D:0C:25:68:13:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIGEVJ4S6ZNL_7dhW8o9DCVoE2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f67177-78d5-4388-a21a-28263656c6de/1/58P-JXKI8JWCoZG5ldULuHTucC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f67177-78d5-4388-a21a-28263656c6de/1/tIGEVJ4S6ZNL_7dhW8o9DCVoE2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.80.0/22
195.2.160.0/19
212.126.192.0/19
213.218.0.0/19
IPv6:
2001:4180::/32
Signature Algorithm: sha256WithRSAEncryption
89:c2:0a:e7:01:ac:02:f9:e8:44:76:fd:6e:51:46:a5:ba:44:
3d:f9:14:74:53:77:b7:c5:41:bd:4e:5d:9b:c6:5a:f1:cc:19:
66:3c:36:81:ea:3d:ce:40:9e:31:71:a2:ef:95:7e:f2:3b:59:
5d:dc:e9:ee:00:d3:cc:a8:00:a4:65:bf:80:ce:70:4d:a6:78:
22:f5:be:2f:ab:c4:78:24:b6:9c:81:ac:97:f9:88:5f:b6:42:
a0:21:30:56:93:46:ce:01:0f:33:b4:23:52:23:78:a6:09:c5:
bf:d2:27:b2:81:56:b7:5a:02:6c:e5:b2:e2:98:3d:39:61:61:
b2:3e:88:1e:a4:b8:60:04:84:fd:25:1c:30:90:58:3f:25:6b:
c0:c7:9d:2d:de:29:8d:71:b4:22:30:12:54:04:0a:04:d9:c6:
f2:7c:15:4d:4c:6d:de:e9:07:f1:bd:00:17:51:21:a3:2c:06:
41:76:92:06:e3:72:c7:16:82:69:b2:b9:a3:8f:47:00:7d:17:
f4:4a:f3:b6:e1:d7:6e:e4:8c:f7:16:11:96:5b:e2:b3:31:e3:
19:21:b9:9c:64:6e:84:fd:0e:85:30:f3:75:af:3e:c5:c6:b8:
2a:1c:a1:05:20:34:c8:be:52:e3:32:53:9a:dd:44:ae:16:0e:
84:30:27:c8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzKKu7cTondh4h1B0Vc3j5RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODE4NDU0OWUxMmU5OTM0YmZmYjc2MTViY2EzZDBjMjU2
ODEzNjAwHhcNMjQwMTAyMTIzNDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2MzZmUyNTcyODhmMDk1ODJhMTkxYjk5NWQ1MGJiODc0ZWU3MDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0f8824vDqW1TveQ3UUuwhdN97WZ
stReqIQbWPfBygfFCLayJ9bMezhQewYG4bZ/zcF2yQ040JcJUX5vgvIDU7sgJu2n
U3ASXgqXuuM2FonpnZIZKUwjDwPwGzzLExpzQLf+88O6+k1ySEfTBXifFv67jAAH
yiyk0OtXmdz5XrKGMnJjm1B/r37mMSp5PGhvHWhhy+PT+YclEvOO0tzBG7Z9Q048
bKAyAaddUfPFGFLV6Dy0q4nn3TKijDwDgahReqbXa4CK5Q2uKp6b7UeHMOrSJXOl
VtredDJI+xELvcL2RPAM9PrLOw0wsmajM/OX5Afx1Or+erkhXuaMbT61/QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOfD/iVyiPCVgqGRuZXVC7h07nAtMB8GA1UdIwQY
MBaAFLSBhFSeEumTS/+3YVvKPQwlaBNgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElHRVZKNFM2Wk5MXzdkaFc4bzlEQ1ZvRTJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mNjcxNzctNzhkNS00Mzg4LWEyMWEt
MjgyNjM2NTZjNmRlLzEvNThQLUpYS0k4SldDb1pHNWxkVUx1SFR1Y0MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mNjcxNzctNzhkNS00Mzg4LWEyMWEtMjgyNjM2NTZjNmRl
LzEvdElHRVZKNFM2Wk5MXzdkaFc4bzlEQ1ZvRTJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuV9QAwQF
wwKgAwQF1H7AAwQF1doAMA0EAgACMAcDBQAgAUGAMA0GCSqGSIb3DQEBCwUAA4IB
AQCJwgrnAawC+ehEdv1uUUalukQ9+RR0U3e3xUG9Tl2bxlrxzBlmPDaB6j3OQJ4x
caLvlX7yO1ld3OnuANPMqACkZb+AznBNpngi9b4vq8R4JLacgayX+YhftkKgITBW
k0bOAQ8ztCNSI3imCcW/0ieygVa3WgJs5bLimD05YWGyPogepLhgBIT9JRwwkFg/
JWvAx50t3imNcbQiMBJUBAoE2cbyfBVNTG3e6QfxvQAXUSGjLAZBdpIG43LHFoJp
srmjj0cAfRf0SvO24ddu5Iz3FhGWW+KzMeMZIbmcZG6E/Q6FMPN1rz7FxrgqHKEF
IDTIvlLjMlOa3USuFg6EMCfI
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:22:05 2024 by rpki-client on console-fra.rpki-client.org