Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/kXsCl5aANWOJMxq9RWrtG4BUYPo.roa
File: kXsCl5aANWOJMxq9RWrtG4BUYPo.roa (raw, json)
Hash identifier: UAUydXeJe0qPbF8sCXywITMWigUQZjXMBeCDQgMxtkY=
Subject key identifier: 91:7B:02:97:96:80:35:63:89:33:1A:BD:45:6A:ED:1B:80:54:60:FA
Certificate issuer: /CN=8b03dca76319903152f246e05c069fd1a1db5c59
Certificate serial: 018CC493638AFEE42DEE311527B8C4F759B0
Authority key identifier: 8B:03:DC:A7:63:19:90:31:52:F2:46:E0:5C:06:9F:D1:A1:DB:5C:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iwPcp2MZkDFS8kbgXAaf0aHbXFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/kXsCl5aANWOJMxq9RWrtG4BUYPo.roa
Signing time: Mon 01 Jan 2024 10:30:42 +0000
ROA not before: Mon 01 Jan 2024 10:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211368
IP address blocks: 2a13:e6c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.mft
rsync://rpki.ripe.net/repository/DEFAULT/iwPcp2MZkDFS8kbgXAaf0aHbXFk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:63:8a:fe:e4:2d:ee:31:15:27:b8:c4:f7:59:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b03dca76319903152f246e05c069fd1a1db5c59
Validity
Not Before: Jan 1 10:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=917b02979680356389331abd456aed1b805460fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:ac:f1:ef:0b:8e:e9:b7:5b:1e:0d:e2:0e:25:
35:5e:6e:f7:17:d3:8c:7a:01:4c:f6:0c:8e:46:d7:
17:ac:1b:cc:71:bb:f9:cc:a2:2f:e6:dc:a6:d8:d9:
eb:33:99:31:24:f6:91:c7:06:63:30:c7:82:e2:2f:
29:01:5f:bb:e7:5d:32:55:3b:e4:b9:28:17:4e:99:
c6:e4:43:cb:ca:9d:0a:ca:d4:3b:a5:88:3f:20:63:
02:6d:66:c4:8c:c7:ad:88:c2:08:15:7a:17:77:7f:
4c:7b:d9:28:56:8e:74:72:6b:62:5d:9b:71:89:b9:
64:9c:f0:9b:53:d3:43:fd:d0:79:d7:29:f1:f7:5c:
51:8c:27:c1:ab:4c:95:da:f9:1c:d3:6d:e2:6c:f6:
d6:9e:8d:70:ab:5c:81:e4:71:f9:f3:27:4d:fd:fb:
99:44:0e:24:70:38:5b:d5:18:ee:bf:94:e1:eb:1b:
b4:f0:1f:3b:24:cb:0e:ae:bd:bc:c2:f6:ad:bd:7c:
cd:f9:c3:8e:1a:db:97:57:7d:28:c5:29:7a:28:52:
fc:5e:27:6b:9c:3c:70:09:89:83:5b:bd:6b:54:32:
35:33:4e:b4:30:77:45:3a:b6:bf:b6:37:b5:95:ff:
f9:e0:61:28:fa:cb:05:c2:02:b4:10:8b:87:bd:ae:
da:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:7B:02:97:96:80:35:63:89:33:1A:BD:45:6A:ED:1B:80:54:60:FA
X509v3 Authority Key Identifier:
keyid:8B:03:DC:A7:63:19:90:31:52:F2:46:E0:5C:06:9F:D1:A1:DB:5C:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iwPcp2MZkDFS8kbgXAaf0aHbXFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/kXsCl5aANWOJMxq9RWrtG4BUYPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:e6c0::/29
Signature Algorithm: sha256WithRSAEncryption
10:55:5f:07:57:58:03:71:a8:8a:f9:c2:c3:eb:db:17:b6:1f:
4e:6a:93:48:28:01:bf:e0:20:28:00:51:5c:d1:54:bc:c4:c2:
8a:ad:ee:a6:8d:94:c7:2a:fe:22:20:f9:37:3f:04:51:58:f1:
b6:d1:c5:d8:b7:04:e4:98:ca:90:87:e5:6c:ad:af:d6:c0:65:
33:f8:c3:50:60:2c:5d:53:0c:a6:c5:71:0f:af:b7:67:6e:19:
f5:1d:41:8d:9c:e4:aa:1f:0a:b6:e4:cc:7b:01:cb:b2:59:f1:
a8:70:e1:99:d0:5b:84:4d:05:0c:db:0d:65:ea:49:e9:d4:e1:
4b:93:89:75:a4:6f:c3:08:40:59:0d:ff:41:53:3c:e4:3d:83:
60:f9:94:c3:ba:a2:0a:48:c9:0a:c5:25:4e:56:05:33:e5:df:
49:e7:c9:8d:6b:96:50:9e:80:52:b6:5a:7a:ea:2a:b9:50:35:
ed:a7:7b:ac:89:bc:c5:8c:34:11:8d:7b:da:db:14:bb:4c:40:
5c:a0:87:fd:7a:27:25:8d:3e:56:3f:20:85:02:ad:4a:53:46:
bd:ce:17:0a:14:5d:0b:57:cd:5f:9f:65:a4:2e:6d:17:d3:4a:
d2:58:75:27:48:00:06:20:7b:c0:b1:9c:ef:22:03:d5:2d:0a:
b9:95:a6:57
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzEk2OK/uQt7jEVJ7jE91mwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMDNkY2E3NjMxOTkwMzE1MmYyNDZlMDVjMDY5ZmQxYTFk
YjVjNTkwHhcNMjQwMTAxMTAzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTdiMDI5Nzk2ODAzNTYzODkzMzFhYmQ0NTZhZWQxYjgwNTQ2MGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Kzx7wuO6bdbHg3iDiU1Xm73F9OM
egFM9gyORtcXrBvMcbv5zKIv5tym2NnrM5kxJPaRxwZjMMeC4i8pAV+7510yVTvk
uSgXTpnG5EPLyp0KytQ7pYg/IGMCbWbEjMetiMIIFXoXd39Me9koVo50cmtiXZtx
iblknPCbU9ND/dB51ynx91xRjCfBq0yV2vkc023ibPbWno1wq1yB5HH58ydN/fuZ
RA4kcDhb1Rjuv5Th6xu08B87JMsOrr28wvatvXzN+cOOGtuXV30oxSl6KFL8Xidr
nDxwCYmDW71rVDI1M060MHdFOra/tje1lf/54GEo+ssFwgK0EIuHva7atQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJF7ApeWgDVjiTMavUVq7RuAVGD6MB8GA1UdIwQY
MBaAFIsD3KdjGZAxUvJG4FwGn9Gh21xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXdQY3AyTVprREZTOGtiZ1hBYWYwYUhiWEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8zMGNkYmUtMTFlMS00NGNhLWI2NTQt
MDI5ZTYzZjA4ODlhLzEva1hzQ2w1YUFOV09KTXhxOVJXcnRHNEJVWVBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8zMGNkYmUtMTFlMS00NGNhLWI2NTQtMDI5ZTYzZjA4ODlh
LzEvaXdQY3AyTVprREZTOGtiZ1hBYWYwYUhiWEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPmwDAN
BgkqhkiG9w0BAQsFAAOCAQEAEFVfB1dYA3GoivnCw+vbF7YfTmqTSCgBv+AgKABR
XNFUvMTCiq3upo2Uxyr+IiD5Nz8EUVjxttHF2LcE5JjKkIflbK2v1sBlM/jDUGAs
XVMMpsVxD6+3Z24Z9R1BjZzkqh8KtuTMewHLslnxqHDhmdBbhE0FDNsNZepJ6dTh
S5OJdaRvwwhAWQ3/QVM85D2DYPmUw7qiCkjJCsUlTlYFM+XfSefJjWuWUJ6AUrZa
euoquVA17ad7rIm8xYw0EY172tsUu0xAXKCH/XonJY0+Vj8ghQKtSlNGvc4XChRd
C1fNX59lpC5tF9NK0lh1J0gABiB7wLGc7yID1S0KuZWmVw==
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:24:01 2024 by rpki-client on console-fra.rpki-client.org