Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/oPHeMyYXr7pqfsWQHQQSFVyn-p8.roa
File: oPHeMyYXr7pqfsWQHQQSFVyn-p8.roa (raw, json)
Hash identifier: dAenC7KdhdZ0vvkRMDFimZaeTGp9dXw+hT3vbQvBNB8=
Subject key identifier: A0:F1:DE:33:26:17:AF:BA:6A:7E:C5:90:1D:04:12:15:5C:A7:FA:9F
Certificate issuer: /CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Certificate serial: 0190208DF9C575C0914F1C2A060B425CBDEE
Authority key identifier: 04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/oPHeMyYXr7pqfsWQHQQSFVyn-p8.roa
Signing time: Sun 16 Jun 2024 10:18:13 +0000
ROA not before: Sun 16 Jun 2024 10:18:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 212.113.100.0/24 maxlen: 24
212.113.101.0/24 maxlen: 24
212.113.102.0/24 maxlen: 24
212.113.103.0/24 maxlen: 24
212.113.106.0/24 maxlen: 24
212.113.116.0/24 maxlen: 24
212.113.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 07:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:20:8d:f9:c5:75:c0:91:4f:1c:2a:06:0b:42:5c:bd:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Validity
Not Before: Jun 16 10:18:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0f1de332617afba6a7ec5901d0412155ca7fa9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2c:6c:0d:42:15:f8:64:c8:55:49:95:cf:4f:
43:21:2b:87:20:72:82:ea:e7:28:a6:6f:aa:6d:61:
aa:0a:20:e8:29:45:04:97:7b:fd:39:bd:44:b3:7e:
41:bc:e1:ef:69:84:b3:e5:bc:ce:ca:6f:b1:f4:cf:
52:8b:da:4e:87:31:ed:19:15:bf:55:11:4d:2f:60:
5a:4f:4d:2a:a0:0d:cc:97:5a:61:3c:7e:5a:a7:b4:
42:55:34:36:fa:26:39:5e:9e:87:66:11:9d:5b:83:
f0:e8:46:0f:cd:41:ae:f8:82:42:80:54:0e:4a:33:
b0:45:26:36:17:f4:cf:ac:63:6a:2a:4e:00:d1:c0:
68:39:2b:eb:dd:33:63:4e:a7:ef:0d:06:f6:10:21:
05:43:0f:58:1a:8d:cf:85:38:93:e2:20:38:0f:08:
05:e5:9d:33:a6:94:76:64:a6:0f:10:bd:76:f2:51:
df:f7:0c:74:db:85:7e:63:3a:68:75:94:30:13:ad:
ad:4f:ac:35:95:92:87:26:c5:ec:7d:eb:90:4a:49:
39:ad:4a:ea:67:55:f3:50:1b:ed:df:d2:81:5d:a1:
42:06:d4:45:08:c0:5c:56:cf:1f:7f:f1:c0:f2:0f:
7b:f4:b5:ae:e0:cb:97:ca:a1:ae:20:98:f7:56:e1:
f6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F1:DE:33:26:17:AF:BA:6A:7E:C5:90:1D:04:12:15:5C:A7:FA:9F
X509v3 Authority Key Identifier:
keyid:04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/oPHeMyYXr7pqfsWQHQQSFVyn-p8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.113.100.0/22
212.113.106.0/24
212.113.116.0/24
212.113.119.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:0b:71:2a:14:9d:44:35:be:f9:dd:0b:9b:d7:17:61:c1:7e:
d7:95:06:b1:a2:29:98:4e:37:7e:46:d2:13:cf:e6:a8:eb:80:
5e:1d:bc:50:3a:e8:6a:a2:16:e7:d1:95:59:37:32:84:e7:b3:
b7:98:3d:bf:b3:9b:de:d5:4a:2b:5b:e7:fa:af:55:82:7c:3e:
e3:30:8e:44:2f:1d:43:be:62:93:74:5a:66:48:52:3e:37:09:
2d:44:db:d4:1e:5b:75:56:71:0d:6f:52:3e:a7:67:2f:ac:55:
a9:f0:fa:64:86:74:3c:93:3f:eb:f4:36:a2:9c:8e:1a:9c:1a:
4e:d1:c9:e5:d7:a4:01:33:8b:73:90:08:01:2b:82:7b:1a:4f:
da:9c:b5:9d:7a:18:34:4b:14:88:b1:4d:0f:f4:06:44:fe:1a:
db:09:4e:2f:45:2b:3a:b9:61:86:bc:a6:aa:73:3a:99:8b:18:
48:5b:d3:52:ca:c7:92:9a:18:ba:08:1d:76:dc:3f:b7:8e:54:
87:09:b7:30:3c:ce:02:57:58:55:3a:a7:0f:81:1b:23:08:6d:
5c:01:9b:c6:2f:d1:99:a3:ae:c5:10:40:4d:8b:ab:c7:3b:dd:
18:18:11:22:3a:80:13:7c:99:17:07:3b:62:89:81:10:25:05:
a4:3e:be:b8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZAgjfnFdcCRTxwqBgtCXL3uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0Y2JlNWI0NjIzZGFiNDJmMTVhOTA1MDAyZGI3Y2U2MmU4
NTRmMjkwHhcNMjQwNjE2MTAxODEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGYxZGUzMzI2MTdhZmJhNmE3ZWM1OTAxZDA0MTIxNTVjYTdmYTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyxsDUIV+GTIVUmVz09DISuHIHKC
6ucopm+qbWGqCiDoKUUEl3v9Ob1Es35BvOHvaYSz5bzOym+x9M9Si9pOhzHtGRW/
VRFNL2BaT00qoA3Ml1phPH5ap7RCVTQ2+iY5Xp6HZhGdW4Pw6EYPzUGu+IJCgFQO
SjOwRSY2F/TPrGNqKk4A0cBoOSvr3TNjTqfvDQb2ECEFQw9YGo3PhTiT4iA4DwgF
5Z0zppR2ZKYPEL128lHf9wx024V+YzpodZQwE62tT6w1lZKHJsXsfeuQSkk5rUrq
Z1XzUBvt39KBXaFCBtRFCMBcVs8ff/HA8g979LWu4MuXyqGuIJj3VuH2gwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKDx3jMmF6+6an7FkB0EEhVcp/qfMB8GA1UdIwQY
MBaAFATL5bRiPatC8VqQUALbfOYuhU8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODct
MDU3ODE3YmE5ZmI3LzEvb1BIZU15WVhyN3BxZnNXUUhRUVNGVnluLXA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODctMDU3ODE3YmE5ZmI3
LzEvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQC1HFkAwQA
1HFqAwQA1HF0AwQA1HF3MA0GCSqGSIb3DQEBCwUAA4IBAQBaC3EqFJ1ENb753Qub
1xdhwX7XlQaxoimYTjd+RtITz+ao64BeHbxQOuhqohbn0ZVZNzKE57O3mD2/s5ve
1UorW+f6r1WCfD7jMI5ELx1DvmKTdFpmSFI+NwktRNvUHlt1VnENb1I+p2cvrFWp
8PpkhnQ8kz/r9DainI4anBpO0cnl16QBM4tzkAgBK4J7Gk/anLWdehg0SxSIsU0P
9AZE/hrbCU4vRSs6uWGGvKaqczqZixhIW9NSyseSmhi6CB123D+3jlSHCbcwPM4C
V1hVOqcPgRsjCG1cAZvGL9GZo67FEEBNi6vHO90YGBEiOoATfJkXBztiiYEQJQWk
Pr64
-----END CERTIFICATE-----
Generated at Wed Jun 26 09:52:26 2024 by rpki-client on console-fra.rpki-client.org