Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/U4xqTxhyBsQqqQqYQs2s3jpxaOI.roa
File: U4xqTxhyBsQqqQqYQs2s3jpxaOI.roa (raw, json)
Hash identifier: 6EcsHrZ15RjlXRoEpVNyfi8sIpbGa6JMJpy/QFSVpJA=
Subject key identifier: 53:8C:6A:4F:18:72:06:C4:2A:A9:0A:98:42:CD:AC:DE:3A:71:68:E2
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 01916ABE012BEC6967E8B56FB69AB1EEE5C7
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/U4xqTxhyBsQqqQqYQs2s3jpxaOI.roa
Signing time: Mon 19 Aug 2024 13:05:22 +0000
ROA not before: Mon 19 Aug 2024 13:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210513
IP address blocks: 212.126.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6a:be:01:2b:ec:69:67:e8:b5:6f:b6:9a:b1:ee:e5:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Aug 19 13:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=538c6a4f187206c42aa90a9842cdacde3a7168e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fd:a9:55:28:af:99:da:5a:22:4f:26:19:c0:
a6:b9:f2:ce:e3:0c:8e:03:e7:07:21:00:ab:81:0e:
4f:b0:4a:77:aa:02:45:ad:2e:1b:2e:aa:d9:67:ae:
e1:86:37:55:70:9a:6b:8a:64:77:27:9f:39:65:79:
01:2a:2e:7d:1e:2b:b2:7c:8f:b2:35:eb:63:46:a8:
10:a3:8a:c2:ca:c0:51:bd:62:0a:b6:24:da:3e:72:
1c:e9:47:83:d3:57:2e:f4:06:40:28:5d:30:6c:30:
b0:49:73:18:43:77:9f:8e:8d:56:b3:3d:92:0e:ce:
c5:76:a6:3b:d4:bf:c5:a9:b8:0a:40:aa:01:fd:b3:
45:ed:df:99:0b:a7:97:06:f7:ba:43:3e:dd:cc:d5:
62:1c:0c:16:fb:56:e2:51:96:56:1d:c6:ac:87:25:
ca:d2:83:ff:e5:fd:94:e7:07:65:66:cc:c9:32:43:
fa:db:26:bb:7e:1f:56:6c:d1:44:d6:2f:e0:4b:fa:
98:81:99:5d:27:35:7e:da:49:b9:83:4a:a1:65:e4:
a4:0e:61:72:61:fc:80:2f:28:ba:63:cb:b2:69:03:
7d:b6:49:72:cf:1e:b9:7e:36:51:6a:73:5e:24:59:
17:86:ac:22:23:ba:57:8d:2e:86:76:f4:e1:42:c5:
32:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:8C:6A:4F:18:72:06:C4:2A:A9:0A:98:42:CD:AC:DE:3A:71:68:E2
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/U4xqTxhyBsQqqQqYQs2s3jpxaOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.126.115.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:da:11:7d:10:fb:28:c7:65:e8:f1:08:15:b6:1b:bb:62:6f:
f5:bc:9b:d2:0d:73:d5:bc:fa:6c:80:90:29:5e:c4:25:10:09:
b3:c3:7c:50:5a:5b:a2:9f:4a:1a:fc:1d:85:55:be:94:fa:a3:
72:9b:9d:7f:d4:60:3e:6d:49:ad:28:40:c5:d4:03:1e:da:8d:
66:59:62:a1:9c:18:17:de:14:5b:f4:d8:69:e4:a1:23:a9:eb:
3e:25:a2:3f:f6:6b:19:6b:fb:27:f7:40:3a:66:32:5f:47:6a:
57:18:2a:e2:5e:c9:4d:3d:8b:c6:c5:b9:71:3d:6b:94:67:ac:
e9:7a:fc:9e:48:75:65:fa:46:41:f7:5e:c0:76:21:6b:ed:07:
88:07:cc:00:3d:cb:bd:2c:82:aa:72:88:f3:2b:03:10:f9:36:
fe:7f:25:f7:a9:3a:fa:d5:01:d5:63:2e:0b:6b:ca:ee:63:21:
1f:17:ee:6d:5b:3e:13:ee:e7:b3:8e:95:2e:63:e9:69:65:cc:
77:48:43:6b:5d:31:74:ac:f6:66:65:32:7b:f6:19:2d:9c:c5:
4a:9d:cf:6f:d4:05:a4:f2:4f:b0:0a:db:dc:64:ee:77:94:fe:
b0:a6:94:d3:c8:33:9a:7f:93:c2:5c:03:94:fc:ce:74:1d:78:
f5:7c:88:a1
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZFqvgEr7Gln6LVvtpqx7uXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2NiYjcyYWE5ODg0YTViZjhkMGU3NTc0MDRhMTdlNWUy
MzMyMmMwHhcNMjQwODE5MTMwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzhjNmE0ZjE4NzIwNmM0MmFhOTBhOTg0MmNkYWNkZTNhNzE2OGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlP2pVSivmdpaIk8mGcCmufLO4wyO
A+cHIQCrgQ5PsEp3qgJFrS4bLqrZZ67hhjdVcJprimR3J585ZXkBKi59HiuyfI+y
NetjRqgQo4rCysBRvWIKtiTaPnIc6UeD01cu9AZAKF0wbDCwSXMYQ3efjo1Wsz2S
Ds7FdqY71L/FqbgKQKoB/bNF7d+ZC6eXBve6Qz7dzNViHAwW+1biUZZWHcashyXK
0oP/5f2U5wdlZszJMkP62ya7fh9WbNFE1i/gS/qYgZldJzV+2km5g0qhZeSkDmFy
YfyALyi6Y8uyaQN9tklyzx65fjZRanNeJFkXhqwiI7pXjS6GdvThQsUysQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFOMak8YcgbEKqkKmELNrN46cWjiMB8GA1UdIwQY
MBaAFPrMu3KqmISlv40OdXQEoX5eIzIsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zeTdjcXFZaEtXX2pRNTFkQVNoZmw0ak1pdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0
LWE0OWU1YzY2MzNiZC8xL1U0eHFUeGh5QnNRcXFRcVlRczJzM2pweGFPSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0LWE0OWU1YzY2MzNi
ZC8xLzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADUfnMw
DQYJKoZIhvcNAQELBQADggEBAG/aEX0Q+yjHZejxCBW2G7tib/W8m9INc9W8+myA
kClexCUQCbPDfFBaW6KfShr8HYVVvpT6o3KbnX/UYD5tSa0oQMXUAx7ajWZZYqGc
GBfeFFv02GnkoSOp6z4loj/2axlr+yf3QDpmMl9HalcYKuJeyU09i8bFuXE9a5Rn
rOl6/J5IdWX6RkH3XsB2IWvtB4gHzAA9y70sgqpyiPMrAxD5Nv5/JfepOvrVAdVj
Lgtryu5jIR8X7m1bPhPu57OOlS5j6WllzHdIQ2tdMXSs9mZlMnv2GS2cxUqdz2/U
BaTyT7AK29xk7neU/rCmlNPIM5p/k8JcA5T8znQdePV8iKE=
-----END CERTIFICATE-----
Generated at Sat Sep 28 17:17:47 2024 by rpki-client on console-ams.rpki-client.org