Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/9cuSe6EQduTFmDUrAlabNAoNJyY.roa
File: 9cuSe6EQduTFmDUrAlabNAoNJyY.roa (raw, json)
Hash identifier: gX+mcDMtiTlq6Qo5aYpLscccvibmfhdOls1LnB45EsQ=
Subject key identifier: F5:CB:92:7B:A1:10:76:E4:C5:98:35:2B:02:56:9B:34:0A:0D:27:26
Certificate issuer: /CN=4a409555105040578cb296070074f45107252eeb
Certificate serial: 018CC26D4C8FDFEA184A149429BCDF8707D5
Authority key identifier: 4A:40:95:55:10:50:40:57:8C:B2:96:07:00:74:F4:51:07:25:2E:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SkCVVRBQQFeMspYHAHT0UQclLus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/9cuSe6EQduTFmDUrAlabNAoNJyY.roa
Signing time: Mon 01 Jan 2024 00:29:52 +0000
ROA not before: Mon 01 Jan 2024 00:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12539
IP address blocks: 212.122.84.0/22 maxlen: 22
212.122.82.0/23 maxlen: 23
212.122.94.0/24 maxlen: 24
212.122.64.0/24 maxlen: 24
212.122.66.0/23 maxlen: 23
212.122.78.0/24 maxlen: 24
212.122.76.0/23 maxlen: 23
212.122.74.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/SkCVVRBQQFeMspYHAHT0UQclLus.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/SkCVVRBQQFeMspYHAHT0UQclLus.mft
rsync://rpki.ripe.net/repository/DEFAULT/SkCVVRBQQFeMspYHAHT0UQclLus.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 10:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4c:8f:df:ea:18:4a:14:94:29:bc:df:87:07:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a409555105040578cb296070074f45107252eeb
Validity
Not Before: Jan 1 00:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5cb927ba11076e4c598352b02569b340a0d2726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3d:23:3d:35:5c:8e:83:45:3c:b4:e9:6c:39:
b7:69:7c:74:5f:74:08:1c:77:55:9d:14:4a:91:c2:
35:19:80:86:b3:11:e6:86:98:e9:56:99:60:59:4c:
6a:5a:f6:54:5d:a2:0d:5a:a7:5e:69:22:81:66:f1:
fa:ee:a8:25:28:7a:83:8f:2b:85:34:68:36:16:58:
58:6e:56:4a:1a:e9:1e:a7:cc:45:0b:b2:20:0f:66:
83:37:92:b8:dc:d5:ca:af:e1:bd:3a:ce:ea:7f:d4:
33:3c:22:93:df:b5:c2:2c:a4:af:b1:33:28:95:7d:
72:8c:16:25:b7:dc:d1:cc:b0:65:8a:6e:35:d1:32:
a9:b0:e4:5a:d2:f9:de:7c:04:65:42:be:c4:6f:38:
b6:54:34:e3:65:c7:f6:01:8d:57:e9:43:7a:1f:59:
1a:55:47:46:0f:86:73:86:6a:90:35:96:f3:ff:a3:
4d:90:47:f0:51:c8:56:93:2f:16:69:a2:42:08:93:
09:5c:64:46:bf:f2:fa:ef:90:5d:98:0d:a8:c0:86:
de:16:26:51:d5:53:9c:39:14:7c:9d:3a:64:ad:77:
4b:08:c8:35:26:11:b4:41:54:71:d1:5a:8d:cc:5c:
df:b2:f0:ed:e3:69:61:fb:30:ee:63:69:c0:e0:07:
b4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:CB:92:7B:A1:10:76:E4:C5:98:35:2B:02:56:9B:34:0A:0D:27:26
X509v3 Authority Key Identifier:
keyid:4A:40:95:55:10:50:40:57:8C:B2:96:07:00:74:F4:51:07:25:2E:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SkCVVRBQQFeMspYHAHT0UQclLus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/9cuSe6EQduTFmDUrAlabNAoNJyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/SkCVVRBQQFeMspYHAHT0UQclLus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.122.64.0/24
212.122.66.0/23
212.122.74.0-212.122.78.255
212.122.82.0-212.122.87.255
212.122.94.0/24
Signature Algorithm: sha256WithRSAEncryption
05:47:46:86:bf:a8:4a:83:eb:b7:5b:c4:e0:8f:75:c2:85:3a:
45:47:fb:d7:02:50:08:6b:66:17:53:6c:cf:c8:88:0c:a2:80:
7b:0d:1e:58:eb:f1:65:0c:aa:aa:1a:bf:17:7b:47:5d:4a:1b:
ea:1b:d8:64:2d:6c:70:0b:e7:b9:ce:9e:05:68:f3:7a:c1:e2:
82:1e:f5:fc:cb:b2:42:3d:ec:e8:9f:2f:b7:3f:99:12:cf:ee:
4d:3a:ea:17:80:d3:52:f6:f6:9a:53:f9:d3:fe:34:cb:22:8c:
fe:0a:5f:42:86:c6:e1:89:2d:40:c3:82:20:72:75:65:a6:e7:
62:b9:a1:39:4d:6a:ac:fb:46:20:38:45:8d:0b:af:5c:d7:c8:
20:61:8a:3f:e4:d7:41:77:c5:f3:70:03:be:37:1f:cb:c4:c1:
fe:80:dc:83:0e:95:c7:68:c4:0b:5a:29:38:71:e2:ac:30:80:
7f:c7:6c:60:ec:c9:8a:1b:ba:b2:24:fc:ac:8a:cf:37:95:b6:
27:a4:1e:44:66:39:a1:b2:b7:ec:b9:cf:9a:30:3d:b9:08:83:
0b:11:f3:b4:ee:ee:78:c6:15:2e:59:00:75:53:59:0d:5b:8c:
ab:73:8a:94:df:81:27:a9:9a:c4:56:83:f7:a8:b1:2c:c8:c6:
12:2e:91:30
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzCbUyP3+oYShSUKbzfhwfVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDA5NTU1MTA1MDQwNTc4Y2IyOTYwNzAwNzRmNDUxMDcy
NTJlZWIwHhcNMjQwMTAxMDAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWNiOTI3YmExMTA3NmU0YzU5ODM1MmIwMjU2OWIzNDBhMGQyNzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuT0jPTVcjoNFPLTpbDm3aXx0X3QI
HHdVnRRKkcI1GYCGsxHmhpjpVplgWUxqWvZUXaINWqdeaSKBZvH67qglKHqDjyuF
NGg2FlhYblZKGukep8xFC7IgD2aDN5K43NXKr+G9Os7qf9QzPCKT37XCLKSvsTMo
lX1yjBYlt9zRzLBlim410TKpsORa0vnefARlQr7Ebzi2VDTjZcf2AY1X6UN6H1ka
VUdGD4ZzhmqQNZbz/6NNkEfwUchWky8WaaJCCJMJXGRGv/L675BdmA2owIbeFiZR
1VOcORR8nTpkrXdLCMg1JhG0QVRx0VqNzFzfsvDt42lh+zDuY2nA4Ae0mwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFPXLknuhEHbkxZg1KwJWmzQKDScmMB8GA1UdIwQY
MBaAFEpAlVUQUEBXjLKWBwB09FEHJS7rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tDVlZSQlFRRmVNc3BZSEFIVDBVUWNsTHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC81NzMxZGEtNjY2NS00MTYxLTgwYzEt
NWU3OWI0NDM1ZTJjLzEvOWN1U2U2RVFkdVRGbURVckFsYWJOQW9OSnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC81NzMxZGEtNjY2NS00MTYxLTgwYzEtNWU3OWI0NDM1ZTJj
LzEvU2tDVlZSQlFRRmVNc3BZSEFIVDBVUWNsTHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQA1HpAAwQB
1HpCMAwDBAHUekoDBADUek4wDAMEAdR6UgMEA9R6UAMEANR6XjANBgkqhkiG9w0B
AQsFAAOCAQEABUdGhr+oSoPrt1vE4I91woU6RUf71wJQCGtmF1Nsz8iIDKKAew0e
WOvxZQyqqhq/F3tHXUob6hvYZC1scAvnuc6eBWjzesHigh71/MuyQj3s6J8vtz+Z
Es/uTTrqF4DTUvb2mlP50/40yyKM/gpfQobG4YktQMOCIHJ1ZabnYrmhOU1qrPtG
IDhFjQuvXNfIIGGKP+TXQXfF83ADvjcfy8TB/oDcgw6Vx2jEC1opOHHirDCAf8ds
YOzJihu6siT8rIrPN5W2J6QeRGY5obK37LnPmjA9uQiDCxHztO7ueMYVLlkAdVNZ
DVuMq3OKlN+BJ6maxFaD96ixLMjGEi6RMA==
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:06:06 2024 by rpki-client on console-ams.rpki-client.org