Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/92b508-1fad-4299-8720-7c4afb88e2f2/1/F6m1C7ogA8k20avAoWwhsUg4_8E.roa
File: F6m1C7ogA8k20avAoWwhsUg4_8E.roa (raw, json)
Hash identifier: OqseZ1SEtjaiQ/Ae6m+47fPqxS0nk1pDL4zsw8AHtiA=
Subject key identifier: 17:A9:B5:0B:BA:20:03:C9:36:D1:AB:C0:A1:6C:21:B1:48:38:FF:C1
Certificate issuer: /CN=1ea1f59a96797271e1fd6673a9c534257da88e6b
Certificate serial: 018CC9BC684656904DB62E5E48E6E4E0E0BE
Authority key identifier: 1E:A1:F5:9A:96:79:72:71:E1:FD:66:73:A9:C5:34:25:7D:A8:8E:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HqH1mpZ5cnHh_WZzqcU0JX2ojms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/92b508-1fad-4299-8720-7c4afb88e2f2/1/F6m1C7ogA8k20avAoWwhsUg4_8E.roa
Signing time: Tue 02 Jan 2024 10:33:37 +0000
ROA not before: Tue 02 Jan 2024 10:33:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48918
IP address blocks: 212.58.64.0/19 maxlen: 24
2a00:fb80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/92b508-1fad-4299-8720-7c4afb88e2f2/1/HqH1mpZ5cnHh_WZzqcU0JX2ojms.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/92b508-1fad-4299-8720-7c4afb88e2f2/1/HqH1mpZ5cnHh_WZzqcU0JX2ojms.mft
rsync://rpki.ripe.net/repository/DEFAULT/HqH1mpZ5cnHh_WZzqcU0JX2ojms.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 15:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:68:46:56:90:4d:b6:2e:5e:48:e6:e4:e0:e0:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ea1f59a96797271e1fd6673a9c534257da88e6b
Validity
Not Before: Jan 2 10:33:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17a9b50bba2003c936d1abc0a16c21b14838ffc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b6:2b:e2:a2:9b:9a:2d:6d:2d:b2:ea:74:3f:
e0:c1:c8:01:83:dc:db:58:81:fd:4d:a3:f8:38:85:
27:fe:83:1e:ec:c2:84:4e:08:d5:0f:0f:8d:0f:7f:
30:bc:02:ca:90:76:f7:cc:88:a2:5d:ae:c5:6a:78:
a4:0a:0b:46:12:77:ce:52:8b:e4:82:eb:e6:1a:c1:
d4:85:df:c5:4f:8f:e1:81:33:71:44:42:8b:f0:86:
4e:7d:14:fb:76:12:12:0a:11:cb:e7:6c:ae:ec:4c:
ca:80:b7:bc:b9:9a:bf:55:db:4c:36:a7:fd:9e:09:
87:6b:da:1c:72:4f:e8:f5:fb:d4:4e:d7:2a:f5:b5:
ca:87:e8:15:c4:d9:a2:fc:86:49:64:1d:df:42:11:
cb:f9:32:11:29:71:bf:88:50:7e:55:61:f5:72:6d:
61:ae:09:58:80:4d:63:7a:e9:76:ef:65:c3:23:e7:
a1:1c:5c:e5:6a:61:b6:05:e5:e9:f4:1d:ca:bf:3a:
80:eb:bb:de:41:7c:2f:06:35:fc:ca:25:ec:db:fb:
34:9a:5f:96:e1:59:e7:69:0d:e9:6f:c2:1f:df:51:
8b:50:c7:e9:c9:84:82:c0:52:2d:b2:2c:26:34:13:
fa:1d:e1:b3:c7:9a:19:a8:17:b2:27:52:59:43:0f:
eb:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:A9:B5:0B:BA:20:03:C9:36:D1:AB:C0:A1:6C:21:B1:48:38:FF:C1
X509v3 Authority Key Identifier:
keyid:1E:A1:F5:9A:96:79:72:71:E1:FD:66:73:A9:C5:34:25:7D:A8:8E:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqH1mpZ5cnHh_WZzqcU0JX2ojms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/92b508-1fad-4299-8720-7c4afb88e2f2/1/F6m1C7ogA8k20avAoWwhsUg4_8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/92b508-1fad-4299-8720-7c4afb88e2f2/1/HqH1mpZ5cnHh_WZzqcU0JX2ojms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.58.64.0/19
IPv6:
2a00:fb80::/32
Signature Algorithm: sha256WithRSAEncryption
6a:e3:33:ed:30:fc:6b:2e:b4:3b:07:1f:f6:be:61:61:dd:d8:
8c:bc:b0:6a:5e:56:5e:d7:0e:63:21:32:da:b0:53:b0:74:9e:
83:e9:09:a1:64:a8:9d:de:c4:21:a4:87:1a:1a:f3:e9:c8:33:
df:1e:3e:5d:ec:29:87:d8:ee:dd:95:6b:0d:c6:07:b7:63:11:
ea:1c:43:99:eb:34:16:75:e2:b4:6f:ca:83:70:a4:7b:f7:66:
e4:a9:3b:be:9e:d3:b9:9b:fe:a6:1a:b5:d7:9b:ed:c8:a3:58:
69:8a:1a:d4:2a:ea:94:d8:d4:f1:21:4d:c7:81:20:bc:f8:11:
c0:11:58:64:23:27:d1:50:b5:c2:55:4f:02:ad:70:9e:a5:64:
e9:21:e9:7d:c7:fa:dc:2f:a2:30:33:9c:4f:48:07:e9:48:14:
ef:da:07:7c:b2:78:aa:e1:77:bd:bd:f1:7f:2c:3c:69:12:41:
89:6b:10:03:ed:2a:b1:b6:f4:8f:a2:61:5c:64:c7:e8:4d:3c:
71:fe:0b:a5:df:20:96:f4:10:fa:4c:7a:76:cf:13:88:b9:aa:
a1:7d:89:dc:71:b1:1e:ad:d4:0d:54:fe:8d:a5:9c:90:08:95:
92:5f:d5:78:55:3c:91:34:2d:1b:c1:84:00:f8:db:30:e8:30:
4d:b8:94:0b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvGhGVpBNti5eSObk4OC+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYTFmNTlhOTY3OTcyNzFlMWZkNjY3M2E5YzUzNDI1N2Rh
ODhlNmIwHhcNMjQwMTAyMTAzMzM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2E5YjUwYmJhMjAwM2M5MzZkMWFiYzBhMTZjMjFiMTQ4MzhmZmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7Yr4qKbmi1tLbLqdD/gwcgBg9zb
WIH9TaP4OIUn/oMe7MKETgjVDw+ND38wvALKkHb3zIiiXa7FanikCgtGEnfOUovk
guvmGsHUhd/FT4/hgTNxREKL8IZOfRT7dhISChHL52yu7EzKgLe8uZq/VdtMNqf9
ngmHa9occk/o9fvUTtcq9bXKh+gVxNmi/IZJZB3fQhHL+TIRKXG/iFB+VWH1cm1h
rglYgE1jeul272XDI+ehHFzlamG2BeXp9B3KvzqA67veQXwvBjX8yiXs2/s0ml+W
4VnnaQ3pb8If31GLUMfpyYSCwFItsiwmNBP6HeGzx5oZqBeyJ1JZQw/rrQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBeptQu6IAPJNtGrwKFsIbFIOP/BMB8GA1UdIwQY
MBaAFB6h9ZqWeXJx4f1mc6nFNCV9qI5rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHFIMW1wWjVjbkhoX1daenFjVTBKWDJvam1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC85MmI1MDgtMWZhZC00Mjk5LTg3MjAt
N2M0YWZiODhlMmYyLzEvRjZtMUM3b2dBOGsyMGF2QW9Xd2hzVWc0XzhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC85MmI1MDgtMWZhZC00Mjk5LTg3MjAtN2M0YWZiODhlMmYy
LzEvSHFIMW1wWjVjbkhoX1daenFjVTBKWDJvam1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1DpAMA0E
AgACMAcDBQAqAPuAMA0GCSqGSIb3DQEBCwUAA4IBAQBq4zPtMPxrLrQ7Bx/2vmFh
3diMvLBqXlZe1w5jITLasFOwdJ6D6QmhZKid3sQhpIcaGvPpyDPfHj5d7CmH2O7d
lWsNxge3YxHqHEOZ6zQWdeK0b8qDcKR792bkqTu+ntO5m/6mGrXXm+3Io1hpihrU
KuqU2NTxIU3HgSC8+BHAEVhkIyfRULXCVU8CrXCepWTpIel9x/rcL6IwM5xPSAfp
SBTv2gd8sniq4Xe9vfF/LDxpEkGJaxAD7SqxtvSPomFcZMfoTTxx/gul3yCW9BD6
THp2zxOIuaqhfYnccbEerdQNVP6NpZyQCJWSX9V4VTyRNC0bwYQA+Nsw6DBNuJQL
-----END CERTIFICATE-----
Generated at Sun Jun 23 19:08:17 2024 by rpki-client on console-fra.rpki-client.org