Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/9vKqG4YEZ-VzHDJKg9cCqOnDRI8.roa
File: 9vKqG4YEZ-VzHDJKg9cCqOnDRI8.roa (raw, json)
Hash identifier: vDwCyz/WhhaMucNzZoBo+1SdZjkFIKgxdnF0XuA1oMo=
Subject key identifier: F6:F2:AA:1B:86:04:67:E5:73:1C:32:4A:83:D7:02:A8:E9:C3:44:8F
Certificate issuer: /CN=3bccbc70e18b6c69e53ef52a5e925e5f4f0cdcc1
Certificate serial: 018CC8DF2708B228707CC55EBE6FDA987798
Authority key identifier: 3B:CC:BC:70:E1:8B:6C:69:E5:3E:F5:2A:5E:92:5E:5F:4F:0C:DC:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O8y8cOGLbGnlPvUqXpJeX08M3ME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/9vKqG4YEZ-VzHDJKg9cCqOnDRI8.roa
Signing time: Tue 02 Jan 2024 06:31:56 +0000
ROA not before: Tue 02 Jan 2024 06:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39891
IP address blocks: 212.215.208.0/22 maxlen: 22
212.215.212.0/22 maxlen: 22
212.215.216.0/22 maxlen: 22
212.215.232.0/22 maxlen: 22
212.215.238.0/24 maxlen: 24
212.215.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/O8y8cOGLbGnlPvUqXpJeX08M3ME.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/O8y8cOGLbGnlPvUqXpJeX08M3ME.mft
rsync://rpki.ripe.net/repository/DEFAULT/O8y8cOGLbGnlPvUqXpJeX08M3ME.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 12:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:27:08:b2:28:70:7c:c5:5e:be:6f:da:98:77:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bccbc70e18b6c69e53ef52a5e925e5f4f0cdcc1
Validity
Not Before: Jan 2 06:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6f2aa1b860467e5731c324a83d702a8e9c3448f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e2:b6:72:93:9e:cf:a5:b8:ef:bd:d4:89:6b:
9e:7f:00:0f:ed:b4:f0:ba:08:08:b7:d6:05:ad:77:
c8:eb:51:cf:d1:e5:5a:27:9a:44:86:58:36:71:72:
14:77:51:89:2f:3e:9a:c9:79:79:ae:3c:8a:12:d8:
13:22:64:c8:1c:3b:08:e2:fa:4a:5e:58:99:b6:f4:
2f:a3:be:a6:4a:aa:d7:81:ce:76:66:b6:23:b1:ac:
89:fb:a1:80:8c:33:b1:0e:70:9f:2c:b8:27:8b:2b:
bd:3c:d3:9b:12:2e:00:46:45:b0:bc:22:a8:8f:dc:
00:80:90:0b:d8:a6:fa:7e:36:41:a1:82:27:c3:9a:
7d:7b:32:3e:ee:ae:32:d0:be:2e:8e:f1:a2:92:14:
1c:6e:b4:4d:cc:f5:2e:e2:b6:fe:da:0d:1e:a0:3f:
af:fc:59:a7:5c:97:99:17:d7:ef:7e:b4:4a:34:3c:
50:89:2f:05:22:7a:36:18:d5:b0:ab:4b:ad:dc:59:
f4:db:54:23:95:8e:46:d7:53:98:4f:f9:83:31:27:
da:7e:17:e7:7a:58:a0:ce:52:20:d8:8f:0c:73:15:
0c:be:f7:c2:07:5a:0a:23:0f:b7:b8:41:52:1c:ca:
9b:02:f8:f8:6b:f2:11:5a:93:b8:99:60:d6:c3:85:
5c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:F2:AA:1B:86:04:67:E5:73:1C:32:4A:83:D7:02:A8:E9:C3:44:8F
X509v3 Authority Key Identifier:
keyid:3B:CC:BC:70:E1:8B:6C:69:E5:3E:F5:2A:5E:92:5E:5F:4F:0C:DC:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O8y8cOGLbGnlPvUqXpJeX08M3ME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/9vKqG4YEZ-VzHDJKg9cCqOnDRI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/O8y8cOGLbGnlPvUqXpJeX08M3ME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.215.129.0/24
212.215.208.0-212.215.219.255
212.215.232.0/22
212.215.238.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:00:a1:07:52:3d:ed:77:b3:e5:00:e3:5c:b8:a6:33:1d:3d:
ba:93:62:6c:03:82:bd:6e:4a:68:21:14:1e:fc:5c:5f:04:29:
65:aa:6a:88:af:c1:83:c8:5f:60:67:ab:b2:a6:cd:38:da:29:
ab:9d:88:02:e2:ae:61:45:40:69:c1:66:97:b8:8c:ce:77:f5:
90:96:87:03:d5:93:c7:c9:fd:dd:09:e4:8f:d4:8d:94:28:90:
9f:ea:bb:8e:f4:ba:f5:ab:45:a4:37:f5:25:36:ae:3f:10:c0:
09:37:53:74:59:28:ab:b9:82:8a:dd:6f:d2:75:bb:97:32:73:
ff:52:e1:e1:7b:b6:39:b4:d7:b6:60:c8:56:c5:ec:ba:e2:2b:
f6:c2:72:4b:f6:70:41:a8:42:19:89:96:da:1f:b5:47:4d:6d:
f1:f8:fd:c8:cd:a0:60:f4:62:a4:bf:ba:b7:e6:43:99:65:fb:
eb:df:3b:b7:42:f9:0b:16:74:6d:cb:56:36:9e:d7:b5:c5:36:
c3:7e:f2:62:68:24:ea:f1:05:cc:7b:41:a3:61:98:91:6f:4f:
70:09:38:4e:68:8d:94:77:9d:5d:5c:f1:2c:2a:4c:6c:91:ea:
0a:66:97:57:59:55:1c:e4:c3:f3:d7:8f:a0:54:de:e8:a3:36:
4e:3a:fd:d2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzI3ycIsihwfMVevm/amHeYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiY2NiYzcwZTE4YjZjNjllNTNlZjUyYTVlOTI1ZTVmNGYw
Y2RjYzEwHhcNMjQwMTAyMDYzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmYyYWExYjg2MDQ2N2U1NzMxYzMyNGE4M2Q3MDJhOGU5YzM0NDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeK2cpOez6W4773UiWuefwAP7bTw
uggIt9YFrXfI61HP0eVaJ5pEhlg2cXIUd1GJLz6ayXl5rjyKEtgTImTIHDsI4vpK
XliZtvQvo76mSqrXgc52ZrYjsayJ+6GAjDOxDnCfLLgniyu9PNObEi4ARkWwvCKo
j9wAgJAL2Kb6fjZBoYInw5p9ezI+7q4y0L4ujvGikhQcbrRNzPUu4rb+2g0eoD+v
/FmnXJeZF9fvfrRKNDxQiS8FIno2GNWwq0ut3Fn021QjlY5G11OYT/mDMSfafhfn
eligzlIg2I8McxUMvvfCB1oKIw+3uEFSHMqbAvj4a/IRWpO4mWDWw4VccwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPbyqhuGBGflcxwySoPXAqjpw0SPMB8GA1UdIwQY
MBaAFDvMvHDhi2xp5T71Kl6SXl9PDNzBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzh5OGNPR0xiR25sUHZVcVhwSmVYMDhNM01FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS84YTQ3NzMtYTJiZC00MGQyLWJmYzgt
YmJlNjBlYTIyMmM1LzEvOXZLcUc0WUVaLVZ6SERKS2c5Y0NxT25EUkk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS84YTQ3NzMtYTJiZC00MGQyLWJmYzgtYmJlNjBlYTIyMmM1
LzEvTzh5OGNPR0xiR25sUHZVcVhwSmVYMDhNM01FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQA1NeBMAwD
BATU19ADBALU19gDBALU1+gDBADU1+4wDQYJKoZIhvcNAQELBQADggEBAF8AoQdS
Pe13s+UA41y4pjMdPbqTYmwDgr1uSmghFB78XF8EKWWqaoivwYPIX2Bnq7KmzTja
KaudiALirmFFQGnBZpe4jM539ZCWhwPVk8fJ/d0J5I/UjZQokJ/qu470uvWrRaQ3
9SU2rj8QwAk3U3RZKKu5gordb9J1u5cyc/9S4eF7tjm017ZgyFbF7LriK/bCckv2
cEGoQhmJltoftUdNbfH4/cjNoGD0YqS/urfmQ5ll++vfO7dC+QsWdG3LVjae17XF
NsN+8mJoJOrxBcx7QaNhmJFvT3AJOE5ojZR3nV1c8SwqTGyR6gpml1dZVRzkw/PX
j6BU3uijNk46/dI=
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:58:29 2024 by rpki-client on console-ams.rpki-client.org