Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8tZS6QGzCHrD01LVRH_9lnM4TGk.roa
File: 8tZS6QGzCHrD01LVRH_9lnM4TGk.roa (raw, json)
Hash identifier: A+sFxJ3Ru2xRNN3DMHHO0z7r/Mmdzyks6df0ZPYi8bE=
Subject key identifier: F2:D6:52:E9:01:B3:08:7A:C3:D3:52:D5:44:7F:FD:96:73:38:4C:69
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01915CDA1A7A211BB4D1C50D0F2C8590B8E3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8tZS6QGzCHrD01LVRH_9lnM4TGk.roa
Signing time: Fri 16 Aug 2024 20:21:23 +0000
ROA not before: Fri 16 Aug 2024 20:21:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215224
IP address blocks: 212.192.4.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Oct 2024 22:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5c:da:1a:7a:21:1b:b4:d1:c5:0d:0f:2c:85:90:b8:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 16 20:21:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2d652e901b3087ac3d352d5447ffd9673384c69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b1:c3:eb:af:c9:6e:06:c2:2e:3f:5c:76:9d:
e2:2d:9b:fa:0d:bc:ad:d6:ab:a4:e6:4d:6f:05:9e:
3a:be:54:e5:4e:f1:a4:b3:5a:b1:fa:d5:96:d5:cc:
12:b3:4c:6a:0d:83:76:21:a1:20:91:6e:76:5c:1f:
46:79:08:bd:2e:3a:bd:e7:1a:8b:cf:c0:90:16:d4:
32:bd:95:f7:c4:e3:19:c9:a6:ca:29:e2:7f:42:83:
4f:d9:4a:24:8e:a7:04:a5:b3:b6:50:fd:2d:cb:a8:
1f:8b:14:6d:70:ca:72:2e:ce:95:93:f5:6b:5c:1b:
eb:b4:89:3c:0a:f7:8e:82:b6:3e:85:dd:3e:b5:9b:
83:a5:73:0a:40:fd:50:25:41:ac:15:d1:20:06:c6:
2a:4d:50:bc:b2:31:bc:fa:e1:41:cd:0e:30:9e:83:
e1:d7:38:18:d1:77:d9:33:10:e5:29:c6:de:6e:f7:
16:ac:b4:78:7b:e6:c2:48:0f:94:79:44:ad:82:98:
a9:07:18:1e:b8:e5:59:47:28:8c:86:1b:7d:34:16:
11:83:5c:6d:c1:79:af:30:61:39:9b:c0:2d:9d:47:
45:0d:6e:e7:cc:80:78:39:55:a8:69:f4:ea:f1:03:
7e:18:d7:d8:f4:dd:4e:10:d9:5e:b6:96:2a:7a:6d:
60:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:D6:52:E9:01:B3:08:7A:C3:D3:52:D5:44:7F:FD:96:73:38:4C:69
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8tZS6QGzCHrD01LVRH_9lnM4TGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.4.0/24
212.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
79:08:f2:06:ef:e3:c4:2f:b5:01:de:08:2f:36:e1:4c:37:ea:
34:fa:4a:06:b2:17:94:b0:76:4b:48:c6:55:d1:28:53:5c:60:
f4:50:c6:6f:74:6a:75:8d:d5:4c:73:52:d6:68:73:9f:9d:e3:
e1:7f:04:85:af:14:09:0f:7a:1b:b3:69:95:53:a6:33:fb:79:
37:09:c9:24:fe:66:bf:9c:87:62:d7:8f:50:8b:40:f7:25:a5:
fd:96:af:34:cf:54:92:ab:a2:d5:18:31:ef:a6:6c:67:5e:d6:
b6:21:18:37:3c:34:45:7c:5f:1b:25:83:f5:e4:68:7d:fe:21:
8c:0a:11:cd:5f:7b:72:42:48:a6:a1:78:62:22:6c:a6:9d:32:
42:4a:a8:c4:c1:09:26:31:13:b3:08:60:4e:22:5b:f4:1b:97:
c6:fa:61:e9:8d:5e:c7:fc:ef:3f:54:82:f3:b7:93:99:3d:a7:
1e:49:51:e9:18:c9:73:7a:23:40:d1:57:17:4a:cf:73:97:c0:
99:55:73:f5:58:30:9d:da:f0:1d:d8:ba:99:d8:2f:bc:b2:e3:
a1:a2:41:ca:d2:ac:ae:d8:b9:4b:42:3e:1b:b5:45:a5:3f:02:
d3:c2:7a:c0:bb:ff:fe:41:f9:ef:1e:9c:b9:9a:5e:56:fc:a4:
7b:6c:95:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFc2hp6IRu00cUNDyyFkLjjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODE2MjAyMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmQ2NTJlOTAxYjMwODdhYzNkMzUyZDU0NDdmZmQ5NjczMzg0YzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rHD66/JbgbCLj9cdp3iLZv6Dbyt
1quk5k1vBZ46vlTlTvGks1qx+tWW1cwSs0xqDYN2IaEgkW52XB9GeQi9Ljq95xqL
z8CQFtQyvZX3xOMZyabKKeJ/QoNP2UokjqcEpbO2UP0ty6gfixRtcMpyLs6Vk/Vr
XBvrtIk8CveOgrY+hd0+tZuDpXMKQP1QJUGsFdEgBsYqTVC8sjG8+uFBzQ4wnoPh
1zgY0XfZMxDlKcbebvcWrLR4e+bCSA+UeUStgpipBxgeuOVZRyiMhht9NBYRg1xt
wXmvMGE5m8AtnUdFDW7nzIB4OVWoafTq8QN+GNfY9N1OENletpYqem1gZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPLWUukBswh6w9NS1UR//ZZzOExpMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOHRaUzZRR3pDSHJEMDFMVlJIXzlsbk00VEdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1MAEAwQA
1MDWMA0GCSqGSIb3DQEBCwUAA4IBAQB5CPIG7+PEL7UB3ggvNuFMN+o0+koGsheU
sHZLSMZV0ShTXGD0UMZvdGp1jdVMc1LWaHOfnePhfwSFrxQJD3obs2mVU6Yz+3k3
Cckk/ma/nIdi149Qi0D3JaX9lq80z1SSq6LVGDHvpmxnXta2IRg3PDRFfF8bJYP1
5Gh9/iGMChHNX3tyQkimoXhiImymnTJCSqjEwQkmMROzCGBOIlv0G5fG+mHpjV7H
/O8/VILzt5OZPaceSVHpGMlzeiNA0VcXSs9zl8CZVXP1WDCd2vAd2LqZ2C+8suOh
okHK0qyu2LlLQj4btUWlPwLTwnrAu//+QfnvHpy5ml5W/KR7bJUy
-----END CERTIFICATE-----
Generated at Tue Oct 15 03:48:46 2024 by rpki-client on console-ams.rpki-client.org