Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CmbzOXkvBKsNmwdZrdGbo4JjZdw.roa
File: CmbzOXkvBKsNmwdZrdGbo4JjZdw.roa (raw, json)
Hash identifier: RjA4VzIPilTkgEVpdHXK1Xe0HrY7L2DyJWawhh5qv70=
Subject key identifier: 0A:66:F3:39:79:2F:04:AB:0D:9B:07:59:AD:D1:9B:A3:82:63:65:DC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D7D7F10E9401FA9F1BBF288FD3B346CF8
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CmbzOXkvBKsNmwdZrdGbo4JjZdw.roa
Signing time: Tue 06 Feb 2024 08:18:15 +0000
ROA not before: Tue 06 Feb 2024 08:18:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42926
IP address blocks: 212.115.40.0/24 maxlen: 24
212.115.42.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:7f:10:e9:40:1f:a9:f1:bb:f2:88:fd:3b:34:6c:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 6 08:18:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a66f339792f04ab0d9b0759add19ba3826365dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cf:c3:2a:03:82:53:11:fb:ab:40:00:5d:eb:
eb:e7:e2:f8:c4:10:2e:e3:c2:a8:2e:93:f2:1e:5d:
a4:77:a6:5b:3c:58:d1:ec:02:cc:a3:08:db:fe:28:
b5:8b:66:09:96:2e:17:76:28:6b:fd:b6:41:95:3b:
ca:72:eb:5a:44:2d:89:23:68:38:57:cf:c8:d6:3f:
3d:9c:72:8d:db:bd:d3:07:9a:87:79:5f:17:55:4c:
12:dd:cb:20:1f:88:02:83:3e:7b:f5:c3:ce:75:04:
30:45:15:2b:e6:7e:9a:3d:47:5b:4e:46:0b:4e:5a:
bf:21:65:24:e8:49:e0:d6:ae:bb:34:66:cc:11:3a:
84:fa:25:1c:04:94:c5:59:d9:26:ad:35:2d:b6:f9:
67:19:d9:d8:b3:1d:ae:6a:da:a9:0d:da:bb:d3:73:
a7:cc:ed:8d:58:99:ea:a3:ad:ba:85:aa:fa:ac:13:
3e:60:22:6f:3f:80:6d:40:12:f4:a3:91:05:8f:b9:
5a:31:71:7f:c4:12:3c:b5:92:ee:8c:ed:6d:34:46:
ea:3e:28:7a:b6:99:36:d1:e4:7d:aa:fd:d0:61:93:
d3:e3:fe:c9:66:3f:15:3d:4c:40:5b:0b:0c:c5:6c:
0c:51:be:b6:92:e7:9a:83:e6:56:83:f1:f4:2b:f7:
0e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:66:F3:39:79:2F:04:AB:0D:9B:07:59:AD:D1:9B:A3:82:63:65:DC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CmbzOXkvBKsNmwdZrdGbo4JjZdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.115.40.0/24
212.115.42.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:a1:5e:2a:e8:12:02:77:72:e0:22:39:8f:e9:90:47:8a:6f:
08:4d:10:b1:88:a4:b1:49:24:53:4e:f3:21:7a:0a:a9:a4:38:
69:ba:62:36:ee:05:95:bd:57:a3:66:e9:7b:da:2c:68:99:f8:
76:c7:0d:4a:ac:8a:ce:0f:2f:52:11:3d:54:fa:86:c9:7b:b2:
1b:8a:f1:34:5f:35:72:08:b0:e7:4f:eb:49:09:65:70:ed:91:
7b:06:06:e8:c0:9e:7b:97:4e:e7:9f:f2:33:73:57:68:c4:85:
d9:86:a7:f5:da:e5:6b:a0:db:2c:8a:c9:6c:44:d0:f2:d4:a4:
f3:25:b4:b7:d2:bb:f3:06:04:b0:db:24:21:ef:32:05:39:d8:
c5:f0:bd:57:55:50:84:f0:c5:1c:c4:01:75:66:d7:09:1d:6f:
6f:87:14:5d:a8:e6:c6:92:0a:e3:d2:0c:32:9e:2a:4e:6b:5c:
1a:15:ae:b6:46:98:83:ea:cd:ca:c1:d8:01:c1:58:08:fa:43:
db:b8:dc:55:90:32:68:a2:72:59:fe:99:51:df:0a:ca:5c:78:
91:57:f8:f3:91:79:dd:15:19:26:a8:b1:18:63:21:04:9b:b3:
00:4f:c3:b6:08:19:fa:d9:af:cb:ed:f9:12:8a:70:93:94:d4:
ae:aa:01:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY19fxDpQB+p8bvyiP07NGz4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjA2MDgxODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTY2ZjMzOTc5MmYwNGFiMGQ5YjA3NTlhZGQxOWJhMzgyNjM2NWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnc/DKgOCUxH7q0AAXevr5+L4xBAu
48KoLpPyHl2kd6ZbPFjR7ALMowjb/ii1i2YJli4Xdihr/bZBlTvKcutaRC2JI2g4
V8/I1j89nHKN273TB5qHeV8XVUwS3csgH4gCgz579cPOdQQwRRUr5n6aPUdbTkYL
Tlq/IWUk6Eng1q67NGbMETqE+iUcBJTFWdkmrTUttvlnGdnYsx2uatqpDdq703On
zO2NWJnqo626har6rBM+YCJvP4BtQBL0o5EFj7laMXF/xBI8tZLujO1tNEbqPih6
tpk20eR9qv3QYZPT4/7JZj8VPUxAWwsMxWwMUb62kueag+ZWg/H0K/cOUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFApm8zl5LwSrDZsHWa3Rm6OCY2XcMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQ21iek9Ya3ZCS3NObXdkWnJkR2JvNEpqWmR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1HMoAwQB
1HMqMA0GCSqGSIb3DQEBCwUAA4IBAQCaoV4q6BICd3LgIjmP6ZBHim8ITRCxiKSx
SSRTTvMhegqppDhpumI27gWVvVejZul72ixomfh2xw1KrIrODy9SET1U+obJe7Ib
ivE0XzVyCLDnT+tJCWVw7ZF7BgbowJ57l07nn/Izc1doxIXZhqf12uVroNssisls
RNDy1KTzJbS30rvzBgSw2yQh7zIFOdjF8L1XVVCE8MUcxAF1ZtcJHW9vhxRdqObG
kgrj0gwynipOa1waFa62RpiD6s3KwdgBwVgI+kPbuNxVkDJoonJZ/plR3wrKXHiR
V/jzkXndFRkmqLEYYyEEm7MAT8O2CBn62a/L7fkSinCTlNSuqgFq
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:42:45 2024 by rpki-client on console-ams.rpki-client.org