Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/iqcN1W7uW9j2oY8SrsUlR6NSUKM.roa
File: iqcN1W7uW9j2oY8SrsUlR6NSUKM.roa (raw, json)
Hash identifier: f3AmjdjZbI2uW9hsrmOaRSGMv2lb3q/ivFqs8lUa7go=
Subject key identifier: 8A:A7:0D:D5:6E:EE:5B:D8:F6:A1:8F:12:AE:C5:25:47:A3:52:50:A3
Certificate issuer: /CN=cc215f58159ec576a2022776ea64f61c5bb00194
Certificate serial: 018EA4137F6C733661AD2D31F5CFBF2F133D
Authority key identifier: CC:21:5F:58:15:9E:C5:76:A2:02:27:76:EA:64:F6:1C:5B:B0:01:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zCFfWBWexXaiAid26mT2HFuwAZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/iqcN1W7uW9j2oY8SrsUlR6NSUKM.roa
Signing time: Wed 03 Apr 2024 13:08:44 +0000
ROA not before: Wed 03 Apr 2024 13:08:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 212.122.164.0/24 maxlen: 24
212.122.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/zCFfWBWexXaiAid26mT2HFuwAZQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/zCFfWBWexXaiAid26mT2HFuwAZQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/zCFfWBWexXaiAid26mT2HFuwAZQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 16:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a4:13:7f:6c:73:36:61:ad:2d:31:f5:cf:bf:2f:13:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc215f58159ec576a2022776ea64f61c5bb00194
Validity
Not Before: Apr 3 13:08:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8aa70dd56eee5bd8f6a18f12aec52547a35250a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a5:3b:d2:54:70:3d:97:14:51:81:2c:8a:68:
d5:00:3c:1a:29:f1:0b:4e:f6:99:22:fc:19:8c:82:
2b:d1:c3:67:8f:9b:f1:a1:24:30:cd:94:4a:e1:e9:
68:e4:59:13:36:dd:29:c5:c5:8a:76:ec:ab:ed:70:
83:9f:12:22:2a:d8:ac:32:39:65:90:7c:f8:fb:b8:
9b:88:a9:fb:03:00:d0:24:88:ab:23:e6:c8:13:21:
8d:dd:e1:7b:cf:79:eb:e7:42:79:5d:39:fc:4f:ee:
13:2c:53:ea:77:cf:ba:eb:b2:80:ab:16:39:6f:2e:
c2:1a:c0:d3:be:94:04:4a:6a:ee:a0:da:4c:41:1b:
72:01:c5:26:df:a8:2a:6c:67:06:13:38:e9:b1:eb:
b7:3e:75:b8:2c:98:a0:96:25:e2:aa:cb:35:e7:d1:
8a:0b:bd:cf:fe:73:b5:93:67:60:ad:f5:01:66:4e:
03:f9:77:ce:ea:d1:6c:b5:c0:89:02:a5:e9:f6:a3:
b6:77:46:f3:79:93:f1:34:f6:b7:39:c4:25:84:66:
de:bb:3a:7c:f0:4e:4c:60:b4:11:08:7b:22:bb:f0:
f1:b9:79:20:5b:3d:47:d1:4b:9a:f1:c9:1d:bf:47:
85:aa:ea:d4:a4:de:53:ae:e8:63:79:97:ec:96:13:
66:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A7:0D:D5:6E:EE:5B:D8:F6:A1:8F:12:AE:C5:25:47:A3:52:50:A3
X509v3 Authority Key Identifier:
keyid:CC:21:5F:58:15:9E:C5:76:A2:02:27:76:EA:64:F6:1C:5B:B0:01:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zCFfWBWexXaiAid26mT2HFuwAZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/iqcN1W7uW9j2oY8SrsUlR6NSUKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/zCFfWBWexXaiAid26mT2HFuwAZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.122.164.0/23
Signature Algorithm: sha256WithRSAEncryption
84:6d:fd:82:46:31:c7:1e:e3:37:33:41:dd:8c:d8:4e:e8:12:
b0:6e:08:cd:1f:8c:02:ca:5e:a7:28:f5:79:75:cc:9f:11:ac:
e8:1d:cc:01:05:58:2e:99:6f:2c:85:d3:7f:60:83:43:48:7e:
20:5a:8f:64:79:b3:0c:0d:56:ec:a3:62:cc:77:5e:f0:20:7b:
17:53:03:0f:95:01:fa:b5:8d:54:bc:f7:6e:90:54:41:b5:79:
a9:08:3c:c2:57:85:c2:b7:dd:51:ae:91:dc:dd:b1:89:3d:a8:
c4:9d:2e:0c:a5:82:5c:8e:2d:ef:00:17:1e:ce:6b:f5:1f:c6:
61:07:bb:83:85:7d:34:66:40:ed:50:bd:96:41:7f:24:7c:1e:
f2:8d:6e:8e:d6:7e:4f:b7:ba:11:56:12:35:d3:32:32:d9:52:
85:4f:33:56:01:05:5a:45:99:0b:30:27:4c:68:85:3e:c6:2c:
f7:28:e8:5c:21:42:ce:5e:51:39:92:4a:5b:6f:3b:d3:36:79:
1c:54:6f:49:2b:7d:62:df:88:4a:ce:70:54:17:12:9a:81:14:
6f:3d:1b:4a:16:b5:49:6b:e4:a6:cc:f8:7c:51:42:bd:de:53:
a4:66:78:5a:a5:3e:43:4f:e8:21:b3:e7:a2:b7:e9:b1:4d:95:
d0:a2:31:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6kE39sczZhrS0x9c+/LxM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMjE1ZjU4MTU5ZWM1NzZhMjAyMjc3NmVhNjRmNjFjNWJi
MDAxOTQwHhcNMjQwNDAzMTMwODQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWE3MGRkNTZlZWU1YmQ4ZjZhMThmMTJhZWM1MjU0N2EzNTI1MGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKU70lRwPZcUUYEsimjVADwaKfEL
TvaZIvwZjIIr0cNnj5vxoSQwzZRK4elo5FkTNt0pxcWKduyr7XCDnxIiKtisMjll
kHz4+7ibiKn7AwDQJIirI+bIEyGN3eF7z3nr50J5XTn8T+4TLFPqd8+667KAqxY5
by7CGsDTvpQESmruoNpMQRtyAcUm36gqbGcGEzjpseu3PnW4LJigliXiqss159GK
C73P/nO1k2dgrfUBZk4D+XfO6tFstcCJAqXp9qO2d0bzeZPxNPa3OcQlhGbeuzp8
8E5MYLQRCHsiu/DxuXkgWz1H0Uua8ckdv0eFqurUpN5TruhjeZfslhNmWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIqnDdVu7lvY9qGPEq7FJUejUlCjMB8GA1UdIwQY
MBaAFMwhX1gVnsV2ogIndupk9hxbsAGUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekNGZldCV2V4WGFpQWlkMjZtVDJIRnV3QVpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9lYmM3NDgtNjgyNi00MTQwLWE4ZTAt
ODQzZWVlZTBhMjYwLzEvaXFjTjFXN3VXOWoyb1k4U3JzVWxSNk5TVUtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9lYmM3NDgtNjgyNi00MTQwLWE4ZTAtODQzZWVlZTBhMjYw
LzEvekNGZldCV2V4WGFpQWlkMjZtVDJIRnV3QVpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1HqkMA0G
CSqGSIb3DQEBCwUAA4IBAQCEbf2CRjHHHuM3M0HdjNhO6BKwbgjNH4wCyl6nKPV5
dcyfEazoHcwBBVgumW8shdN/YINDSH4gWo9kebMMDVbso2LMd17wIHsXUwMPlQH6
tY1UvPdukFRBtXmpCDzCV4XCt91RrpHc3bGJPajEnS4MpYJcji3vABcezmv1H8Zh
B7uDhX00ZkDtUL2WQX8kfB7yjW6O1n5Pt7oRVhI10zIy2VKFTzNWAQVaRZkLMCdM
aIU+xiz3KOhcIULOXlE5kkpbbzvTNnkcVG9JK31i34hKznBUFxKagRRvPRtKFrVJ
a+SmzPh8UUK93lOkZnhapT5DT+ghs+eit+mxTZXQojGJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:03:58 2024 by rpki-client on console-ams.rpki-client.org