Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/iHl9M9dD_Q4GMUfJ48BHVZYAO9Y.roa
File: iHl9M9dD_Q4GMUfJ48BHVZYAO9Y.roa (raw, json)
Hash identifier: 5ajkJVPU2aNKACUypGflrQtIm4VQ667e4Q3OVKtR3Qo=
Subject key identifier: 88:79:7D:33:D7:43:FD:0E:06:31:47:C9:E3:C0:47:55:96:00:3B:D6
Certificate issuer: /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial: 018CC9BC6095585A7CF16DE482FAB950AB4C
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/iHl9M9dD_Q4GMUfJ48BHVZYAO9Y.roa
Signing time: Tue 02 Jan 2024 10:33:35 +0000
ROA not before: Tue 02 Jan 2024 10:33:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 212.30.36.0/24 maxlen: 24
212.30.37.0/24 maxlen: 24
212.30.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.mft
rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 07:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:60:95:58:5a:7c:f1:6d:e4:82:fa:b9:50:ab:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Validity
Not Before: Jan 2 10:33:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88797d33d743fd0e063147c9e3c0475596003bd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:01:52:9d:62:1a:29:06:91:68:d8:bc:c0:76:
69:73:92:0d:8d:c1:66:5a:f7:f7:1d:58:ac:dc:62:
85:d2:4b:d6:23:dc:42:9f:16:6f:86:b1:27:68:72:
65:81:0c:67:55:8e:d1:a3:d3:30:88:a3:1d:e0:65:
4d:48:2c:38:fa:8f:3d:87:dc:ae:62:cc:a3:05:2c:
e7:4b:66:d3:c8:a6:7b:9e:9b:67:8b:fd:e1:a9:61:
ef:f9:de:1f:18:85:81:0d:75:44:c8:1c:fc:0c:e3:
d0:3f:89:bd:92:41:39:d2:1a:77:78:94:0c:da:75:
ac:73:7e:8b:08:d5:b1:e8:57:12:e2:1e:1c:21:70:
5f:fc:db:70:7d:84:8e:ca:ab:ea:b5:19:e1:77:0a:
f6:c4:00:df:bd:8e:94:b9:85:e5:6e:80:e4:8a:be:
3b:45:c7:f4:4a:19:a5:c6:3a:74:ae:d1:3e:86:d2:
28:a3:ac:e5:7f:e2:bd:be:ee:f6:af:45:9f:ae:d0:
70:c5:83:81:11:91:cd:f8:22:82:42:08:dd:37:c3:
10:9e:01:c3:ca:7a:5d:f1:83:ca:01:15:a6:0e:06:
9b:d6:8a:08:20:41:44:56:4c:6b:8c:63:a9:d2:20:
40:aa:8c:3e:d0:b2:4b:f3:68:36:aa:46:ba:9e:4b:
88:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:79:7D:33:D7:43:FD:0E:06:31:47:C9:E3:C0:47:55:96:00:3B:D6
X509v3 Authority Key Identifier:
keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/iHl9M9dD_Q4GMUfJ48BHVZYAO9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.30.36.0/23
212.30.63.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:bb:31:7e:f2:65:be:c9:c8:6f:81:a8:7b:30:55:e3:7f:f9:
48:ca:22:d9:3d:62:ac:0f:be:99:55:8b:84:62:3d:a3:76:db:
31:ca:d1:9f:7e:8b:04:f3:b6:62:61:e5:79:ab:a3:6e:c8:c8:
26:94:c3:61:0b:03:02:e2:60:4e:a2:0f:11:46:00:72:27:40:
4e:c6:c4:50:e4:73:99:e6:78:df:eb:2e:55:65:6d:e7:5b:1f:
47:16:6c:1a:22:b9:5a:c8:f8:de:34:7d:e1:b0:05:0e:66:d5:
ab:dd:bc:d0:69:bd:a8:27:68:a0:cd:e3:e4:67:b5:a6:ff:e2:
35:bd:4a:07:47:cb:70:1c:f6:35:00:2d:a9:c2:bd:2b:79:83:
22:a0:fa:bd:ea:f8:b1:69:08:ef:2d:9d:df:24:36:20:16:f7:
06:4b:ce:27:75:56:d4:b7:76:81:3e:7a:1d:55:f1:75:58:aa:
a1:aa:4e:84:35:05:3b:91:b2:22:8a:03:74:c0:63:c1:d5:9a:
17:41:f8:16:fc:be:f3:6e:07:b1:8a:03:9d:a5:da:66:b2:bf:
bb:bd:7e:34:2c:1f:6f:e1:4a:3c:13:b5:3b:12:83:0c:0d:67:
cd:b8:56:4f:23:1e:18:3a:4d:cb:23:1c:c2:6d:8e:60:07:78:
a9:9e:ab:cd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvGCVWFp88W3kgvq5UKtMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjQwMTAyMTAzMzM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODc5N2QzM2Q3NDNmZDBlMDYzMTQ3YzllM2MwNDc1NTk2MDAzYmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5AFSnWIaKQaRaNi8wHZpc5INjcFm
Wvf3HVis3GKF0kvWI9xCnxZvhrEnaHJlgQxnVY7Ro9MwiKMd4GVNSCw4+o89h9yu
YsyjBSznS2bTyKZ7nptni/3hqWHv+d4fGIWBDXVEyBz8DOPQP4m9kkE50hp3eJQM
2nWsc36LCNWx6FcS4h4cIXBf/NtwfYSOyqvqtRnhdwr2xADfvY6UuYXlboDkir47
Rcf0Shmlxjp0rtE+htIoo6zlf+K9vu72r0WfrtBwxYOBEZHN+CKCQgjdN8MQngHD
ynpd8YPKARWmDgab1ooIIEFEVkxrjGOp0iBAqow+0LJL82g2qka6nkuI/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIh5fTPXQ/0OBjFHyePAR1WWADvWMB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEvaUhsOU05ZERfUTRHTVVmSjQ4QkhWWllBTzlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQB1B4kAwQA
1B4/MA0GCSqGSIb3DQEBCwUAA4IBAQBquzF+8mW+ychvgah7MFXjf/lIyiLZPWKs
D76ZVYuEYj2jdtsxytGffosE87ZiYeV5q6NuyMgmlMNhCwMC4mBOog8RRgByJ0BO
xsRQ5HOZ5njf6y5VZW3nWx9HFmwaIrlayPjeNH3hsAUOZtWr3bzQab2oJ2igzePk
Z7Wm/+I1vUoHR8twHPY1AC2pwr0reYMioPq96vixaQjvLZ3fJDYgFvcGS84ndVbU
t3aBPnodVfF1WKqhqk6ENQU7kbIiigN0wGPB1ZoXQfgW/L7zbgexigOdpdpmsr+7
vX40LB9v4Uo8E7U7EoMMDWfNuFZPIx4YOk3LIxzCbY5gB3ipnqvN
-----END CERTIFICATE-----
Generated at Sun May 12 15:09:24 2024 by rpki-client on console-fra.rpki-client.org