Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/0d38f9-e0c1-46cc-9a22-dfbb6ec3430e/1/gKeGXpphVBgCMEG2QeHnJa3ktbY.roa
File: gKeGXpphVBgCMEG2QeHnJa3ktbY.roa (raw, json)
Hash identifier: DGL8mcR62O/SuJ07fZ2hpTx/qvjhk/vJ2iCAtibRz3U=
Subject key identifier: 80:A7:86:5E:9A:61:54:18:02:30:41:B6:41:E1:E7:25:AD:E4:B5:B6
Certificate issuer: /CN=17d2cc9e0b8186b60b270313cd96821022d04b95
Certificate serial: 018F236FE6AB0F3C8845FBEA74F2C24DBAAC
Authority key identifier: 17:D2:CC:9E:0B:81:86:B6:0B:27:03:13:CD:96:82:10:22:D0:4B:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9LMnguBhrYLJwMTzZaCECLQS5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/0d38f9-e0c1-46cc-9a22-dfbb6ec3430e/1/gKeGXpphVBgCMEG2QeHnJa3ktbY.roa
Signing time: Sun 28 Apr 2024 06:41:26 +0000
ROA not before: Sun 28 Apr 2024 06:41:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205185
IP address blocks: 212.125.140.0/24 maxlen: 24
212.125.141.0/24 maxlen: 24
2a14:2940::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/0d38f9-e0c1-46cc-9a22-dfbb6ec3430e/1/F9LMnguBhrYLJwMTzZaCECLQS5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/0d38f9-e0c1-46cc-9a22-dfbb6ec3430e/1/F9LMnguBhrYLJwMTzZaCECLQS5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9LMnguBhrYLJwMTzZaCECLQS5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 18:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:23:6f:e6:ab:0f:3c:88:45:fb:ea:74:f2:c2:4d:ba:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d2cc9e0b8186b60b270313cd96821022d04b95
Validity
Not Before: Apr 28 06:41:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80a7865e9a615418023041b641e1e725ade4b5b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:95:a8:f0:cf:d8:13:2d:26:be:7f:9e:45:92:
f3:95:7f:b0:3b:df:fa:f9:c0:ae:03:87:1a:94:d9:
d4:ff:4d:73:f3:4c:f4:ac:82:59:ca:74:0a:dd:5d:
b3:8e:e7:6b:c2:2d:88:6c:62:16:25:2e:39:c9:6e:
2d:e6:a2:56:0c:fc:d0:fa:35:98:4f:18:b6:58:26:
bc:51:c5:01:5e:e3:53:42:9c:e8:9d:d5:bc:42:70:
42:4a:7a:e7:11:98:49:5a:8c:2a:00:f6:41:10:28:
b5:27:d8:22:f3:1d:f1:9c:66:ce:c0:e5:8e:66:9a:
47:93:cd:2b:88:04:48:70:00:28:a3:d6:90:11:bf:
23:7c:1c:a7:12:7d:ae:db:54:fd:44:ab:9b:89:5c:
a5:bb:94:99:0f:62:c4:1d:df:c4:0a:cf:43:42:04:
e1:d9:ca:8f:67:d0:7b:46:57:37:79:5c:61:0d:83:
6c:6b:a8:be:69:6b:17:23:dd:9a:6e:9f:83:10:73:
7a:73:ea:c9:8f:cd:e4:da:1e:84:7a:12:86:76:6c:
8c:05:3a:92:aa:57:e4:46:f5:cf:b9:16:e1:c8:c6:
21:9b:44:81:a4:4a:ad:75:ae:c6:06:59:59:0c:3d:
53:e7:ae:6a:23:7e:84:06:2b:00:28:ab:83:74:d6:
23:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A7:86:5E:9A:61:54:18:02:30:41:B6:41:E1:E7:25:AD:E4:B5:B6
X509v3 Authority Key Identifier:
keyid:17:D2:CC:9E:0B:81:86:B6:0B:27:03:13:CD:96:82:10:22:D0:4B:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9LMnguBhrYLJwMTzZaCECLQS5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/0d38f9-e0c1-46cc-9a22-dfbb6ec3430e/1/gKeGXpphVBgCMEG2QeHnJa3ktbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/0d38f9-e0c1-46cc-9a22-dfbb6ec3430e/1/F9LMnguBhrYLJwMTzZaCECLQS5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.125.140.0/23
IPv6:
2a14:2940::/29
Signature Algorithm: sha256WithRSAEncryption
09:fd:2a:cc:df:7d:4e:e6:be:49:f2:40:9e:28:72:eb:fe:f7:
2a:8c:5a:31:39:f6:c0:20:86:16:e8:49:75:58:65:3d:b9:52:
ed:e5:a9:98:bf:02:26:43:f7:97:94:23:53:33:ef:66:2b:6a:
a2:2d:0d:a0:8c:26:0c:b4:7a:d0:a2:61:32:dd:00:fd:9f:d8:
58:b8:89:3c:20:a3:1e:1d:1f:9d:26:90:b4:7f:ee:ad:bc:e6:
ee:13:cd:4c:20:74:7b:3f:e9:f6:8d:10:5d:e1:f5:6d:1e:6f:
e2:7e:40:52:6e:5b:d3:80:18:43:6f:93:6c:4c:bd:a6:35:c5:
61:ee:e2:0b:5f:c0:06:e3:a9:e5:31:ff:2a:71:a1:a3:df:18:
79:c0:df:6a:d8:a3:d6:02:04:c4:7c:26:e9:23:3d:f8:c2:e0:
e0:84:32:62:7d:17:df:72:eb:2a:4a:5a:f2:0d:59:78:b4:fc:
29:77:81:a6:2e:71:3c:8d:8a:5f:13:c8:d0:3d:55:99:96:b3:
c2:ef:98:a6:f8:27:13:cf:94:c3:19:83:90:41:78:12:95:4d:
33:c3:9d:83:ea:f9:dd:cd:37:25:9d:5f:22:1c:47:23:fb:5f:
5e:b5:49:88:15:d9:0e:a3:88:3c:ca:9e:b2:e7:cd:14:56:8a:
fd:59:94:d0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY8jb+arDzyIRfvqdPLCTbqsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDJjYzllMGI4MTg2YjYwYjI3MDMxM2NkOTY4MjEwMjJk
MDRiOTUwHhcNMjQwNDI4MDY0MTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGE3ODY1ZTlhNjE1NDE4MDIzMDQxYjY0MWUxZTcyNWFkZTRiNWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5Wo8M/YEy0mvn+eRZLzlX+wO9/6
+cCuA4calNnU/01z80z0rIJZynQK3V2zjudrwi2IbGIWJS45yW4t5qJWDPzQ+jWY
Txi2WCa8UcUBXuNTQpzondW8QnBCSnrnEZhJWowqAPZBECi1J9gi8x3xnGbOwOWO
ZppHk80riARIcAAoo9aQEb8jfBynEn2u21T9RKubiVylu5SZD2LEHd/ECs9DQgTh
2cqPZ9B7Rlc3eVxhDYNsa6i+aWsXI92abp+DEHN6c+rJj83k2h6EehKGdmyMBTqS
qlfkRvXPuRbhyMYhm0SBpEqtda7GBllZDD1T565qI36EBisAKKuDdNYjJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFICnhl6aYVQYAjBBtkHh5yWt5LW2MB8GA1UdIwQY
MBaAFBfSzJ4LgYa2CycDE82WghAi0EuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlMTW5ndUJocllMSndNVHpaYUNFQ0xRUzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8wZDM4ZjktZTBjMS00NmNjLTlhMjIt
ZGZiYjZlYzM0MzBlLzEvZ0tlR1hwcGhWQmdDTUVHMlFlSG5KYTNrdGJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8wZDM4ZjktZTBjMS00NmNjLTlhMjItZGZiYjZlYzM0MzBl
LzEvRjlMTW5ndUJocllMSndNVHpaYUNFQ0xRUzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQB1H2MMA0E
AgACMAcDBQMqFClAMA0GCSqGSIb3DQEBCwUAA4IBAQAJ/SrM331O5r5J8kCeKHLr
/vcqjFoxOfbAIIYW6El1WGU9uVLt5amYvwImQ/eXlCNTM+9mK2qiLQ2gjCYMtHrQ
omEy3QD9n9hYuIk8IKMeHR+dJpC0f+6tvObuE81MIHR7P+n2jRBd4fVtHm/ifkBS
blvTgBhDb5NsTL2mNcVh7uILX8AG46nlMf8qcaGj3xh5wN9q2KPWAgTEfCbpIz34
wuDghDJifRffcusqSlryDVl4tPwpd4GmLnE8jYpfE8jQPVWZlrPC75im+CcTz5TD
GYOQQXgSlU0zw52D6vndzTclnV8iHEcj+19etUmIFdkOo4g8yp6y580UVor9WZTQ
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:06:29 2024 by rpki-client on console-ams.rpki-client.org