Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/tmuSHsJATLiYuMZM9IJFHOGJ-zw.roa
File: tmuSHsJATLiYuMZM9IJFHOGJ-zw.roa (raw, json)
Hash identifier: YqEaKSC/fFkPZkH1e/BPTX3Obp/uUanc9yDv0V3v6UQ=
Subject key identifier: B6:6B:92:1E:C2:40:4C:B8:98:B8:C6:4C:F4:82:45:1C:E1:89:FB:3C
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CC4255D255099E0A69986A022AFABA657
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/tmuSHsJATLiYuMZM9IJFHOGJ-zw.roa
Signing time: Mon 01 Jan 2024 08:30:32 +0000
ROA not before: Mon 01 Jan 2024 08:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 212.107.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:5d:25:50:99:e0:a6:99:86:a0:22:af:ab:a6:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 08:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b66b921ec2404cb898b8c64cf482451ce189fb3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8a:f2:e1:94:08:ef:a1:c2:90:db:a0:37:2a:
a4:4d:b3:fb:f7:0c:f2:87:d0:85:d7:7d:a4:4f:68:
f3:6a:08:78:52:8b:e8:5a:7f:9e:9e:76:65:12:cf:
6b:74:9e:1d:23:48:69:2f:42:9f:e7:19:d0:87:18:
7c:1d:e4:9b:4c:3a:4b:84:a6:b2:c2:cd:d3:ae:33:
42:f6:e0:8e:bb:aa:da:40:2e:df:37:a0:6c:18:d2:
a0:3b:ff:66:e4:3f:43:86:56:0d:4e:00:a8:41:02:
01:75:a8:bb:35:6a:35:23:4a:1e:00:cb:61:e6:27:
ba:f0:57:30:4b:fb:64:78:39:f2:04:1a:fb:d4:75:
c6:78:be:29:61:8d:61:50:50:99:38:21:fa:7c:b0:
90:d9:09:4c:36:81:12:fa:6c:c6:11:1b:47:11:51:
a4:cc:53:8b:21:f2:00:8a:89:9b:41:9e:f1:78:9e:
4f:0a:e5:a4:66:fa:1f:47:91:80:1f:5c:88:90:14:
dc:3e:8a:58:ad:28:0f:06:fb:eb:83:d0:82:d4:1d:
b5:6d:b6:43:48:63:34:0f:3a:60:43:58:85:db:09:
30:b8:b1:70:ee:fb:ba:56:6b:ae:19:e2:77:d8:a0:
a3:67:3a:89:40:05:b0:19:b8:9f:46:5d:ef:ad:88:
22:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:6B:92:1E:C2:40:4C:B8:98:B8:C6:4C:F4:82:45:1C:E1:89:FB:3C
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/tmuSHsJATLiYuMZM9IJFHOGJ-zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.107.15.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:ac:8f:ca:18:ed:89:8e:a1:1f:e0:76:37:6c:ce:45:c9:20:
21:24:87:51:c4:80:de:b1:96:75:d6:81:60:f8:50:87:db:57:
1b:af:fa:34:bc:2f:f3:d2:5d:b4:d3:ea:99:08:7d:5a:58:4f:
e9:e7:4d:98:fc:60:57:17:3a:27:0a:06:3f:e9:9d:79:76:3c:
3a:d6:19:2c:f8:0a:0f:76:2f:4e:aa:90:08:5d:46:01:dc:e2:
fb:ed:4b:3e:ba:dd:81:5b:bc:45:cd:45:33:5d:5d:0a:c4:2a:
ca:2e:09:b2:cd:05:3f:9a:7f:83:b2:22:f5:ee:47:86:a0:53:
f5:80:81:e7:e0:ff:97:48:81:78:38:47:35:08:91:a6:b4:39:
bf:92:a9:2f:8d:78:d4:d3:3b:de:6d:06:74:a6:a2:b8:6a:6a:
ee:22:c8:cf:41:36:4c:0c:6e:01:57:51:26:ab:f6:a4:15:ce:
de:ec:3d:d7:7e:37:26:c4:40:a5:be:c0:8e:52:34:6b:70:80:
af:38:47:60:25:ce:87:22:db:c6:aa:9f:50:dc:46:41:76:a0:
17:82:63:41:b7:15:e8:a1:25:43:f5:e2:c9:9c:dd:00:1d:15:
64:df:9f:a4:ff:8f:52:d3:cd:99:cc:79:cc:46:12:68:d5:ab:
6b:a4:96:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJV0lUJngppmGoCKvq6ZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjZiOTIxZWMyNDA0Y2I4OThiOGM2NGNmNDgyNDUxY2UxODlmYjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYry4ZQI76HCkNugNyqkTbP79wzy
h9CF132kT2jzagh4UovoWn+ennZlEs9rdJ4dI0hpL0Kf5xnQhxh8HeSbTDpLhKay
ws3TrjNC9uCOu6raQC7fN6BsGNKgO/9m5D9DhlYNTgCoQQIBdai7NWo1I0oeAMth
5ie68FcwS/tkeDnyBBr71HXGeL4pYY1hUFCZOCH6fLCQ2QlMNoES+mzGERtHEVGk
zFOLIfIAiombQZ7xeJ5PCuWkZvofR5GAH1yIkBTcPopYrSgPBvvrg9CC1B21bbZD
SGM0DzpgQ1iF2wkwuLFw7vu6VmuuGeJ32KCjZzqJQAWwGbifRl3vrYgiAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZrkh7CQEy4mLjGTPSCRRzhifs8MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvdG11U0hzSkFUTGlZdU1aTTlJSkZIT0dKLXp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1GsPMA0G
CSqGSIb3DQEBCwUAA4IBAQCPrI/KGO2JjqEf4HY3bM5FySAhJIdRxIDesZZ11oFg
+FCH21cbr/o0vC/z0l200+qZCH1aWE/p502Y/GBXFzonCgY/6Z15djw61hks+AoP
di9OqpAIXUYB3OL77Us+ut2BW7xFzUUzXV0KxCrKLgmyzQU/mn+DsiL17keGoFP1
gIHn4P+XSIF4OEc1CJGmtDm/kqkvjXjU0zvebQZ0pqK4amruIsjPQTZMDG4BV1Em
q/akFc7e7D3XfjcmxEClvsCOUjRrcICvOEdgJc6HItvGqp9Q3EZBdqAXgmNBtxXo
oSVD9eLJnN0AHRVk35+k/49S082ZzHnMRhJo1atrpJYR
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:07:04 2024 by rpki-client on console-ams.rpki-client.org