Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/9CogR6LqfmW1uYtsLzvzhwbkA3k.roa
File: 9CogR6LqfmW1uYtsLzvzhwbkA3k.roa (raw, json)
Hash identifier: nkK52i9kAfpalGFIx/h2yFbzakU59w8Sf2t8fQX2N0Q=
Subject key identifier: F4:2A:20:47:A2:EA:7E:65:B5:B9:8B:6C:2F:3B:F3:87:06:E4:03:79
Certificate issuer: /CN=10771dd7dea22e35fdaf19b51b839f43721270ba
Certificate serial: 018DBE7875AFB38715B87EA46E4918EB83DF
Authority key identifier: 10:77:1D:D7:DE:A2:2E:35:FD:AF:19:B5:1B:83:9F:43:72:12:70:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHcd196iLjX9rxm1G4OfQ3IScLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/9CogR6LqfmW1uYtsLzvzhwbkA3k.roa
Signing time: Sun 18 Feb 2024 23:06:21 +0000
ROA not before: Sun 18 Feb 2024 23:06:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42926
IP address blocks: 212.146.128.0/24 maxlen: 24
212.146.129.0/24 maxlen: 24
212.146.130.0/24 maxlen: 24
212.146.131.0/24 maxlen: 24
212.146.132.0/24 maxlen: 24
212.146.133.0/24 maxlen: 24
212.146.134.0/24 maxlen: 24
212.146.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/EHcd196iLjX9rxm1G4OfQ3IScLo.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/EHcd196iLjX9rxm1G4OfQ3IScLo.mft
rsync://rpki.ripe.net/repository/DEFAULT/EHcd196iLjX9rxm1G4OfQ3IScLo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 02:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:be:78:75:af:b3:87:15:b8:7e:a4:6e:49:18:eb:83:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10771dd7dea22e35fdaf19b51b839f43721270ba
Validity
Not Before: Feb 18 23:06:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f42a2047a2ea7e65b5b98b6c2f3bf38706e40379
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:98:bc:ae:20:c0:2a:01:9e:ff:cc:92:8e:30:
48:48:e5:34:f6:7e:46:4b:bf:6d:8f:b5:73:0c:33:
09:ae:5f:05:be:af:1b:e6:51:62:99:62:92:a1:4a:
4e:a7:de:df:27:57:61:91:ef:36:b8:1c:e9:9c:a5:
d6:89:1e:99:a7:8c:90:55:f8:1a:22:c7:d6:f4:8c:
f5:de:f0:fc:24:a4:5a:e7:38:62:61:06:14:90:c2:
96:c8:48:03:9f:98:bd:12:2e:88:f6:41:64:52:3b:
78:04:9e:be:15:02:4f:d6:d1:d1:d5:c8:25:12:be:
4e:5d:9e:2c:d5:d0:4a:9c:03:ff:d2:cd:22:83:5e:
02:4a:39:7c:64:36:0e:3a:f0:3a:0c:03:39:a7:a3:
aa:e2:9a:37:2c:5f:20:11:07:c0:02:28:24:1f:20:
2d:f5:c5:b5:4e:f2:80:fe:59:11:ea:41:8e:3f:80:
7b:41:94:5e:4e:0e:08:a6:d5:59:7f:46:01:5b:62:
01:d8:a9:01:68:0d:b0:1c:5e:08:9e:2f:d6:67:49:
ae:51:2c:c9:c7:cd:00:1e:3c:ff:28:58:49:ba:3c:
46:61:2e:59:8d:e9:0f:33:13:b4:54:88:1f:a4:e6:
bf:94:62:bf:d2:89:14:94:be:ff:a6:bc:d7:c3:57:
48:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:2A:20:47:A2:EA:7E:65:B5:B9:8B:6C:2F:3B:F3:87:06:E4:03:79
X509v3 Authority Key Identifier:
keyid:10:77:1D:D7:DE:A2:2E:35:FD:AF:19:B5:1B:83:9F:43:72:12:70:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHcd196iLjX9rxm1G4OfQ3IScLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/9CogR6LqfmW1uYtsLzvzhwbkA3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/EHcd196iLjX9rxm1G4OfQ3IScLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.146.128.0/21
Signature Algorithm: sha256WithRSAEncryption
9c:39:34:8f:96:c5:23:40:13:f1:68:c4:43:7f:3b:b4:18:e6:
af:59:71:49:1e:4e:cf:08:75:25:be:23:24:e3:89:d5:5c:ec:
94:9b:f2:7a:1f:02:35:9a:64:7f:2b:40:00:03:74:c5:01:c4:
f2:3b:14:1e:44:c2:83:84:16:f9:86:de:76:b2:ac:f1:21:8c:
85:c7:b9:4b:b1:6b:eb:06:82:dc:ed:28:c0:ca:15:cf:cd:a1:
e6:f6:33:d2:40:7b:9c:40:4e:d3:dd:d7:66:cf:42:9c:1b:cb:
e2:5a:dd:06:a9:a5:a0:e0:ae:a4:a6:a3:92:59:36:19:bb:c9:
2c:ee:d5:02:4b:9e:c6:fb:d4:98:d1:7f:88:a3:1f:0f:7c:0a:
ad:3b:8a:32:50:5b:22:7c:96:d3:0f:6e:40:4c:02:57:0b:9a:
2f:90:4a:27:d8:9a:1d:b3:8b:bd:31:a4:6e:8c:16:b3:2c:a9:
2c:ba:15:fe:2a:15:ff:29:b5:c3:2d:9b:cf:d2:05:bc:9b:26:
a4:56:9b:aa:5f:37:aa:56:e1:76:d0:50:d5:66:7f:21:2d:1d:
6b:22:89:da:05:17:03:d1:c8:09:10:57:18:b7:cf:46:1c:eb:
47:60:78:ed:eb:7b:df:63:49:e3:87:ac:2c:f5:69:11:ae:03:
1e:57:17:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2+eHWvs4cVuH6kbkkY64PfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzcxZGQ3ZGVhMjJlMzVmZGFmMTliNTFiODM5ZjQzNzIx
MjcwYmEwHhcNMjQwMjE4MjMwNjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDJhMjA0N2EyZWE3ZTY1YjViOThiNmMyZjNiZjM4NzA2ZTQwMzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopi8riDAKgGe/8ySjjBISOU09n5G
S79tj7VzDDMJrl8Fvq8b5lFimWKSoUpOp97fJ1dhke82uBzpnKXWiR6Zp4yQVfga
IsfW9Iz13vD8JKRa5zhiYQYUkMKWyEgDn5i9Ei6I9kFkUjt4BJ6+FQJP1tHR1cgl
Er5OXZ4s1dBKnAP/0s0ig14CSjl8ZDYOOvA6DAM5p6Oq4po3LF8gEQfAAigkHyAt
9cW1TvKA/lkR6kGOP4B7QZReTg4IptVZf0YBW2IB2KkBaA2wHF4Ini/WZ0muUSzJ
x80AHjz/KFhJujxGYS5ZjekPMxO0VIgfpOa/lGK/0okUlL7/przXw1dIdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPQqIEei6n5ltbmLbC8784cG5AN5MB8GA1UdIwQY
MBaAFBB3Hdfeoi41/a8ZtRuDn0NyEnC6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhjZDE5NmlMalg5cnhtMUc0T2ZRM0lTY0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy83NTE0OGEtZTQwZS00MDlmLThhMGIt
ZGE4NTFhNzE1ZmE0LzEvOUNvZ1I2THFmbVcxdVl0c0x6dnpod2JrQTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy83NTE0OGEtZTQwZS00MDlmLThhMGItZGE4NTFhNzE1ZmE0
LzEvRUhjZDE5NmlMalg5cnhtMUc0T2ZRM0lTY0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD1JKAMA0G
CSqGSIb3DQEBCwUAA4IBAQCcOTSPlsUjQBPxaMRDfzu0GOavWXFJHk7PCHUlviMk
44nVXOyUm/J6HwI1mmR/K0AAA3TFAcTyOxQeRMKDhBb5ht52sqzxIYyFx7lLsWvr
BoLc7SjAyhXPzaHm9jPSQHucQE7T3ddmz0KcG8viWt0GqaWg4K6kpqOSWTYZu8ks
7tUCS57G+9SY0X+Iox8PfAqtO4oyUFsifJbTD25ATAJXC5ovkEon2Jods4u9MaRu
jBazLKksuhX+KhX/KbXDLZvP0gW8myakVpuqXzeqVuF20FDVZn8hLR1rIonaBRcD
0cgJEFcYt89GHOtHYHjt63vfY0njh6ws9WkRrgMeVxe8
-----END CERTIFICATE-----
Generated at Fri May 24 11:41:50 2024 by rpki-client on console-fra.rpki-client.org