Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/ec2e08-f63a-4bd7-b864-06b3cea492ee/1/aTH03gRhvr1_SwW-sznIrmIyrss.roa
File: aTH03gRhvr1_SwW-sznIrmIyrss.roa (raw, json)
Hash identifier: qMwKUxRegCDKLHHJ4BHX1OaaHIZeyW+AToFsfruScRw=
Subject key identifier: 69:31:F4:DE:04:61:BE:BD:7F:4B:05:BE:B3:39:C8:AE:62:32:AE:CB
Certificate issuer: /CN=427a2670508b945123beecbf13145ffbd7bfcde4
Certificate serial: 018E8534AA987A95C23678537C8368EAE9BB
Authority key identifier: 42:7A:26:70:50:8B:94:51:23:BE:EC:BF:13:14:5F:FB:D7:BF:CD:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QnomcFCLlFEjvuy_ExRf-9e_zeQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/ec2e08-f63a-4bd7-b864-06b3cea492ee/1/aTH03gRhvr1_SwW-sznIrmIyrss.roa
Signing time: Thu 28 Mar 2024 13:16:44 +0000
ROA not before: Thu 28 Mar 2024 13:16:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48199
IP address blocks: 212.42.48.0/22 maxlen: 22
212.42.51.0/24 maxlen: 24
212.42.52.0/22 maxlen: 22
212.42.52.0/24 maxlen: 24
212.42.56.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/ec2e08-f63a-4bd7-b864-06b3cea492ee/1/QnomcFCLlFEjvuy_ExRf-9e_zeQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/ec2e08-f63a-4bd7-b864-06b3cea492ee/1/QnomcFCLlFEjvuy_ExRf-9e_zeQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/QnomcFCLlFEjvuy_ExRf-9e_zeQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 19:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:85:34:aa:98:7a:95:c2:36:78:53:7c:83:68:ea:e9:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=427a2670508b945123beecbf13145ffbd7bfcde4
Validity
Not Before: Mar 28 13:16:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6931f4de0461bebd7f4b05beb339c8ae6232aecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:98:9a:3a:ac:1b:1e:72:5e:6c:36:ec:37:cb:
03:ce:96:63:c5:50:dc:48:b4:c8:d4:7f:36:e1:c6:
c5:bb:50:17:90:71:0a:7e:37:bd:cd:ae:16:01:7f:
3d:ab:d1:39:56:6e:df:7f:95:6e:05:61:98:dd:e9:
4c:66:13:52:74:ef:c4:b2:3d:c2:d1:60:71:d5:f7:
52:25:e7:d1:51:64:c8:fd:45:7a:d9:39:07:90:c1:
a4:08:a2:40:67:0e:9b:ee:04:1a:54:0f:54:65:3b:
64:f8:14:fa:d4:38:0d:70:5a:56:b3:2d:5b:ff:ee:
bb:fa:61:3f:b8:c8:43:c3:06:98:24:8a:f6:51:aa:
c7:fc:f7:32:e0:83:8f:9a:7a:b9:ce:29:f1:42:06:
de:a8:27:ed:ac:29:2c:07:50:22:6c:50:c8:f1:69:
aa:5b:18:66:47:60:59:88:2a:c8:8e:78:2a:57:17:
3a:af:5c:9e:fd:8c:51:2e:c1:36:5b:95:59:df:21:
6b:1c:80:e3:29:2f:a4:54:43:63:f5:8e:42:6c:04:
e8:df:4b:b7:28:68:42:bc:ea:2b:b1:2e:0e:64:6a:
df:6b:d8:ca:4a:d2:6b:cb:b8:f6:39:01:eb:78:8a:
6c:05:ab:53:9c:16:a1:cf:25:a9:b3:bd:3d:ea:c9:
f0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:31:F4:DE:04:61:BE:BD:7F:4B:05:BE:B3:39:C8:AE:62:32:AE:CB
X509v3 Authority Key Identifier:
keyid:42:7A:26:70:50:8B:94:51:23:BE:EC:BF:13:14:5F:FB:D7:BF:CD:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QnomcFCLlFEjvuy_ExRf-9e_zeQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ec2e08-f63a-4bd7-b864-06b3cea492ee/1/aTH03gRhvr1_SwW-sznIrmIyrss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ec2e08-f63a-4bd7-b864-06b3cea492ee/1/QnomcFCLlFEjvuy_ExRf-9e_zeQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.42.48.0-212.42.59.255
Signature Algorithm: sha256WithRSAEncryption
0d:7c:91:01:4e:a2:84:1e:1d:4c:2a:15:aa:0f:da:83:c3:18:
47:ae:5a:8b:bd:15:f1:2c:00:70:36:02:77:53:97:42:d2:a9:
06:28:a9:6e:1d:b4:ba:cd:6f:37:89:98:2b:39:61:7a:d0:7e:
9b:8c:ad:b0:8e:73:e4:1f:e4:d0:d9:5b:1a:4c:92:b8:cf:ee:
a7:76:3a:ae:4f:e2:95:dc:ac:b8:a2:45:df:25:b7:9f:e7:e6:
eb:12:ef:7f:02:02:5b:77:1c:af:ba:81:cc:39:2d:2c:95:51:
4b:eb:ec:13:c3:d7:d2:76:34:0b:4b:74:13:62:0d:b6:69:51:
4d:c3:a0:bd:e7:84:64:7a:0b:15:85:84:29:19:53:30:32:cf:
c6:3d:e6:00:41:68:c4:f1:dd:24:c1:5a:64:c0:01:24:dd:fe:
8f:76:d3:39:b8:fe:8c:ca:87:01:1c:62:15:e1:18:13:6d:95:
01:56:70:4c:c3:c3:05:c2:a5:4f:ed:33:7b:62:76:fe:8f:fa:
cd:dd:96:58:c1:01:e2:3f:54:0a:20:e0:91:72:69:84:60:66:
4e:45:5a:70:84:a5:9a:df:6d:ea:71:25:0c:e2:4d:21:3d:e6:
4c:f5:f8:86:b6:e2:68:cf:58:e0:42:e5:ad:24:35:e7:4a:56:
83:82:00:75
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY6FNKqYepXCNnhTfINo6um7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2EyNjcwNTA4Yjk0NTEyM2JlZWNiZjEzMTQ1ZmZiZDdi
ZmNkZTQwHhcNMjQwMzI4MTMxNjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTMxZjRkZTA0NjFiZWJkN2Y0YjA1YmViMzM5YzhhZTYyMzJhZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZiaOqwbHnJebDbsN8sDzpZjxVDc
SLTI1H824cbFu1AXkHEKfje9za4WAX89q9E5Vm7ff5VuBWGY3elMZhNSdO/Esj3C
0WBx1fdSJefRUWTI/UV62TkHkMGkCKJAZw6b7gQaVA9UZTtk+BT61DgNcFpWsy1b
/+67+mE/uMhDwwaYJIr2UarH/Pcy4IOPmnq5zinxQgbeqCftrCksB1AibFDI8Wmq
WxhmR2BZiCrIjngqVxc6r1ye/YxRLsE2W5VZ3yFrHIDjKS+kVENj9Y5CbATo30u3
KGhCvOorsS4OZGrfa9jKStJry7j2OQHreIpsBatTnBahzyWps7096snwXwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGkx9N4EYb69f0sFvrM5yK5iMq7LMB8GA1UdIwQY
MBaAFEJ6JnBQi5RRI77svxMUX/vXv83kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW5vbWNGQ0xsRkVqdnV5X0V4UmYtOWVfemVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9lYzJlMDgtZjYzYS00YmQ3LWI4NjQt
MDZiM2NlYTQ5MmVlLzEvYVRIMDNnUmh2cjFfU3dXLXN6bklybUl5cnNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9lYzJlMDgtZjYzYS00YmQ3LWI4NjQtMDZiM2NlYTQ5MmVl
LzEvUW5vbWNGQ0xsRkVqdnV5X0V4UmYtOWVfemVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBATUKjAD
BALUKjgwDQYJKoZIhvcNAQELBQADggEBAA18kQFOooQeHUwqFaoP2oPDGEeuWou9
FfEsAHA2AndTl0LSqQYoqW4dtLrNbzeJmCs5YXrQfpuMrbCOc+Qf5NDZWxpMkrjP
7qd2Oq5P4pXcrLiiRd8lt5/n5usS738CAlt3HK+6gcw5LSyVUUvr7BPD19J2NAtL
dBNiDbZpUU3DoL3nhGR6CxWFhCkZUzAyz8Y95gBBaMTx3STBWmTAASTd/o920zm4
/ozKhwEcYhXhGBNtlQFWcEzDwwXCpU/tM3tidv6P+s3dlljBAeI/VAog4JFyaYRg
Zk5FWnCEpZrfbepxJQziTSE95kz1+Ia24mjPWOBC5a0kNedKVoOCAHU=
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:04:32 2024 by rpki-client on console-ams.rpki-client.org