Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/FZzO7nK5G2t1I4Z7YfcT2EKKznM.roa
File: FZzO7nK5G2t1I4Z7YfcT2EKKznM.roa (raw, json)
Hash identifier: 3P06pR0YQdsjK5kFnFlGORZzf3d4R9n5Okdc3ZpWsrQ=
Subject key identifier: 15:9C:CE:EE:72:B9:1B:6B:75:23:86:7B:61:F7:13:D8:42:8A:CE:73
Certificate issuer: /CN=ab30921d28c78ede81842f712e6cf72bde5a6080
Certificate serial: 018CC6B926E27C655C79702DF0EA911AAD5C
Authority key identifier: AB:30:92:1D:28:C7:8E:DE:81:84:2F:71:2E:6C:F7:2B:DE:5A:60:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qzCSHSjHjt6BhC9xLmz3K95aYIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/FZzO7nK5G2t1I4Z7YfcT2EKKznM.roa
Signing time: Mon 01 Jan 2024 20:31:12 +0000
ROA not before: Mon 01 Jan 2024 20:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8982
IP address blocks: 212.120.0.0/23 maxlen: 23
212.120.0.0/19 maxlen: 19
212.120.3.0/24 maxlen: 24
212.120.2.0/24 maxlen: 24
212.120.4.0/24 maxlen: 24
212.120.8.0/24 maxlen: 24
212.120.10.0/24 maxlen: 24
212.120.9.0/24 maxlen: 24
212.120.11.0/24 maxlen: 24
212.120.5.0/24 maxlen: 24
212.120.7.0/24 maxlen: 24
212.120.6.0/24 maxlen: 24
212.120.12.0/24 maxlen: 24
212.120.14.0/24 maxlen: 24
212.120.13.0/24 maxlen: 24
212.120.15.0/24 maxlen: 24
212.120.17.0/24 maxlen: 24
212.120.16.0/24 maxlen: 24
212.120.19.0/24 maxlen: 24
212.120.18.0/24 maxlen: 24
212.120.20.0/24 maxlen: 24
2a03:2560::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/qzCSHSjHjt6BhC9xLmz3K95aYIA.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/qzCSHSjHjt6BhC9xLmz3K95aYIA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qzCSHSjHjt6BhC9xLmz3K95aYIA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Jun 2024 10:02:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:26:e2:7c:65:5c:79:70:2d:f0:ea:91:1a:ad:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab30921d28c78ede81842f712e6cf72bde5a6080
Validity
Not Before: Jan 1 20:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=159cceee72b91b6b7523867b61f713d8428ace73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:28:f5:e4:76:77:1f:b1:61:86:83:c2:4f:f0:
90:8f:43:27:de:d2:1d:b3:ce:9c:52:99:5a:6b:83:
91:b3:7d:7a:57:17:0e:49:c7:09:74:ef:3d:ca:d6:
3d:88:e3:07:58:cb:14:d2:9c:ff:63:bf:08:c1:40:
b3:3d:dd:0f:3e:59:4e:c1:98:31:b6:16:ee:27:97:
5b:1b:e9:f3:9d:44:27:bd:0f:a1:c3:d1:ff:ee:24:
6d:cd:0d:cf:bc:4d:5e:0f:f3:56:0f:27:e1:57:91:
56:e5:77:dc:92:f7:ea:a3:62:28:37:87:ff:62:43:
a9:33:e7:b1:b2:ab:69:c7:9d:08:f6:24:47:73:d2:
59:2d:4c:e9:6b:7a:5d:41:e9:fa:88:d8:09:1c:31:
6c:fd:bf:12:f0:41:8e:4e:14:d9:97:84:a2:69:80:
1c:b0:d9:e3:82:95:71:a2:21:a8:20:ae:e4:ca:cd:
13:51:39:71:6f:04:93:90:d6:a4:ef:bf:b7:39:52:
35:02:b8:77:4b:c7:ee:97:e5:6c:0e:95:b7:13:9f:
db:a4:49:45:23:d3:9c:d3:68:c6:d5:8d:f4:3b:db:
6e:6d:5f:96:b1:03:82:e1:e8:de:ed:68:b8:3e:3f:
85:dc:35:38:72:ea:5a:d7:14:b9:3b:b5:d3:99:73:
b7:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:9C:CE:EE:72:B9:1B:6B:75:23:86:7B:61:F7:13:D8:42:8A:CE:73
X509v3 Authority Key Identifier:
keyid:AB:30:92:1D:28:C7:8E:DE:81:84:2F:71:2E:6C:F7:2B:DE:5A:60:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qzCSHSjHjt6BhC9xLmz3K95aYIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/FZzO7nK5G2t1I4Z7YfcT2EKKznM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/qzCSHSjHjt6BhC9xLmz3K95aYIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.120.0.0/19
IPv6:
2a03:2560::/32
Signature Algorithm: sha256WithRSAEncryption
ca:0e:50:74:fc:9d:b0:a2:38:5c:aa:d8:04:2d:de:6d:07:38:
f8:46:e4:61:3a:8d:2a:f9:38:1a:23:7c:99:c3:28:8c:f6:2c:
03:cb:91:4d:fd:da:84:9b:43:2d:78:1e:f3:20:5d:c7:79:9c:
e5:c9:6e:73:39:b1:a6:b0:68:40:54:36:d7:25:e3:ac:e5:8a:
b1:51:84:b6:cf:d9:35:f3:bf:e4:fe:f1:eb:68:02:45:ae:8c:
1e:6e:0f:fe:e8:9b:bf:76:e5:ba:53:b7:ad:61:a5:4f:c1:da:
47:26:35:09:50:2c:76:f8:a6:4f:a9:99:60:ce:d7:46:f8:e4:
c8:a2:6a:fb:d2:d3:bb:ec:72:33:2b:59:63:a0:37:2c:01:f7:
29:9d:8c:45:4f:92:51:63:c0:a8:3a:63:c5:4a:34:5a:34:12:
fe:3d:c2:c1:01:5b:92:21:35:b8:09:9a:f3:0b:a3:6b:5e:05:
8e:ef:ed:13:87:b9:e1:29:35:9b:9c:11:f6:30:3a:99:30:54:
98:26:19:6f:a5:54:c9:c8:47:cd:77:65:e9:39:13:94:d2:d0:
86:ca:ba:e4:b0:de:bb:73:e1:8a:e9:09:f3:fc:04:27:d7:a6:
7c:88:ea:33:2e:48:5d:51:19:57:86:3d:b7:99:36:7a:ed:40:
dc:41:8d:75
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuSbifGVceXAt8OqRGq1cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMzA5MjFkMjhjNzhlZGU4MTg0MmY3MTJlNmNmNzJiZGU1
YTYwODAwHhcNMjQwMTAxMjAzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTljY2VlZTcyYjkxYjZiNzUyMzg2N2I2MWY3MTNkODQyOGFjZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCj15HZ3H7FhhoPCT/CQj0Mn3tId
s86cUplaa4ORs316VxcOSccJdO89ytY9iOMHWMsU0pz/Y78IwUCzPd0PPllOwZgx
thbuJ5dbG+nznUQnvQ+hw9H/7iRtzQ3PvE1eD/NWDyfhV5FW5Xfckvfqo2IoN4f/
YkOpM+exsqtpx50I9iRHc9JZLUzpa3pdQen6iNgJHDFs/b8S8EGOThTZl4SiaYAc
sNnjgpVxoiGoIK7kys0TUTlxbwSTkNak77+3OVI1Arh3S8ful+VsDpW3E5/bpElF
I9Oc02jG1Y30O9tubV+WsQOC4eje7Wi4Pj+F3DU4cupa1xS5O7XTmXO3iQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBWczu5yuRtrdSOGe2H3E9hCis5zMB8GA1UdIwQY
MBaAFKswkh0ox47egYQvcS5s9yveWmCAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXpDU0hTakhqdDZCaEM5eExtejNLOTVhWUlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zY2Q3ZmYtMjBkMi00Y2VjLWFlY2Et
MzU0Mzk5NzI0YjFlLzEvRlp6TzduSzVHMnQxSTRaN1lmY1QyRUtLem5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zY2Q3ZmYtMjBkMi00Y2VjLWFlY2EtMzU0Mzk5NzI0YjFl
LzEvcXpDU0hTakhqdDZCaEM5eExtejNLOTVhWUlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1HgAMA0E
AgACMAcDBQAqAyVgMA0GCSqGSIb3DQEBCwUAA4IBAQDKDlB0/J2wojhcqtgELd5t
Bzj4RuRhOo0q+TgaI3yZwyiM9iwDy5FN/dqEm0MteB7zIF3HeZzlyW5zObGmsGhA
VDbXJeOs5YqxUYS2z9k187/k/vHraAJFrowebg/+6Ju/duW6U7etYaVPwdpHJjUJ
UCx2+KZPqZlgztdG+OTIomr70tO77HIzK1ljoDcsAfcpnYxFT5JRY8CoOmPFSjRa
NBL+PcLBAVuSITW4CZrzC6NrXgWO7+0Th7nhKTWbnBH2MDqZMFSYJhlvpVTJyEfN
d2XpOROU0tCGyrrksN67c+GK6Qnz/AQn16Z8iOozLkhdURlXhj23mTZ67UDcQY11
-----END CERTIFICATE-----
Generated at Fri Jun 14 16:03:44 2024 by rpki-client on console-ams.rpki-client.org