Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/gecQoULyqJIkK-a11R8vhPRS8gE.roa
File: gecQoULyqJIkK-a11R8vhPRS8gE.roa (raw, json)
Hash identifier: 629vDUd4lmQnhQ8F4IsdcWyFGC6sfO5oyHZqBQIFVoE=
Subject key identifier: 81:E7:10:A1:42:F2:A8:92:24:2B:E6:B5:D5:1F:2F:84:F4:52:F2:01
Certificate issuer: /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial: 018E13216B8CCAB4811316AB8EE6E0798731
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/gecQoULyqJIkK-a11R8vhPRS8gE.roa
Signing time: Wed 06 Mar 2024 09:39:01 +0000
ROA not before: Wed 06 Mar 2024 09:39:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8239
IP address blocks: 212.59.192.0/19 maxlen: 19
213.192.196.0/24 maxlen: 24
2001:ac0:c800::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:21:6b:8c:ca:b4:81:13:16:ab:8e:e6:e0:79:87:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Validity
Not Before: Mar 6 09:39:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81e710a142f2a892242be6b5d51f2f84f452f201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c5:03:55:80:88:f6:51:ac:98:84:4e:27:78:
7d:74:6e:d5:83:a4:87:cc:ed:12:17:f9:b7:eb:7c:
f9:73:15:18:19:d2:ab:97:9c:14:3a:a8:31:cf:d6:
28:0f:30:3a:6f:78:9d:c4:c3:00:eb:21:15:f4:ca:
5b:a7:5b:b2:eb:e6:04:e4:cc:f9:6e:53:a6:9e:36:
2a:3a:83:70:03:12:14:f0:10:8c:1f:11:5f:1c:ae:
1d:0e:37:52:f7:56:2b:f6:7b:c0:17:5d:64:7b:90:
d5:8c:20:8e:99:89:a9:cc:33:e6:01:06:c4:56:97:
bf:e7:ea:b8:38:ff:01:7f:e3:6d:7f:af:d0:b5:d4:
89:a7:80:23:f6:72:60:44:68:9c:f1:7d:8d:cb:e9:
e7:e2:29:67:11:4b:31:cf:f9:ad:ff:64:3b:3b:2c:
14:57:e5:e0:d3:22:da:9d:c8:b4:20:9e:74:62:4d:
35:ef:b9:85:b7:ad:68:c7:4a:82:b8:98:70:71:64:
a4:0a:8d:dd:af:d9:6e:bc:6a:9c:96:12:78:dd:39:
36:8e:6e:03:6e:97:ad:60:a5:61:a6:fb:0d:92:3a:
32:cf:89:2a:71:0f:66:97:5a:76:8b:3c:33:5a:3b:
bc:5b:12:20:09:5a:d2:2e:b4:7b:64:0b:12:2a:43:
56:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:E7:10:A1:42:F2:A8:92:24:2B:E6:B5:D5:1F:2F:84:F4:52:F2:01
X509v3 Authority Key Identifier:
keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/gecQoULyqJIkK-a11R8vhPRS8gE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.59.192.0/19
213.192.196.0/24
IPv6:
2001:ac0:c800::/44
Signature Algorithm: sha256WithRSAEncryption
50:41:b0:03:f1:a5:61:47:10:6e:95:f0:13:89:9a:7b:e3:93:
e5:42:b5:53:28:c8:4e:7a:c2:5a:ed:f2:35:3f:dd:cc:0c:0a:
b1:5e:11:27:1c:0a:0d:cd:38:75:3d:8c:52:e5:60:45:6e:d6:
47:91:f2:fb:4a:f8:ac:fd:5c:f2:ea:70:ec:b9:a9:ab:e5:33:
b3:91:1d:8b:b7:0c:bc:6c:83:dc:fa:7d:8e:b1:b3:bf:b0:29:
43:85:c7:e1:b8:73:12:67:13:9d:6e:f8:5b:c9:ee:b5:dd:fa:
fa:d9:4f:ff:0f:ec:b3:c9:70:83:25:81:ad:70:e1:16:b5:55:
bd:5d:f3:45:f6:ef:73:5a:0e:60:5b:c3:a0:c3:81:94:50:c9:
d6:53:97:b4:57:87:6c:ba:82:eb:55:39:e8:05:ab:e5:71:7b:
6a:68:a2:da:c9:6e:7c:98:f4:48:da:58:e6:56:32:09:44:41:
97:27:e7:ad:a8:12:85:2d:6a:1d:61:8d:f8:d9:d8:67:43:71:
7e:99:27:f1:43:69:6f:8a:ba:c7:06:23:ac:f8:c3:e8:ff:c4:
26:a5:26:5d:43:9e:41:b1:20:b9:79:25:ac:f0:57:af:c3:57:
59:16:a1:12:10:ec:d1:40:c7:6e:15:35:5d:a1:97:f1:0d:c9:
b4:5d:ed:27
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY4TIWuMyrSBExarjubgeYcxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjQwMzA2MDkzOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWU3MTBhMTQyZjJhODkyMjQyYmU2YjVkNTFmMmY4NGY0NTJmMjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8UDVYCI9lGsmIROJ3h9dG7Vg6SH
zO0SF/m363z5cxUYGdKrl5wUOqgxz9YoDzA6b3idxMMA6yEV9Mpbp1uy6+YE5Mz5
blOmnjYqOoNwAxIU8BCMHxFfHK4dDjdS91Yr9nvAF11ke5DVjCCOmYmpzDPmAQbE
Vpe/5+q4OP8Bf+Ntf6/QtdSJp4Aj9nJgRGic8X2Ny+nn4ilnEUsxz/mt/2Q7OywU
V+Xg0yLanci0IJ50Yk0177mFt61ox0qCuJhwcWSkCo3dr9luvGqclhJ43Tk2jm4D
bpetYKVhpvsNkjoyz4kqcQ9ml1p2izwzWju8WxIgCVrSLrR7ZAsSKkNWWwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIHnEKFC8qiSJCvmtdUfL4T0UvIBMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvZ2VjUW9VTHlxSklrSy1hMTFSOHZoUFJTOGdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQF1DvAAwQA
1cDEMA8EAgACMAkDBwQgAQrAyAAwDQYJKoZIhvcNAQELBQADggEBAFBBsAPxpWFH
EG6V8BOJmnvjk+VCtVMoyE56wlrt8jU/3cwMCrFeESccCg3NOHU9jFLlYEVu1keR
8vtK+Kz9XPLqcOy5qavlM7ORHYu3DLxsg9z6fY6xs7+wKUOFx+G4cxJnE51u+FvJ
7rXd+vrZT/8P7LPJcIMlga1w4Ra1Vb1d80X273NaDmBbw6DDgZRQydZTl7RXh2y6
gutVOegFq+Vxe2pootrJbnyY9EjaWOZWMglEQZcn562oEoUtah1hjfjZ2GdDcX6Z
J/FDaW+KuscGI6z4w+j/xCalJl1DnkGxILl5JazwV6/DV1kWoRIQ7NFAx24VNV2h
l/ENybRd7Sc=
-----END CERTIFICATE-----
Generated at Tue May 28 23:20:30 2024 by rpki-client on console-ams.rpki-client.org