Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/1-9AlAVqar8-vfxOY_1Coe1MNeqA.roa
File: 1-9AlAVqar8-vfxOY_1Coe1MNeqA.roa (raw, json)
Hash identifier: ktX9SoeWW470jcGmfLqRg6lOXLcjXWBcXhDBsL2aG7Q=
Subject key identifier: FB:D0:25:01:5A:9A:AF:CF:AF:7F:13:98:FF:50:A8:7B:53:0D:7A:A0
Certificate issuer: /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Certificate serial: 018CC795345DEB501A937912FAF555609C7C
Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/1-9AlAVqar8-vfxOY_1Coe1MNeqA.roa
Signing time: Tue 02 Jan 2024 00:31:33 +0000
ROA not before: Tue 02 Jan 2024 00:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54103
IP address blocks: 212.124.85.0/24 maxlen: 24
212.124.80.0/22 maxlen: 24
212.124.84.0/24 maxlen: 24
212.124.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft
rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:34:5d:eb:50:1a:93:79:12:fa:f5:55:60:9c:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Validity
Not Before: Jan 2 00:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbd025015a9aafcfaf7f1398ff50a87b530d7aa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:41:08:4d:51:7d:f1:d7:9d:db:48:b4:81:92:
07:10:7e:57:0c:d3:d6:b7:ee:77:e6:11:51:3a:0e:
76:67:02:7c:67:db:9b:0f:47:da:ab:7d:cd:42:86:
50:ad:16:65:60:de:b5:75:22:da:f5:4f:4c:8f:81:
70:e5:58:f7:6c:a8:1d:44:19:39:f5:96:45:9e:df:
bf:22:14:32:9c:1e:67:a6:6a:e3:03:f2:65:2e:e9:
84:03:4d:3b:c4:14:fb:3e:3a:40:c9:3b:0f:03:0e:
75:80:59:da:d6:71:6e:10:01:3c:aa:b4:a4:57:a6:
f8:79:e6:4f:09:be:28:db:37:61:8c:5b:44:df:6a:
70:80:4b:68:30:41:84:47:6d:51:57:4d:cc:5b:f7:
2b:6d:c8:d3:ec:b5:f7:e4:86:0d:55:fe:b5:46:1e:
06:46:cb:bf:9b:d9:59:b2:c1:0e:1d:b1:b5:02:d9:
5e:39:ef:e6:03:15:d1:e7:e8:8a:bf:e4:73:ee:4c:
cb:33:7e:51:19:bb:f0:72:ce:2d:6f:c2:98:4e:32:
dc:e5:d0:87:e9:3f:91:53:40:8d:59:9b:98:50:2a:
7d:58:ec:5a:98:91:45:17:b2:10:3b:cc:23:ad:13:
80:67:b3:8a:3c:38:f1:90:5c:ca:4b:a6:6f:94:55:
a0:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:D0:25:01:5A:9A:AF:CF:AF:7F:13:98:FF:50:A8:7B:53:0D:7A:A0
X509v3 Authority Key Identifier:
keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/1-9AlAVqar8-vfxOY_1Coe1MNeqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.124.80.0-212.124.85.255
212.124.87.0/24
Signature Algorithm: sha256WithRSAEncryption
03:63:4e:6d:2c:bb:62:5f:75:9b:a1:c0:15:1f:9d:be:9e:8d:
85:1f:d5:75:ce:70:14:08:67:5d:50:8e:69:c8:f9:1d:c1:0a:
89:0a:60:00:90:76:75:9b:7f:52:cd:9d:06:b8:96:ff:63:38:
47:10:2b:ac:6e:2b:99:78:5a:cc:62:e5:2c:c0:a0:45:f7:0b:
9b:aa:2a:3c:57:07:00:83:0e:08:b9:11:f5:7e:a4:6a:52:47:
26:37:f5:8e:e8:23:6b:dd:77:60:d1:e6:d5:85:4a:a8:34:89:
26:5a:54:b1:1c:ed:18:16:dc:70:57:83:ef:90:86:37:2f:a7:
fd:f4:72:44:5f:6c:23:90:2e:2c:fb:4d:ee:39:ba:56:cb:44:
2e:7a:5f:5a:f5:90:b1:f4:0e:07:79:77:1e:d5:62:06:ca:28:
ca:62:9e:45:4c:b9:02:80:82:05:a4:6e:cd:16:6d:53:e3:ef:
0f:b0:a2:4e:e3:cc:71:23:97:07:f0:0b:e5:b1:d4:eb:f4:6d:
59:64:da:6d:e2:8f:fd:0e:ad:14:bd:03:03:6f:cf:ad:3d:ee:
d2:e5:e9:1a:bc:fa:b0:77:74:d2:03:8e:a2:1b:7f:d6:42:11:
85:d8:5b:20:b4:de:fb:ed:e6:73:91:5d:23:96:fd:76:e3:34:
2b:72:d6:12
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlTRd61Aak3kS+vVVYJx8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZWUyYmY0M2YyMWE4MWM0OTJjNmU2YTlmYzZmMDc0ZDJm
MGEyMTcwHhcNMjQwMTAyMDAzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmQwMjUwMTVhOWFhZmNmYWY3ZjEzOThmZjUwYTg3YjUzMGQ3YWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkEITVF98ded20i0gZIHEH5XDNPW
t+535hFROg52ZwJ8Z9ubD0faq33NQoZQrRZlYN61dSLa9U9Mj4Fw5Vj3bKgdRBk5
9ZZFnt+/IhQynB5npmrjA/JlLumEA007xBT7PjpAyTsPAw51gFna1nFuEAE8qrSk
V6b4eeZPCb4o2zdhjFtE32pwgEtoMEGER21RV03MW/crbcjT7LX35IYNVf61Rh4G
Rsu/m9lZssEOHbG1AtleOe/mAxXR5+iKv+Rz7kzLM35RGbvwcs4tb8KYTjLc5dCH
6T+RU0CNWZuYUCp9WOxamJFFF7IQO8wjrROAZ7OKPDjxkFzKS6ZvlFWgWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPvQJQFamq/Pr38TmP9QqHtTDXqgMB8GA1UdIwQY
MBaAFN/uK/Q/IagcSSxuap/G8HTS8KIXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTIt
MjhkNzhlYjlmMmRjLzEvMS05QWxBVnFhcjgtdmZ4T1lfMUNvZTFNTmVxQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDAvM2IzYmUwLTU0YTctNDEwZi05ZDEyLTI4ZDc4ZWI5ZjJk
Yy8xLzMtNHI5RDhocUJ4SkxHNXFuOGJ3ZE5Md29oYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQE1HxQ
AwQB1HxUAwQA1HxXMA0GCSqGSIb3DQEBCwUAA4IBAQADY05tLLtiX3WbocAVH52+
no2FH9V1znAUCGddUI5pyPkdwQqJCmAAkHZ1m39SzZ0GuJb/YzhHECusbiuZeFrM
YuUswKBF9wubqio8VwcAgw4IuRH1fqRqUkcmN/WO6CNr3Xdg0ebVhUqoNIkmWlSx
HO0YFtxwV4PvkIY3L6f99HJEX2wjkC4s+03uObpWy0Quel9a9ZCx9A4HeXce1WIG
yijKYp5FTLkCgIIFpG7NFm1T4+8PsKJO48xxI5cH8AvlsdTr9G1ZZNpt4o/9Dq0U
vQMDb8+tPe7S5ekavPqwd3TSA46iG3/WQhGF2FsgtN777eZzkV0jlv124zQrctYS
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:37:57 2024 by rpki-client on console-ams.rpki-client.org