Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/o9lO_j4ClBfpFgX_kkyPXrZxOjc.roa
File: o9lO_j4ClBfpFgX_kkyPXrZxOjc.roa (raw, json)
Hash identifier: DPYbfEgAyok5Y8ZiCvCOkHk6tciMf3lFXxjG31euknw=
Subject key identifier: A3:D9:4E:FE:3E:02:94:17:E9:16:05:FF:92:4C:8F:5E:B6:71:3A:37
Certificate issuer: /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Certificate serial: 0192052AE01211EC99838A831F29CD1E5B12
Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/o9lO_j4ClBfpFgX_kkyPXrZxOjc.roa
Signing time: Wed 18 Sep 2024 12:45:48 +0000
ROA not before: Wed 18 Sep 2024 12:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 212.124.68.0/22 maxlen: 24
212.124.72.0/22 maxlen: 24
212.124.76.0/22 maxlen: 24
212.124.86.0/24 maxlen: 24
212.124.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft
rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:05:2a:e0:12:11:ec:99:83:8a:83:1f:29:cd:1e:5b:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Validity
Not Before: Sep 18 12:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3d94efe3e029417e91605ff924c8f5eb6713a37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c8:ec:ea:f7:e3:9a:62:8d:ac:a5:9a:53:99:
19:56:72:ea:8e:ed:4a:bf:24:4a:04:40:70:c5:dc:
1b:91:c8:58:ca:ed:14:2c:16:d5:d9:72:1d:a0:e4:
39:57:92:f1:18:57:48:6f:0d:19:06:ea:58:8e:05:
40:57:4c:3d:ab:b3:90:74:d7:02:6e:c8:26:11:57:
66:4b:38:d0:17:48:c1:18:8a:c0:38:7c:ec:13:7c:
6e:30:3d:5c:73:99:8a:bf:b1:e6:6c:e6:61:73:4e:
9d:07:10:3b:18:88:72:08:12:d9:20:61:d4:0f:49:
b3:43:a3:ef:95:09:5e:60:fe:b4:04:a4:7d:b9:04:
7c:27:cc:54:76:a6:4d:12:93:da:bd:4d:f3:18:b5:
c2:c3:3e:e6:c0:8e:5e:9e:d3:03:7f:f5:ac:b4:44:
93:76:c9:ab:26:f6:2c:f7:1b:0f:53:a4:cf:05:e2:
de:b6:30:a9:4f:07:34:5d:92:88:d5:eb:f1:81:e6:
eb:18:a0:e0:c7:c1:4a:ce:97:af:18:9b:2e:54:7e:
42:3e:30:15:6e:ae:3e:bc:ff:b5:90:df:90:84:f6:
98:c1:de:4a:0b:e2:65:3e:3d:72:af:9c:fd:95:15:
27:02:f3:01:28:ab:17:24:06:64:ae:2a:12:50:65:
02:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:D9:4E:FE:3E:02:94:17:E9:16:05:FF:92:4C:8F:5E:B6:71:3A:37
X509v3 Authority Key Identifier:
keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/o9lO_j4ClBfpFgX_kkyPXrZxOjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.124.68.0-212.124.79.255
212.124.86.0/24
212.124.92.0/24
Signature Algorithm: sha256WithRSAEncryption
51:d0:5a:d8:a4:50:99:ef:c4:e5:89:70:c4:45:50:24:3a:06:
c0:2f:b7:b1:77:92:45:d0:da:5a:80:1b:29:67:d9:a6:dd:ce:
e8:8b:2a:8e:3a:59:83:5d:52:1e:1c:08:c7:ec:f3:21:2f:50:
dc:0b:a5:c6:da:0f:8c:06:69:27:c3:05:7d:66:29:6f:78:65:
d6:5f:8f:ae:05:f4:4c:c9:c5:7c:1e:83:9f:3c:91:29:45:04:
89:04:07:df:70:2a:a1:97:b6:f9:b2:45:55:57:d3:79:7f:2b:
d1:59:61:65:7c:53:a4:7c:d4:10:2b:31:84:8f:c3:cb:f7:a7:
f7:d3:fd:3e:53:cf:0f:c6:6d:64:92:2d:8e:1d:4b:c2:a4:ae:
c3:d0:c1:c9:1d:fa:a2:b2:5e:c7:41:c2:35:41:9a:52:f2:45:
42:f7:0d:b1:6d:c9:af:4e:66:16:f2:e4:3d:66:3a:e6:da:1b:
24:6c:cf:c7:43:27:71:80:0d:9f:03:df:a5:4f:d4:e2:40:bc:
35:12:bc:9a:25:a0:81:97:13:bf:2d:67:33:05:7c:f3:5f:3a:
69:da:c1:39:ce:a7:d0:42:3b:10:05:ea:f2:e7:f1:eb:3f:0a:
e2:94:49:ed:ef:7c:e0:dc:9d:0a:fa:bd:46:8b:bb:62:a3:db:
60:27:29:2d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZIFKuASEeyZg4qDHynNHlsSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZWUyYmY0M2YyMWE4MWM0OTJjNmU2YTlmYzZmMDc0ZDJm
MGEyMTcwHhcNMjQwOTE4MTI0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Q5NGVmZTNlMDI5NDE3ZTkxNjA1ZmY5MjRjOGY1ZWI2NzEzYTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8js6vfjmmKNrKWaU5kZVnLqju1K
vyRKBEBwxdwbkchYyu0ULBbV2XIdoOQ5V5LxGFdIbw0ZBupYjgVAV0w9q7OQdNcC
bsgmEVdmSzjQF0jBGIrAOHzsE3xuMD1cc5mKv7HmbOZhc06dBxA7GIhyCBLZIGHU
D0mzQ6PvlQleYP60BKR9uQR8J8xUdqZNEpPavU3zGLXCwz7mwI5entMDf/WstEST
dsmrJvYs9xsPU6TPBeLetjCpTwc0XZKI1evxgebrGKDgx8FKzpevGJsuVH5CPjAV
bq4+vP+1kN+QhPaYwd5KC+JlPj1yr5z9lRUnAvMBKKsXJAZkrioSUGUCpQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKPZTv4+ApQX6RYF/5JMj162cTo3MB8GA1UdIwQY
MBaAFN/uK/Q/IagcSSxuap/G8HTS8KIXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTIt
MjhkNzhlYjlmMmRjLzEvbzlsT19qNENsQmZwRmdYX2treVBYclp4T2pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTItMjhkNzhlYjlmMmRj
LzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBALUfEQD
BATUfEADBADUfFYDBADUfFwwDQYJKoZIhvcNAQELBQADggEBAFHQWtikUJnvxOWJ
cMRFUCQ6BsAvt7F3kkXQ2lqAGyln2abdzuiLKo46WYNdUh4cCMfs8yEvUNwLpcba
D4wGaSfDBX1mKW94ZdZfj64F9EzJxXweg588kSlFBIkEB99wKqGXtvmyRVVX03l/
K9FZYWV8U6R81BArMYSPw8v3p/fT/T5Tzw/GbWSSLY4dS8KkrsPQwckd+qKyXsdB
wjVBmlLyRUL3DbFtya9OZhby5D1mOubaGyRsz8dDJ3GADZ8D36VP1OJAvDUSvJol
oIGXE78tZzMFfPNfOmnawTnOp9BCOxAF6vLn8es/CuKUSe3vfODcnQr6vUaLu2Kj
22AnKS0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:37:57 2024 by rpki-client on console-ams.rpki-client.org