Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/aXnpdZ9WZ8Hs9LpmCKATOtoh7sY.roa
File: aXnpdZ9WZ8Hs9LpmCKATOtoh7sY.roa (raw, json)
Hash identifier: nEn1vZoqY4vi8BTZNvVqsbw25uFwCTAHYKz4PG9TMbM=
Subject key identifier: 69:79:E9:75:9F:56:67:C1:EC:F4:BA:66:08:A0:13:3A:DA:21:EE:C6
Certificate issuer: /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial: 018CC79461EE4B2765C831888F0583AB3EEA
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/aXnpdZ9WZ8Hs9LpmCKATOtoh7sY.roa
Signing time: Tue 02 Jan 2024 00:30:39 +0000
ROA not before: Tue 02 Jan 2024 00:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35624
IP address blocks: 212.119.42.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:61:ee:4b:27:65:c8:31:88:8f:05:83:ab:3e:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Validity
Not Before: Jan 2 00:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6979e9759f5667c1ecf4ba6608a0133ada21eec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a2:9d:dd:1b:95:b0:d1:a0:fb:38:00:c1:57:
88:1a:b6:cb:e9:8f:13:c9:cf:4b:dc:05:c4:26:13:
16:93:05:cc:e5:24:43:73:d6:29:10:a5:ed:c0:a8:
a1:5d:c7:84:c1:b8:97:8b:2f:10:d6:08:d7:f6:6e:
8f:6b:88:34:59:a8:3b:3a:5e:62:b6:f5:19:6a:26:
b3:6c:1b:1f:7b:27:d4:ff:76:22:8c:6f:4c:a8:dd:
8c:64:55:fd:de:e1:41:eb:6c:02:1d:60:19:11:d6:
1b:81:61:66:56:b8:ea:c8:08:24:4e:14:c2:68:35:
f0:53:a0:88:e7:ac:22:c4:24:b0:f1:c4:e0:a6:71:
3e:ee:e0:8c:28:70:9a:6a:18:43:4f:a9:e5:7f:1a:
9b:cb:72:e4:8d:ce:b3:d0:aa:9c:55:88:1e:39:73:
e8:fb:67:73:4e:3e:c0:02:a6:48:1d:4f:53:c6:3d:
c1:1b:08:2d:df:d0:21:0b:77:84:5b:2d:49:81:96:
51:2f:03:17:7d:0d:0f:0d:39:69:0e:ef:38:8c:2e:
60:0e:96:8c:ee:56:c0:da:2a:ab:5a:8d:d3:5a:a5:
73:77:76:b3:26:65:15:f0:ca:d3:d3:44:bc:32:b7:
98:03:32:bd:17:61:62:9b:a2:ed:53:8d:82:3f:c6:
22:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:79:E9:75:9F:56:67:C1:EC:F4:BA:66:08:A0:13:3A:DA:21:EE:C6
X509v3 Authority Key Identifier:
keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/aXnpdZ9WZ8Hs9LpmCKATOtoh7sY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.119.42.0/23
Signature Algorithm: sha256WithRSAEncryption
01:dd:e3:ca:0d:e0:b7:da:78:f5:5d:c7:27:15:9b:39:47:a9:
ca:84:1c:c0:46:40:cc:63:18:75:d7:38:b6:7e:86:79:be:39:
15:0d:3f:24:98:d4:7a:c9:24:9c:70:ef:5d:47:58:63:d1:77:
35:6d:21:33:11:ba:65:a2:c0:46:b6:1d:60:ec:92:bb:1a:b3:
22:ac:56:f5:78:44:47:0b:09:e5:4d:5b:69:04:6a:61:46:11:
55:4d:d3:fb:aa:d4:43:09:d0:6c:d2:b3:55:91:6d:2e:fc:ff:
9f:f7:f5:d1:26:13:7d:6f:f7:81:e9:92:c0:58:b8:2c:1e:a5:
8f:40:78:39:e2:f5:cf:b0:6d:58:ff:24:ef:c3:f0:24:1f:0b:
b0:71:db:67:01:0a:14:ac:03:77:3d:4e:6d:1f:bb:91:46:13:
80:54:65:30:cd:c6:93:70:24:fc:10:a7:c5:5e:90:e0:ec:61:
15:51:33:04:53:d4:4a:1a:95:e6:e0:27:65:2a:88:fd:36:29:
a5:5b:d2:7d:94:c0:d7:07:24:70:41:56:a4:d2:d4:7a:bd:62:
21:8f:ce:92:e5:be:d2:f8:04:4e:8f:57:91:21:46:63:56:bc:
66:c7:32:7c:07:b8:2e:f7:ac:26:13:e1:84:d6:10:85:70:df:
75:8a:28:42
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHlGHuSydlyDGIjwWDqz7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjQwMTAyMDAzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTc5ZTk3NTlmNTY2N2MxZWNmNGJhNjYwOGEwMTMzYWRhMjFlZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaKd3RuVsNGg+zgAwVeIGrbL6Y8T
yc9L3AXEJhMWkwXM5SRDc9YpEKXtwKihXceEwbiXiy8Q1gjX9m6Pa4g0Wag7Ol5i
tvUZaiazbBsfeyfU/3YijG9MqN2MZFX93uFB62wCHWAZEdYbgWFmVrjqyAgkThTC
aDXwU6CI56wixCSw8cTgpnE+7uCMKHCaahhDT6nlfxqby3Lkjc6z0KqcVYgeOXPo
+2dzTj7AAqZIHU9Txj3BGwgt39AhC3eEWy1JgZZRLwMXfQ0PDTlpDu84jC5gDpaM
7lbA2iqrWo3TWqVzd3azJmUV8MrT00S8MreYAzK9F2Fim6LtU42CP8YiJQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGl56XWfVmfB7PS6ZgigEzraIe7GMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xL2FYbnBkWjlXWjhIczlMcG1DS0FUT3RvaDdzWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHUdyow
DQYJKoZIhvcNAQELBQADggEBAAHd48oN4LfaePVdxycVmzlHqcqEHMBGQMxjGHXX
OLZ+hnm+ORUNPySY1HrJJJxw711HWGPRdzVtITMRumWiwEa2HWDskrsasyKsVvV4
REcLCeVNW2kEamFGEVVN0/uq1EMJ0GzSs1WRbS78/5/39dEmE31v94HpksBYuCwe
pY9AeDni9c+wbVj/JO/D8CQfC7Bx22cBChSsA3c9Tm0fu5FGE4BUZTDNxpNwJPwQ
p8VekODsYRVRMwRT1EoalebgJ2UqiP02KaVb0n2UwNcHJHBBVqTS1Hq9YiGPzpLl
vtL4BE6PV5EhRmNWvGbHMnwHuC73rCYT4YTWEIVw33WKKEI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:39:38 2024 by rpki-client on console-ams.rpki-client.org