Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/edb8cd-003d-483a-906a-f6b78e2b17a1/1/GlM62mEOSdYO40DMKPj3VAd9BmQ.roa
File: GlM62mEOSdYO40DMKPj3VAd9BmQ.roa (raw, json)
Hash identifier: nx16zy9qz3Ea5GvMXEPBqyjemRfdzbT0aC3uFXBkuw8=
Subject key identifier: 1A:53:3A:DA:61:0E:49:D6:0E:E3:40:CC:28:F8:F7:54:07:7D:06:64
Certificate issuer: /CN=202f4c1a37e9313cdd2eea7750ae028d18cd5aae
Certificate serial: 018CC500171FA2329D7EC312094B776ACDFD
Authority key identifier: 20:2F:4C:1A:37:E9:31:3C:DD:2E:EA:77:50:AE:02:8D:18:CD:5A:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IC9MGjfpMTzdLup3UK4CjRjNWq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/edb8cd-003d-483a-906a-f6b78e2b17a1/1/GlM62mEOSdYO40DMKPj3VAd9BmQ.roa
Signing time: Mon 01 Jan 2024 12:29:26 +0000
ROA not before: Mon 01 Jan 2024 12:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15851
IP address blocks: 212.127.64.0/19 maxlen: 19
213.231.192.0/18 maxlen: 18
2001:a48:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/edb8cd-003d-483a-906a-f6b78e2b17a1/1/IC9MGjfpMTzdLup3UK4CjRjNWq4.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/edb8cd-003d-483a-906a-f6b78e2b17a1/1/IC9MGjfpMTzdLup3UK4CjRjNWq4.mft
rsync://rpki.ripe.net/repository/DEFAULT/IC9MGjfpMTzdLup3UK4CjRjNWq4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:17:1f:a2:32:9d:7e:c3:12:09:4b:77:6a:cd:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=202f4c1a37e9313cdd2eea7750ae028d18cd5aae
Validity
Not Before: Jan 1 12:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a533ada610e49d60ee340cc28f8f754077d0664
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:85:81:68:ae:eb:f4:e4:f7:6b:16:52:ff:e0:
84:29:6d:75:03:25:78:3f:5c:5e:25:dc:56:16:c0:
95:db:55:c4:e2:15:6c:e1:e5:48:14:73:05:41:aa:
1a:55:2f:f3:b1:47:62:4a:75:14:15:e9:5e:ec:3b:
43:58:78:d5:b8:40:ff:53:e5:59:fe:06:45:1e:1a:
4a:1b:86:23:e4:2e:cc:3a:c8:2f:e2:fa:5f:8b:68:
af:d4:c7:b8:82:91:8d:c3:b1:7c:57:aa:38:29:9c:
c5:b6:65:a3:4c:69:63:9c:c8:aa:d5:34:d0:29:5e:
25:df:f1:2a:22:7d:4c:16:c9:0c:51:83:f3:d8:0d:
48:bf:17:87:e1:6c:69:d3:b5:59:30:1f:a3:f5:68:
6b:9b:3f:c8:b9:98:fa:93:31:51:fd:8c:2b:14:f5:
3e:a0:d2:c2:df:99:e2:93:31:b5:06:39:21:d5:91:
74:49:39:2b:3d:ed:06:ec:91:bf:be:03:a5:99:9f:
dd:1d:e5:d1:00:24:ce:7b:bc:ca:32:05:87:4d:68:
bb:cf:fe:10:01:52:26:b4:3f:dd:04:94:29:61:2f:
36:11:a0:87:49:b4:dc:fa:bc:37:3e:96:31:94:3b:
a8:e9:92:ca:c6:a8:a1:cb:df:52:8f:f6:7f:4c:8a:
2a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:53:3A:DA:61:0E:49:D6:0E:E3:40:CC:28:F8:F7:54:07:7D:06:64
X509v3 Authority Key Identifier:
keyid:20:2F:4C:1A:37:E9:31:3C:DD:2E:EA:77:50:AE:02:8D:18:CD:5A:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IC9MGjfpMTzdLup3UK4CjRjNWq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/edb8cd-003d-483a-906a-f6b78e2b17a1/1/GlM62mEOSdYO40DMKPj3VAd9BmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/edb8cd-003d-483a-906a-f6b78e2b17a1/1/IC9MGjfpMTzdLup3UK4CjRjNWq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.127.64.0/19
213.231.192.0/18
IPv6:
2001:a48:8000::/36
Signature Algorithm: sha256WithRSAEncryption
9a:d3:22:cd:7f:df:23:a3:38:40:e0:10:10:42:b2:d9:0a:07:
19:c7:a1:6c:53:20:22:7a:c0:bf:97:0d:42:9d:48:76:ec:5d:
29:ef:cb:d7:44:97:0b:a2:38:d8:db:bb:b3:a2:ee:53:5b:7f:
ed:a0:fb:f4:bf:54:21:6d:96:cb:e5:a2:a9:8b:63:bf:19:bd:
e8:ff:71:1b:2c:fb:7b:eb:32:04:41:e9:c7:29:b0:46:bd:e6:
41:a2:6f:3b:1a:b0:1f:99:4a:b1:13:60:8e:62:61:62:2a:c7:
1d:92:bd:b8:8a:80:01:6c:dc:0c:7a:49:cb:b3:c2:8b:39:92:
48:0d:44:57:3b:2a:84:92:32:59:f9:c9:96:0e:50:7a:ab:02:
d4:97:59:71:28:0a:04:1e:b6:c8:94:47:59:7f:0d:18:20:49:
31:45:71:46:7c:28:a6:62:a8:69:c8:82:79:f2:7e:51:d0:d7:
85:e8:4a:6d:a6:8a:30:e5:ae:2c:bc:b7:d2:3c:cb:b3:de:c0:
29:5b:bf:95:3d:b2:4b:0c:3f:4e:e9:14:2f:67:15:91:16:23:
32:88:fe:21:b9:4d:cd:2c:35:a8:6a:ec:54:fe:ae:45:16:da:
36:37:76:7e:87:71:ef:d6:a1:18:a8:3d:26:4a:29:63:28:68:
25:b1:eb:33
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzFABcfojKdfsMSCUt3as39MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMmY0YzFhMzdlOTMxM2NkZDJlZWE3NzUwYWUwMjhkMThj
ZDVhYWUwHhcNMjQwMTAxMTIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTUzM2FkYTYxMGU0OWQ2MGVlMzQwY2MyOGY4Zjc1NDA3N2QwNjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYWBaK7r9OT3axZS/+CEKW11AyV4
P1xeJdxWFsCV21XE4hVs4eVIFHMFQaoaVS/zsUdiSnUUFele7DtDWHjVuED/U+VZ
/gZFHhpKG4Yj5C7MOsgv4vpfi2iv1Me4gpGNw7F8V6o4KZzFtmWjTGljnMiq1TTQ
KV4l3/EqIn1MFskMUYPz2A1IvxeH4Wxp07VZMB+j9Whrmz/IuZj6kzFR/YwrFPU+
oNLC35nikzG1Bjkh1ZF0STkrPe0G7JG/vgOlmZ/dHeXRACTOe7zKMgWHTWi7z/4Q
AVImtD/dBJQpYS82EaCHSbTc+rw3PpYxlDuo6ZLKxqihy99Sj/Z/TIoqHwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFBpTOtphDknWDuNAzCj491QHfQZkMB8GA1UdIwQY
MBaAFCAvTBo36TE83S7qd1CuAo0YzVquMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUM5TUdqZnBNVHpkTHVwM1VLNENqUmpOV3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lZGI4Y2QtMDAzZC00ODNhLTkwNmEt
ZjZiNzhlMmIxN2ExLzEvR2xNNjJtRU9TZFlPNDBETUtQajNWQWQ5Qm1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lZGI4Y2QtMDAzZC00ODNhLTkwNmEtZjZiNzhlMmIxN2Ex
LzEvSUM5TUdqZnBNVHpkTHVwM1VLNENqUmpOV3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQF1H9AAwQG
1efAMA4EAgACMAgDBgQgAQpIgDANBgkqhkiG9w0BAQsFAAOCAQEAmtMizX/fI6M4
QOAQEEKy2QoHGcehbFMgInrAv5cNQp1IduxdKe/L10SXC6I42Nu7s6LuU1t/7aD7
9L9UIW2Wy+WiqYtjvxm96P9xGyz7e+syBEHpxymwRr3mQaJvOxqwH5lKsRNgjmJh
YirHHZK9uIqAAWzcDHpJy7PCizmSSA1EVzsqhJIyWfnJlg5QeqsC1JdZcSgKBB62
yJRHWX8NGCBJMUVxRnwopmKoaciCefJ+UdDXhehKbaaKMOWuLLy30jzLs97AKVu/
lT2ySww/TukUL2cVkRYjMoj+IblNzSw1qGrsVP6uRRbaNjd2fodx79ahGKg9Jkop
YyhoJbHrMw==
-----END CERTIFICATE-----
Generated at Fri May 17 16:33:38 2024 by rpki-client on console-fra.rpki-client.org