Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/pFXR8H7YcozpzsF_qYjXu9F0GHk.roa
File: pFXR8H7YcozpzsF_qYjXu9F0GHk.roa (raw, json)
Hash identifier: M3Z7wzUAKpJwFoDgd0Gjaygh5xUN2kYr7yPgyGHNvvg=
Subject key identifier: A4:55:D1:F0:7E:D8:72:8C:E9:CE:C1:7F:A9:88:D7:BB:D1:74:18:79
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 018CC94D3B61085B5F43321467C45D7C65A6
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/pFXR8H7YcozpzsF_qYjXu9F0GHk.roa
Signing time: Tue 02 Jan 2024 08:32:11 +0000
ROA not before: Tue 02 Jan 2024 08:32:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 212.111.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:3b:61:08:5b:5f:43:32:14:67:c4:5d:7c:65:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jan 2 08:32:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a455d1f07ed8728ce9cec17fa988d7bbd1741879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a3:86:d9:cf:af:38:30:f4:ff:f0:25:84:3c:
45:b4:27:c8:c0:fe:d1:07:60:8b:98:db:5c:8f:b0:
eb:ae:40:af:72:06:56:81:5c:ac:1c:77:19:d8:69:
a5:17:f0:40:60:f2:72:a8:ff:9b:c0:38:12:d5:73:
01:f9:83:7e:10:c0:b6:7c:e3:31:7f:df:02:10:29:
d1:10:ac:2f:35:3e:96:a6:46:5b:05:46:68:04:f5:
6f:ad:bd:f4:f1:3d:c8:72:2d:92:bf:7b:5c:a7:09:
bc:bb:df:1d:72:f3:b7:02:dd:92:b9:d5:34:6f:da:
20:bb:cf:f1:19:7d:5b:24:29:28:c6:09:ff:f9:a3:
e4:ad:a7:13:01:78:1c:dd:b2:6b:64:47:34:12:62:
fc:ed:91:47:5c:9e:96:e5:bb:c8:6e:9b:ae:d9:6b:
8c:3d:69:df:62:e6:dc:17:14:bd:53:f9:8e:e9:c3:
83:03:4f:fb:e7:94:ae:3a:8d:0b:f4:ab:31:6c:fd:
11:7c:2f:cf:c4:b3:71:bc:73:b2:47:f5:74:fc:71:
c9:95:2c:28:e3:28:41:bf:74:a1:1a:91:1f:de:7a:
b6:75:36:63:e8:ed:e1:38:b5:ef:c5:00:d4:f6:0f:
8d:1a:f1:2a:83:b2:9f:0b:0e:18:4e:66:e7:5d:66:
25:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:55:D1:F0:7E:D8:72:8C:E9:CE:C1:7F:A9:88:D7:BB:D1:74:18:79
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/pFXR8H7YcozpzsF_qYjXu9F0GHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.111.220.0/22
Signature Algorithm: sha256WithRSAEncryption
71:9d:c2:e6:22:06:db:b2:29:0e:0a:8f:ae:17:41:f0:c5:60:
24:34:33:5f:64:99:9e:b8:8b:0b:14:82:d5:08:f4:f7:31:1b:
db:78:bd:6a:64:bf:29:40:b3:82:b0:7f:b5:75:df:09:5d:88:
42:92:8a:6b:ae:17:07:b3:43:30:7c:95:7c:2b:20:56:03:e1:
c9:24:d0:39:2d:70:fe:ae:d4:63:58:8b:34:27:2e:55:2e:9b:
b0:43:22:48:62:85:73:69:93:1a:cf:3a:31:2a:b7:fc:20:2b:
b1:d8:30:2e:78:1d:4a:f3:f5:f0:04:33:de:64:29:62:1d:1b:
83:02:fb:64:ae:f0:fb:79:58:99:06:bb:47:34:d0:c7:3e:fa:
44:d2:21:72:73:c7:e6:91:2f:29:2a:a4:42:39:01:f2:e3:f6:
fc:c2:14:5b:68:bd:f9:e6:28:d1:5d:a8:2a:bd:f0:ff:4f:19:
94:f5:9f:52:e9:17:78:6e:37:0d:aa:39:22:97:77:bb:fc:97:
76:06:f9:06:25:ce:ab:1a:da:a6:ee:06:0b:db:e6:c7:0d:53:
09:a3:96:45:c7:48:02:f1:cf:3b:42:8d:e9:89:4c:cd:7f:71:
99:99:df:52:61:ab:60:86:32:23:cc:72:d6:47:6a:f6:23:e1:
7e:c8:07:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTTthCFtfQzIUZ8RdfGWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjQwMTAyMDgzMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDU1ZDFmMDdlZDg3MjhjZTljZWMxN2ZhOTg4ZDdiYmQxNzQxODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqOG2c+vODD0//AlhDxFtCfIwP7R
B2CLmNtcj7DrrkCvcgZWgVysHHcZ2GmlF/BAYPJyqP+bwDgS1XMB+YN+EMC2fOMx
f98CECnREKwvNT6WpkZbBUZoBPVvrb308T3Ici2Sv3tcpwm8u98dcvO3At2SudU0
b9ogu8/xGX1bJCkoxgn/+aPkracTAXgc3bJrZEc0EmL87ZFHXJ6W5bvIbpuu2WuM
PWnfYubcFxS9U/mO6cODA0/755SuOo0L9KsxbP0RfC/PxLNxvHOyR/V0/HHJlSwo
4yhBv3ShGpEf3nq2dTZj6O3hOLXvxQDU9g+NGvEqg7KfCw4YTmbnXWYlAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKRV0fB+2HKM6c7Bf6mI17vRdBh5MB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvcEZYUjhIN1ljb3pwenNGX3FZalh1OUYwR0hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1G/cMA0G
CSqGSIb3DQEBCwUAA4IBAQBxncLmIgbbsikOCo+uF0HwxWAkNDNfZJmeuIsLFILV
CPT3MRvbeL1qZL8pQLOCsH+1dd8JXYhCkoprrhcHs0MwfJV8KyBWA+HJJNA5LXD+
rtRjWIs0Jy5VLpuwQyJIYoVzaZMazzoxKrf8ICux2DAueB1K8/XwBDPeZCliHRuD
AvtkrvD7eViZBrtHNNDHPvpE0iFyc8fmkS8pKqRCOQHy4/b8whRbaL355ijRXagq
vfD/TxmU9Z9S6Rd4bjcNqjkil3e7/Jd2BvkGJc6rGtqm7gYL2+bHDVMJo5ZFx0gC
8c87Qo3piUzNf3GZmd9SYatghjIjzHLWR2r2I+F+yAcK
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:12:19 2024 by rpki-client on console-ams.rpki-client.org