Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/14eVJVxeZ_0_LU4Mhl1m9RQSND0.roa
File: 14eVJVxeZ_0_LU4Mhl1m9RQSND0.roa (raw, json)
Hash identifier: u8CwVeItr4eFL/IqP1QBtv4owEDCNjo71okb0XzVycU=
Subject key identifier: D7:87:95:25:5C:5E:67:FD:3F:2D:4E:0C:86:5D:66:F5:14:12:34:3D
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 018CC2DB359ACAAE4254849927DAD8B1C5CE
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/14eVJVxeZ_0_LU4Mhl1m9RQSND0.roa
Signing time: Mon 01 Jan 2024 02:29:55 +0000
ROA not before: Mon 01 Jan 2024 02:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 212.126.96.0/24 maxlen: 24
212.126.97.0/24 maxlen: 24
212.126.98.0/24 maxlen: 24
46.21.251.0/24 maxlen: 24
212.126.102.0/24 maxlen: 24
212.126.104.0/24 maxlen: 24
212.126.105.0/24 maxlen: 24
212.126.104.0/22 maxlen: 22
212.126.104.0/23 maxlen: 23
212.126.100.0/24 maxlen: 24
212.126.101.0/24 maxlen: 24
212.126.109.0/24 maxlen: 24
212.126.110.0/24 maxlen: 24
212.126.111.0/24 maxlen: 24
212.126.106.0/23 maxlen: 24
212.126.107.0/24 maxlen: 24
212.126.108.0/24 maxlen: 24
212.126.116.0/24 maxlen: 24
212.126.117.0/24 maxlen: 24
212.126.118.0/24 maxlen: 24
212.126.113.0/24 maxlen: 24
212.126.115.0/24 maxlen: 24
212.126.119.0/24 maxlen: 24
212.126.123.0/24 maxlen: 24
212.126.124.0/24 maxlen: 24
212.126.125.0/24 maxlen: 24
212.126.120.0/24 maxlen: 24
212.126.121.0/24 maxlen: 24
212.126.124.0/23 maxlen: 23
212.126.122.0/24 maxlen: 24
212.126.126.0/24 maxlen: 24
212.126.127.0/24 maxlen: 24
2a04:2dc0:4::/48 maxlen: 48
2a04:2dc0:e::/48 maxlen: 48
2a04:2dc0:17::/48 maxlen: 48
2a04:2dc0:d::/48 maxlen: 48
2a04:2dc0:6::/48 maxlen: 48
2a04:2dc0:1::/48 maxlen: 48
2a04:2dc0:f::/48 maxlen: 48
2a04:2dc0:a::/48 maxlen: 48
2a04:2dc0:8::/48 maxlen: 48
2a04:2dc0:3::/48 maxlen: 48
2a04:2dc0:19::/48 maxlen: 48
2a04:2dc0:7::/48 maxlen: 48
2a04:2dc0:2::/48 maxlen: 48
2a04:2dc0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:35:9a:ca:ae:42:54:84:99:27:da:d8:b1:c5:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Jan 1 02:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d78795255c5e67fd3f2d4e0c865d66f51412343d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7a:29:5e:20:25:4f:9a:af:db:f6:53:61:a0:
54:42:42:e2:38:d0:b3:0e:b2:38:20:8b:96:d0:2f:
6e:87:68:86:a5:39:1e:b3:e6:99:83:02:5d:f1:6e:
44:bd:03:12:93:6b:71:7d:21:b1:e3:fb:e6:90:7e:
05:89:9e:74:ce:fc:8b:84:32:e6:6c:e9:a6:db:bb:
ff:93:83:22:ba:b9:2a:4c:66:0c:3c:db:0d:da:ed:
d7:d8:68:4b:9b:0e:82:be:4a:5e:37:a6:8a:4b:3a:
41:86:65:20:04:98:4c:11:57:52:83:b0:6f:dc:d0:
fa:c1:e4:42:9d:d2:41:9b:4c:af:71:0d:7b:f7:1d:
0d:0c:01:2a:81:ce:8a:0b:69:56:8c:70:2e:41:23:
db:6e:29:bc:22:29:d1:eb:f2:a6:cb:7f:01:55:40:
ae:35:9c:41:e0:46:e1:c1:72:dd:27:7f:3d:78:26:
37:85:30:a9:b1:e9:6a:b0:f9:5e:8d:fe:0c:70:06:
b2:80:ef:99:3f:64:a1:f0:3d:3a:41:bf:87:38:e1:
9d:63:18:88:f8:9f:75:04:de:2b:94:39:00:52:ca:
2d:19:2f:77:e9:b2:f5:a0:9e:d3:d0:77:e0:b4:30:
fb:fd:07:dd:c8:38:39:1e:c1:f0:23:06:49:e6:da:
47:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:87:95:25:5C:5E:67:FD:3F:2D:4E:0C:86:5D:66:F5:14:12:34:3D
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/14eVJVxeZ_0_LU4Mhl1m9RQSND0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.251.0/24
212.126.96.0-212.126.98.255
212.126.100.0-212.126.102.255
212.126.104.0/21
212.126.113.0/24
212.126.115.0-212.126.127.255
IPv6:
2a04:2dc0::-2a04:2dc0:4:ffff:ffff:ffff:ffff:ffff
2a04:2dc0:6::-2a04:2dc0:8:ffff:ffff:ffff:ffff:ffff
2a04:2dc0:a::/48
2a04:2dc0:d::-2a04:2dc0:f:ffff:ffff:ffff:ffff:ffff
2a04:2dc0:17::/48
2a04:2dc0:19::/48
Signature Algorithm: sha256WithRSAEncryption
ca:0e:a4:fd:57:d4:ff:ec:7b:5f:d3:79:b3:47:9c:69:19:62:
56:a3:8a:06:89:8e:bb:e9:39:b3:74:29:d5:7a:30:35:15:e7:
25:6b:9f:e7:cf:4d:74:5d:f9:dd:48:f3:ed:81:7f:2f:61:c5:
7a:ae:6a:f7:1f:54:d1:d9:a6:8e:e9:d8:df:3a:a2:d3:69:e3:
b8:a5:eb:60:f6:22:48:db:c9:91:6e:29:d6:a6:de:45:00:6f:
7a:0d:dc:22:2d:45:64:47:7d:03:96:a3:1a:f6:84:a2:97:b8:
5b:92:0b:8b:e9:4a:53:ff:85:bb:61:5b:22:d7:56:a0:1b:cd:
77:70:63:a4:91:38:bf:bc:3e:63:21:1d:b4:07:ae:43:a8:aa:
63:f2:ba:13:89:4b:b6:d0:a4:31:9f:ff:53:93:1a:06:37:2b:
02:93:f0:78:52:e1:93:ab:c5:0b:89:97:e3:0a:5f:61:c8:84:
3a:22:30:bd:39:d8:c1:a8:53:75:84:8c:b0:ae:7a:93:85:bf:
dd:a1:3c:28:21:64:fb:9f:d5:1f:ab:56:e2:c9:b6:4b:bb:c0:
2b:1b:cc:36:93:81:4f:b1:e2:d3:00:e1:3b:a4:aa:d9:d5:ef:
1f:35:08:0c:c8:55:0a:2f:68:c0:a9:f9:97:f4:85:08:15:95:
2a:09:b1:fa
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgISAYzC2zWayq5CVISZJ9rYscXOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2NiYjcyYWE5ODg0YTViZjhkMGU3NTc0MDRhMTdlNWUy
MzMyMmMwHhcNMjQwMTAxMDIyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzg3OTUyNTVjNWU2N2ZkM2YyZDRlMGM4NjVkNjZmNTE0MTIzNDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnopXiAlT5qv2/ZTYaBUQkLiONCz
DrI4IIuW0C9uh2iGpTkes+aZgwJd8W5EvQMSk2txfSGx4/vmkH4FiZ50zvyLhDLm
bOmm27v/k4MiurkqTGYMPNsN2u3X2GhLmw6CvkpeN6aKSzpBhmUgBJhMEVdSg7Bv
3ND6weRCndJBm0yvcQ179x0NDAEqgc6KC2lWjHAuQSPbbim8IinR6/Kmy38BVUCu
NZxB4EbhwXLdJ389eCY3hTCpselqsPlejf4McAaygO+ZP2Sh8D06Qb+HOOGdYxiI
+J91BN4rlDkAUsotGS936bL1oJ7T0HfgtDD7/QfdyDg5HsHwIwZJ5tpHOQIDAQAB
o4ICoTCCAp0wHQYDVR0OBBYEFNeHlSVcXmf9Py1ODIZdZvUUEjQ9MB8GA1UdIwQY
MBaAFPrMu3KqmISlv40OdXQEoX5eIzIsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zeTdjcXFZaEtXX2pRNTFkQVNoZmw0ak1pdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0
LWE0OWU1YzY2MzNiZC8xLzE0ZVZKVnhlWl8wX0xVNE1obDFtOVJRU05EMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0LWE0OWU1YzY2MzNi
ZC8xLzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgbQGCCsGAQUFBwEHAQH/BIGkMIGhMEIEAgABMDwDBAAu
FfswDAMEBdR+YAMEANR+YjAMAwQC1H5kAwQA1H5mAwQD1H5oAwQA1H5xMAwDBADU
fnMDBAfUfgAwWwQCAAIwVTAQAwUGKgQtwAMHACoELcAABDASAwcBKgQtwAAGAwcA
KgQtwAAIAwcAKgQtwAAKMBIDBwAqBC3AAA0DBwQqBC3AAAADBwAqBC3AABcDBwAq
BC3AABkwDQYJKoZIhvcNAQELBQADggEBAMoOpP1X1P/se1/TebNHnGkZYlajigaJ
jrvpObN0KdV6MDUV5yVrn+fPTXRd+d1I8+2Bfy9hxXquavcfVNHZpo7p2N86otNp
47il62D2IkjbyZFuKdam3kUAb3oN3CItRWRHfQOWoxr2hKKXuFuSC4vpSlP/hbth
WyLXVqAbzXdwY6SROL+8PmMhHbQHrkOoqmPyuhOJS7bQpDGf/1OTGgY3KwKT8HhS
4ZOrxQuJl+MKX2HIhDoiML052MGoU3WEjLCuepOFv92hPCghZPuf1R+rVuLJtku7
wCsbzDaTgU+x4tMA4TukqtnV7x81CAzIVQovaMCp+Zf0hQgVlSoJsfo=
-----END CERTIFICATE-----
Generated at Fri May 3 01:20:08 2024 by rpki-client on console-ams.rpki-client.org