Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1K8NQnbBMKW92e1n-63Uee1O1uI.roa
File: 1K8NQnbBMKW92e1n-63Uee1O1uI.roa (raw, json)
Hash identifier: y0vUXBRpTYZ+R8SiKT8GEIFwC0b+Lcx5kr2TlzScLvs=
Subject key identifier: D4:AF:0D:42:76:C1:30:A5:BD:D9:ED:67:FB:AD:D4:79:ED:4E:D6:E2
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 018CC2DB37608C90AAA2DF782995E3FD4742
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1K8NQnbBMKW92e1n-63Uee1O1uI.roa
Signing time: Mon 01 Jan 2024 02:29:55 +0000
ROA not before: Mon 01 Jan 2024 02:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200865
IP address blocks: 212.126.96.0/22 maxlen: 22
212.126.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:37:60:8c:90:aa:a2:df:78:29:95:e3:fd:47:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Jan 1 02:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4af0d4276c130a5bdd9ed67fbadd479ed4ed6e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e8:54:b0:1e:33:1c:8c:88:13:1c:b1:c0:53:
7e:2a:bd:69:23:6e:4c:36:ab:62:20:a2:92:2c:19:
38:9b:97:50:47:95:a3:cd:f8:a9:e3:66:60:d4:9b:
11:c3:12:f9:91:82:58:0a:8e:ce:9d:6e:55:bb:74:
6d:71:06:ca:76:b4:49:81:71:d8:b5:41:85:8c:05:
27:11:28:71:c1:89:ba:2d:9c:84:f3:a7:70:d7:6c:
1d:61:0a:3c:09:c7:02:98:c6:31:0a:de:bc:8a:ca:
1b:d0:27:3f:16:b3:23:b2:c5:ca:d9:8e:a2:b3:46:
de:f5:05:4a:ff:80:fd:29:f0:22:53:bb:f5:2a:35:
05:ed:92:7f:75:94:fc:ce:6e:cd:e5:4f:ee:78:e3:
e0:01:30:57:41:90:b0:a4:f2:63:bb:76:20:91:18:
a9:83:cc:4f:d5:39:89:8a:c2:06:f2:e9:66:87:f8:
08:c4:41:a4:56:37:64:95:59:0f:78:04:9f:f2:6b:
f8:7f:39:7c:22:a8:38:24:0e:a1:62:48:5c:b2:a0:
6a:b0:06:46:7e:5e:90:2b:a7:ed:7d:cd:bb:4a:16:
b8:a4:8e:3e:6c:10:9d:c3:29:7a:fc:31:a3:24:65:
dd:57:73:11:50:a5:06:c3:3b:07:e0:d7:77:47:e8:
c1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:AF:0D:42:76:C1:30:A5:BD:D9:ED:67:FB:AD:D4:79:ED:4E:D6:E2
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1K8NQnbBMKW92e1n-63Uee1O1uI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.126.96.0-212.126.100.255
Signature Algorithm: sha256WithRSAEncryption
cc:55:73:e3:f8:72:2f:66:06:5c:35:de:2b:c4:6e:71:ac:15:
c2:63:21:98:25:cd:f3:c0:d9:5a:35:66:a3:fa:10:7f:f5:aa:
82:c4:b3:08:6d:75:eb:44:d5:a7:a7:15:cd:33:2f:3d:a0:ea:
a0:db:af:85:6e:35:ae:6d:27:ff:83:50:5b:8f:d9:fe:83:db:
a1:92:f9:b1:d3:be:ee:c1:9e:68:7e:8c:4d:f2:bc:14:64:d3:
c1:e1:4b:fb:98:c7:df:2f:e7:8f:b5:70:48:da:bb:5c:70:5c:
a7:de:59:d9:5c:c9:cd:6d:be:65:0f:0e:1d:96:cb:e8:c9:dd:
d3:c4:47:56:55:3f:0d:14:6b:b8:37:36:03:a6:00:62:14:f6:
84:4d:50:56:01:95:68:66:d0:e6:2e:18:02:5d:b4:d1:1f:2d:
7b:da:29:19:cf:2a:5f:90:3f:1a:18:94:eb:12:f2:5f:12:3b:
3c:e8:14:be:97:65:78:0b:13:32:df:00:9c:93:22:70:55:ce:
19:1b:bb:27:60:78:a2:12:c3:f6:b8:12:36:fe:00:af:c2:15:
2e:22:65:6b:9b:a9:bb:05:c7:5a:d4:c6:be:23:24:ef:3d:c0:
26:d5:54:b6:75:51:28:10:42:63:eb:4e:66:75:be:11:27:c0:
12:85:02:a3
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzC2zdgjJCqot94KZXj/UdCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2NiYjcyYWE5ODg0YTViZjhkMGU3NTc0MDRhMTdlNWUy
MzMyMmMwHhcNMjQwMTAxMDIyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGFmMGQ0Mjc2YzEzMGE1YmRkOWVkNjdmYmFkZDQ3OWVkNGVkNmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruhUsB4zHIyIExyxwFN+Kr1pI25M
NqtiIKKSLBk4m5dQR5Wjzfip42Zg1JsRwxL5kYJYCo7OnW5Vu3RtcQbKdrRJgXHY
tUGFjAUnEShxwYm6LZyE86dw12wdYQo8CccCmMYxCt68isob0Cc/FrMjssXK2Y6i
s0be9QVK/4D9KfAiU7v1KjUF7ZJ/dZT8zm7N5U/ueOPgATBXQZCwpPJju3YgkRip
g8xP1TmJisIG8ulmh/gIxEGkVjdklVkPeASf8mv4fzl8Iqg4JA6hYkhcsqBqsAZG
fl6QK6ftfc27Sha4pI4+bBCdwyl6/DGjJGXdV3MRUKUGwzsH4Nd3R+jB/wIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFNSvDUJ2wTClvdntZ/ut1HntTtbiMB8GA1UdIwQY
MBaAFPrMu3KqmISlv40OdXQEoX5eIzIsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zeTdjcXFZaEtXX2pRNTFkQVNoZmw0ak1pdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0
LWE0OWU1YzY2MzNiZC8xLzFLOE5RbmJCTUtXOTJlMW4tNjNVZWUxTzF1SS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0LWE0OWU1YzY2MzNi
ZC8xLzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4wDAMEBdR+
YAMEANR+ZDANBgkqhkiG9w0BAQsFAAOCAQEAzFVz4/hyL2YGXDXeK8RucawVwmMh
mCXN88DZWjVmo/oQf/WqgsSzCG1160TVp6cVzTMvPaDqoNuvhW41rm0n/4NQW4/Z
/oPboZL5sdO+7sGeaH6MTfK8FGTTweFL+5jH3y/nj7VwSNq7XHBcp95Z2VzJzW2+
ZQ8OHZbL6Mnd08RHVlU/DRRruDc2A6YAYhT2hE1QVgGVaGbQ5i4YAl200R8te9op
Gc8qX5A/GhiU6xLyXxI7POgUvpdleAsTMt8AnJMicFXOGRu7J2B4ohLD9rgSNv4A
r8IVLiJla5upuwXHWtTGviMk7z3AJtVUtnVRKBBCY+tOZnW+ESfAEoUCow==
-----END CERTIFICATE-----
Generated at Tue May 21 11:01:40 2024 by rpki-client on console-fra.rpki-client.org