Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/5_5kp5M-9exyOM1cVn-LI3IlZZE.roa
File: 5_5kp5M-9exyOM1cVn-LI3IlZZE.roa (raw, json)
Hash identifier: nHvwxUH8UIJ6VXo1HOsSs3xLg4W1+IsIZasNSeGCgpY=
Subject key identifier: E7:FE:64:A7:93:3E:F5:EC:72:38:CD:5C:56:7F:8B:23:72:25:65:91
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 018CC2DB3968CCAC9C4777DDEA568E058E8A
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/5_5kp5M-9exyOM1cVn-LI3IlZZE.roa
Signing time: Mon 01 Jan 2024 02:29:56 +0000
ROA not before: Mon 01 Jan 2024 02:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211970
IP address blocks: 212.126.113.0/24 maxlen: 24
2a04:2dc0:18::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:39:68:cc:ac:9c:47:77:dd:ea:56:8e:05:8e:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Jan 1 02:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7fe64a7933ef5ec7238cd5c567f8b2372256591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8c:d8:78:9b:5c:68:c1:87:56:b3:e6:43:4d:
16:9a:a9:08:c3:39:39:71:c2:b8:6b:c3:11:02:35:
e8:16:ae:c7:d5:75:5a:95:0e:80:6c:ce:5d:64:6c:
db:f3:c5:0d:70:67:f0:71:bd:9c:dd:08:95:21:73:
06:bb:19:05:57:36:28:29:8c:d2:1b:74:78:e0:a2:
63:27:92:2e:31:47:92:ec:36:da:e1:8f:b4:ba:cc:
06:65:0f:29:39:d0:ff:c9:5f:c4:d4:84:3f:f3:c0:
6e:89:79:88:c7:a6:aa:92:84:85:25:75:50:07:29:
fe:e3:45:b4:d2:ba:7d:36:1f:2c:04:92:28:2d:ba:
74:48:c5:b7:cc:58:e6:b0:51:d9:4a:0a:da:93:38:
1a:54:d5:fe:9f:81:4c:5b:67:04:56:5d:d5:9a:d9:
fa:8a:03:94:7f:1c:36:cc:d4:4c:eb:4c:37:33:c4:
3f:ae:2e:92:5b:b6:a1:6b:44:f9:60:4b:d6:7f:c3:
61:04:92:2f:2f:c2:49:6c:17:ba:6b:84:95:bf:f5:
61:da:6f:18:58:da:de:61:83:b0:dd:39:fa:03:28:
9a:a1:3d:ab:38:79:8d:2e:a9:98:75:97:7a:c4:4c:
ae:f6:ab:6c:c8:2c:f3:2f:8e:42:53:40:9a:fd:fe:
6e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:FE:64:A7:93:3E:F5:EC:72:38:CD:5C:56:7F:8B:23:72:25:65:91
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/5_5kp5M-9exyOM1cVn-LI3IlZZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.126.113.0/24
IPv6:
2a04:2dc0:18::/48
Signature Algorithm: sha256WithRSAEncryption
64:c0:a4:38:92:b8:4d:31:0e:f6:5d:73:a7:ec:de:c3:5e:66:
fd:40:c7:af:4b:c1:e9:74:68:57:c3:75:a6:b1:f9:97:69:cb:
71:87:b8:12:36:f9:c5:7e:8e:24:1e:dc:8c:e1:79:ae:32:77:
f4:0f:d8:14:9c:be:00:09:4b:0d:98:c9:9a:52:a2:f2:99:0e:
e5:dd:46:07:c3:0d:d9:cb:2d:3d:b3:a0:d6:71:83:d1:a5:a0:
82:92:7a:c2:de:ae:ea:55:51:4a:15:d0:e1:ce:25:fa:29:37:
e2:2a:df:fb:4a:56:c7:66:47:38:78:f6:2b:65:0f:b8:fe:32:
bd:bb:63:ad:b9:0f:f0:78:99:83:dc:94:0b:4f:43:7b:13:b3:
c2:5c:44:99:ff:6d:00:ce:c8:c1:53:71:11:21:a2:f4:ce:43:
ca:4b:1c:59:81:e1:d7:31:99:77:bb:5a:49:ce:f6:53:b3:3a:
c4:3a:11:3d:c2:cd:f8:f8:1e:ab:bd:b3:6d:51:16:2b:d7:33:
16:3b:f4:aa:bf:af:71:75:94:da:40:77:90:2e:35:60:13:33:
9d:6d:b3:4f:42:cb:db:5c:2b:b3:1d:42:a5:69:e3:5c:e5:d0:
1b:9a:dc:f0:c1:9f:d0:39:69:46:bf:e1:6c:b3:02:49:7f:ff:
d3:a2:14:ef
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYzC2zlozKycR3fd6laOBY6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2NiYjcyYWE5ODg0YTViZjhkMGU3NTc0MDRhMTdlNWUy
MzMyMmMwHhcNMjQwMTAxMDIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2ZlNjRhNzkzM2VmNWVjNzIzOGNkNWM1NjdmOGIyMzcyMjU2NTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsozYeJtcaMGHVrPmQ00WmqkIwzk5
ccK4a8MRAjXoFq7H1XValQ6AbM5dZGzb88UNcGfwcb2c3QiVIXMGuxkFVzYoKYzS
G3R44KJjJ5IuMUeS7Dba4Y+0uswGZQ8pOdD/yV/E1IQ/88BuiXmIx6aqkoSFJXVQ
Byn+40W00rp9Nh8sBJIoLbp0SMW3zFjmsFHZSgrakzgaVNX+n4FMW2cEVl3Vmtn6
igOUfxw2zNRM60w3M8Q/ri6SW7aha0T5YEvWf8NhBJIvL8JJbBe6a4SVv/Vh2m8Y
WNreYYOw3Tn6AyiaoT2rOHmNLqmYdZd6xEyu9qtsyCzzL45CU0Ca/f5uIwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFOf+ZKeTPvXscjjNXFZ/iyNyJWWRMB8GA1UdIwQY
MBaAFPrMu3KqmISlv40OdXQEoX5eIzIsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zeTdjcXFZaEtXX2pRNTFkQVNoZmw0ak1pdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0
LWE0OWU1YzY2MzNiZC8xLzVfNWtwNU0tOWV4eU9NMWNWbi1MSTNJbFpaRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0LWE0OWU1YzY2MzNi
ZC8xLzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBADUfnEw
DwQCAAIwCQMHACoELcAAGDANBgkqhkiG9w0BAQsFAAOCAQEAZMCkOJK4TTEO9l1z
p+zew15m/UDHr0vB6XRoV8N1prH5l2nLcYe4Ejb5xX6OJB7cjOF5rjJ39A/YFJy+
AAlLDZjJmlKi8pkO5d1GB8MN2cstPbOg1nGD0aWggpJ6wt6u6lVRShXQ4c4l+ik3
4irf+0pWx2ZHOHj2K2UPuP4yvbtjrbkP8HiZg9yUC09DexOzwlxEmf9tAM7IwVNx
ESGi9M5DykscWYHh1zGZd7taSc72U7M6xDoRPcLN+Pgeq72zbVEWK9czFjv0qr+v
cXWU2kB3kC41YBMznW2zT0LL21wrsx1CpWnjXOXQG5rc8MGf0DlpRr/hbLMCSX//
06IU7w==
-----END CERTIFICATE-----
Generated at Tue May 21 10:42:11 2024 by rpki-client on console-ams.rpki-client.org