Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/Od16Z38VCI_NnVkZCHK9hxsLvJg.roa
File: Od16Z38VCI_NnVkZCHK9hxsLvJg.roa (raw, json)
Hash identifier: t9L02Vkh/g/TqI+GJ1Meb8kN6IGxFGeJHaG4V2ZXqKc=
Subject key identifier: 39:DD:7A:67:7F:15:08:8F:CD:9D:59:19:08:72:BD:87:1B:0B:BC:98
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 0190F0B705BA254D07BCF1CA03F3D6A30462
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/Od16Z38VCI_NnVkZCHK9hxsLvJg.roa
Signing time: Fri 26 Jul 2024 20:24:04 +0000
ROA not before: Fri 26 Jul 2024 20:24:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 46.21.251.0/24 maxlen: 24
212.126.96.0/24 maxlen: 24
212.126.97.0/24 maxlen: 24
212.126.98.0/24 maxlen: 24
212.126.100.0/24 maxlen: 24
212.126.101.0/24 maxlen: 24
212.126.102.0/24 maxlen: 24
212.126.104.0/22 maxlen: 22
212.126.104.0/23 maxlen: 23
212.126.104.0/24 maxlen: 24
212.126.105.0/24 maxlen: 24
212.126.106.0/23 maxlen: 24
212.126.107.0/24 maxlen: 24
212.126.108.0/24 maxlen: 24
212.126.109.0/24 maxlen: 24
212.126.110.0/24 maxlen: 24
212.126.111.0/24 maxlen: 24
212.126.113.0/24 maxlen: 24
212.126.116.0/24 maxlen: 24
212.126.117.0/24 maxlen: 24
212.126.118.0/24 maxlen: 24
212.126.119.0/24 maxlen: 24
212.126.120.0/24 maxlen: 24
212.126.121.0/24 maxlen: 24
212.126.122.0/24 maxlen: 24
212.126.123.0/24 maxlen: 24
212.126.124.0/23 maxlen: 23
212.126.124.0/24 maxlen: 24
212.126.125.0/24 maxlen: 24
212.126.126.0/24 maxlen: 24
212.126.127.0/24 maxlen: 24
2a04:2dc0::/48 maxlen: 48
2a04:2dc0:1::/48 maxlen: 48
2a04:2dc0:2::/48 maxlen: 48
2a04:2dc0:3::/48 maxlen: 48
2a04:2dc0:4::/48 maxlen: 48
2a04:2dc0:6::/48 maxlen: 48
2a04:2dc0:7::/48 maxlen: 48
2a04:2dc0:8::/48 maxlen: 48
2a04:2dc0:a::/48 maxlen: 48
2a04:2dc0:d::/48 maxlen: 48
2a04:2dc0:e::/48 maxlen: 48
2a04:2dc0:f::/48 maxlen: 48
2a04:2dc0:17::/48 maxlen: 48
2a04:2dc0:19::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Oct 2024 16:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:f0:b7:05:ba:25:4d:07:bc:f1:ca:03:f3:d6:a3:04:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Jul 26 20:24:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39dd7a677f15088fcd9d59190872bd871b0bbc98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f2:f8:f4:c1:d0:45:47:ef:18:e6:66:fd:44:
80:c8:9b:82:ec:b9:78:12:23:7b:a0:28:9e:e2:53:
86:b4:7b:24:8a:d7:c8:c3:fa:22:07:20:32:1e:01:
4a:9d:2b:a5:ff:16:64:38:fd:28:bb:8c:8f:64:1d:
c8:dd:08:c4:6c:f0:11:c2:1b:1d:b5:90:f0:a0:1d:
22:f7:9f:1c:5c:fa:e3:e5:02:57:76:9d:c7:aa:eb:
20:6a:73:39:38:25:e8:93:1d:61:d0:7e:d7:3f:8d:
db:84:79:62:70:33:7e:ba:79:fc:d4:9e:ab:9c:ee:
ee:4f:f3:b4:45:24:50:68:c1:e3:2f:86:27:ac:36:
76:04:0e:b5:aa:f5:d9:18:e0:ea:f6:b1:78:23:68:
8e:82:3f:71:21:d7:30:5e:0d:cf:1c:98:db:e1:07:
82:71:71:76:b9:fc:1e:47:85:89:4f:99:a2:6e:f4:
8c:e1:ca:2f:77:52:a4:42:99:a7:0e:2f:3b:d1:82:
45:97:e3:86:75:26:78:46:9b:7c:e0:9e:35:4a:b2:
42:6e:ad:ee:51:9c:3e:35:94:42:29:e4:b7:c3:7d:
59:01:f8:20:6b:b9:5c:ec:a1:a2:ec:3e:bc:fd:a1:
93:c3:91:34:26:fd:d6:17:76:b2:c4:8c:f6:8d:74:
02:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:DD:7A:67:7F:15:08:8F:CD:9D:59:19:08:72:BD:87:1B:0B:BC:98
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/Od16Z38VCI_NnVkZCHK9hxsLvJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.251.0/24
212.126.96.0-212.126.98.255
212.126.100.0-212.126.102.255
212.126.104.0/21
212.126.113.0/24
212.126.116.0-212.126.127.255
IPv6:
2a04:2dc0::-2a04:2dc0:4:ffff:ffff:ffff:ffff:ffff
2a04:2dc0:6::-2a04:2dc0:8:ffff:ffff:ffff:ffff:ffff
2a04:2dc0:a::/48
2a04:2dc0:d::-2a04:2dc0:f:ffff:ffff:ffff:ffff:ffff
2a04:2dc0:17::/48
2a04:2dc0:19::/48
Signature Algorithm: sha256WithRSAEncryption
77:33:ae:59:8f:13:46:43:16:c4:24:21:27:ee:2f:3a:64:10:
81:b3:a4:f0:3c:23:4b:05:ee:36:ab:b8:89:27:b0:52:91:cf:
ab:3b:e4:99:65:79:18:8f:3c:46:31:27:40:6b:2e:ac:6e:87:
8a:1f:ec:22:69:2d:4c:64:b8:17:6b:b9:f1:b3:28:a4:07:81:
10:3e:cb:90:bb:fa:66:2d:97:a5:2e:26:ec:dd:2c:02:85:97:
62:6c:b0:4f:eb:c7:5d:20:aa:1a:c7:b3:ec:d1:e0:0a:fc:b3:
c3:f9:12:07:5a:3a:5a:a2:70:ad:16:ec:80:cb:c4:64:9e:cc:
3a:d5:62:0b:13:54:d6:97:d8:46:6e:94:c5:e1:6a:fe:2b:fc:
ba:85:f8:4c:1d:68:8c:33:39:ac:66:38:25:fb:06:35:ea:27:
e2:4b:09:37:a9:e1:e4:b4:8c:0d:61:8e:84:cb:99:9b:00:f7:
b8:32:44:ac:13:ad:c3:65:c8:61:75:34:ee:71:b0:4f:db:3b:
67:7c:d7:27:b1:3e:53:33:b9:1d:2e:a2:c2:e0:4a:1e:3c:96:
8d:80:7e:58:93:66:cb:81:31:0a:3b:52:62:ec:9d:ff:e4:4a:
fa:e1:39:54:04:ec:b1:44:bb:a9:3f:e7:41:b3:d6:23:1d:bd:
a1:a9:0b:31
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgISAZDwtwW6JU0HvPHKA/PWowRiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2NiYjcyYWE5ODg0YTViZjhkMGU3NTc0MDRhMTdlNWUy
MzMyMmMwHhcNMjQwNzI2MjAyNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWRkN2E2NzdmMTUwODhmY2Q5ZDU5MTkwODcyYmQ4NzFiMGJiYzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPL49MHQRUfvGOZm/USAyJuC7Ll4
EiN7oCie4lOGtHskitfIw/oiByAyHgFKnSul/xZkOP0ou4yPZB3I3QjEbPARwhsd
tZDwoB0i958cXPrj5QJXdp3HqusganM5OCXokx1h0H7XP43bhHlicDN+unn81J6r
nO7uT/O0RSRQaMHjL4YnrDZ2BA61qvXZGODq9rF4I2iOgj9xIdcwXg3PHJjb4QeC
cXF2ufweR4WJT5mibvSM4covd1KkQpmnDi870YJFl+OGdSZ4Rpt84J41SrJCbq3u
UZw+NZRCKeS3w31ZAfgga7lc7KGi7D68/aGTw5E0Jv3WF3ayxIz2jXQC6QIDAQAB
o4ICoTCCAp0wHQYDVR0OBBYEFDndemd/FQiPzZ1ZGQhyvYcbC7yYMB8GA1UdIwQY
MBaAFPrMu3KqmISlv40OdXQEoX5eIzIsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zeTdjcXFZaEtXX2pRNTFkQVNoZmw0ak1pdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0
LWE0OWU1YzY2MzNiZC8xL09kMTZaMzhWQ0lfTm5Wa1pDSEs5aHhzTHZKZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0LWE0OWU1YzY2MzNi
ZC8xLzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgbQGCCsGAQUFBwEHAQH/BIGkMIGhMEIEAgABMDwDBAAu
FfswDAMEBdR+YAMEANR+YjAMAwQC1H5kAwQA1H5mAwQD1H5oAwQA1H5xMAwDBALU
fnQDBAfUfgAwWwQCAAIwVTAQAwUGKgQtwAMHACoELcAABDASAwcBKgQtwAAGAwcA
KgQtwAAIAwcAKgQtwAAKMBIDBwAqBC3AAA0DBwQqBC3AAAADBwAqBC3AABcDBwAq
BC3AABkwDQYJKoZIhvcNAQELBQADggEBAHczrlmPE0ZDFsQkISfuLzpkEIGzpPA8
I0sF7jaruIknsFKRz6s75JlleRiPPEYxJ0BrLqxuh4of7CJpLUxkuBdrufGzKKQH
gRA+y5C7+mYtl6UuJuzdLAKFl2JssE/rx10gqhrHs+zR4Ar8s8P5EgdaOlqicK0W
7IDLxGSezDrVYgsTVNaX2EZulMXhav4r/LqF+EwdaIwzOaxmOCX7BjXqJ+JLCTep
4eS0jA1hjoTLmZsA97gyRKwTrcNlyGF1NO5xsE/bO2d81yexPlMzuR0uosLgSh48
lo2AfliTZsuBMQo7UmLsnf/kSvrhOVQE7LFEu6k/50Gz1iMdvaGpCzE=
-----END CERTIFICATE-----
Generated at Thu Oct 17 22:08:10 2024 by rpki-client on console-ams.rpki-client.org