Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/XQx3YXqGBQwIJ4Hefbf_OHiMIJc.roa
File: XQx3YXqGBQwIJ4Hefbf_OHiMIJc.roa (raw, json)
Hash identifier: yRgnSoEh/UaKxDvRY90HJC0HRJBnr5H6FXxSRPb0M30=
Subject key identifier: 5D:0C:77:61:7A:86:05:0C:08:27:81:DE:7D:B7:FF:38:78:8C:20:97
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 018CC2DB39B80A86A1549E5DE59EE54909C1
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/XQx3YXqGBQwIJ4Hefbf_OHiMIJc.roa
Signing time: Mon 01 Jan 2024 02:29:56 +0000
ROA not before: Mon 01 Jan 2024 02:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212460
IP address blocks: 212.126.115.0/24 maxlen: 24
212.126.113.0/24 maxlen: 24
212.126.114.0/24 maxlen: 24
2a04:2dc0:1d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 13:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:39:b8:0a:86:a1:54:9e:5d:e5:9e:e5:49:09:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Jan 1 02:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d0c77617a86050c082781de7db7ff38788c2097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3f:b8:6c:cb:50:97:85:1e:c0:61:f6:41:27:
80:20:27:bf:8b:51:e1:21:ae:4d:b9:fe:84:cd:3f:
5b:1e:47:47:34:66:89:f0:31:ba:e8:2b:5a:38:f1:
83:58:7b:3d:a3:66:4e:a0:67:9f:96:4f:c5:c2:d3:
bc:be:f1:2b:04:8a:50:78:d7:b0:24:a5:ff:43:14:
34:26:61:c9:4e:dc:78:4e:a4:83:bb:04:7b:9b:c2:
19:c0:e3:8b:00:20:fe:45:0e:1d:f1:c7:f4:59:f1:
38:f4:21:c6:05:23:43:c3:1a:5d:ac:f8:2e:0b:68:
46:99:1a:52:89:81:fd:fe:f6:70:b1:f5:83:89:ed:
93:43:41:a1:28:92:6e:55:97:59:3c:4d:c3:33:b4:
40:da:a7:4b:5c:c8:25:de:bc:ba:9c:ff:eb:b5:17:
9d:84:ce:63:c6:53:8f:5f:fa:d2:90:d2:7a:0a:36:
e3:53:f0:94:87:c4:63:17:b6:c5:81:ab:d0:db:bd:
8e:c6:a9:42:99:10:78:69:0f:93:ae:4f:74:1a:d2:
2b:e8:90:02:d0:ff:ee:38:08:6d:c1:7d:e3:ba:2a:
c8:60:82:8e:24:64:3d:47:e8:ce:9c:86:bd:c0:2e:
90:af:08:ab:5a:00:00:af:ab:a3:09:6a:57:de:e0:
7b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:0C:77:61:7A:86:05:0C:08:27:81:DE:7D:B7:FF:38:78:8C:20:97
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/XQx3YXqGBQwIJ4Hefbf_OHiMIJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.126.113.0-212.126.115.255
IPv6:
2a04:2dc0:1d::/48
Signature Algorithm: sha256WithRSAEncryption
62:f3:80:5e:e4:f6:78:bd:7d:ce:2e:3a:84:bc:19:7f:fc:c6:
6b:ce:e1:a2:b2:8d:09:8b:40:54:7f:28:f7:85:96:d6:fb:f6:
14:9d:69:53:1d:8f:2c:f7:f1:d1:53:f5:f8:a4:b6:d7:83:c1:
35:c8:b7:8f:1a:40:3d:60:e0:ae:68:b1:aa:47:74:c7:e3:56:
1f:94:cb:5b:2a:58:61:42:5b:f2:fc:2c:56:cc:09:3a:fe:4d:
04:a1:40:54:b1:65:bd:c7:3c:aa:88:c9:e1:61:dc:14:0c:9e:
ff:3a:7c:82:1b:c2:96:56:74:13:46:4c:47:3b:0b:e9:af:2c:
d7:ab:b5:70:87:ce:02:28:6b:2c:9a:55:20:ab:38:33:59:42:
23:18:a8:25:4c:fa:32:6d:21:5d:c3:f3:58:04:74:34:f3:51:
98:d3:17:87:21:6f:44:a0:7b:46:a4:fe:4f:f0:b0:85:71:c3:
b7:86:b3:f9:2a:7e:e1:94:bc:54:99:f8:0e:3e:2b:fe:96:f9:
d3:67:cb:21:83:2a:a6:6b:f3:d0:ee:3f:22:40:11:b3:b6:ca:
b7:cd:5e:2a:58:df:b9:57:fe:65:9c:04:cb:44:02:4a:47:18:
19:8f:15:59:a5:8e:e1:15:4d:7a:55:69:70:d8:3a:c0:e9:7f:
39:b4:c7:99
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzC2zm4CoahVJ5d5Z7lSQnBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2NiYjcyYWE5ODg0YTViZjhkMGU3NTc0MDRhMTdlNWUy
MzMyMmMwHhcNMjQwMTAxMDIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDBjNzc2MTdhODYwNTBjMDgyNzgxZGU3ZGI3ZmYzODc4OGMyMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiD+4bMtQl4UewGH2QSeAICe/i1Hh
Ia5Nuf6EzT9bHkdHNGaJ8DG66CtaOPGDWHs9o2ZOoGeflk/FwtO8vvErBIpQeNew
JKX/QxQ0JmHJTtx4TqSDuwR7m8IZwOOLACD+RQ4d8cf0WfE49CHGBSNDwxpdrPgu
C2hGmRpSiYH9/vZwsfWDie2TQ0GhKJJuVZdZPE3DM7RA2qdLXMgl3ry6nP/rtRed
hM5jxlOPX/rSkNJ6CjbjU/CUh8RjF7bFgavQ272OxqlCmRB4aQ+Trk90GtIr6JAC
0P/uOAhtwX3juirIYIKOJGQ9R+jOnIa9wC6QrwirWgAAr6ujCWpX3uB7OQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFF0Md2F6hgUMCCeB3n23/zh4jCCXMB8GA1UdIwQY
MBaAFPrMu3KqmISlv40OdXQEoX5eIzIsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zeTdjcXFZaEtXX2pRNTFkQVNoZmw0ak1pdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0
LWE0OWU1YzY2MzNiZC8xL1hReDNZWHFHQlF3SUo0SGVmYmZfT0hpTUlKYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0LWE0OWU1YzY2MzNi
ZC8xLzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOAYIKwYBBQUHAQcBAf8EKTAnMBQEAgABMA4wDAMEANR+
cQMEAtR+cDAPBAIAAjAJAwcAKgQtwAAdMA0GCSqGSIb3DQEBCwUAA4IBAQBi84Be
5PZ4vX3OLjqEvBl//MZrzuGiso0Ji0BUfyj3hZbW+/YUnWlTHY8s9/HRU/X4pLbX
g8E1yLePGkA9YOCuaLGqR3TH41YflMtbKlhhQlvy/CxWzAk6/k0EoUBUsWW9xzyq
iMnhYdwUDJ7/OnyCG8KWVnQTRkxHOwvpryzXq7Vwh84CKGssmlUgqzgzWUIjGKgl
TPoybSFdw/NYBHQ081GY0xeHIW9EoHtGpP5P8LCFccO3hrP5Kn7hlLxUmfgOPiv+
lvnTZ8shgyqma/PQ7j8iQBGztsq3zV4qWN+5V/5lnATLRAJKRxgZjxVZpY7hFU16
VWlw2DrA6X85tMeZ
-----END CERTIFICATE-----
Generated at Tue May 21 17:09:31 2024 by rpki-client on console-ams.rpki-client.org