Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/Z3RToGsyK34HlsO6mPWJhLWO3eI.roa
File: Z3RToGsyK34HlsO6mPWJhLWO3eI.roa (raw, json)
Hash identifier: qJ/DizcV+E2LSxL+klMDYlHEByJcMwOotFuhgx2iS3o=
Subject key identifier: 67:74:53:A0:6B:32:2B:7E:07:96:C3:BA:98:F5:89:84:B5:8E:DD:E2
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 018E05B541413907CB8695ACF897D13C4586
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/Z3RToGsyK34HlsO6mPWJhLWO3eI.roa
Signing time: Sun 03 Mar 2024 19:05:48 +0000
ROA not before: Sun 03 Mar 2024 19:05:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39216
IP address blocks: 212.126.96.0/21 maxlen: 21
212.126.96.0/22 maxlen: 22
212.126.96.0/24 maxlen: 24
212.126.97.0/24 maxlen: 24
212.126.98.0/24 maxlen: 24
212.126.100.0/24 maxlen: 24
212.126.101.0/24 maxlen: 24
212.126.102.0/24 maxlen: 24
212.126.103.0/24 maxlen: 24
212.126.104.0/21 maxlen: 21
212.126.104.0/22 maxlen: 22
212.126.104.0/23 maxlen: 23
212.126.104.0/24 maxlen: 24
212.126.105.0/24 maxlen: 24
212.126.106.0/23 maxlen: 24
212.126.107.0/24 maxlen: 24
212.126.108.0/23 maxlen: 23
212.126.108.0/24 maxlen: 24
212.126.109.0/24 maxlen: 24
212.126.110.0/24 maxlen: 24
212.126.111.0/24 maxlen: 24
212.126.117.0/24 maxlen: 24
212.126.118.0/24 maxlen: 24
212.126.119.0/24 maxlen: 24
212.126.120.0/24 maxlen: 24
212.126.121.0/24 maxlen: 24
212.126.122.0/24 maxlen: 24
212.126.123.0/24 maxlen: 24
212.126.124.0/23 maxlen: 23
212.126.124.0/24 maxlen: 24
212.126.125.0/24 maxlen: 24
212.126.126.0/24 maxlen: 24
212.126.127.0/24 maxlen: 24
2a04:2dc0::/48 maxlen: 48
2a04:2dc0:1::/48 maxlen: 48
2a04:2dc0:2::/48 maxlen: 48
2a04:2dc0:3::/48 maxlen: 48
2a04:2dc0:4::/48 maxlen: 48
2a04:2dc0:6::/48 maxlen: 48
2a04:2dc0:7::/48 maxlen: 48
2a04:2dc0:8::/48 maxlen: 48
2a04:2dc0:a::/48 maxlen: 48
2a04:2dc0:d::/48 maxlen: 48
2a04:2dc0:e::/48 maxlen: 48
2a04:2dc0:f::/48 maxlen: 48
2a04:2dc0:17::/48 maxlen: 48
2a04:2dc0:18::/48 maxlen: 48
2a04:2dc0:19::/48 maxlen: 48
2a04:2dc0:1e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 13:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:05:b5:41:41:39:07:cb:86:95:ac:f8:97:d1:3c:45:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Mar 3 19:05:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=677453a06b322b7e0796c3ba98f58984b58edde2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f2:92:be:2e:ad:76:60:4e:37:62:2a:52:9f:
24:64:f4:c1:7b:d1:89:ea:ac:f0:c5:9f:22:be:8b:
d5:83:7d:29:f2:3a:27:e1:65:8b:b5:db:35:df:fc:
23:26:31:d3:d9:02:c7:3d:f4:2a:01:ee:af:b1:3c:
f2:ec:fe:99:d9:d8:b2:2f:ef:4e:85:fc:03:46:67:
bf:93:f2:99:f6:0d:4a:08:25:04:30:20:ef:8c:b5:
1f:11:14:d8:24:f8:d4:87:3b:a1:d3:f8:fc:fc:0f:
bf:ba:0d:f7:f0:1b:e2:9d:6b:ac:63:ab:1b:2e:4d:
7c:5b:06:52:97:3a:db:e6:95:7a:69:2a:d3:f9:0f:
84:c8:18:d7:66:ad:59:4a:8a:09:59:53:d3:f5:61:
1f:13:fa:1c:ff:e3:01:ea:11:4b:02:61:44:92:b4:
c2:e5:d9:ae:50:f1:ce:4c:67:a4:ef:7e:71:b4:45:
e0:57:37:55:8d:30:6b:54:06:06:8e:bf:58:58:48:
c1:d8:24:f6:3d:b8:40:e3:22:22:db:32:6e:56:d0:
22:16:f8:8e:0d:f6:38:4d:c8:dc:5f:5e:74:b0:28:
43:ff:90:5b:3f:bc:96:03:03:ab:15:3f:b1:b6:1a:
fb:6c:33:a2:29:bb:6c:d4:3d:7b:89:83:dc:58:3b:
09:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:74:53:A0:6B:32:2B:7E:07:96:C3:BA:98:F5:89:84:B5:8E:DD:E2
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/Z3RToGsyK34HlsO6mPWJhLWO3eI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.126.96.0/20
212.126.117.0-212.126.127.255
IPv6:
2a04:2dc0::-2a04:2dc0:4:ffff:ffff:ffff:ffff:ffff
2a04:2dc0:6::-2a04:2dc0:8:ffff:ffff:ffff:ffff:ffff
2a04:2dc0:a::/48
2a04:2dc0:d::-2a04:2dc0:f:ffff:ffff:ffff:ffff:ffff
2a04:2dc0:17::-2a04:2dc0:19:ffff:ffff:ffff:ffff:ffff
2a04:2dc0:1e::/48
Signature Algorithm: sha256WithRSAEncryption
2a:a2:2e:80:92:f6:e2:25:ce:d0:4b:3d:2a:38:fc:0b:3a:58:
ea:57:bd:87:cd:6e:be:28:8e:30:0a:01:b6:7b:94:40:92:50:
1e:fd:9e:19:18:7f:be:fa:5e:d7:00:9c:08:54:fc:5f:4f:99:
fa:8f:9b:f0:02:d6:3d:f5:4a:40:78:97:bb:0f:d7:97:25:89:
87:9a:e0:40:37:81:a8:d5:4e:00:44:80:67:aa:98:5d:91:89:
5b:60:db:8b:68:8a:9d:38:9a:6b:7b:d0:5b:63:50:26:7d:6b:
0a:f3:e9:c9:62:8c:8c:ff:74:f6:8a:a5:45:83:bc:4f:16:6e:
3c:41:7c:39:0a:75:97:84:cb:77:19:a8:fe:86:85:71:d4:82:
33:ee:4a:2c:ab:54:da:a3:6e:4a:d6:ef:a6:6b:1d:af:70:b6:
eb:04:8b:5a:2a:f1:b0:df:de:b7:5c:22:dd:1c:b4:7c:df:d6:
ef:c0:45:46:f8:78:14:a1:5b:c1:3f:95:54:ba:0e:c6:fa:7a:
af:a3:86:fe:38:07:17:0e:e9:55:62:dd:59:f7:ca:23:73:34:
01:8f:56:4b:40:c4:e0:b4:55:28:6e:5a:86:d6:30:e8:12:8e:
c7:ed:88:6d:3d:e2:78:65:ac:5f:48:4f:d3:b8:c6:59:4d:4f:
42:98:45:be
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAY4FtUFBOQfLhpWs+JfRPEWGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2NiYjcyYWE5ODg0YTViZjhkMGU3NTc0MDRhMTdlNWUy
MzMyMmMwHhcNMjQwMzAzMTkwNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Nzc0NTNhMDZiMzIyYjdlMDc5NmMzYmE5OGY1ODk4NGI1OGVkZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/KSvi6tdmBON2IqUp8kZPTBe9GJ
6qzwxZ8ivovVg30p8jon4WWLtds13/wjJjHT2QLHPfQqAe6vsTzy7P6Z2diyL+9O
hfwDRme/k/KZ9g1KCCUEMCDvjLUfERTYJPjUhzuh0/j8/A+/ug338BvinWusY6sb
Lk18WwZSlzrb5pV6aSrT+Q+EyBjXZq1ZSooJWVPT9WEfE/oc/+MB6hFLAmFEkrTC
5dmuUPHOTGek735xtEXgVzdVjTBrVAYGjr9YWEjB2CT2PbhA4yIi2zJuVtAiFviO
DfY4TcjcX150sChD/5BbP7yWAwOrFT+xthr7bDOiKbts1D17iYPcWDsJRQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFGd0U6BrMit+B5bDupj1iYS1jt3iMB8GA1UdIwQY
MBaAFPrMu3KqmISlv40OdXQEoX5eIzIsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zeTdjcXFZaEtXX2pRNTFkQVNoZmw0ak1pdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0
LWE0OWU1YzY2MzNiZC8xL1ozUlRvR3N5SzM0SGxzTzZtUFdKaExXTzNlSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0LWE0OWU1YzY2MzNi
ZC8xLzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZcGCCsGAQUFBwEHAQH/BIGHMIGEMBoEAgABMBQDBATU
fmAwDAMEANR+dQMEB9R+ADBmBAIAAjBgMBADBQYqBC3AAwcAKgQtwAAEMBIDBwEq
BC3AAAYDBwAqBC3AAAgDBwAqBC3AAAowEgMHACoELcAADQMHBCoELcAAADASAwcA
KgQtwAAXAwcBKgQtwAAYAwcAKgQtwAAeMA0GCSqGSIb3DQEBCwUAA4IBAQAqoi6A
kvbiJc7QSz0qOPwLOljqV72HzW6+KI4wCgG2e5RAklAe/Z4ZGH+++l7XAJwIVPxf
T5n6j5vwAtY99UpAeJe7D9eXJYmHmuBAN4Go1U4ARIBnqphdkYlbYNuLaIqdOJpr
e9BbY1AmfWsK8+nJYoyM/3T2iqVFg7xPFm48QXw5CnWXhMt3Gaj+hoVx1IIz7kos
q1Tao25K1u+max2vcLbrBItaKvGw3963XCLdHLR839bvwEVG+HgUoVvBP5VUug7G
+nqvo4b+OAcXDulVYt1Z98ojczQBj1ZLQMTgtFUoblqG1jDoEo7H7YhtPeJ4Zaxf
SE/TuMZZTU9CmEW+
-----END CERTIFICATE-----
Generated at Tue May 21 17:09:31 2024 by rpki-client on console-ams.rpki-client.org