Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/ff3c79-d60f-4b12-8131-95d60b3e46cc/1/uUHVVskcLeY2soAbJcfA0AmA0F0.roa
File: uUHVVskcLeY2soAbJcfA0AmA0F0.roa (raw, json)
Hash identifier: a0B56jAqUd/Ed8TodNEAwqu++3ihRq3Oz4CufvZ15LU=
Subject key identifier: B9:41:D5:56:C9:1C:2D:E6:36:B2:80:1B:25:C7:C0:D0:09:80:D0:5D
Certificate issuer: /CN=2f65436ac5038332e703adbbeff5814db82ab43f
Certificate serial: 018CC5DC067469259D4AE91F21077E4B1FC4
Authority key identifier: 2F:65:43:6A:C5:03:83:32:E7:03:AD:BB:EF:F5:81:4D:B8:2A:B4:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2VDasUDgzLnA6277_WBTbgqtD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/ff3c79-d60f-4b12-8131-95d60b3e46cc/1/uUHVVskcLeY2soAbJcfA0AmA0F0.roa
Signing time: Mon 01 Jan 2024 16:29:40 +0000
ROA not before: Mon 01 Jan 2024 16:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212688
IP address blocks: 212.24.125.0/24 maxlen: 24
2a11:28c0:1::/48 maxlen: 48
2a11:28c0:2::/48 maxlen: 48
2a11:28c0::/32 maxlen: 48
2a11:28c0::/48 maxlen: 48
2001:67c:840::/48 maxlen: 48
2a11:28c0:acab::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/ff3c79-d60f-4b12-8131-95d60b3e46cc/1/L2VDasUDgzLnA6277_WBTbgqtD8.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/ff3c79-d60f-4b12-8131-95d60b3e46cc/1/L2VDasUDgzLnA6277_WBTbgqtD8.mft
rsync://rpki.ripe.net/repository/DEFAULT/L2VDasUDgzLnA6277_WBTbgqtD8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:06:74:69:25:9d:4a:e9:1f:21:07:7e:4b:1f:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f65436ac5038332e703adbbeff5814db82ab43f
Validity
Not Before: Jan 1 16:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b941d556c91c2de636b2801b25c7c0d00980d05d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:50:11:1e:97:8d:23:65:77:c8:ef:93:d2:17:
55:c2:83:99:8e:fe:27:87:81:68:07:29:29:a6:73:
c4:b7:5c:79:f6:d1:5e:9c:d5:57:23:d4:87:fd:0a:
e8:40:0f:17:fd:42:22:9d:be:c6:b9:39:22:83:76:
a6:a3:8c:77:da:31:a2:8e:ac:51:75:07:df:8d:56:
fb:86:81:83:6d:89:3d:25:89:f4:60:2c:21:81:30:
7d:d6:eb:77:40:4c:e9:06:48:ec:4e:ef:e2:f7:7c:
1f:f0:69:39:92:50:2f:6d:2b:5d:31:a3:e9:79:20:
68:55:8d:15:7e:32:6b:1c:8b:ba:e6:84:49:0e:03:
c6:d1:74:b6:9a:97:bd:b8:3c:36:12:8c:2e:8e:89:
69:ae:db:83:f0:74:cd:fc:74:02:0f:7a:9c:ea:f8:
08:18:a6:73:e2:7e:11:80:e4:97:10:0f:91:bd:a6:
cc:5a:13:4e:da:d0:40:bf:ed:8d:30:da:b8:e2:0d:
b5:75:4b:58:bd:8f:79:91:84:69:72:51:b3:06:7b:
fe:f9:3f:df:c4:ff:0b:5d:19:ad:38:45:26:c2:07:
8f:04:3a:c5:aa:45:20:da:26:1b:6a:32:30:14:7d:
c5:f2:0c:f7:68:ef:74:40:a2:f2:9c:78:17:81:eb:
70:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:41:D5:56:C9:1C:2D:E6:36:B2:80:1B:25:C7:C0:D0:09:80:D0:5D
X509v3 Authority Key Identifier:
keyid:2F:65:43:6A:C5:03:83:32:E7:03:AD:BB:EF:F5:81:4D:B8:2A:B4:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2VDasUDgzLnA6277_WBTbgqtD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/ff3c79-d60f-4b12-8131-95d60b3e46cc/1/uUHVVskcLeY2soAbJcfA0AmA0F0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/ff3c79-d60f-4b12-8131-95d60b3e46cc/1/L2VDasUDgzLnA6277_WBTbgqtD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.24.125.0/24
IPv6:
2001:67c:840::/48
2a11:28c0::/32
Signature Algorithm: sha256WithRSAEncryption
77:e9:78:7d:b6:9d:7b:6b:42:54:c6:43:89:6a:9f:3f:09:5c:
2e:29:ff:4c:05:05:7c:5a:6a:9e:ca:17:2a:fc:32:ea:84:95:
8d:8b:01:a6:48:bb:c6:11:ce:f6:e9:fc:85:cc:29:b6:21:2c:
96:d8:22:3e:2b:1a:bd:4a:96:d4:cd:0a:0b:3e:83:30:02:dd:
81:6e:65:98:4d:fe:a1:46:b4:d4:5e:e6:8a:44:36:be:b3:71:
52:ee:8c:68:88:b5:52:d4:7f:cc:a6:fa:93:1e:49:3f:28:97:
d2:71:6a:84:4d:0f:e7:6a:d9:0d:28:a2:11:4e:29:99:81:5c:
70:68:0e:89:17:32:23:9c:8a:6e:b7:21:31:64:1d:bb:81:d9:
a1:63:b7:79:ac:4e:dc:10:53:e9:1a:01:e0:b1:02:a7:07:e6:
6b:d4:3d:b8:5d:df:d4:c0:ef:6c:03:9b:d6:10:4d:8d:82:7c:
8d:a9:51:41:fc:1f:66:7a:b2:b5:dd:15:9b:f7:34:12:03:57:
59:88:8d:fa:19:2e:17:ca:a3:d2:76:83:42:d2:f4:ec:6d:d6:
95:27:26:f8:cf:9b:19:0a:72:44:6d:45:6b:11:03:bf:80:ed:
ac:eb:0c:74:67:54:09:9c:44:d4:dc:23:6c:e5:db:30:14:54:
79:60:b4:43
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzF3AZ0aSWdSukfIQd+Sx/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNjU0MzZhYzUwMzgzMzJlNzAzYWRiYmVmZjU4MTRkYjgy
YWI0M2YwHhcNMjQwMTAxMTYyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTQxZDU1NmM5MWMyZGU2MzZiMjgwMWIyNWM3YzBkMDA5ODBkMDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVARHpeNI2V3yO+T0hdVwoOZjv4n
h4FoBykppnPEt1x59tFenNVXI9SH/QroQA8X/UIinb7GuTkig3amo4x32jGijqxR
dQffjVb7hoGDbYk9JYn0YCwhgTB91ut3QEzpBkjsTu/i93wf8Gk5klAvbStdMaPp
eSBoVY0VfjJrHIu65oRJDgPG0XS2mpe9uDw2EowujolprtuD8HTN/HQCD3qc6vgI
GKZz4n4RgOSXEA+RvabMWhNO2tBAv+2NMNq44g21dUtYvY95kYRpclGzBnv++T/f
xP8LXRmtOEUmwgePBDrFqkUg2iYbajIwFH3F8gz3aO90QKLynHgXgetwXwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLlB1VbJHC3mNrKAGyXHwNAJgNBdMB8GA1UdIwQY
MBaAFC9lQ2rFA4My5wOtu+/1gU24KrQ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJWRGFzVURnekxuQTYyNzdfV0JUYmdxdEQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mZjNjNzktZDYwZi00YjEyLTgxMzEt
OTVkNjBiM2U0NmNjLzEvdVVIVlZza2NMZVkyc29BYkpjZkEwQW1BMEYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9mZjNjNzktZDYwZi00YjEyLTgxMzEtOTVkNjBiM2U0NmNj
LzEvTDJWRGFzVURnekxuQTYyNzdfV0JUYmdxdEQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQA1Bh9MBYE
AgACMBADBwAgAQZ8CEADBQAqESjAMA0GCSqGSIb3DQEBCwUAA4IBAQB36Xh9tp17
a0JUxkOJap8/CVwuKf9MBQV8Wmqeyhcq/DLqhJWNiwGmSLvGEc726fyFzCm2ISyW
2CI+Kxq9SpbUzQoLPoMwAt2BbmWYTf6hRrTUXuaKRDa+s3FS7oxoiLVS1H/MpvqT
Hkk/KJfScWqETQ/natkNKKIRTimZgVxwaA6JFzIjnIputyExZB27gdmhY7d5rE7c
EFPpGgHgsQKnB+Zr1D24Xd/UwO9sA5vWEE2NgnyNqVFB/B9merK13RWb9zQSA1dZ
iI36GS4XyqPSdoNC0vTsbdaVJyb4z5sZCnJEbUVrEQO/gO2s6wx0Z1QJnETU3CNs
5dswFFR5YLRD
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:32:50 2024 by rpki-client on console-ams.rpki-client.org