Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/0FfyJmN2EbnynffMxPrbFs3Kl2o.roa
File: 0FfyJmN2EbnynffMxPrbFs3Kl2o.roa (raw, json)
Hash identifier: SR9xAPs2ztA+mCPZ80CiyeJzbK42NiNkqWdD4hSu4LM=
Subject key identifier: D0:57:F2:26:63:76:11:B9:F2:9D:F7:CC:C4:FA:DB:16:CD:CA:97:6A
Certificate issuer: /CN=ff698eeb2e49fcb5f9c65a99857af29ce06641d9
Certificate serial: 018CC6499B3E5275F04815D36663040780DC
Authority key identifier: FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/0FfyJmN2EbnynffMxPrbFs3Kl2o.roa
Signing time: Mon 01 Jan 2024 18:29:21 +0000
ROA not before: Mon 01 Jan 2024 18:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41726
IP address blocks: 212.70.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:9b:3e:52:75:f0:48:15:d3:66:63:04:07:80:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff698eeb2e49fcb5f9c65a99857af29ce06641d9
Validity
Not Before: Jan 1 18:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d057f226637611b9f29df7ccc4fadb16cdca976a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:46:d3:3d:02:13:59:90:dd:4c:be:d5:b3:26:
32:e7:42:d4:78:bd:3b:fa:b0:7d:43:43:2c:cd:5c:
52:29:7a:73:30:da:60:b7:4c:27:29:89:5b:83:89:
d9:a1:43:42:d6:e5:e8:91:96:7b:61:38:85:fa:0e:
65:5d:15:43:b0:43:bc:fa:d7:e8:bc:12:b7:26:8b:
9e:6d:dc:a5:22:16:3b:2e:2e:3a:e9:b7:1a:dd:c8:
46:0b:7c:95:14:fc:71:a3:f0:3c:7f:61:d0:8e:0c:
75:89:3c:58:3a:d2:31:67:a7:41:26:58:8c:70:d1:
fe:d5:2c:d5:f6:0e:24:8e:39:88:55:96:1f:21:fc:
40:c0:e8:9c:1b:a8:33:02:c8:09:35:de:c8:82:5f:
5e:af:20:2c:ff:cc:7d:c1:3e:af:cb:fa:8e:d7:dd:
0b:47:1f:33:17:40:55:4f:8c:3e:50:1c:10:c6:d9:
05:c4:78:a5:79:a7:22:a4:20:ad:da:a2:c6:24:5b:
53:8b:3a:ac:9f:5d:37:ce:f4:02:ab:7b:56:bf:1e:
d6:35:af:d0:4b:0d:3e:84:cb:e1:dd:c4:a8:f5:ce:
79:06:d6:23:6a:8a:3d:02:fb:42:e6:4c:2b:67:9d:
02:84:06:46:55:77:70:b3:a0:cc:ac:ff:bf:49:78:
ac:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:57:F2:26:63:76:11:B9:F2:9D:F7:CC:C4:FA:DB:16:CD:CA:97:6A
X509v3 Authority Key Identifier:
keyid:FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/0FfyJmN2EbnynffMxPrbFs3Kl2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.70.184.0/24
Signature Algorithm: sha256WithRSAEncryption
64:27:25:cb:1f:30:88:24:7f:63:2b:74:a3:68:19:fc:e6:8d:
99:9e:0c:61:53:e1:b9:97:d9:52:8e:16:e4:51:be:61:cb:93:
73:a1:89:d0:72:8e:8e:06:be:5c:81:7e:9e:4d:d5:c0:5c:eb:
62:8f:3b:16:f0:27:d3:04:9a:47:85:00:e0:de:d5:a2:c5:77:
f6:bb:ee:32:c0:44:db:11:87:d4:21:a9:44:57:56:45:06:ef:
3d:59:4c:4a:a6:c2:1a:0e:51:72:62:1b:bf:ff:37:1d:e7:78:
ef:bb:a3:66:9c:b5:17:25:ec:41:b6:f5:e5:21:3d:39:fa:cd:
c9:2b:e0:6f:a2:18:53:d2:4f:f7:06:e0:16:a5:c0:80:80:26:
d6:f0:31:0b:63:ae:ad:2e:cb:c6:b8:97:e8:56:05:f9:2c:7c:
5c:43:0e:7f:c1:93:1f:d7:e9:33:a3:4d:c5:a7:57:56:b6:ac:
67:1c:5d:64:fa:6f:ec:12:2d:9d:63:29:9b:7c:99:02:96:93:
9b:f4:bd:5b:54:5c:db:71:e0:41:05:de:38:97:f5:28:b1:45:
94:fd:ce:d5:16:97:cd:a6:74:ac:f7:56:a7:5a:68:3d:56:d4:
ad:62:7a:40:42:81:dc:ac:b6:0f:6e:38:74:8a:66:50:5e:e6:
bc:8e:9d:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSZs+UnXwSBXTZmMEB4DcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNjk4ZWViMmU0OWZjYjVmOWM2NWE5OTg1N2FmMjljZTA2
NjQxZDkwHhcNMjQwMTAxMTgyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDU3ZjIyNjYzNzYxMWI5ZjI5ZGY3Y2NjNGZhZGIxNmNkY2E5NzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUbTPQITWZDdTL7VsyYy50LUeL07
+rB9Q0MszVxSKXpzMNpgt0wnKYlbg4nZoUNC1uXokZZ7YTiF+g5lXRVDsEO8+tfo
vBK3JouebdylIhY7Li466bca3chGC3yVFPxxo/A8f2HQjgx1iTxYOtIxZ6dBJliM
cNH+1SzV9g4kjjmIVZYfIfxAwOicG6gzAsgJNd7Igl9eryAs/8x9wT6vy/qO190L
Rx8zF0BVT4w+UBwQxtkFxHileacipCCt2qLGJFtTizqsn103zvQCq3tWvx7WNa/Q
Sw0+hMvh3cSo9c55BtYjaoo9AvtC5kwrZ50ChAZGVXdws6DMrP+/SXisLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNBX8iZjdhG58p33zMT62xbNypdqMB8GA1UdIwQY
MBaAFP9pjusuSfy1+cZamYV68pzgZkHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzJtTzZ5NUpfTFg1eGxxWmhYcnluT0JtUWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNGQ3NWQtOTUzYS00MDM2LTk4Mzkt
NTdjZDY4ZDljYjRlLzEvMEZmeUptTjJFYm55bmZmTXhQcmJGczNLbDJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNGQ3NWQtOTUzYS00MDM2LTk4MzktNTdjZDY4ZDljYjRl
LzEvXzJtTzZ5NUpfTFg1eGxxWmhYcnluT0JtUWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Ea4MA0G
CSqGSIb3DQEBCwUAA4IBAQBkJyXLHzCIJH9jK3SjaBn85o2ZngxhU+G5l9lSjhbk
Ub5hy5NzoYnQco6OBr5cgX6eTdXAXOtijzsW8CfTBJpHhQDg3tWixXf2u+4ywETb
EYfUIalEV1ZFBu89WUxKpsIaDlFyYhu//zcd53jvu6NmnLUXJexBtvXlIT05+s3J
K+BvohhT0k/3BuAWpcCAgCbW8DELY66tLsvGuJfoVgX5LHxcQw5/wZMf1+kzo03F
p1dWtqxnHF1k+m/sEi2dYymbfJkClpOb9L1bVFzbceBBBd44l/UosUWU/c7VFpfN
pnSs91anWmg9VtStYnpAQoHcrLYPbjh0imZQXua8jp1j
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:35:24 2024 by rpki-client on console-ams.rpki-client.org