Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/7KkW14ahMzeaT8EoEQ23HB7RNXo.roa
File: 7KkW14ahMzeaT8EoEQ23HB7RNXo.roa (raw, json)
Hash identifier: o5D0+Zq1jCZzwXVpNDpv1ot0oIEGzoIraQrW/aJdrVk=
Subject key identifier: EC:A9:16:D7:86:A1:33:37:9A:4F:C1:28:11:0D:B7:1C:1E:D1:35:7A
Certificate issuer: /CN=ff698eeb2e49fcb5f9c65a99857af29ce06641d9
Certificate serial: 018CC6499C60749009FC1D39C4C7D02C8C8A
Authority key identifier: FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/7KkW14ahMzeaT8EoEQ23HB7RNXo.roa
Signing time: Mon 01 Jan 2024 18:29:22 +0000
ROA not before: Mon 01 Jan 2024 18:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208284
IP address blocks: 212.70.172.0/24 maxlen: 24
212.70.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 01:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:9c:60:74:90:09:fc:1d:39:c4:c7:d0:2c:8c:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff698eeb2e49fcb5f9c65a99857af29ce06641d9
Validity
Not Before: Jan 1 18:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eca916d786a133379a4fc128110db71c1ed1357a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d8:e0:53:20:cc:88:b7:bd:a2:7c:a9:3c:06:
e2:e1:d3:80:3a:e3:7d:f4:06:e5:fa:93:d4:47:5a:
f1:47:68:56:e8:6b:60:73:2e:30:8e:9a:39:23:a1:
25:8e:24:34:a1:82:39:ac:df:72:4c:e5:aa:81:11:
e0:c4:ab:4c:b3:07:37:61:d1:75:1a:de:8d:2b:45:
af:7e:d6:8c:d0:e6:11:3d:7b:25:14:8f:f2:0d:dc:
5e:cc:c4:4d:28:f9:e0:41:63:57:57:b8:f8:c4:59:
bd:a6:5a:89:86:f9:5e:02:55:3c:bc:3c:99:16:6d:
42:ee:7b:24:7b:44:d4:d4:8b:ee:59:66:fe:ae:9b:
ff:7b:a6:c6:47:fa:86:15:2a:94:30:c0:47:18:bc:
ff:64:7d:17:f6:63:1b:16:c5:04:51:15:45:75:32:
fc:67:6a:85:32:e3:c8:f9:6c:0d:0f:3b:3a:54:67:
a3:b4:a7:9f:4a:59:19:61:b4:e7:e2:7e:80:66:b2:
81:91:ec:2f:20:9c:4b:4e:df:b5:7e:3d:00:f2:c1:
1a:83:b4:32:d6:c9:95:7e:cf:04:ea:fd:d2:ca:60:
bc:48:49:e4:5b:95:42:de:4f:6d:97:ec:fd:f0:f9:
34:7c:0d:36:c3:63:49:e7:dd:61:13:3b:1b:05:47:
61:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:A9:16:D7:86:A1:33:37:9A:4F:C1:28:11:0D:B7:1C:1E:D1:35:7A
X509v3 Authority Key Identifier:
keyid:FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/7KkW14ahMzeaT8EoEQ23HB7RNXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.70.172.0/24
212.70.174.0/24
Signature Algorithm: sha256WithRSAEncryption
84:1c:06:9a:a7:13:70:4a:e0:84:05:73:02:4b:6a:ca:21:81:
63:5c:7b:e6:05:8e:28:c7:8b:3f:44:d1:2d:e5:c9:5b:77:a4:
ba:5c:f0:7e:b8:6d:02:dc:15:e7:cf:70:f5:37:e6:df:11:4c:
16:a0:4a:a8:c6:a0:45:11:a0:2b:2e:10:ec:5b:1c:2d:bf:f5:
38:b2:f9:06:4a:5d:4f:7e:fa:13:4f:ed:42:12:1d:48:7e:49:
ba:d1:3c:51:c3:b2:57:b0:ac:7d:f5:52:22:c8:15:c7:23:19:
98:5d:64:62:48:08:04:d6:e5:96:59:9e:8a:ae:85:4b:69:04:
bc:bd:1e:db:22:13:4e:38:96:aa:93:8d:44:87:65:81:23:63:
49:2b:b2:c6:ab:c3:bd:6e:a0:cc:f3:3c:0c:56:0d:87:c5:26:
42:91:8b:39:50:98:ab:ae:09:be:b2:cb:cd:44:0f:58:0c:7c:
a8:06:c7:5b:47:dc:44:ac:ed:5c:53:3a:2e:93:f5:9f:43:d4:
19:b3:56:93:d1:1e:19:d5:69:28:cd:1e:75:70:14:fd:13:90:
8a:f0:57:43:63:ef:52:dc:87:21:11:08:23:e4:6f:73:93:61:
6a:e4:e7:de:88:f6:ce:c4:08:e8:ec:99:13:a5:c7:02:58:c0:
e1:64:91:76
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGSZxgdJAJ/B05xMfQLIyKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNjk4ZWViMmU0OWZjYjVmOWM2NWE5OTg1N2FmMjljZTA2
NjQxZDkwHhcNMjQwMTAxMTgyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2E5MTZkNzg2YTEzMzM3OWE0ZmMxMjgxMTBkYjcxYzFlZDEzNTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNjgUyDMiLe9onypPAbi4dOAOuN9
9Abl+pPUR1rxR2hW6Gtgcy4wjpo5I6EljiQ0oYI5rN9yTOWqgRHgxKtMswc3YdF1
Gt6NK0WvftaM0OYRPXslFI/yDdxezMRNKPngQWNXV7j4xFm9plqJhvleAlU8vDyZ
Fm1C7nske0TU1IvuWWb+rpv/e6bGR/qGFSqUMMBHGLz/ZH0X9mMbFsUEURVFdTL8
Z2qFMuPI+WwNDzs6VGejtKefSlkZYbTn4n6AZrKBkewvIJxLTt+1fj0A8sEag7Qy
1smVfs8E6v3SymC8SEnkW5VC3k9tl+z98Pk0fA02w2NJ591hEzsbBUdhpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOypFteGoTM3mk/BKBENtxwe0TV6MB8GA1UdIwQY
MBaAFP9pjusuSfy1+cZamYV68pzgZkHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzJtTzZ5NUpfTFg1eGxxWmhYcnluT0JtUWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNGQ3NWQtOTUzYS00MDM2LTk4Mzkt
NTdjZDY4ZDljYjRlLzEvN0trVzE0YWhNemVhVDhFb0VRMjNIQjdSTlhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNGQ3NWQtOTUzYS00MDM2LTk4MzktNTdjZDY4ZDljYjRl
LzEvXzJtTzZ5NUpfTFg1eGxxWmhYcnluT0JtUWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1EasAwQA
1EauMA0GCSqGSIb3DQEBCwUAA4IBAQCEHAaapxNwSuCEBXMCS2rKIYFjXHvmBY4o
x4s/RNEt5clbd6S6XPB+uG0C3BXnz3D1N+bfEUwWoEqoxqBFEaArLhDsWxwtv/U4
svkGSl1PfvoTT+1CEh1Ifkm60TxRw7JXsKx99VIiyBXHIxmYXWRiSAgE1uWWWZ6K
roVLaQS8vR7bIhNOOJaqk41Eh2WBI2NJK7LGq8O9bqDM8zwMVg2HxSZCkYs5UJir
rgm+ssvNRA9YDHyoBsdbR9xErO1cUzouk/WfQ9QZs1aT0R4Z1WkozR51cBT9E5CK
8FdDY+9S3IchEQgj5G9zk2Fq5OfeiPbOxAjo7JkTpccCWMDhZJF2
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:35:54 2024 by rpki-client on console-fra.rpki-client.org