Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/IzHMohXVp8_H5rcmpHarv2gimN0.roa
File: IzHMohXVp8_H5rcmpHarv2gimN0.roa (raw, json)
Hash identifier: B3ZEqQlnuT1wR/2wWHC9y2+sI1QXyTBb3oceWsExdDI=
Subject key identifier: 23:31:CC:A2:15:D5:A7:CF:C7:E6:B7:26:A4:76:AB:BF:68:22:98:DD
Certificate issuer: /CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Certificate serial: 018CC26D4677BDB0BB92B12E225A08431431
Authority key identifier: 58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/IzHMohXVp8_H5rcmpHarv2gimN0.roa
Signing time: Mon 01 Jan 2024 00:29:50 +0000
ROA not before: Mon 01 Jan 2024 00:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44870
IP address blocks: 212.107.240.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.mft
rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 22:02:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:46:77:bd:b0:bb:92:b1:2e:22:5a:08:43:14:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Validity
Not Before: Jan 1 00:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2331cca215d5a7cfc7e6b726a476abbf682298dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:76:9a:b8:f8:0f:85:e9:c3:85:d9:c8:fa:23:
30:c4:03:fe:d0:ae:1e:22:45:55:4e:86:ed:ae:a1:
e3:74:6c:eb:9d:cd:90:15:98:62:c3:98:0a:0c:f1:
a4:2b:a5:76:3b:9b:a6:69:20:ab:0c:e8:7d:51:01:
9c:49:34:f8:41:88:bc:66:b4:30:33:46:f1:be:e2:
7c:d7:fd:9e:ac:b5:99:40:03:89:b8:25:a2:17:e6:
c4:d4:53:6d:6f:d1:e3:5d:10:a8:c6:41:86:9f:f9:
73:fe:6c:57:18:00:6c:a6:dd:99:ea:dd:b8:b3:e1:
87:39:fa:26:71:1e:db:aa:fb:ce:47:2d:14:d1:61:
d5:9c:4b:37:17:9e:3b:06:32:60:10:99:13:84:45:
96:8f:d0:39:0a:6f:23:04:ab:5b:e6:44:74:5a:6e:
a4:fb:a3:3d:ed:0d:c5:53:23:2d:9b:96:59:ca:7a:
55:05:8e:dd:73:1d:88:4b:92:b0:79:e4:55:e7:67:
61:75:22:b6:20:07:e6:3d:34:2f:1f:52:bb:de:59:
05:12:7d:d5:b7:0f:43:e0:ae:3a:9d:cf:b7:c1:20:
1c:99:03:a7:67:6c:0f:8f:d7:69:c5:66:c8:3d:fb:
0d:9b:3a:59:10:b0:46:e1:ce:a6:35:1d:60:50:71:
b5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:31:CC:A2:15:D5:A7:CF:C7:E6:B7:26:A4:76:AB:BF:68:22:98:DD
X509v3 Authority Key Identifier:
keyid:58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/IzHMohXVp8_H5rcmpHarv2gimN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.107.240.0/21
Signature Algorithm: sha256WithRSAEncryption
62:14:ac:33:41:bf:f7:2a:52:ec:6a:86:4c:69:37:22:03:28:
94:11:d1:45:d3:44:f7:3f:21:45:e6:81:b9:7c:61:8e:06:c5:
b0:be:b2:ea:2b:ba:de:02:61:fa:9c:c8:30:c4:bc:98:5f:e6:
cc:ec:0a:b1:cd:ae:15:eb:9f:17:e6:97:37:59:67:20:79:9c:
04:79:d0:32:7c:2b:84:92:a1:0f:14:b6:fa:45:b8:0a:b2:fe:
de:32:a9:df:43:e1:60:7d:6b:01:6d:e4:38:cb:56:25:ed:42:
72:b6:5c:66:21:7d:95:93:af:83:d8:b7:bd:dd:d1:0e:6b:c3:
66:de:b9:c3:dd:ca:dd:56:dc:a6:2c:fc:49:30:a7:db:51:30:
cd:07:a3:d7:96:85:b2:12:85:c5:c3:8f:b5:7d:55:7f:ce:bb:
c1:7e:1c:9c:61:f8:29:1d:19:ff:8a:99:41:2a:a9:8a:1d:59:
75:07:e9:43:e6:40:15:dd:2f:4a:8e:75:2c:0b:46:ca:57:2d:
ac:f8:c7:18:9b:a8:ed:97:58:e8:48:e7:0b:d5:6f:46:3a:51:
e0:df:ab:2a:3e:18:81:74:c6:2a:61:fc:d4:98:22:d4:09:06:
e8:0d:ac:d1:84:67:05:35:da:0d:1d:57:cd:7d:8c:2e:c5:d3:
02:ee:3a:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbUZ3vbC7krEuIloIQxQxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NTNlNjVhMzA4N2I0Y2E4NWM4ODAyYjYwZmYwZjAyYjQx
MDZkOTcwHhcNMjQwMTAxMDAyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzMxY2NhMjE1ZDVhN2NmYzdlNmI3MjZhNDc2YWJiZjY4MjI5OGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8naauPgPhenDhdnI+iMwxAP+0K4e
IkVVTobtrqHjdGzrnc2QFZhiw5gKDPGkK6V2O5umaSCrDOh9UQGcSTT4QYi8ZrQw
M0bxvuJ81/2erLWZQAOJuCWiF+bE1FNtb9HjXRCoxkGGn/lz/mxXGABspt2Z6t24
s+GHOfomcR7bqvvORy0U0WHVnEs3F547BjJgEJkThEWWj9A5Cm8jBKtb5kR0Wm6k
+6M97Q3FUyMtm5ZZynpVBY7dcx2IS5KweeRV52dhdSK2IAfmPTQvH1K73lkFEn3V
tw9D4K46nc+3wSAcmQOnZ2wPj9dpxWbIPfsNmzpZELBG4c6mNR1gUHG1twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMxzKIV1afPx+a3JqR2q79oIpjdMB8GA1UdIwQY
MBaAFFhT5lowh7TKhciAK2D/DwK0EG2XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQt
ZTE4NjAyNzM5Y2Q1LzEvSXpITW9oWFZwOF9INXJjbXBIYXJ2MmdpbU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQtZTE4NjAyNzM5Y2Q1
LzEvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD1GvwMA0G
CSqGSIb3DQEBCwUAA4IBAQBiFKwzQb/3KlLsaoZMaTciAyiUEdFF00T3PyFF5oG5
fGGOBsWwvrLqK7reAmH6nMgwxLyYX+bM7Aqxza4V658X5pc3WWcgeZwEedAyfCuE
kqEPFLb6RbgKsv7eMqnfQ+FgfWsBbeQ4y1Yl7UJytlxmIX2Vk6+D2Le93dEOa8Nm
3rnD3crdVtymLPxJMKfbUTDNB6PXloWyEoXFw4+1fVV/zrvBfhycYfgpHRn/iplB
KqmKHVl1B+lD5kAV3S9KjnUsC0bKVy2s+McYm6jtl1joSOcL1W9GOlHg36sqPhiB
dMYqYfzUmCLUCQboDazRhGcFNdoNHVfNfYwuxdMC7jqe
-----END CERTIFICATE-----
Generated at Sat Jun 1 03:17:05 2024 by rpki-client on console-fra.rpki-client.org