Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/1zu8HPFtIDmKvPLz3iS0xli5HPI.roa
File: 1zu8HPFtIDmKvPLz3iS0xli5HPI.roa (raw, json)
Hash identifier: jRshAkiGSlad8DbCSTEwQtu2VCyyEf8r14A45Qvzy7U=
Subject key identifier: D7:3B:BC:1C:F1:6D:20:39:8A:BC:F2:F3:DE:24:B4:C6:58:B9:1C:F2
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 018CC5DCC05D6D947990CCEFA680913BC3A2
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/1zu8HPFtIDmKvPLz3iS0xli5HPI.roa
Signing time: Mon 01 Jan 2024 16:30:27 +0000
ROA not before: Mon 01 Jan 2024 16:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52194
IP address blocks: 212.22.81.0/24 maxlen: 24
212.22.87.0/24 maxlen: 24
212.22.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.mft
rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:c0:5d:6d:94:79:90:cc:ef:a6:80:91:3b:c3:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Jan 1 16:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d73bbc1cf16d20398abcf2f3de24b4c658b91cf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7e:4b:e4:3f:2e:2b:d2:52:64:e5:94:4f:f3:
5d:41:bf:99:5f:97:ed:af:4d:41:df:a5:65:62:80:
0c:7e:ec:cf:21:0b:41:ea:5c:76:9f:45:b9:b3:f1:
67:30:09:53:c7:e2:93:fd:7a:7f:6e:1c:06:26:e0:
64:fa:84:2b:c7:06:f3:d2:29:37:a5:80:48:5b:d7:
1b:76:dd:9b:11:67:31:58:10:09:8c:1d:d5:51:d2:
b9:dd:06:2f:7c:b1:47:96:fe:9f:ba:02:fd:40:a3:
5f:8e:69:e2:52:3f:c9:88:70:bf:b4:45:e6:6a:08:
20:90:b9:ce:8f:1d:7d:f4:f5:2a:94:cb:83:a2:c7:
c4:3f:49:57:38:b4:09:b9:1a:f0:c6:73:6d:ba:d3:
f7:33:6d:66:50:1b:c7:32:ad:30:4a:45:69:2a:05:
29:fb:0f:c7:8b:b3:ec:2d:9b:00:cc:4f:bf:77:15:
12:9a:1a:6a:5d:86:63:9a:af:bc:94:ac:cc:97:51:
5e:f3:2b:b4:d5:bb:0f:17:bc:0e:b5:bc:f8:a2:5b:
77:4f:4c:9f:64:35:30:f0:1f:92:23:b6:70:b1:2f:
bb:dd:11:b7:52:97:56:35:ca:58:85:6d:cd:67:68:
1f:ca:ad:09:02:a2:37:e7:b8:d5:c4:c0:f2:83:1f:
64:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:3B:BC:1C:F1:6D:20:39:8A:BC:F2:F3:DE:24:B4:C6:58:B9:1C:F2
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/1zu8HPFtIDmKvPLz3iS0xli5HPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.22.81.0/24
212.22.87.0/24
212.22.95.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:de:71:b1:70:97:b6:a3:82:b6:09:c9:4c:7c:ea:fd:4a:3c:
97:7f:b9:0b:da:9d:76:32:62:92:92:27:54:85:f1:45:b6:08:
c9:9f:0b:a7:02:57:c5:45:a7:89:df:ae:8c:7a:b8:83:93:23:
93:b4:ee:b1:f6:73:b7:36:39:39:65:f9:d2:8a:52:c1:58:32:
a1:ad:09:dc:9e:7f:ec:ce:f5:30:d7:18:3d:87:25:12:bc:3d:
9a:40:be:3b:d1:0e:50:00:53:17:c1:34:ec:92:f1:ff:24:26:
0a:6d:f5:74:80:80:61:a7:28:9b:fd:72:4c:ed:e8:94:02:4b:
c5:56:19:cd:7f:1b:4d:35:e8:25:35:12:6d:03:4c:7f:23:d1:
f1:41:69:ab:58:37:60:c3:6f:65:7f:6a:4a:3d:3a:99:d8:4f:
81:02:87:da:04:bc:09:e5:78:92:04:a0:a0:db:e3:c6:19:a3:
1a:45:e9:d4:20:8f:fe:53:6f:7b:84:24:95:8a:69:03:de:44:
c8:eb:45:32:23:bb:67:fb:01:1c:bb:bb:a3:a1:62:3d:ac:72:
00:fc:b2:56:91:d1:cd:11:c6:fe:4b:b3:bb:7d:82:dc:12:b1:
ed:37:0f:36:65:c3:61:bb:5e:1a:c7:58:91:72:76:a8:d3:11:
6c:8e:3c:44
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzF3MBdbZR5kMzvpoCRO8OiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjQwMTAxMTYzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzNiYmMxY2YxNmQyMDM5OGFiY2YyZjNkZTI0YjRjNjU4YjkxY2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtX5L5D8uK9JSZOWUT/NdQb+ZX5ft
r01B36VlYoAMfuzPIQtB6lx2n0W5s/FnMAlTx+KT/Xp/bhwGJuBk+oQrxwbz0ik3
pYBIW9cbdt2bEWcxWBAJjB3VUdK53QYvfLFHlv6fugL9QKNfjmniUj/JiHC/tEXm
agggkLnOjx199PUqlMuDosfEP0lXOLQJuRrwxnNtutP3M21mUBvHMq0wSkVpKgUp
+w/Hi7PsLZsAzE+/dxUSmhpqXYZjmq+8lKzMl1Fe8yu01bsPF7wOtbz4olt3T0yf
ZDUw8B+SI7ZwsS+73RG3UpdWNcpYhW3NZ2gfyq0JAqI357jVxMDygx9kkQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNc7vBzxbSA5irzy894ktMZYuRzyMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvMXp1OEhQRnRJRG1LdlBMejNpUzB4bGk1SFBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1BZRAwQA
1BZXAwQA1BZfMA0GCSqGSIb3DQEBCwUAA4IBAQCK3nGxcJe2o4K2CclMfOr9SjyX
f7kL2p12MmKSkidUhfFFtgjJnwunAlfFRaeJ366MeriDkyOTtO6x9nO3Njk5ZfnS
ilLBWDKhrQncnn/szvUw1xg9hyUSvD2aQL470Q5QAFMXwTTskvH/JCYKbfV0gIBh
pyib/XJM7eiUAkvFVhnNfxtNNeglNRJtA0x/I9HxQWmrWDdgw29lf2pKPTqZ2E+B
AofaBLwJ5XiSBKCg2+PGGaMaRenUII/+U297hCSVimkD3kTI60UyI7tn+wEcu7uj
oWI9rHIA/LJWkdHNEcb+S7O7fYLcErHtNw82ZcNhu14ax1iRcnao0xFsjjxE
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:53:54 2024 by rpki-client on console-fra.rpki-client.org