Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/cf1Av1G9Rkw26ZPH4hwlhMCZTEI.roa
File: cf1Av1G9Rkw26ZPH4hwlhMCZTEI.roa (raw, json)
Hash identifier: 9vCrstXemElUzZR86/NxhAWkgdseb+d353Cw/4SFhg4=
Subject key identifier: 71:FD:40:BF:51:BD:46:4C:36:E9:93:C7:E2:1C:25:84:C0:99:4C:42
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 018CCA2BB1A3AF680B49A6F52A0BB1669D80
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/cf1Av1G9Rkw26ZPH4hwlhMCZTEI.roa
Signing time: Tue 02 Jan 2024 12:35:10 +0000
ROA not before: Tue 02 Jan 2024 12:35:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24727
IP address blocks: 212.81.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 10:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:b1:a3:af:68:0b:49:a6:f5:2a:0b:b1:66:9d:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 2 12:35:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71fd40bf51bd464c36e993c7e21c2584c0994c42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d9:cb:90:f5:e4:2a:21:01:5f:f2:1f:8a:85:
b1:0f:39:08:14:e7:5c:e3:2c:b2:c3:a5:4a:d0:a5:
1e:13:67:08:e2:8c:65:80:26:2c:8c:22:e5:0d:06:
65:14:49:61:f5:00:08:ba:aa:d7:b6:bc:4b:56:56:
cb:4e:29:90:e5:46:ff:c7:99:21:53:66:b4:13:0a:
df:3e:7e:58:ae:3b:b3:f1:f7:49:52:54:d5:68:37:
44:f2:11:40:61:ce:de:10:ee:6b:36:19:4d:e9:0b:
1f:4b:8d:ea:5d:d2:7c:a7:96:48:89:63:e3:14:ad:
e2:80:1b:e5:26:76:fc:08:50:2f:df:a0:bc:94:9b:
1c:1c:fd:25:51:c5:10:5c:f5:90:88:a3:8e:96:6d:
85:60:31:7a:09:b4:ba:7d:fb:7e:8f:45:3d:32:38:
4e:21:35:77:ef:64:47:d2:26:53:f2:c1:d6:fa:8c:
93:81:f3:e3:15:39:c1:b5:7e:1c:4d:44:19:a1:f3:
c7:72:e5:7c:f0:f2:70:fc:6b:07:52:90:08:e4:23:
e4:39:51:79:e6:1b:f5:a9:59:db:9d:30:10:76:f1:
79:06:da:f0:2c:65:6b:be:2f:d4:37:06:4d:79:c1:
be:89:92:dd:c9:43:61:2e:42:9d:17:03:22:c8:9d:
49:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:FD:40:BF:51:BD:46:4C:36:E9:93:C7:E2:1C:25:84:C0:99:4C:42
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/cf1Av1G9Rkw26ZPH4hwlhMCZTEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.81.16.0/24
Signature Algorithm: sha256WithRSAEncryption
82:83:b6:3c:90:00:84:75:ea:9f:d5:5e:5c:5d:ea:2c:eb:ef:
94:a3:73:14:1d:3b:c4:3c:b3:25:00:2e:d4:27:4b:55:bb:96:
96:42:47:85:41:bf:ae:b4:45:3e:af:69:28:1a:7f:5a:fa:b9:
7f:c5:ee:60:6b:f6:9c:92:ab:0d:43:ed:56:c0:6b:fb:3c:39:
17:9a:11:ca:43:c1:a9:5d:89:83:d6:3b:c1:c5:82:d1:65:59:
de:9d:6b:69:4a:f6:46:0a:c7:ed:70:07:e7:05:22:3d:90:05:
24:2b:45:9b:f7:c8:c0:4e:36:85:ad:6d:30:60:25:b0:07:e9:
e8:01:35:4c:d7:5a:e3:12:62:ce:33:b3:81:1e:a0:55:a5:bc:
5a:cc:6a:6d:c0:05:da:51:64:80:c3:d1:36:42:bb:10:07:29:
20:05:7a:4d:b4:9d:34:fa:dc:01:22:1a:6e:19:d9:7e:8c:4a:
e6:32:21:06:51:ab:29:b8:54:86:c8:aa:c1:8b:a5:fb:7a:0e:
c4:ff:2e:f3:ec:c1:d6:6c:ab:8f:f1:01:54:44:4c:17:11:f5:
bb:0f:c1:23:7a:e1:96:de:26:2e:a6:86:d7:7f:59:c8:1b:05:
f4:bb:e8:ff:4a:12:e0:cf:a9:ba:9a:35:cc:4c:f3:e1:66:da:
fd:13:ff:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK7Gjr2gLSab1KguxZp2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjQwMTAyMTIzNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWZkNDBiZjUxYmQ0NjRjMzZlOTkzYzdlMjFjMjU4NGMwOTk0YzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdnLkPXkKiEBX/IfioWxDzkIFOdc
4yyyw6VK0KUeE2cI4oxlgCYsjCLlDQZlFElh9QAIuqrXtrxLVlbLTimQ5Ub/x5kh
U2a0EwrfPn5Yrjuz8fdJUlTVaDdE8hFAYc7eEO5rNhlN6QsfS43qXdJ8p5ZIiWPj
FK3igBvlJnb8CFAv36C8lJscHP0lUcUQXPWQiKOOlm2FYDF6CbS6fft+j0U9MjhO
ITV372RH0iZT8sHW+oyTgfPjFTnBtX4cTUQZofPHcuV88PJw/GsHUpAI5CPkOVF5
5hv1qVnbnTAQdvF5BtrwLGVrvi/UNwZNecG+iZLdyUNhLkKdFwMiyJ1J1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHH9QL9RvUZMNumTx+IcJYTAmUxCMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvY2YxQXYxRzlSa3cyNlpQSDRod2xoTUNaVEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1FEQMA0G
CSqGSIb3DQEBCwUAA4IBAQCCg7Y8kACEdeqf1V5cXeos6++Uo3MUHTvEPLMlAC7U
J0tVu5aWQkeFQb+utEU+r2koGn9a+rl/xe5ga/ackqsNQ+1WwGv7PDkXmhHKQ8Gp
XYmD1jvBxYLRZVnenWtpSvZGCsftcAfnBSI9kAUkK0Wb98jATjaFrW0wYCWwB+no
ATVM11rjEmLOM7OBHqBVpbxazGptwAXaUWSAw9E2QrsQBykgBXpNtJ00+twBIhpu
Gdl+jErmMiEGUaspuFSGyKrBi6X7eg7E/y7z7MHWbKuP8QFUREwXEfW7D8EjeuGW
3iYupobXf1nIGwX0u+j/ShLgz6m6mjXMTPPhZtr9E/+f
-----END CERTIFICATE-----
Generated at Mon May 27 16:13:58 2024 by rpki-client on console-ams.rpki-client.org