Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/e25a3c-def6-4228-a10b-c45e949e9cd6/1/1-A9oiCoerr-tGHf5Pb1ENTiswJc.roa
File: 1-A9oiCoerr-tGHf5Pb1ENTiswJc.roa (raw, json)
Hash identifier: uC7hCtJqKr99q5IEzRFWHN7uUyiBxXX+2NdbGeCsG4o=
Subject key identifier: F8:0F:68:88:2A:1E:AE:BF:AD:18:77:F9:3D:BD:44:35:38:AC:C0:97
Certificate issuer: /CN=29c170d98b5e35d7d51537671c6040a5151884bc
Certificate serial: 01915B54FF9A66D0A3004E43CA1ACF2E2441
Authority key identifier: 29:C1:70:D9:8B:5E:35:D7:D5:15:37:67:1C:60:40:A5:15:18:84:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KcFw2YteNdfVFTdnHGBApRUYhLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/e25a3c-def6-4228-a10b-c45e949e9cd6/1/1-A9oiCoerr-tGHf5Pb1ENTiswJc.roa
Signing time: Fri 16 Aug 2024 13:16:22 +0000
ROA not before: Fri 16 Aug 2024 13:16:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12859
IP address blocks: 212.72.224.0/21 maxlen: 21
212.72.224.0/24 maxlen: 24
212.72.225.0/24 maxlen: 24
212.72.226.0/24 maxlen: 24
212.72.227.0/24 maxlen: 24
212.72.228.0/24 maxlen: 24
212.72.229.0/24 maxlen: 24
212.72.230.0/24 maxlen: 24
212.72.231.0/24 maxlen: 24
2a02:968::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/e25a3c-def6-4228-a10b-c45e949e9cd6/1/KcFw2YteNdfVFTdnHGBApRUYhLw.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/e25a3c-def6-4228-a10b-c45e949e9cd6/1/KcFw2YteNdfVFTdnHGBApRUYhLw.mft
rsync://rpki.ripe.net/repository/DEFAULT/KcFw2YteNdfVFTdnHGBApRUYhLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5b:54:ff:9a:66:d0:a3:00:4e:43:ca:1a:cf:2e:24:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29c170d98b5e35d7d51537671c6040a5151884bc
Validity
Not Before: Aug 16 13:16:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f80f68882a1eaebfad1877f93dbd443538acc097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:41:0d:12:51:5f:7b:81:4f:d3:e2:ad:32:d7:
67:eb:0d:b0:48:d1:d7:c4:85:dc:a0:98:b3:28:ad:
a9:d3:11:7b:89:64:5a:63:0f:94:62:6e:65:e3:f3:
a4:fc:a0:6e:98:52:90:6c:0a:2c:1f:e5:14:f4:a0:
e4:11:f5:e9:3c:21:18:d0:72:ad:63:2c:96:37:b4:
57:04:c2:21:16:2b:3b:2c:f7:45:ff:75:f5:03:14:
51:26:97:b7:a0:ec:cd:80:f9:30:ac:1a:2d:a4:9a:
e6:2c:99:ac:45:f7:75:bd:8a:3b:bd:6b:5d:5b:3d:
11:5d:55:06:da:2e:ca:a1:3b:f7:23:14:ff:52:13:
57:ed:c1:1f:22:19:08:75:45:af:a3:a0:2c:0a:25:
f6:3f:7c:28:25:57:2c:7d:a4:29:98:af:89:35:5d:
9b:e2:ab:cf:85:60:b1:31:77:38:41:37:1f:6b:1b:
af:95:64:c3:3b:a2:ba:48:f2:f9:04:08:b5:e8:e2:
9b:d2:41:f1:1e:97:c5:57:d2:c4:92:74:62:9e:d0:
61:db:48:1e:bb:e8:3a:41:29:fb:c2:1a:76:73:2d:
11:aa:52:07:81:ad:56:73:87:37:44:75:ae:c5:f4:
89:21:26:8e:e7:d4:03:af:4a:a0:6c:23:2b:60:c1:
c6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:0F:68:88:2A:1E:AE:BF:AD:18:77:F9:3D:BD:44:35:38:AC:C0:97
X509v3 Authority Key Identifier:
keyid:29:C1:70:D9:8B:5E:35:D7:D5:15:37:67:1C:60:40:A5:15:18:84:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KcFw2YteNdfVFTdnHGBApRUYhLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/e25a3c-def6-4228-a10b-c45e949e9cd6/1/1-A9oiCoerr-tGHf5Pb1ENTiswJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/e25a3c-def6-4228-a10b-c45e949e9cd6/1/KcFw2YteNdfVFTdnHGBApRUYhLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.72.224.0/21
IPv6:
2a02:968::/32
Signature Algorithm: sha256WithRSAEncryption
9c:53:7e:84:57:52:44:57:a1:6a:11:84:e4:4e:c3:93:04:ec:
8b:8c:e4:cc:bf:9b:48:95:e3:ce:d8:34:68:61:68:08:94:2b:
19:b1:0b:8b:b3:bf:b7:b9:36:8e:21:bc:d4:4c:fb:9a:f9:ca:
bb:07:3c:67:f8:b1:80:f0:28:43:ef:79:06:0e:19:34:19:d4:
84:31:de:f7:ce:40:e7:cd:fc:27:d7:88:a1:a3:97:46:5e:44:
ed:7b:03:1c:2b:57:a2:62:f3:f3:ae:70:93:72:18:8c:77:99:
3f:3c:d5:19:de:ce:96:84:7a:68:b7:8a:de:97:fb:89:20:bd:
50:52:15:c4:47:64:77:5a:92:49:e2:f1:21:a7:d2:9b:d1:55:
25:67:5c:72:f6:1d:a0:04:b0:c3:53:cf:85:a8:7a:20:6c:02:
f8:d8:ea:bc:14:88:c6:9a:ff:23:11:c9:7b:92:8e:b4:4c:e1:
d4:a9:0e:6b:b3:4a:04:e7:e4:4e:6f:f5:4f:08:3d:d9:9f:6c:
d0:fc:37:19:ef:aa:bf:e9:da:38:7f:bb:8a:27:23:e3:49:e2:
7d:e9:88:71:bc:89:f5:21:d3:61:27:86:b4:b6:87:e5:5c:6d:
b6:e2:8c:84:2f:cd:30:7b:59:26:82:ee:72:e9:20:9a:83:a2:
e0:82:e3:15
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZFbVP+aZtCjAE5DyhrPLiRBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YzE3MGQ5OGI1ZTM1ZDdkNTE1Mzc2NzFjNjA0MGE1MTUx
ODg0YmMwHhcNMjQwODE2MTMxNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODBmNjg4ODJhMWVhZWJmYWQxODc3ZjkzZGJkNDQzNTM4YWNjMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEENElFfe4FP0+KtMtdn6w2wSNHX
xIXcoJizKK2p0xF7iWRaYw+UYm5l4/Ok/KBumFKQbAosH+UU9KDkEfXpPCEY0HKt
YyyWN7RXBMIhFis7LPdF/3X1AxRRJpe3oOzNgPkwrBotpJrmLJmsRfd1vYo7vWtd
Wz0RXVUG2i7KoTv3IxT/UhNX7cEfIhkIdUWvo6AsCiX2P3woJVcsfaQpmK+JNV2b
4qvPhWCxMXc4QTcfaxuvlWTDO6K6SPL5BAi16OKb0kHxHpfFV9LEknRintBh20ge
u+g6QSn7whp2cy0RqlIHga1Wc4c3RHWuxfSJISaO59QDr0qgbCMrYMHGxwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPgPaIgqHq6/rRh3+T29RDU4rMCXMB8GA1UdIwQY
MBaAFCnBcNmLXjXX1RU3ZxxgQKUVGIS8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2NGdzJZdGVOZGZWRlRkbkhHQkFwUlVZaEx3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9lMjVhM2MtZGVmNi00MjI4LWExMGIt
YzQ1ZTk0OWU5Y2Q2LzEvMS1BOW9pQ29lcnItdEdIZjVQYjFFTlRpc3dKYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmIvZTI1YTNjLWRlZjYtNDIyOC1hMTBiLWM0NWU5NDllOWNk
Ni8xL0tjRncyWXRlTmRmVkZUZG5IR0JBcFJVWWhMdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA9RI4DAN
BAIAAjAHAwUAKgIJaDANBgkqhkiG9w0BAQsFAAOCAQEAnFN+hFdSRFehahGE5E7D
kwTsi4zkzL+bSJXjztg0aGFoCJQrGbELi7O/t7k2jiG81Ez7mvnKuwc8Z/ixgPAo
Q+95Bg4ZNBnUhDHe985A5838J9eIoaOXRl5E7XsDHCtXomLz865wk3IYjHeZPzzV
Gd7OloR6aLeK3pf7iSC9UFIVxEdkd1qSSeLxIafSm9FVJWdccvYdoASww1PPhah6
IGwC+NjqvBSIxpr/IxHJe5KOtEzh1KkOa7NKBOfkTm/1Twg92Z9s0Pw3Ge+qv+na
OH+7iicj40nifemIcbyJ9SHTYSeGtLaH5VxttuKMhC/NMHtZJoLucukgmoOi4ILj
FQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:54:57 2024 by rpki-client on console-ams.rpki-client.org