Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/2K_wrNe_LBSsfRPlEXdTkkkjSyo.roa
File: 2K_wrNe_LBSsfRPlEXdTkkkjSyo.roa (raw, json)
Hash identifier: NfQvgUGWon6A27Ago4TIn5Z0/5usqDaWcLSlLugWoGg=
Subject key identifier: D8:AF:F0:AC:D7:BF:2C:14:AC:7D:13:E5:11:77:53:92:49:23:4B:2A
Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Certificate serial: 01915A31A9CC245FFC42F674D7C0E19D7D68
Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/2K_wrNe_LBSsfRPlEXdTkkkjSyo.roa
Signing time: Fri 16 Aug 2024 07:58:09 +0000
ROA not before: Fri 16 Aug 2024 07:58:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51660
IP address blocks: 212.70.142.0/24 maxlen: 24
212.70.143.0/24 maxlen: 24
212.70.144.0/22 maxlen: 22
212.70.144.0/24 maxlen: 24
212.70.145.0/24 maxlen: 24
212.70.146.0/24 maxlen: 24
212.70.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5a:31:a9:cc:24:5f:fc:42:f6:74:d7:c0:e1:9d:7d:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Validity
Not Before: Aug 16 07:58:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8aff0acd7bf2c14ac7d13e51177539249234b2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:05:b0:7c:a2:ee:1c:94:db:30:35:b0:2f:03:
ec:89:3d:19:25:65:87:3f:ce:c4:6c:f0:84:c9:86:
c0:a1:a1:64:a4:cb:1d:f8:be:be:6f:0e:43:0d:56:
33:23:29:6c:53:f1:2a:c3:cb:80:05:e4:7b:60:ed:
d1:f6:74:e5:49:07:da:4e:4f:63:6b:a9:8c:90:65:
db:35:aa:bf:f8:c4:2b:b8:af:83:15:8b:31:10:2c:
26:bc:88:03:b1:85:4d:93:cd:65:20:65:a4:e5:0e:
72:71:74:e2:7d:f4:9b:83:c4:5c:5d:62:4d:a9:7b:
5d:25:19:11:5c:85:e6:eb:04:ba:d2:f8:4e:3c:d4:
cd:76:91:a3:09:e0:53:b5:f9:a2:e9:86:df:c2:4d:
6d:21:96:78:36:1c:c0:93:da:4a:d0:3d:61:8f:7e:
dd:e8:7f:cb:9e:81:58:73:e2:3c:39:49:a0:20:bd:
e9:fc:10:c5:87:f7:f0:be:11:59:b4:cd:d7:60:b5:
a4:fe:f4:51:d7:b8:50:6d:01:0f:96:68:a9:13:7c:
98:e4:3e:c3:60:0f:0a:52:c9:98:5e:3e:9f:98:48:
7d:02:7a:78:bf:0e:fd:ca:3f:a7:b3:ce:53:30:23:
ec:01:55:5b:53:88:ae:11:f2:fc:8b:15:d8:90:d5:
5e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:AF:F0:AC:D7:BF:2C:14:AC:7D:13:E5:11:77:53:92:49:23:4B:2A
X509v3 Authority Key Identifier:
keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/2K_wrNe_LBSsfRPlEXdTkkkjSyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.70.142.0-212.70.147.255
Signature Algorithm: sha256WithRSAEncryption
66:02:6c:e3:98:9d:7b:9c:66:2e:b4:40:8c:7e:99:c4:f3:cb:
ca:9a:6a:45:54:9c:aa:14:a0:ed:be:43:21:bd:d7:66:42:0b:
66:13:ab:5a:25:47:db:09:28:f3:81:07:e8:17:1d:01:67:f3:
0c:39:d0:fd:0f:f4:59:39:6f:8c:e4:45:88:31:1a:09:41:da:
51:ab:17:1f:f2:af:c6:6b:ed:52:ec:c6:a2:cd:3a:77:79:00:
f9:6c:bc:dc:67:d8:70:e8:6f:99:3a:82:12:3c:13:8a:e8:62:
34:9c:e0:7c:2d:66:b7:0c:6d:71:c5:29:72:27:76:b1:a5:a6:
a8:13:4b:2b:30:26:6a:b2:91:d2:31:09:ed:d2:a1:ed:5a:f9:
2c:13:3d:9f:9e:43:13:5e:b1:4a:7f:9f:95:8f:ec:c3:b5:35:
64:06:9e:a2:55:b2:7d:1b:16:ca:13:e2:93:1b:35:7f:3b:12:
df:9c:e4:1c:42:e3:64:b0:87:9d:e2:2a:26:74:50:93:f2:5a:
b0:9f:b2:26:81:e0:68:e7:2c:13:39:23:8b:8e:5b:a5:b4:05:
05:11:cf:15:07:f7:fe:b3:31:30:56:5a:49:98:31:d3:37:42:
30:aa:13:8a:23:e2:63:2d:47:22:8b:fe:06:1f:fe:85:24:d9:
5a:d4:b5:92
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZFaManMJF/8QvZ018DhnX1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey
NTY4MTMwHhcNMjQwODE2MDc1ODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGFmZjBhY2Q3YmYyYzE0YWM3ZDEzZTUxMTc3NTM5MjQ5MjM0YjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAWwfKLuHJTbMDWwLwPsiT0ZJWWH
P87EbPCEyYbAoaFkpMsd+L6+bw5DDVYzIylsU/Eqw8uABeR7YO3R9nTlSQfaTk9j
a6mMkGXbNaq/+MQruK+DFYsxECwmvIgDsYVNk81lIGWk5Q5ycXTiffSbg8RcXWJN
qXtdJRkRXIXm6wS60vhOPNTNdpGjCeBTtfmi6Ybfwk1tIZZ4NhzAk9pK0D1hj37d
6H/LnoFYc+I8OUmgIL3p/BDFh/fwvhFZtM3XYLWk/vRR17hQbQEPlmipE3yY5D7D
YA8KUsmYXj6fmEh9Anp4vw79yj+ns85TMCPsAVVbU4iuEfL8ixXYkNVeOQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNiv8KzXvywUrH0T5RF3U5JJI0sqMB8GA1UdIwQY
MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt
NjRkMjljODZiZjNlLzEvMktfd3JOZV9MQlNzZlJQbEVYZFRra2tqU3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl
LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHURo4D
BALURpAwDQYJKoZIhvcNAQELBQADggEBAGYCbOOYnXucZi60QIx+mcTzy8qaakVU
nKoUoO2+QyG912ZCC2YTq1olR9sJKPOBB+gXHQFn8ww50P0P9Fk5b4zkRYgxGglB
2lGrFx/yr8Zr7VLsxqLNOnd5APlsvNxn2HDob5k6ghI8E4roYjSc4HwtZrcMbXHF
KXIndrGlpqgTSyswJmqykdIxCe3Soe1a+SwTPZ+eQxNesUp/n5WP7MO1NWQGnqJV
sn0bFsoT4pMbNX87Et+c5BxC42Swh53iKiZ0UJPyWrCfsiaB4GjnLBM5I4uOW6W0
BQURzxUH9/6zMTBWWkmYMdM3QjCqE4oj4mMtRyKL/gYf/oUk2VrUtZI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:31:46 2024 by rpki-client on console-ams.rpki-client.org