Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/9m785MXZwp0BQtk_jk4fp9A4qB0.roa
File: 9m785MXZwp0BQtk_jk4fp9A4qB0.roa (raw, json)
Hash identifier: u+8J+4zJtWHS217NkWrzbcfb0E+Zj0l1Wu1mFSLU2lI=
Subject key identifier: F6:6E:FC:E4:C5:D9:C2:9D:01:42:D9:3F:8E:4E:1F:A7:D0:38:A8:1D
Certificate issuer: /CN=50264c3f09831ccd889712f4fab5c5b1be0cad56
Certificate serial: 0194252042408BD5AF1229932F0225142282
Authority key identifier: 50:26:4C:3F:09:83:1C:CD:88:97:12:F4:FA:B5:C5:B1:BE:0C:AD:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UCZMPwmDHM2IlxL0-rXFsb4MrVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/9m785MXZwp0BQtk_jk4fp9A4qB0.roa
Signing time: Thu 02 Jan 2025 03:47:38 +0000
ROA not before: Thu 02 Jan 2025 03:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12813
IP address blocks: 212.11.224.0/19 maxlen: 19
212.11.224.0/24 maxlen: 24
212.11.225.0/24 maxlen: 24
212.11.226.0/24 maxlen: 24
212.11.227.0/24 maxlen: 24
212.11.235.0/24 maxlen: 24
212.11.240.0/24 maxlen: 24
212.11.241.0/24 maxlen: 24
212.11.242.0/24 maxlen: 24
212.11.244.0/24 maxlen: 24
212.11.245.0/24 maxlen: 24
2a00:1278::/32 maxlen: 32
2a00:1278:100::/40 maxlen: 40
2a00:1278:200::/40 maxlen: 40
2a00:1278:500::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/UCZMPwmDHM2IlxL0-rXFsb4MrVY.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/UCZMPwmDHM2IlxL0-rXFsb4MrVY.mft
rsync://rpki.ripe.net/repository/DEFAULT/UCZMPwmDHM2IlxL0-rXFsb4MrVY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:42:40:8b:d5:af:12:29:93:2f:02:25:14:22:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50264c3f09831ccd889712f4fab5c5b1be0cad56
Validity
Not Before: Jan 2 03:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f66efce4c5d9c29d0142d93f8e4e1fa7d038a81d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1c:c4:06:55:21:5a:a1:8b:77:b0:2b:b2:c9:
6a:aa:56:9c:2a:07:10:86:a2:55:0d:99:30:c8:41:
d5:02:1e:02:d2:7d:2d:ec:da:dd:71:c1:cc:78:91:
4a:71:86:de:b4:48:6e:03:d4:f1:e9:21:47:5c:d6:
20:81:4a:88:d9:01:7e:66:a3:9f:1d:cb:07:82:d7:
96:8c:a3:6e:b2:96:57:65:11:13:5a:9f:dc:74:d6:
06:5d:7a:59:58:09:79:30:86:1c:c7:3b:6a:f8:04:
86:af:18:0d:75:c8:2f:40:90:32:39:7c:9f:24:de:
d1:a8:c8:a2:7b:9e:03:1a:4b:09:bf:d5:90:a4:f3:
f5:63:40:e1:39:d4:c4:92:9c:3c:be:5b:a0:9e:64:
81:72:23:e0:ab:e6:5c:42:7e:84:98:92:6b:fe:b7:
2f:14:7b:30:36:b5:a6:ce:5b:6c:4a:f4:3e:e7:d7:
02:6f:16:30:73:69:eb:23:16:e8:72:92:88:cd:4a:
0f:25:dc:c2:5c:bc:9a:01:c5:84:5a:14:dd:1b:87:
cd:1d:26:1e:f2:1b:36:cd:80:cf:a9:05:79:8f:9c:
8d:97:8c:19:05:c0:f6:dc:03:5f:c1:21:a1:25:6c:
fa:eb:03:bc:1f:85:bc:f8:cb:85:0e:f1:51:a4:2d:
5f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:6E:FC:E4:C5:D9:C2:9D:01:42:D9:3F:8E:4E:1F:A7:D0:38:A8:1D
X509v3 Authority Key Identifier:
keyid:50:26:4C:3F:09:83:1C:CD:88:97:12:F4:FA:B5:C5:B1:BE:0C:AD:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UCZMPwmDHM2IlxL0-rXFsb4MrVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/9m785MXZwp0BQtk_jk4fp9A4qB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/UCZMPwmDHM2IlxL0-rXFsb4MrVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.11.224.0/19
IPv6:
2a00:1278::/32
Signature Algorithm: sha256WithRSAEncryption
82:d8:0a:4f:1b:ec:94:c7:02:97:41:97:bc:2c:6c:ac:72:69:
9a:0e:ea:eb:17:14:a6:b7:7e:97:99:d2:ec:14:1f:e3:01:af:
dd:18:f4:10:69:47:2f:89:d7:ec:27:c6:ff:6b:2d:90:79:ed:
67:b3:91:75:f0:cb:f7:d0:a8:17:cc:55:fb:4b:af:f5:ab:08:
50:a9:7a:49:79:57:ed:14:bd:a5:67:2f:cb:00:97:60:bf:d0:
13:77:1e:fd:29:ec:39:1a:d7:bd:1c:7d:4b:5a:b6:42:52:d3:
6b:b3:0b:c3:83:2e:e2:13:d4:c2:1a:4e:d1:1d:ca:96:14:1e:
cc:49:f7:64:dc:24:e2:80:ef:d6:0d:79:ab:95:ab:84:72:d4:
7c:ba:a9:6e:ff:91:01:d3:60:02:1b:55:8b:61:e1:46:70:03:
03:a2:ef:9b:d0:f1:92:1b:02:4b:bc:d6:ab:79:a6:f1:ef:60:
18:be:05:39:b6:41:56:e2:f1:f0:8b:9c:14:b2:ea:22:8f:db:
84:99:18:40:15:26:4f:cb:9b:05:f9:a2:3c:be:7f:a9:3d:ca:
86:42:34:2a:78:43:1a:6f:02:32:cf:d6:87:36:0d:c9:02:f5:
4e:d8:0e:8d:17:d9:f2:1f:71:cc:22:79:12:a8:b5:c4:96:89:
8b:13:f6:d7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIEJAi9WvEimTLwIlFCKCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMjY0YzNmMDk4MzFjY2Q4ODk3MTJmNGZhYjVjNWIxYmUw
Y2FkNTYwHhcNMjUwMTAyMDM0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjZlZmNlNGM1ZDljMjlkMDE0MmQ5M2Y4ZTRlMWZhN2QwMzhhODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBzEBlUhWqGLd7ArsslqqlacKgcQ
hqJVDZkwyEHVAh4C0n0t7NrdccHMeJFKcYbetEhuA9Tx6SFHXNYggUqI2QF+ZqOf
HcsHgteWjKNuspZXZRETWp/cdNYGXXpZWAl5MIYcxztq+ASGrxgNdcgvQJAyOXyf
JN7RqMiie54DGksJv9WQpPP1Y0DhOdTEkpw8vlugnmSBciPgq+ZcQn6EmJJr/rcv
FHswNrWmzltsSvQ+59cCbxYwc2nrIxbocpKIzUoPJdzCXLyaAcWEWhTdG4fNHSYe
8hs2zYDPqQV5j5yNl4wZBcD23ANfwSGhJWz66wO8H4W8+MuFDvFRpC1fZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPZu/OTF2cKdAULZP45OH6fQOKgdMB8GA1UdIwQY
MBaAFFAmTD8JgxzNiJcS9Pq1xbG+DK1WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUNaTVB3bURITTJJbHhMMC1yWEZzYjRNclZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8wMTgzNWYtNTA0Zi00NWJkLWEwNTIt
NzE0Zjk2MjZkMDIxLzEvOW03ODVNWFp3cDBCUXRrX2prNGZwOUE0cUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8wMTgzNWYtNTA0Zi00NWJkLWEwNTItNzE0Zjk2MjZkMDIx
LzEvVUNaTVB3bURITTJJbHhMMC1yWEZzYjRNclZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1AvgMA0E
AgACMAcDBQAqABJ4MA0GCSqGSIb3DQEBCwUAA4IBAQCC2ApPG+yUxwKXQZe8LGys
cmmaDurrFxSmt36XmdLsFB/jAa/dGPQQaUcvidfsJ8b/ay2Qee1ns5F18Mv30KgX
zFX7S6/1qwhQqXpJeVftFL2lZy/LAJdgv9ATdx79Kew5Gte9HH1LWrZCUtNrswvD
gy7iE9TCGk7RHcqWFB7MSfdk3CTigO/WDXmrlauEctR8uqlu/5EB02ACG1WLYeFG
cAMDou+b0PGSGwJLvNareabx72AYvgU5tkFW4vHwi5wUsuoij9uEmRhAFSZPy5sF
+aI8vn+pPcqGQjQqeEMabwIyz9aHNg3JAvVO2A6NF9nyH3HMInkSqLXElomLE/bX
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:48:37 2025 by rpki-client