Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/t0ASiNYJXdFBDsdzzD8ZCcPfThc.roa
File: t0ASiNYJXdFBDsdzzD8ZCcPfThc.roa (raw, json)
Hash identifier: 3dLCODTzoFssDeODDSzZJRt0R27EGd+JHJ/2qSrDaB4=
Subject key identifier: B7:40:12:88:D6:09:5D:D1:41:0E:C7:73:CC:3F:19:09:C3:DF:4E:17
Certificate issuer: /CN=ebbc0d60bd3a90bd5e31509deadf447076b078d8
Certificate serial: 018CC9BC03574367B679BB57552F6096171D
Authority key identifier: EB:BC:0D:60:BD:3A:90:BD:5E:31:50:9D:EA:DF:44:70:76:B0:78:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/67wNYL06kL1eMVCd6t9EcHaweNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/t0ASiNYJXdFBDsdzzD8ZCcPfThc.roa
Signing time: Tue 02 Jan 2024 10:33:11 +0000
ROA not before: Tue 02 Jan 2024 10:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44525
IP address blocks: 212.45.71.0/24 maxlen: 24
212.45.70.0/24 maxlen: 24
212.45.68.0/22 maxlen: 22
212.45.69.0/24 maxlen: 24
212.45.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/67wNYL06kL1eMVCd6t9EcHaweNg.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/67wNYL06kL1eMVCd6t9EcHaweNg.mft
rsync://rpki.ripe.net/repository/DEFAULT/67wNYL06kL1eMVCd6t9EcHaweNg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:03:57:43:67:b6:79:bb:57:55:2f:60:96:17:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebbc0d60bd3a90bd5e31509deadf447076b078d8
Validity
Not Before: Jan 2 10:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7401288d6095dd1410ec773cc3f1909c3df4e17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:41:95:f9:6c:e7:98:cb:ed:78:cd:43:fd:5f:
63:d3:bf:17:42:67:ab:07:60:9e:64:38:ec:04:ce:
c8:8b:12:a9:31:8c:7a:f2:9d:a4:c8:1d:fd:fb:2f:
55:af:a1:9c:cd:23:48:da:3d:1d:23:26:ad:be:87:
84:66:07:c5:ac:43:1a:7f:cd:ea:27:70:26:df:18:
df:27:c3:9d:78:9f:25:a8:11:eb:39:bf:2b:85:c4:
ec:49:21:15:35:4a:60:db:cd:53:88:c1:00:4d:e9:
cf:e8:54:bf:a7:7b:7b:5d:4c:91:33:8a:03:28:1d:
b4:a6:87:bb:37:fd:86:41:c3:16:5e:15:be:bb:61:
f2:1b:5f:7b:9c:52:02:93:13:a5:0f:06:5f:0a:42:
73:58:84:30:47:d6:06:f7:7d:fa:3d:00:72:d1:6a:
e3:b8:9a:34:e3:00:05:b0:05:ff:be:55:b7:ad:df:
e4:5a:ed:8c:5a:15:93:9e:33:e1:8d:8c:cb:a0:92:
a7:5f:dc:d1:88:93:4f:fc:dd:f6:2e:05:d3:12:0f:
2e:7d:61:3b:ac:f3:32:77:ca:cb:1c:9e:8d:ae:87:
8e:72:ae:0a:4f:76:12:97:07:c8:3b:1b:c0:e7:c5:
c9:37:fb:4d:6f:8f:b2:f7:38:3b:1a:cf:1b:68:d9:
e5:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:40:12:88:D6:09:5D:D1:41:0E:C7:73:CC:3F:19:09:C3:DF:4E:17
X509v3 Authority Key Identifier:
keyid:EB:BC:0D:60:BD:3A:90:BD:5E:31:50:9D:EA:DF:44:70:76:B0:78:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/67wNYL06kL1eMVCd6t9EcHaweNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/t0ASiNYJXdFBDsdzzD8ZCcPfThc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/67wNYL06kL1eMVCd6t9EcHaweNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.45.68.0/22
Signature Algorithm: sha256WithRSAEncryption
19:8c:ac:4a:e7:15:dc:20:d5:78:71:c5:2f:ad:2d:0f:4e:e4:
a6:fb:80:28:d7:3e:a9:48:ac:dc:ce:81:72:20:0a:94:67:15:
37:e2:0c:a5:92:f3:29:93:d7:92:52:ad:f2:09:c4:9e:a7:33:
13:56:eb:0e:e0:2b:f5:44:6b:89:87:87:2e:d1:c5:c3:97:0e:
d7:e2:45:fa:c2:ff:b7:dc:5c:b5:d2:62:0e:d4:ff:10:ee:b0:
99:17:03:30:10:06:79:c7:05:9b:14:42:58:28:9b:6e:4b:cd:
19:4a:c4:56:76:06:7a:b2:30:d9:28:48:39:ad:b3:20:be:57:
a3:f9:c9:d2:ba:81:58:c0:73:ea:6b:6b:c7:98:f4:94:4c:43:
41:38:7e:ef:07:76:c9:e2:25:44:82:46:c4:16:2c:71:78:36:
d1:b0:8d:5b:82:b6:6e:29:c5:f9:26:e2:b4:8e:9d:e6:7c:a5:
4f:30:ad:ce:d5:99:49:5e:26:3a:dd:97:e2:48:e4:c6:7b:f6:
35:56:e0:e1:af:70:bd:aa:42:42:dc:92:8e:aa:d8:0d:9b:e7:
8a:7d:4f:de:e9:94:b5:5a:77:e6:57:41:b8:80:f2:c0:1f:b6:
a5:46:3f:65:59:d3:bc:8d:07:5e:9f:98:97:bd:8b:b9:61:51:
e3:25:29:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvANXQ2e2ebtXVS9glhcdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYmMwZDYwYmQzYTkwYmQ1ZTMxNTA5ZGVhZGY0NDcwNzZi
MDc4ZDgwHhcNMjQwMTAyMTAzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzQwMTI4OGQ2MDk1ZGQxNDEwZWM3NzNjYzNmMTkwOWMzZGY0ZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEGV+WznmMvteM1D/V9j078XQmer
B2CeZDjsBM7IixKpMYx68p2kyB39+y9Vr6GczSNI2j0dIyatvoeEZgfFrEMaf83q
J3Am3xjfJ8OdeJ8lqBHrOb8rhcTsSSEVNUpg281TiMEATenP6FS/p3t7XUyRM4oD
KB20poe7N/2GQcMWXhW+u2HyG197nFICkxOlDwZfCkJzWIQwR9YG9336PQBy0Wrj
uJo04wAFsAX/vlW3rd/kWu2MWhWTnjPhjYzLoJKnX9zRiJNP/N32LgXTEg8ufWE7
rPMyd8rLHJ6NroeOcq4KT3YSlwfIOxvA58XJN/tNb4+y9zg7Gs8baNnlQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLdAEojWCV3RQQ7Hc8w/GQnD304XMB8GA1UdIwQY
MBaAFOu8DWC9OpC9XjFQnerfRHB2sHjYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjd3TllMMDZrTDFlTVZDZDZ0OUVjSGF3ZU5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8wODBhZjYtOGRjNC00OGU2LTljNjMt
YTZiOTU5OTFjZDJjLzEvdDBBU2lOWUpYZEZCRHNkenpEOFpDY1BmVGhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8wODBhZjYtOGRjNC00OGU2LTljNjMtYTZiOTU5OTFjZDJj
LzEvNjd3TllMMDZrTDFlTVZDZDZ0OUVjSGF3ZU5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1C1EMA0G
CSqGSIb3DQEBCwUAA4IBAQAZjKxK5xXcINV4ccUvrS0PTuSm+4Ao1z6pSKzczoFy
IAqUZxU34gylkvMpk9eSUq3yCcSepzMTVusO4Cv1RGuJh4cu0cXDlw7X4kX6wv+3
3Fy10mIO1P8Q7rCZFwMwEAZ5xwWbFEJYKJtuS80ZSsRWdgZ6sjDZKEg5rbMgvlej
+cnSuoFYwHPqa2vHmPSUTENBOH7vB3bJ4iVEgkbEFixxeDbRsI1bgrZuKcX5JuK0
jp3mfKVPMK3O1ZlJXiY63ZfiSOTGe/Y1VuDhr3C9qkJC3JKOqtgNm+eKfU/e6ZS1
WnfmV0G4gPLAH7alRj9lWdO8jQden5iXvYu5YVHjJSkV
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:41:50 2024 by rpki-client on console-fra.rpki-client.org