Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/h-qJuSguI-z3pIiToGqYKEdRXDA.roa
File: h-qJuSguI-z3pIiToGqYKEdRXDA.roa (raw, json)
Hash identifier: KnCRtqb8lKboAjq92Lv/f9Q0ZA29ZXqdU16qF6+/Ij4=
Subject key identifier: 87:EA:89:B9:28:2E:23:EC:F7:A4:88:93:A0:6A:98:28:47:51:5C:30
Certificate issuer: /CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Certificate serial: 019232C4C464FFB282FE6FF2B06888DED092
Authority key identifier: AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/h-qJuSguI-z3pIiToGqYKEdRXDA.roa
Signing time: Fri 27 Sep 2024 09:16:48 +0000
ROA not before: Fri 27 Sep 2024 09:16:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206509
IP address blocks: 212.104.129.0/24 maxlen: 24
212.104.130.0/24 maxlen: 24
212.104.132.0/24 maxlen: 24
212.104.136.0/24 maxlen: 24
212.104.143.0/24 maxlen: 24
212.104.149.0/24 maxlen: 24
212.104.150.0/24 maxlen: 24
212.104.152.0/24 maxlen: 24
212.104.155.0/24 maxlen: 24
212.104.156.0/24 maxlen: 24
212.104.159.0/24 maxlen: 24
212.108.88.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:32:c4:c4:64:ff:b2:82:fe:6f:f2:b0:68:88:de:d0:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Validity
Not Before: Sep 27 09:16:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87ea89b9282e23ecf7a48893a06a982847515c30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fd:63:f7:92:54:3d:7a:58:72:bd:b2:97:a2:
fd:4b:54:62:3d:9b:e6:bf:0a:25:05:29:05:bb:e7:
71:72:3b:b4:41:2d:39:bc:36:b6:92:e8:70:da:02:
f2:ac:41:1f:79:e2:44:32:70:84:42:95:22:30:0d:
1c:c2:be:46:a1:69:7e:a0:c6:b8:0d:3b:1e:39:88:
0a:0f:81:4d:87:fe:3e:be:0d:8d:71:ba:8b:56:31:
d4:ce:f1:96:21:d5:ee:b7:43:da:9a:2b:f6:09:f0:
50:3b:28:cd:12:59:89:4e:f5:5d:9a:b6:f3:fd:a2:
a1:0d:71:de:95:27:06:36:1f:8a:2b:95:7a:70:4a:
ae:8d:a3:54:b3:6c:f8:0d:e4:5b:fe:04:f4:a6:c3:
4a:b7:40:c0:e4:e7:82:65:0c:f2:2c:43:65:79:7a:
7a:19:9b:45:05:72:fc:e7:f7:0d:e3:17:e6:d2:f0:
75:d3:56:f8:5d:66:37:00:9f:2e:1d:d4:99:2d:21:
ed:0e:ab:70:55:a6:62:61:73:9b:66:f0:07:1e:ab:
a3:67:e5:84:c4:8a:32:e0:4a:3a:8c:c5:fb:0f:78:
90:a7:3b:d8:90:ce:21:ac:bb:3e:ab:63:64:b3:eb:
a7:e4:0c:d6:fe:7b:a3:f5:f8:d3:f9:6a:8e:b7:0e:
ae:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:EA:89:B9:28:2E:23:EC:F7:A4:88:93:A0:6A:98:28:47:51:5C:30
X509v3 Authority Key Identifier:
keyid:AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/h-qJuSguI-z3pIiToGqYKEdRXDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.104.129.0-212.104.130.255
212.104.132.0/24
212.104.136.0/24
212.104.143.0/24
212.104.149.0-212.104.150.255
212.104.152.0/24
212.104.155.0-212.104.156.255
212.104.159.0/24
212.108.88.0/23
Signature Algorithm: sha256WithRSAEncryption
16:cc:27:2d:d2:10:ae:e0:35:4c:31:95:11:70:46:cb:3b:b9:
51:ed:15:0c:83:fd:dd:c0:9e:9c:29:43:dd:42:ca:bd:2a:b3:
50:4f:fa:a9:4b:c8:be:57:97:98:82:c8:36:c7:ec:5e:55:9b:
18:2d:76:f1:ea:f1:59:b4:e0:56:df:83:66:8d:dd:5e:ca:1d:
ee:eb:7a:61:6b:a5:7e:84:04:f0:1f:bf:38:64:ce:a2:62:55:
e6:78:14:27:10:09:fc:17:68:94:e5:2f:59:97:41:6d:23:b4:
cb:44:79:06:60:9a:96:ca:a3:eb:00:0a:71:08:cb:41:c3:34:
de:17:91:63:21:d8:42:fb:33:d4:66:2b:cc:a0:e6:c7:b9:d3:
5f:28:38:47:cc:2c:ed:fa:bc:2d:6a:3d:47:d4:c4:00:a9:36:
ba:cb:4a:ca:36:7f:22:15:53:d6:8d:90:ce:2c:0d:5d:20:0c:
66:3e:a4:43:c6:e2:ab:45:a9:81:48:52:0b:a2:59:b5:8c:83:
a3:f2:85:4b:1f:a3:25:56:31:7a:e9:e7:88:93:e8:96:0f:b4:
ac:38:8c:bb:b5:b1:34:3c:8b:b9:9d:ad:1b:01:8c:36:00:7f:
75:62:51:41:06:fd:95:b9:11:5b:9f:f1:7c:8e:ad:25:2c:e6:
e4:0f:ab:44
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZIyxMRk/7KC/m/ysGiI3tCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDM1MzkzMzY3NGE1NjA4ZjZkMWVlMmRhYjRmNjRjOGJm
ZjhmMzkwHhcNMjQwOTI3MDkxNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2VhODliOTI4MmUyM2VjZjdhNDg4OTNhMDZhOTgyODQ3NTE1YzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyf1j95JUPXpYcr2yl6L9S1RiPZvm
vwolBSkFu+dxcju0QS05vDa2kuhw2gLyrEEfeeJEMnCEQpUiMA0cwr5GoWl+oMa4
DTseOYgKD4FNh/4+vg2NcbqLVjHUzvGWIdXut0Pamiv2CfBQOyjNElmJTvVdmrbz
/aKhDXHelScGNh+KK5V6cEqujaNUs2z4DeRb/gT0psNKt0DA5OeCZQzyLENleXp6
GZtFBXL85/cN4xfm0vB101b4XWY3AJ8uHdSZLSHtDqtwVaZiYXObZvAHHqujZ+WE
xIoy4Eo6jMX7D3iQpzvYkM4hrLs+q2Nks+un5AzW/nuj9fjT+WqOtw6uDQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFIfqibkoLiPs96SIk6BqmChHUVwwMB8GA1UdIwQY
MBaAFK3TU5M2dKVgj20e4tq09kyL/485MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgt
NzJjODMxMjg3NjFiLzEvaC1xSnVTZ3VJLXozcElpVG9HcVlLRWRSWERBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgtNzJjODMxMjg3NjFi
LzEvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOMAwDBADUaIED
BADUaIIDBADUaIQDBADUaIgDBADUaI8wDAMEANRolQMEANRolgMEANRomDAMAwQA
1GibAwQA1GicAwQA1GifAwQB1GxYMA0GCSqGSIb3DQEBCwUAA4IBAQAWzCct0hCu
4DVMMZURcEbLO7lR7RUMg/3dwJ6cKUPdQsq9KrNQT/qpS8i+V5eYgsg2x+xeVZsY
LXbx6vFZtOBW34Nmjd1eyh3u63pha6V+hATwH784ZM6iYlXmeBQnEAn8F2iU5S9Z
l0FtI7TLRHkGYJqWyqPrAApxCMtBwzTeF5FjIdhC+zPUZivMoObHudNfKDhHzCzt
+rwtaj1H1MQAqTa6y0rKNn8iFVPWjZDOLA1dIAxmPqRDxuKrRamBSFILolm1jIOj
8oVLH6MlVjF66eeIk+iWD7SsOIy7tbE0PIu5na0bAYw2AH91YlFBBv2VuRFbn/F8
jq0lLObkD6tE
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:11:43 2024 by rpki-client on console-ams.rpki-client.org