Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/_O-3bS6qJHl2kjMnez2DL4sXyYI.roa
File: _O-3bS6qJHl2kjMnez2DL4sXyYI.roa (raw, json)
Hash identifier: R82tdN0zgsXYbh1tAsrm7fOBV6WsPCOsyV5JsKYEoFo=
Subject key identifier: FC:EF:B7:6D:2E:AA:24:79:76:92:33:27:7B:3D:83:2F:8B:17:C9:82
Certificate issuer: /CN=969d46361b6af720fb9836acec965b0f52f4b09c
Certificate serial: 018CCA99D10C9C03C5838B35C2FD3AB025B8
Authority key identifier: 96:9D:46:36:1B:6A:F7:20:FB:98:36:AC:EC:96:5B:0F:52:F4:B0:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lp1GNhtq9yD7mDas7JZbD1L0sJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/_O-3bS6qJHl2kjMnez2DL4sXyYI.roa
Signing time: Tue 02 Jan 2024 14:35:27 +0000
ROA not before: Tue 02 Jan 2024 14:35:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29690
IP address blocks: 212.70.36.0/24 maxlen: 24
212.70.32.0/24 maxlen: 24
212.70.32.0/19 maxlen: 19
212.70.34.0/24 maxlen: 24
212.70.40.0/24 maxlen: 24
212.70.50.0/24 maxlen: 24
212.70.51.0/24 maxlen: 24
212.70.45.0/24 maxlen: 24
212.70.49.0/24 maxlen: 24
212.70.47.0/24 maxlen: 24
212.70.48.0/24 maxlen: 24
212.70.53.0/24 maxlen: 24
212.70.54.0/24 maxlen: 24
83.101.128.0/24 maxlen: 24
83.101.128.0/19 maxlen: 19
83.101.129.0/24 maxlen: 24
83.101.139.0/24 maxlen: 24
83.101.138.0/24 maxlen: 24
83.101.137.0/24 maxlen: 24
83.101.141.0/24 maxlen: 24
83.101.140.0/24 maxlen: 24
83.101.143.0/24 maxlen: 24
83.101.149.0/24 maxlen: 24
83.101.150.0/24 maxlen: 24
83.101.151.0/24 maxlen: 24
83.101.155.0/24 maxlen: 24
83.101.156.0/24 maxlen: 24
83.101.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/lp1GNhtq9yD7mDas7JZbD1L0sJw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/lp1GNhtq9yD7mDas7JZbD1L0sJw.mft
rsync://rpki.ripe.net/repository/DEFAULT/lp1GNhtq9yD7mDas7JZbD1L0sJw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:d1:0c:9c:03:c5:83:8b:35:c2:fd:3a:b0:25:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=969d46361b6af720fb9836acec965b0f52f4b09c
Validity
Not Before: Jan 2 14:35:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fcefb76d2eaa2479769233277b3d832f8b17c982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a0:22:4f:ea:13:31:58:43:9f:1a:5d:d2:c0:
18:75:db:c1:99:9f:d3:7e:79:0f:69:ca:76:88:a8:
c0:d1:c7:12:57:28:48:49:44:9f:5b:86:f7:04:f6:
d4:b7:e7:5f:84:c3:44:26:39:a8:62:7c:ac:0f:aa:
d1:96:a7:41:4a:4f:c1:6e:67:26:df:72:90:50:9e:
36:8b:7d:c8:b0:85:6e:55:9b:20:a7:ce:f3:e4:ea:
2d:e5:b0:0b:cb:79:13:87:14:f6:a3:af:db:76:51:
71:73:32:3b:0c:9e:40:43:24:6f:b4:d8:01:ed:23:
85:cd:0e:15:dd:49:4a:5c:20:c9:ae:24:38:17:4e:
84:a3:32:d2:7a:6d:4f:eb:4c:7e:84:5d:2f:bb:b4:
27:cf:96:b3:ee:2e:ae:b7:e0:a5:c2:35:e8:0b:3a:
3f:5f:60:a3:75:3c:c2:74:cb:e3:86:68:ad:1d:fa:
ac:74:88:7f:0a:c3:56:64:f3:2d:fb:62:1f:a4:d2:
2b:80:cc:90:2f:8d:37:02:77:c4:2c:0f:5e:74:d7:
9d:ae:d2:49:e0:75:2b:51:ba:e4:29:5a:42:16:d7:
88:ef:da:b7:a7:4a:b4:93:46:54:af:fb:d5:c0:9a:
08:f6:a5:46:b2:f4:e3:7b:50:f6:d5:a5:a0:19:37:
3b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:EF:B7:6D:2E:AA:24:79:76:92:33:27:7B:3D:83:2F:8B:17:C9:82
X509v3 Authority Key Identifier:
keyid:96:9D:46:36:1B:6A:F7:20:FB:98:36:AC:EC:96:5B:0F:52:F4:B0:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lp1GNhtq9yD7mDas7JZbD1L0sJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/_O-3bS6qJHl2kjMnez2DL4sXyYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/lp1GNhtq9yD7mDas7JZbD1L0sJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.101.128.0/19
212.70.32.0/19
Signature Algorithm: sha256WithRSAEncryption
c9:0a:b1:d6:e5:24:43:b3:cf:28:58:e1:74:3b:d7:ec:d2:d9:
6a:f2:9a:61:2e:0a:1c:ad:5c:03:f2:4a:93:08:5e:67:80:a6:
62:a3:08:21:35:4c:fe:8e:2f:f8:c5:bb:65:53:5b:99:fd:1d:
31:e6:7b:55:7b:94:fa:d6:c6:6d:88:70:96:f1:f5:9e:85:c1:
97:9d:b9:ef:9d:0a:4c:db:4d:d6:4f:c8:0d:81:19:91:df:ef:
38:01:81:1f:44:6f:47:58:46:bf:2e:c1:97:67:cc:21:9c:cf:
4a:4c:01:9b:58:90:51:7e:4c:8e:f3:be:83:1b:1b:d6:6f:d2:
01:87:89:17:be:e2:ef:c2:56:7d:db:52:c4:00:a4:3b:a3:1f:
68:3d:a6:30:4c:47:9e:61:fe:d6:74:34:af:e0:41:5c:0f:2d:
2e:c4:9d:b4:4b:88:ca:b6:07:60:e3:10:84:b6:74:28:37:b0:
4a:58:74:cb:52:43:a6:b4:b0:15:66:27:0d:96:9e:9a:ff:91:
b6:3a:55:d1:c4:53:61:3e:94:6c:68:4c:52:3b:5e:01:6e:03:
ea:c5:50:48:28:21:57:e7:f8:90:ec:d1:51:c2:aa:bc:03:c5:
98:48:43:f1:b2:90:f6:dd:a4:a4:9a:48:bf:6f:52:03:9a:83:
5a:51:1d:68
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKmdEMnAPFg4s1wv06sCW4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OWQ0NjM2MWI2YWY3MjBmYjk4MzZhY2VjOTY1YjBmNTJm
NGIwOWMwHhcNMjQwMTAyMTQzNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2VmYjc2ZDJlYWEyNDc5NzY5MjMzMjc3YjNkODMyZjhiMTdjOTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKAiT+oTMVhDnxpd0sAYddvBmZ/T
fnkPacp2iKjA0ccSVyhISUSfW4b3BPbUt+dfhMNEJjmoYnysD6rRlqdBSk/Bbmcm
33KQUJ42i33IsIVuVZsgp87z5Oot5bALy3kThxT2o6/bdlFxczI7DJ5AQyRvtNgB
7SOFzQ4V3UlKXCDJriQ4F06EozLSem1P60x+hF0vu7Qnz5az7i6ut+ClwjXoCzo/
X2CjdTzCdMvjhmitHfqsdIh/CsNWZPMt+2IfpNIrgMyQL403AnfELA9edNedrtJJ
4HUrUbrkKVpCFteI79q3p0q0k0ZUr/vVwJoI9qVGsvTje1D21aWgGTc7gwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPzvt20uqiR5dpIzJ3s9gy+LF8mCMB8GA1UdIwQY
MBaAFJadRjYbavcg+5g2rOyWWw9S9LCcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHAxR05odHE5eUQ3bURhczdKWmJEMUwwc0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi81ZmJjYmItMDBmYS00YWQ3LWE4MDEt
NDM2MDAxNzFiOGJkLzEvX08tM2JTNnFKSGwya2pNbmV6MkRMNHNYeVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi81ZmJjYmItMDBmYS00YWQ3LWE4MDEtNDM2MDAxNzFiOGJk
LzEvbHAxR05odHE5eUQ3bURhczdKWmJEMUwwc0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFU2WAAwQF
1EYgMA0GCSqGSIb3DQEBCwUAA4IBAQDJCrHW5SRDs88oWOF0O9fs0tlq8pphLgoc
rVwD8kqTCF5ngKZiowghNUz+ji/4xbtlU1uZ/R0x5ntVe5T61sZtiHCW8fWehcGX
nbnvnQpM203WT8gNgRmR3+84AYEfRG9HWEa/LsGXZ8whnM9KTAGbWJBRfkyO876D
GxvWb9IBh4kXvuLvwlZ921LEAKQ7ox9oPaYwTEeeYf7WdDSv4EFcDy0uxJ20S4jK
tgdg4xCEtnQoN7BKWHTLUkOmtLAVZicNlp6a/5G2OlXRxFNhPpRsaExSO14BbgPq
xVBIKCFX5/iQ7NFRwqq8A8WYSEPxspD23aSkmki/b1IDmoNaUR1o
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:38:53 2024 by rpki-client on console-ams.rpki-client.org