Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_ga02KGrAEm2lFGcyiHNVp1Alsk.roa
File: _ga02KGrAEm2lFGcyiHNVp1Alsk.roa (raw, json)
Hash identifier: lLG3ezys4ZueMGH7SePYMI4w41K4y9BRaqXlLcqJVi8=
Subject key identifier: FE:06:B4:D8:A1:AB:00:49:B6:94:51:9C:CA:21:CD:56:9D:40:96:C9
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0192FD4D1AEBCB5AC853B77067CFFE71E247
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_ga02KGrAEm2lFGcyiHNVp1Alsk.roa
Signing time: Tue 05 Nov 2024 17:09:01 +0000
ROA not before: Tue 05 Nov 2024 17:09:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42927
IP address blocks: 213.210.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fd:4d:1a:eb:cb:5a:c8:53:b7:70:67:cf:fe:71:e2:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 5 17:09:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe06b4d8a1ab0049b694519cca21cd569d4096c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:42:5a:78:56:79:a8:8a:23:df:f1:dd:25:54:
b6:f7:18:73:ac:6a:cf:cb:9d:cb:0e:f7:0f:65:42:
0f:59:7b:87:04:45:72:47:c5:12:74:df:51:b7:0e:
ce:61:e2:72:45:07:74:af:f0:ed:d0:78:31:7d:77:
53:80:9d:b5:a5:dd:60:85:00:12:ab:79:35:3b:cd:
36:fd:48:0b:fa:15:81:fa:79:27:bd:48:85:ab:c3:
13:3c:61:b0:83:c3:a1:e3:48:35:02:ea:76:b2:e8:
7e:19:39:df:d6:7a:e4:d9:c5:e1:a0:d4:8d:c0:00:
19:27:46:31:da:40:ad:ea:38:51:d9:12:5d:0e:1d:
d6:b2:5d:7a:fa:41:27:6d:7d:dd:b3:01:d4:6b:7e:
7f:83:39:99:b2:e0:97:77:af:32:48:3e:4e:d8:b4:
e5:84:fe:48:8e:88:93:0a:fe:25:35:9f:75:cc:d7:
97:48:d3:97:84:0b:c1:6d:5e:d4:e6:78:25:07:4e:
99:75:88:51:9c:02:82:c4:f6:ca:c4:2e:0d:c2:97:
55:a5:5e:52:f7:b7:f1:ec:35:a0:ef:f9:09:1f:37:
6b:eb:cc:cd:c4:08:2c:5b:cd:85:b1:fc:e7:c9:a8:
9a:63:6c:ec:be:9f:41:bd:84:6b:1d:4c:d2:04:4f:
74:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:06:B4:D8:A1:AB:00:49:B6:94:51:9C:CA:21:CD:56:9D:40:96:C9
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_ga02KGrAEm2lFGcyiHNVp1Alsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.210.35.0/24
Signature Algorithm: sha256WithRSAEncryption
34:ec:a0:50:0b:2d:ee:e9:86:21:6e:51:d0:84:da:ef:67:9d:
4d:f6:2d:04:ef:7e:f0:ed:90:85:f3:79:b6:16:41:7e:19:44:
2f:ea:c5:91:96:da:7c:44:33:46:ef:58:83:7a:fc:cc:ba:1d:
66:69:84:53:1d:aa:29:d3:b4:12:70:2a:d3:5e:d4:54:6f:df:
9a:04:1d:b1:a1:4c:90:c9:0d:73:b7:dd:fa:47:6a:aa:cf:c5:
36:52:18:43:68:84:a7:a6:0b:4d:7f:fb:9c:1b:0b:29:50:03:
f0:2c:df:a3:11:71:8c:60:04:12:4e:34:8b:57:96:49:78:f4:
02:6d:85:b6:1f:b8:44:14:d8:03:a6:1c:e1:32:21:f5:7f:c5:
03:cc:e7:03:35:26:42:73:8d:1f:f3:51:30:7e:ce:2c:a3:80:
90:88:69:86:b2:dc:dd:fd:83:20:4b:d8:2c:4b:8f:e8:06:af:
1c:c9:ff:8b:9b:81:ed:a2:e5:b3:55:32:56:58:0d:d2:62:45:
cf:1d:24:82:5a:dd:48:f0:23:08:c2:b0:16:66:2f:fd:1e:79:
ca:80:f7:50:6f:ad:5c:cf:a4:29:11:3e:c5:f9:6c:da:2a:a5:
4e:8f:c3:ae:e3:42:54:72:09:91:6a:3b:5f:43:bd:13:14:90:
1e:40:46:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZL9TRrry1rIU7dwZ8/+ceJHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTA1MTcwOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTA2YjRkOGExYWIwMDQ5YjY5NDUxOWNjYTIxY2Q1NjlkNDA5NmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEJaeFZ5qIoj3/HdJVS29xhzrGrP
y53LDvcPZUIPWXuHBEVyR8USdN9Rtw7OYeJyRQd0r/Dt0HgxfXdTgJ21pd1ghQAS
q3k1O802/UgL+hWB+nknvUiFq8MTPGGwg8Oh40g1Aup2suh+GTnf1nrk2cXhoNSN
wAAZJ0Yx2kCt6jhR2RJdDh3Wsl16+kEnbX3dswHUa35/gzmZsuCXd68ySD5O2LTl
hP5IjoiTCv4lNZ91zNeXSNOXhAvBbV7U5nglB06ZdYhRnAKCxPbKxC4NwpdVpV5S
97fx7DWg7/kJHzdr68zNxAgsW82FsfznyaiaY2zsvp9BvYRrHUzSBE90NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP4GtNihqwBJtpRRnMohzVadQJbJMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvX2dhMDJLR3JBRW0ybEZHY3lpSE5WcDFBbHNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dIjMA0G
CSqGSIb3DQEBCwUAA4IBAQA07KBQCy3u6YYhblHQhNrvZ51N9i0E737w7ZCF83m2
FkF+GUQv6sWRltp8RDNG71iDevzMuh1maYRTHaop07QScCrTXtRUb9+aBB2xoUyQ
yQ1zt936R2qqz8U2UhhDaISnpgtNf/ucGwspUAPwLN+jEXGMYAQSTjSLV5ZJePQC
bYW2H7hEFNgDphzhMiH1f8UDzOcDNSZCc40f81Ewfs4so4CQiGmGstzd/YMgS9gs
S4/oBq8cyf+Lm4HtouWzVTJWWA3SYkXPHSSCWt1I8CMIwrAWZi/9HnnKgPdQb61c
z6QpET7F+WzaKqVOj8Ou40JUcgmRajtfQ70TFJAeQEbu
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:54:23 2024 by rpki-client on console-ams.rpki-client.org