Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/I5pvib7lUAwlzJYdOmKsbIG_mXI.roa
File: I5pvib7lUAwlzJYdOmKsbIG_mXI.roa (raw, json)
Hash identifier: 1WJsSPy5mw5rao86d5Fd881CLftCGx2GOMCOHWJpOCo=
Subject key identifier: 23:9A:6F:89:BE:E5:50:0C:25:CC:96:1D:3A:62:AC:6C:81:BF:99:72
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018CC9BBC70B6D7B6872AD3216C2EFD1C751
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/I5pvib7lUAwlzJYdOmKsbIG_mXI.roa
Signing time: Tue 02 Jan 2024 10:32:55 +0000
ROA not before: Tue 02 Jan 2024 10:32:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5513
IP address blocks: 212.51.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:c7:0b:6d:7b:68:72:ad:32:16:c2:ef:d1:c7:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 10:32:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=239a6f89bee5500c25cc961d3a62ac6c81bf9972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:5a:5d:61:c4:3e:3d:36:f4:38:0d:c9:b2:5f:
56:1f:e0:48:e6:7f:d5:8d:f4:e8:fb:68:a4:09:53:
41:94:8c:0a:b5:47:e7:9f:e5:10:88:44:2a:0b:6c:
57:0a:73:85:3a:b4:6d:89:a0:1d:3c:23:14:81:a9:
5f:fb:7d:7c:92:dc:04:83:81:17:c1:9c:fc:a6:99:
b4:db:d4:6d:db:50:da:27:f5:fe:79:0c:0c:f8:1f:
d5:4e:d9:a0:8e:2d:d5:a3:b6:10:7e:8c:a9:8f:76:
d7:99:c7:95:52:cc:ac:bb:82:d6:08:5d:8f:3e:8f:
a3:ef:86:fd:e7:19:5e:ed:bd:c9:2c:fb:bc:9f:09:
a2:12:6f:95:bb:70:3d:8f:d8:e1:19:c8:5a:7f:e0:
6c:5b:a0:aa:0b:91:4a:91:02:34:ec:bb:91:32:ea:
ff:f3:48:20:89:93:9c:1a:48:db:17:f6:85:ad:d6:
6e:ac:ef:1a:82:c2:89:7c:00:3e:3e:d0:c5:75:ac:
0e:ad:ba:6a:da:d3:d7:c5:08:eb:e9:64:53:b8:7f:
6d:b4:49:be:55:f7:82:c5:4b:3d:a9:ea:ed:42:40:
3c:ac:4d:5e:a5:d5:92:71:93:99:86:8e:72:53:53:
82:a0:22:ef:5b:17:d9:79:02:af:25:94:da:b1:c2:
37:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:9A:6F:89:BE:E5:50:0C:25:CC:96:1D:3A:62:AC:6C:81:BF:99:72
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/I5pvib7lUAwlzJYdOmKsbIG_mXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.51.64.0/18
Signature Algorithm: sha256WithRSAEncryption
73:aa:ce:ca:8c:09:d3:4c:24:3a:b5:3b:51:a6:d2:7b:02:3e:
7e:8b:31:59:77:e8:f2:02:de:43:b3:20:de:17:7c:c1:1f:37:
27:55:f9:7b:68:a0:bb:07:11:52:cb:8a:80:9f:47:10:a6:d0:
22:cc:4a:34:ab:49:49:c3:ac:64:5d:0c:87:02:6d:17:af:f9:
d9:a0:67:1f:9f:44:de:c1:4e:ac:6c:8b:58:2a:0f:36:45:f7:
b7:67:c1:f0:1e:8b:bc:74:c0:c5:30:59:fc:85:07:bb:5d:50:
f8:f1:c0:34:7d:6e:01:84:82:8b:21:2f:56:fc:83:f6:0a:bc:
0b:c5:9b:eb:f7:e2:c2:e7:ba:fc:c9:ea:7b:da:10:92:f2:bf:
01:cd:86:20:c5:d7:68:e6:16:b3:48:e4:d4:51:9a:38:05:66:
27:94:42:2e:eb:b0:76:78:10:b4:2b:b9:46:78:d1:1c:94:e1:
38:a8:64:a7:30:f7:e7:83:5b:69:94:4c:8b:f0:1d:86:1c:10:
25:bc:64:72:33:c5:e3:c3:e8:59:19:45:e0:8a:ae:30:79:48:
79:c9:89:50:3e:d5:d5:da:03:88:52:19:9e:c0:df:1b:92:92:
22:27:af:15:4d:d3:86:a1:10:5f:d9:65:35:15:e2:45:33:da:
70:ac:22:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu8cLbXtocq0yFsLv0cdRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjQwMTAyMTAzMjU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzlhNmY4OWJlZTU1MDBjMjVjYzk2MWQzYTYyYWM2YzgxYmY5OTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA91pdYcQ+PTb0OA3Jsl9WH+BI5n/V
jfTo+2ikCVNBlIwKtUfnn+UQiEQqC2xXCnOFOrRtiaAdPCMUgalf+318ktwEg4EX
wZz8ppm029Rt21DaJ/X+eQwM+B/VTtmgji3Vo7YQfoypj3bXmceVUsysu4LWCF2P
Po+j74b95xle7b3JLPu8nwmiEm+Vu3A9j9jhGchaf+BsW6CqC5FKkQI07LuRMur/
80ggiZOcGkjbF/aFrdZurO8agsKJfAA+PtDFdawOrbpq2tPXxQjr6WRTuH9ttEm+
VfeCxUs9qertQkA8rE1epdWScZOZho5yU1OCoCLvWxfZeQKvJZTascI3iQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCOab4m+5VAMJcyWHTpirGyBv5lyMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvSTVwdmliN2xVQXdsekpZZE9tS3NiSUdfbVhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG1DNAMA0G
CSqGSIb3DQEBCwUAA4IBAQBzqs7KjAnTTCQ6tTtRptJ7Aj5+izFZd+jyAt5DsyDe
F3zBHzcnVfl7aKC7BxFSy4qAn0cQptAizEo0q0lJw6xkXQyHAm0Xr/nZoGcfn0Te
wU6sbItYKg82Rfe3Z8HwHou8dMDFMFn8hQe7XVD48cA0fW4BhIKLIS9W/IP2CrwL
xZvr9+LC57r8yep72hCS8r8BzYYgxddo5hazSOTUUZo4BWYnlEIu67B2eBC0K7lG
eNEclOE4qGSnMPfng1tplEyL8B2GHBAlvGRyM8Xjw+hZGUXgiq4weUh5yYlQPtXV
2gOIUhmewN8bkpIiJ68VTdOGoRBf2WU1FeJFM9pwrCL6
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:25:27 2024 by rpki-client on console-fra.rpki-client.org