Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/ac52c3-ca44-4784-b72e-12641f9e6fc0/1/dEV_kP2ks4TGX6JBom_81SH6X0k.roa
File: dEV_kP2ks4TGX6JBom_81SH6X0k.roa (raw, json)
Hash identifier: 0MlJoODFMNFiOurjvqBfZOkTIfXLwfvVUYTv7uNtM2M=
Subject key identifier: 74:45:7F:90:FD:A4:B3:84:C6:5F:A2:41:A2:6F:FC:D5:21:FA:5F:49
Certificate issuer: /CN=fec6fb5a467974c977a997c6dda1464805ed379f
Certificate serial: 01919D4AFB4151AF3BFC4EA994CE46CC4FE8
Authority key identifier: FE:C6:FB:5A:46:79:74:C9:77:A9:97:C6:DD:A1:46:48:05:ED:37:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_sb7WkZ5dMl3qZfG3aFGSAXtN58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/ac52c3-ca44-4784-b72e-12641f9e6fc0/1/dEV_kP2ks4TGX6JBom_81SH6X0k.roa
Signing time: Thu 29 Aug 2024 08:40:22 +0000
ROA not before: Thu 29 Aug 2024 08:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20792
IP address blocks: 212.237.228.0/24 maxlen: 24
2a0f:fa42::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/ac52c3-ca44-4784-b72e-12641f9e6fc0/1/_sb7WkZ5dMl3qZfG3aFGSAXtN58.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/ac52c3-ca44-4784-b72e-12641f9e6fc0/1/_sb7WkZ5dMl3qZfG3aFGSAXtN58.mft
rsync://rpki.ripe.net/repository/DEFAULT/_sb7WkZ5dMl3qZfG3aFGSAXtN58.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9d:4a:fb:41:51:af:3b:fc:4e:a9:94:ce:46:cc:4f:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fec6fb5a467974c977a997c6dda1464805ed379f
Validity
Not Before: Aug 29 08:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74457f90fda4b384c65fa241a26ffcd521fa5f49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8b:91:a7:91:9a:d8:bd:ad:74:c8:9b:f5:3a:
1f:08:73:b1:9f:ac:af:b1:3b:2d:4b:d3:2e:7f:9b:
78:e5:24:86:c6:18:35:89:ed:38:b1:8d:2a:50:ed:
ca:65:5e:6f:37:f9:57:21:2d:5d:7e:3d:52:a7:42:
bb:6c:01:da:42:54:6e:26:d5:ed:58:f5:10:7f:39:
cf:67:14:ef:b5:fc:3b:81:35:41:23:cc:03:c3:c7:
5c:7b:63:3c:2a:9d:44:8c:18:d2:83:f7:8b:3a:75:
5b:d1:38:20:fb:94:38:da:d3:ae:ac:51:cb:d0:af:
ef:3c:eb:66:8f:f3:9c:43:72:0d:40:1a:f8:4b:f0:
21:26:9a:9d:4b:2f:d3:8b:fc:fb:cb:90:2e:36:78:
f3:43:b1:d6:76:93:10:ab:55:dd:95:2b:e7:e9:97:
14:b7:22:4f:ad:4c:25:aa:05:3f:da:eb:34:53:5c:
91:56:1c:f8:c5:de:87:ed:b2:b5:d7:91:af:43:3a:
97:bd:2d:3a:aa:58:7f:f3:86:b2:af:70:8c:78:2e:
58:cb:40:21:1d:0a:ce:ec:09:17:6e:c1:86:3d:9d:
89:55:e1:86:b5:ae:6c:bc:aa:f2:ff:ed:1b:ce:a8:
2e:3c:63:05:d8:a0:3d:62:d2:c7:db:9e:fe:01:d7:
6a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:45:7F:90:FD:A4:B3:84:C6:5F:A2:41:A2:6F:FC:D5:21:FA:5F:49
X509v3 Authority Key Identifier:
keyid:FE:C6:FB:5A:46:79:74:C9:77:A9:97:C6:DD:A1:46:48:05:ED:37:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_sb7WkZ5dMl3qZfG3aFGSAXtN58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/ac52c3-ca44-4784-b72e-12641f9e6fc0/1/dEV_kP2ks4TGX6JBom_81SH6X0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/ac52c3-ca44-4784-b72e-12641f9e6fc0/1/_sb7WkZ5dMl3qZfG3aFGSAXtN58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.237.228.0/24
IPv6:
2a0f:fa42::/32
Signature Algorithm: sha256WithRSAEncryption
86:80:9a:d5:35:e1:85:9e:b6:23:d8:c2:31:f4:03:89:ca:6c:
5b:65:40:ef:be:0f:8a:c3:49:0c:5d:54:22:d4:86:e1:6d:19:
61:3a:71:fa:14:98:9b:09:37:f5:d2:c1:b2:b9:4d:28:b1:eb:
80:9e:d2:4a:d7:09:4f:09:12:45:a4:24:c1:cd:69:57:2f:a0:
58:78:74:04:07:58:71:1b:94:b0:57:b7:27:71:e2:38:0b:08:
fd:54:d2:05:1c:37:79:ca:55:88:a7:5a:f7:1c:ad:b1:31:2c:
cf:8e:66:fe:8f:cb:b5:cd:3c:6d:15:fa:23:07:cf:b9:71:ea:
03:21:ae:39:75:b3:7b:97:64:40:5c:f4:2b:71:54:1d:ed:ad:
2a:7a:c8:69:f2:3e:e1:90:3b:a1:10:3a:eb:d2:49:e8:c0:db:
ac:94:ce:d5:53:e4:60:78:8e:28:0c:41:b5:4c:4b:97:ff:ae:
4a:2a:25:a0:fa:67:2a:c0:c6:d3:e7:9f:86:dc:01:e6:15:40:
88:42:68:70:85:33:3d:16:dc:77:0d:4e:06:2d:eb:8f:9c:68:
c9:b5:1a:43:aa:44:e4:ab:e8:11:d9:cf:4c:e8:84:19:9c:56:
17:e0:4c:85:04:80:49:fc:f9:52:58:b5:0a:15:19:28:cd:4d:
e2:8c:f3:2f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZGdSvtBUa87/E6plM5GzE/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYzZmYjVhNDY3OTc0Yzk3N2E5OTdjNmRkYTE0NjQ4MDVl
ZDM3OWYwHhcNMjQwODI5MDg0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDQ1N2Y5MGZkYTRiMzg0YzY1ZmEyNDFhMjZmZmNkNTIxZmE1ZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYuRp5Ga2L2tdMib9TofCHOxn6yv
sTstS9Muf5t45SSGxhg1ie04sY0qUO3KZV5vN/lXIS1dfj1Sp0K7bAHaQlRuJtXt
WPUQfznPZxTvtfw7gTVBI8wDw8dce2M8Kp1EjBjSg/eLOnVb0Tgg+5Q42tOurFHL
0K/vPOtmj/OcQ3INQBr4S/AhJpqdSy/Ti/z7y5AuNnjzQ7HWdpMQq1XdlSvn6ZcU
tyJPrUwlqgU/2us0U1yRVhz4xd6H7bK115GvQzqXvS06qlh/84ayr3CMeC5Yy0Ah
HQrO7AkXbsGGPZ2JVeGGta5svKry/+0bzqguPGMF2KA9YtLH257+Addq6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHRFf5D9pLOExl+iQaJv/NUh+l9JMB8GA1UdIwQY
MBaAFP7G+1pGeXTJd6mXxt2hRkgF7TefMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3NiN1drWjVkTWwzcVpmRzNhRkdTQVh0TjU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9hYzUyYzMtY2E0NC00Nzg0LWI3MmUt
MTI2NDFmOWU2ZmMwLzEvZEVWX2tQMmtzNFRHWDZKQm9tXzgxU0g2WDBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9hYzUyYzMtY2E0NC00Nzg0LWI3MmUtMTI2NDFmOWU2ZmMw
LzEvX3NiN1drWjVkTWwzcVpmRzNhRkdTQVh0TjU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA1O3kMA0E
AgACMAcDBQAqD/pCMA0GCSqGSIb3DQEBCwUAA4IBAQCGgJrVNeGFnrYj2MIx9AOJ
ymxbZUDvvg+Kw0kMXVQi1IbhbRlhOnH6FJibCTf10sGyuU0oseuAntJK1wlPCRJF
pCTBzWlXL6BYeHQEB1hxG5SwV7cnceI4Cwj9VNIFHDd5ylWIp1r3HK2xMSzPjmb+
j8u1zTxtFfojB8+5ceoDIa45dbN7l2RAXPQrcVQd7a0qeshp8j7hkDuhEDrr0kno
wNuslM7VU+RgeI4oDEG1TEuX/65KKiWg+mcqwMbT55+G3AHmFUCIQmhwhTM9Ftx3
DU4GLeuPnGjJtRpDqkTkq+gR2c9M6IQZnFYX4EyFBIBJ/PlSWLUKFRkozU3ijPMv
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:05:42 2024 by rpki-client on console-ams.rpki-client.org