Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/1-bnIjhaSQ7E1q7jxc6bxA-QJIg0.roa
File: 1-bnIjhaSQ7E1q7jxc6bxA-QJIg0.roa (raw, json)
Hash identifier: CmkxEJqXfv/lXNyw9ylACyJrOR1mG09OzcXUlESsIaM=
Subject key identifier: F9:B9:C8:8E:16:92:43:B1:35:AB:B8:F1:73:A6:F1:03:E4:09:22:0D
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 018CC4924C8CDF57AA88A8A7F32B7F0280DC
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/1-bnIjhaSQ7E1q7jxc6bxA-QJIg0.roa
Signing time: Mon 01 Jan 2024 10:29:31 +0000
ROA not before: Mon 01 Jan 2024 10:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39396
IP address blocks: 212.21.129.0/24 maxlen: 24
212.21.133.0/24 maxlen: 24
212.21.159.0/24 maxlen: 24
2a00:e200:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.mft
rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:4c:8c:df:57:aa:88:a8:a7:f3:2b:7f:02:80:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 1 10:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9b9c88e169243b135abb8f173a6f103e409220d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:e3:01:96:83:1c:fa:73:83:49:21:8a:2c:b8:
f5:c0:16:ce:5c:fa:19:e7:29:10:b2:c5:52:98:24:
4e:7b:94:28:27:60:f8:0b:a9:6a:62:9a:60:dd:87:
ce:b4:10:4d:eb:33:53:ed:c8:3b:c3:c8:89:7c:0d:
6c:d9:bd:ba:1e:de:6b:f3:11:db:fd:3e:8e:21:d6:
c6:46:49:8f:3d:f2:12:d2:83:19:6e:79:71:a1:7b:
95:c7:1c:c1:48:00:4a:24:e5:16:ac:c9:e6:6f:cd:
55:9d:f3:27:0c:ad:bb:e4:bb:58:62:81:cd:af:1f:
8b:31:09:62:72:e9:f3:e1:4b:14:9e:94:46:5c:dd:
1b:e0:d8:15:c3:0c:aa:23:c8:b9:c6:e4:a6:98:6a:
b4:d6:fe:4f:dd:c3:ad:7c:86:c3:38:66:cf:41:e6:
30:33:a5:c4:6f:fd:cc:fa:60:b5:1e:ad:8f:0f:14:
1f:b7:d5:40:30:a1:f6:ca:50:1e:11:08:83:4d:b6:
e1:22:c3:2c:75:bb:e8:61:04:de:5b:d3:d7:c3:05:
9e:3b:d3:4c:74:b2:82:3a:1d:5c:cc:6f:68:ad:28:
e2:b2:93:1e:95:7c:ee:b3:c6:0e:c8:4f:14:bd:88:
a6:96:40:80:e8:1a:44:38:d5:65:3f:92:f8:b5:c1:
27:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B9:C8:8E:16:92:43:B1:35:AB:B8:F1:73:A6:F1:03:E4:09:22:0D
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/1-bnIjhaSQ7E1q7jxc6bxA-QJIg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.21.129.0/24
212.21.133.0/24
212.21.159.0/24
IPv6:
2a00:e200:100::/48
Signature Algorithm: sha256WithRSAEncryption
42:ab:12:d8:a4:9c:25:5a:9d:6d:bb:1f:8a:bd:22:f0:2c:48:
83:04:85:ee:8d:38:6d:0f:b0:66:ee:7d:25:43:b5:8e:f4:07:
52:06:86:21:df:06:84:fe:9c:12:e0:90:e2:c0:95:58:cc:46:
8f:23:23:23:e3:61:47:50:ed:fe:34:0b:97:25:ff:c5:46:6c:
45:bf:7b:d0:bc:be:29:25:5c:1b:42:7c:b3:9a:d8:fe:a0:d1:
21:7f:12:5f:20:ed:91:16:6c:cf:76:4f:95:d2:4b:d9:37:31:
9d:61:8d:4e:dd:77:15:3a:30:23:4d:cf:8e:30:a4:ed:3b:82:
e9:cf:3b:d5:8e:a9:32:1d:19:44:bb:38:ae:88:19:76:d0:1b:
3d:ee:36:c4:e7:21:ef:45:ca:b3:d2:29:df:33:25:48:f7:6a:
dd:d9:ad:13:6f:e9:1f:da:2f:fa:45:32:9b:6f:79:ba:21:51:
1d:a7:e4:36:84:49:3f:48:5a:9c:c8:b2:be:16:6c:f2:34:19:
d0:42:8d:9d:96:65:fd:25:ac:a2:41:e2:68:77:04:32:ee:c1:
c7:ff:91:b0:69:33:6b:ea:ea:51:52:3b:f3:d0:0d:aa:3b:f3:
6c:ca:f5:24:ec:83:2b:2b:7c:33:4a:1b:2f:bc:b3:44:db:38:
10:11:2b:42
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzEkkyM31eqiKin8yt/AoDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjQwMTAxMTAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWI5Yzg4ZTE2OTI0M2IxMzVhYmI4ZjE3M2E2ZjEwM2U0MDkyMjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OMBloMc+nODSSGKLLj1wBbOXPoZ
5ykQssVSmCROe5QoJ2D4C6lqYppg3YfOtBBN6zNT7cg7w8iJfA1s2b26Ht5r8xHb
/T6OIdbGRkmPPfIS0oMZbnlxoXuVxxzBSABKJOUWrMnmb81VnfMnDK275LtYYoHN
rx+LMQlicunz4UsUnpRGXN0b4NgVwwyqI8i5xuSmmGq01v5P3cOtfIbDOGbPQeYw
M6XEb/3M+mC1Hq2PDxQft9VAMKH2ylAeEQiDTbbhIsMsdbvoYQTeW9PXwwWeO9NM
dLKCOh1czG9orSjispMelXzus8YOyE8UvYimlkCA6BpEONVlP5L4tcEnSwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPm5yI4WkkOxNau48XOm8QPkCSINMB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvMS1ibklqaGFTUTdFMXE3anhjNmJ4QS1RSklnMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTUvMzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1
Yy8xLzYteVFNTWNLUFVHUzFad28zTWpWUjJsRFFMTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA8BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEANQVgQME
ANQVhQMEANQVnzAPBAIAAjAJAwcAKgDiAAEAMA0GCSqGSIb3DQEBCwUAA4IBAQBC
qxLYpJwlWp1tux+KvSLwLEiDBIXujThtD7Bm7n0lQ7WO9AdSBoYh3waE/pwS4JDi
wJVYzEaPIyMj42FHUO3+NAuXJf/FRmxFv3vQvL4pJVwbQnyzmtj+oNEhfxJfIO2R
FmzPdk+V0kvZNzGdYY1O3XcVOjAjTc+OMKTtO4LpzzvVjqkyHRlEuziuiBl20Bs9
7jbE5yHvRcqz0infMyVI92rd2a0Tb+kf2i/6RTKbb3m6IVEdp+Q2hEk/SFqcyLK+
FmzyNBnQQo2dlmX9JayiQeJodwQy7sHH/5GwaTNr6upRUjvz0A2qO/NsyvUk7IMr
K3wzShsvvLNE2zgQEStC
-----END CERTIFICATE-----
Generated at Sat May 25 14:15:06 2024 by rpki-client on console-ams.rpki-client.org