Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/1--lp3ad9A-3G4PszCwH4lfNc-hU.roa
File: 1--lp3ad9A-3G4PszCwH4lfNc-hU.roa (raw, json)
Hash identifier: so4/gxXdXTC9wnewWQnyKOhPsrTSG85vU2BVMkM1jJw=
Subject key identifier: FB:E9:69:DD:A7:7D:03:ED:C6:E0:FB:33:0B:01:F8:95:F3:5C:FA:15
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 018DD14C3289C1812381C554ED3B36AA823B
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/1--lp3ad9A-3G4PszCwH4lfNc-hU.roa
Signing time: Thu 22 Feb 2024 14:50:48 +0000
ROA not before: Thu 22 Feb 2024 14:50:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 212.68.164.0/24 maxlen: 24
212.68.165.0/24 maxlen: 24
212.68.166.0/24 maxlen: 24
212.68.167.0/24 maxlen: 24
212.68.168.0/24 maxlen: 24
212.68.169.0/24 maxlen: 24
212.68.170.0/24 maxlen: 24
212.68.171.0/24 maxlen: 24
212.68.172.0/24 maxlen: 24
212.68.173.0/24 maxlen: 24
212.68.174.0/24 maxlen: 24
212.68.175.0/24 maxlen: 24
212.68.176.0/24 maxlen: 24
212.68.177.0/24 maxlen: 24
212.68.178.0/24 maxlen: 24
212.68.179.0/24 maxlen: 24
212.68.180.0/24 maxlen: 24
212.68.181.0/24 maxlen: 24
212.68.182.0/24 maxlen: 24
212.68.183.0/24 maxlen: 24
212.68.184.0/24 maxlen: 24
212.68.185.0/24 maxlen: 24
212.68.186.0/24 maxlen: 24
212.68.187.0/24 maxlen: 24
212.68.188.0/24 maxlen: 24
212.68.189.0/24 maxlen: 24
212.68.190.0/24 maxlen: 24
212.68.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d1:4c:32:89:c1:81:23:81:c5:54:ed:3b:36:aa:82:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Feb 22 14:50:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbe969dda77d03edc6e0fb330b01f895f35cfa15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:27:76:ee:4b:69:4d:d4:ed:e1:63:08:6a:1f:
32:f1:49:3c:ff:8d:2a:fe:dd:9f:26:41:38:c5:47:
20:f2:2e:0c:62:75:f2:bb:91:fa:50:de:b8:21:1a:
b7:7e:68:80:37:59:86:e3:2f:30:54:c1:3a:90:6a:
57:45:1d:e3:01:a4:d1:0b:0f:dc:d3:6b:28:e2:ac:
90:23:0f:96:04:0c:21:ff:8e:7b:4e:81:18:74:48:
69:b4:16:b8:d1:5c:24:32:65:86:31:25:3f:9d:e4:
bf:67:14:d4:b0:f3:92:47:75:1c:85:af:51:5a:23:
d3:ba:52:54:bc:4c:db:7f:de:3c:6e:89:2d:99:2d:
bc:34:d1:44:75:bc:67:d5:c4:e9:12:46:9c:83:4c:
f6:f5:8f:68:7c:d6:19:16:91:65:8c:cf:1d:0a:d1:
d6:07:a4:d0:90:50:20:82:90:3a:18:c6:2d:f3:1e:
db:6c:c2:da:aa:d9:c6:d5:d6:f8:b4:69:66:d4:50:
ad:f9:36:3b:8c:6a:3c:c5:cd:16:d1:e4:12:00:42:
e2:7f:e5:fa:c3:dd:87:11:75:e9:2b:e9:08:fd:36:
3a:f3:8e:d8:27:26:65:1b:de:33:1e:4d:77:65:53:
74:78:f5:0c:94:43:f1:9b:38:bb:fd:0b:87:f3:2c:
a4:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E9:69:DD:A7:7D:03:ED:C6:E0:FB:33:0B:01:F8:95:F3:5C:FA:15
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/1--lp3ad9A-3G4PszCwH4lfNc-hU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.164.0-212.68.191.255
Signature Algorithm: sha256WithRSAEncryption
3e:00:9e:a6:04:e1:45:63:de:13:1a:57:d6:1a:c3:87:f8:e6:
74:b5:6c:19:a2:e8:c5:68:f5:fe:33:5a:bc:e5:69:5d:fc:73:
70:d7:71:63:c1:48:3d:26:2b:1d:be:62:9e:b2:92:fc:c4:14:
43:ca:a0:3e:38:b4:3b:b9:93:51:31:d3:04:b5:f4:02:95:dd:
67:7b:9e:c5:0a:57:ca:07:ea:b1:ea:64:5c:13:2f:8c:3b:5e:
a7:a0:4b:1f:a7:94:45:ac:7e:b4:dd:09:f4:47:c8:0d:57:92:
d2:44:cb:ca:99:d0:0d:00:eb:dc:5f:72:18:f3:ec:f1:f1:b1:
7c:26:bc:4f:f3:70:79:68:f7:24:a1:3d:74:a9:6f:d0:17:0a:
06:a3:ef:4a:7c:13:9d:96:ad:84:64:33:cd:b1:c9:fe:69:e7:
97:6a:b8:4d:49:ff:9d:ab:a2:6b:99:6b:1a:67:75:be:dc:0f:
f0:c1:6f:04:91:14:cb:40:05:f8:3d:13:7f:2c:1a:59:1e:d6:
58:7a:ff:b9:f6:f8:68:fa:b7:eb:b0:9f:be:9b:b6:4e:03:cb:
cb:98:78:a2:05:0c:0e:7b:3a:bc:0a:90:fa:c8:4c:ed:6f:75:
dc:99:4d:4b:a4:1a:c5:3a:0e:42:9e:2b:ee:bc:2d:8b:c6:f0:
6f:19:8c:ba
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAY3RTDKJwYEjgcVU7Ts2qoI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjQwMjIyMTQ1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmU5NjlkZGE3N2QwM2VkYzZlMGZiMzMwYjAxZjg5NWYzNWNmYTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyd27ktpTdTt4WMIah8y8Uk8/40q
/t2fJkE4xUcg8i4MYnXyu5H6UN64IRq3fmiAN1mG4y8wVME6kGpXRR3jAaTRCw/c
02so4qyQIw+WBAwh/457ToEYdEhptBa40VwkMmWGMSU/neS/ZxTUsPOSR3Ucha9R
WiPTulJUvEzbf948boktmS28NNFEdbxn1cTpEkacg0z29Y9ofNYZFpFljM8dCtHW
B6TQkFAggpA6GMYt8x7bbMLaqtnG1db4tGlm1FCt+TY7jGo8xc0W0eQSAELif+X6
w92HEXXpK+kI/TY6847YJyZlG94zHk13ZVN0ePUMlEPxmzi7/QuH8yykCQIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPvpad2nfQPtxuD7MwsB+JXzXPoVMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvMS0tbHAzYWQ5QS0zRzRQc3pDd0g0bGZOYy1oVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvOGU4MTQ5LWQ1M2MtNDk5Mi1iZDA3LTU1YzQzNGVlYzk2
Yy8xL3E3clQzb01kcVVJaXdhM1JCTXIwd3lSMmlhdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQC1ESk
AwQG1ESAMA0GCSqGSIb3DQEBCwUAA4IBAQA+AJ6mBOFFY94TGlfWGsOH+OZ0tWwZ
oujFaPX+M1q85Wld/HNw13FjwUg9JisdvmKespL8xBRDyqA+OLQ7uZNRMdMEtfQC
ld1ne57FClfKB+qx6mRcEy+MO16noEsfp5RFrH603Qn0R8gNV5LSRMvKmdANAOvc
X3IY8+zx8bF8JrxP83B5aPckoT10qW/QFwoGo+9KfBOdlq2EZDPNscn+aeeXarhN
Sf+dq6JrmWsaZ3W+3A/wwW8EkRTLQAX4PRN/LBpZHtZYev+59vho+rfrsJ++m7ZO
A8vLmHiiBQwOezq8CpD6yEztb3XcmU1LpBrFOg5CnivuvC2LxvBvGYy6
-----END CERTIFICATE-----
Generated at Sun Apr 21 04:34:13 2024 by rpki-client on console-fra.rpki-client.org