Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/1w0h41r0HTxcOHBqpOzh4EjuHyw.roa
File: 1w0h41r0HTxcOHBqpOzh4EjuHyw.roa (raw, json)
Hash identifier: tLXf7OGbnJbSuVhHI2tJb77n29JJsoYFuczudvHTQkg=
Subject key identifier: D7:0D:21:E3:5A:F4:1D:3C:5C:38:70:6A:A4:EC:E1:E0:48:EE:1F:2C
Certificate issuer: /CN=85d0e763f935c171694f172056eb44209db2e2cd
Certificate serial: 01914532D55A30BB72EDE7C15E4229A6167C
Authority key identifier: 85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/1w0h41r0HTxcOHBqpOzh4EjuHyw.roa
Signing time: Mon 12 Aug 2024 06:07:24 +0000
ROA not before: Mon 12 Aug 2024 06:07:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 212.231.178.0/23 maxlen: 23
212.231.180.0/23 maxlen: 23
212.231.182.0/23 maxlen: 23
212.231.208.0/22 maxlen: 22
212.231.212.0/22 maxlen: 22
212.231.216.0/22 maxlen: 22
212.231.220.0/22 maxlen: 22
212.231.232.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:45:32:d5:5a:30:bb:72:ed:e7:c1:5e:42:29:a6:16:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85d0e763f935c171694f172056eb44209db2e2cd
Validity
Not Before: Aug 12 06:07:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d70d21e35af41d3c5c38706aa4ece1e048ee1f2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d4:ee:3d:85:ff:3e:53:89:e5:98:b0:6b:e9:
42:53:fe:0c:49:4d:53:b6:4f:37:a6:8b:2b:fd:38:
a3:58:77:1e:6a:06:04:eb:a9:3c:46:d4:91:10:22:
71:66:6a:2e:50:15:15:f3:5c:17:e0:90:ec:b4:07:
ca:ec:b9:ab:8a:6b:ff:4b:71:41:bc:f0:69:af:3a:
e4:f7:bf:f0:86:fc:cb:09:99:fe:4f:e8:15:28:2a:
46:0d:44:57:c2:40:38:25:32:e1:53:2f:69:4c:fd:
05:5f:cb:bf:39:72:11:ef:73:dd:b4:7c:7d:df:26:
9f:f6:6a:87:04:16:e4:91:a2:4d:c7:64:33:cf:cf:
34:48:28:1a:d0:4d:ac:62:15:3c:b7:ec:e8:10:da:
31:c9:0b:e5:88:77:03:c0:de:0a:14:1d:a2:c8:37:
39:31:20:49:5d:33:8e:dd:c5:13:91:ea:e7:42:61:
bc:f5:88:07:9c:ac:35:f7:4b:20:ea:f8:94:c3:7f:
1c:60:b6:c9:d7:cb:30:4a:b3:00:30:ca:7b:cf:c1:
93:e7:4d:a4:b9:cb:b0:ae:68:96:6a:4a:0e:90:65:
a3:69:97:6f:55:00:4e:b2:71:1a:84:18:ab:eb:8d:
b7:d2:a4:98:53:a6:ef:3a:46:65:42:47:f2:b3:ef:
a6:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:0D:21:E3:5A:F4:1D:3C:5C:38:70:6A:A4:EC:E1:E0:48:EE:1F:2C
X509v3 Authority Key Identifier:
keyid:85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/1w0h41r0HTxcOHBqpOzh4EjuHyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.231.178.0-212.231.183.255
212.231.208.0/20
212.231.232.0/21
Signature Algorithm: sha256WithRSAEncryption
65:c0:77:77:91:22:06:e6:3b:0a:a6:b9:d7:0c:78:c8:72:43:
f8:32:57:13:96:93:67:8b:fb:a7:c3:81:88:a8:28:d2:c8:ad:
c5:14:13:56:dd:b1:4f:35:f5:42:1c:7f:1f:11:a9:b4:1d:6e:
06:a2:78:39:76:77:e3:28:c3:78:89:e2:5a:b2:a4:be:e3:18:
57:ca:23:61:50:4a:45:24:2c:d7:0d:b8:91:cf:c4:24:7e:43:
96:f8:78:0f:ac:9e:88:09:33:bf:1c:86:c3:56:c1:15:84:89:
c0:27:ad:60:23:e7:4b:9d:71:a3:72:d6:af:d3:b2:41:06:31:
01:38:2a:da:ae:bc:f0:bb:e6:6c:ff:ca:7b:a6:e8:ad:49:b0:
39:ad:13:9f:ca:45:fa:32:91:43:71:84:b7:52:92:c2:50:3e:
fd:54:ca:1f:72:82:30:e7:5b:20:82:67:52:c1:0e:4e:c3:1b:
5d:81:57:9d:d6:91:81:a3:e0:9e:e8:28:7b:c5:ea:ce:a1:3c:
5f:2b:42:e8:97:8f:41:91:e6:78:7f:3b:0c:f0:d3:6c:76:5d:
11:78:59:74:b6:e0:d4:89:cd:c9:ae:09:9a:d9:88:6f:01:1a:
8e:e5:b8:d0:2c:8f:ab:ab:11:1d:dd:ee:24:15:a8:27:50:57:
1f:90:34:66
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZFFMtVaMLty7efBXkIpphZ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZDBlNzYzZjkzNWMxNzE2OTRmMTcyMDU2ZWI0NDIwOWRi
MmUyY2QwHhcNMjQwODEyMDYwNzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzBkMjFlMzVhZjQxZDNjNWMzODcwNmFhNGVjZTFlMDQ4ZWUxZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdTuPYX/PlOJ5Ziwa+lCU/4MSU1T
tk83posr/TijWHceagYE66k8RtSRECJxZmouUBUV81wX4JDstAfK7Lmrimv/S3FB
vPBprzrk97/whvzLCZn+T+gVKCpGDURXwkA4JTLhUy9pTP0FX8u/OXIR73PdtHx9
3yaf9mqHBBbkkaJNx2Qzz880SCga0E2sYhU8t+zoENoxyQvliHcDwN4KFB2iyDc5
MSBJXTOO3cUTkernQmG89YgHnKw190sg6viUw38cYLbJ18swSrMAMMp7z8GT502k
ucuwrmiWakoOkGWjaZdvVQBOsnEahBir64230qSYU6bvOkZlQkfys++m8wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNcNIeNa9B08XDhwaqTs4eBI7h8sMB8GA1UdIwQY
MBaAFIXQ52P5NcFxaU8XIFbrRCCdsuLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2Qt
ZjEyODM1ZjAyNDdiLzEvMXcwaDQxcjBIVHhjT0hCcXBPemg0RWp1SHl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2QtZjEyODM1ZjAyNDdi
LzEvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAHU57ID
BAPU57ADBATU59ADBAPU5+gwDQYJKoZIhvcNAQELBQADggEBAGXAd3eRIgbmOwqm
udcMeMhyQ/gyVxOWk2eL+6fDgYioKNLIrcUUE1bdsU819UIcfx8RqbQdbgaieDl2
d+Mow3iJ4lqypL7jGFfKI2FQSkUkLNcNuJHPxCR+Q5b4eA+snogJM78chsNWwRWE
icAnrWAj50udcaNy1q/TskEGMQE4KtquvPC75mz/ynum6K1JsDmtE5/KRfoykUNx
hLdSksJQPv1Uyh9ygjDnWyCCZ1LBDk7DG12BV53WkYGj4J7oKHvF6s6hPF8rQuiX
j0GR5nh/Owzw02x2XRF4WXS24NSJzcmuCZrZiG8BGo7luNAsj6urER3d7iQVqCdQ
Vx+QNGY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:56:21 2024 by rpki-client on console-fra.rpki-client.org