Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/I0P2Z2ix6d1AAc6-v0_OrOeIdOE.roa
File: I0P2Z2ix6d1AAc6-v0_OrOeIdOE.roa (raw, json)
Hash identifier: 7cmhqvSUgXUhJmuWkA7yHFbRBe9Xxnigl3fjqcaZhWw=
Subject key identifier: 23:43:F6:67:68:B1:E9:DD:40:01:CE:BE:BF:4F:CE:AC:E7:88:74:E1
Certificate issuer: /CN=85d0e763f935c171694f172056eb44209db2e2cd
Certificate serial: 01914532D66D943495925EDC5BD17193BFF8
Authority key identifier: 85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/I0P2Z2ix6d1AAc6-v0_OrOeIdOE.roa
Signing time: Mon 12 Aug 2024 06:07:25 +0000
ROA not before: Mon 12 Aug 2024 06:07:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200845
IP address blocks: 212.231.64.0/24 maxlen: 24
212.231.65.0/24 maxlen: 24
212.231.66.0/24 maxlen: 24
212.231.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:45:32:d6:6d:94:34:95:92:5e:dc:5b:d1:71:93:bf:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85d0e763f935c171694f172056eb44209db2e2cd
Validity
Not Before: Aug 12 06:07:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2343f66768b1e9dd4001cebebf4fceace78874e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:bc:3f:a1:cf:81:23:71:fc:08:a3:dc:52:66:
74:bb:79:74:a7:6d:ea:c7:58:99:60:48:e6:66:fe:
f2:e6:53:d7:6f:6d:41:fa:6a:6c:27:65:d0:3e:5c:
3a:a2:bd:91:24:d2:16:0e:5c:cc:b2:fe:d6:6e:7b:
2f:e8:75:2c:7d:65:3a:e7:5c:78:39:77:07:ae:b0:
ef:1b:cc:bf:14:b4:ab:66:77:0f:bd:90:ca:3c:38:
8f:a9:94:51:55:05:7b:ac:9a:d0:e5:1b:71:d4:dc:
13:0e:d9:0a:b6:83:4d:15:63:7d:d3:2f:9f:27:78:
02:d5:4b:97:f1:0f:ae:35:cc:6c:18:9f:8f:3d:44:
a6:05:7d:96:52:ed:8e:87:04:cd:e9:ed:79:6e:e6:
39:69:64:83:28:d2:82:e8:28:00:bc:9c:f2:e8:84:
12:44:be:de:e2:cf:70:36:0a:fe:9e:8e:39:f0:5d:
4a:0a:75:13:d1:bb:78:4a:9e:7e:3e:4d:b6:b9:6e:
5a:a1:24:e5:4d:bc:f9:ad:20:7c:dd:b4:be:38:3a:
53:35:ae:44:7b:2f:3a:19:b5:c8:73:dc:44:30:3f:
7a:4a:f1:23:11:d3:17:ab:88:38:39:dc:8e:5d:a0:
87:98:1d:6e:01:39:5d:8c:42:eb:fc:c0:1a:43:f8:
a9:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:43:F6:67:68:B1:E9:DD:40:01:CE:BE:BF:4F:CE:AC:E7:88:74:E1
X509v3 Authority Key Identifier:
keyid:85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/I0P2Z2ix6d1AAc6-v0_OrOeIdOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.231.64.0-212.231.66.255
212.231.95.0/24
Signature Algorithm: sha256WithRSAEncryption
55:07:21:d8:0b:96:ed:ea:a8:cd:ce:f6:d2:3b:ec:d9:55:2e:
da:57:ac:69:6a:18:9d:b1:e2:37:3d:92:0c:ef:1a:82:38:93:
76:71:9f:81:ef:f8:a0:71:23:f2:39:e3:d9:ae:b9:71:2e:89:
b0:bf:3d:b3:b1:8f:32:63:de:9e:f1:2a:77:eb:84:3b:7d:a3:
12:0b:dc:2e:ae:cb:03:fd:89:d2:fe:4d:bd:ad:ee:82:de:75:
b1:43:aa:c3:13:6f:30:cf:d9:03:7d:03:64:b3:a7:2e:f5:c7:
61:34:22:a9:21:2c:24:49:53:ed:07:12:f9:f4:f9:b3:9a:9a:
50:01:f6:0e:d4:6a:62:55:74:1e:df:ad:07:1f:b6:ed:f1:da:
4b:32:f7:9a:d2:ab:3a:b7:2d:a7:2b:8f:9b:93:70:53:c6:d8:
77:e6:ba:36:84:eb:bf:bc:a6:8d:84:43:3f:b8:7f:a1:ad:95:
8f:c0:44:9e:58:17:d9:6c:05:9c:94:53:ad:aa:fb:65:39:20:
8f:83:39:e6:37:78:10:23:00:28:64:86:96:9c:31:b2:26:20:
be:45:b4:8e:85:8a:7d:85:1f:e6:98:19:84:09:9c:37:50:21:
5f:07:33:0f:ea:97:fc:05:2e:9f:6e:1f:84:24:b0:2a:d7:6a:
46:b1:c2:41
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZFFMtZtlDSVkl7cW9Fxk7/4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZDBlNzYzZjkzNWMxNzE2OTRmMTcyMDU2ZWI0NDIwOWRi
MmUyY2QwHhcNMjQwODEyMDYwNzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzQzZjY2NzY4YjFlOWRkNDAwMWNlYmViZjRmY2VhY2U3ODg3NGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA67w/oc+BI3H8CKPcUmZ0u3l0p23q
x1iZYEjmZv7y5lPXb21B+mpsJ2XQPlw6or2RJNIWDlzMsv7Wbnsv6HUsfWU651x4
OXcHrrDvG8y/FLSrZncPvZDKPDiPqZRRVQV7rJrQ5Rtx1NwTDtkKtoNNFWN90y+f
J3gC1UuX8Q+uNcxsGJ+PPUSmBX2WUu2OhwTN6e15buY5aWSDKNKC6CgAvJzy6IQS
RL7e4s9wNgr+no458F1KCnUT0bt4Sp5+Pk22uW5aoSTlTbz5rSB83bS+ODpTNa5E
ey86GbXIc9xEMD96SvEjEdMXq4g4OdyOXaCHmB1uATldjELr/MAaQ/ippQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCND9mdosendQAHOvr9PzqzniHThMB8GA1UdIwQY
MBaAFIXQ52P5NcFxaU8XIFbrRCCdsuLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2Qt
ZjEyODM1ZjAyNDdiLzEvSTBQMloyaXg2ZDFBQWM2LXYwX09yT2VJZE9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2QtZjEyODM1ZjAyNDdi
LzEvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAbU50AD
BADU50IDBADU518wDQYJKoZIhvcNAQELBQADggEBAFUHIdgLlu3qqM3O9tI77NlV
LtpXrGlqGJ2x4jc9kgzvGoI4k3Zxn4Hv+KBxI/I549muuXEuibC/PbOxjzJj3p7x
KnfrhDt9oxIL3C6uywP9idL+Tb2t7oLedbFDqsMTbzDP2QN9A2Szpy71x2E0Iqkh
LCRJU+0HEvn0+bOamlAB9g7UamJVdB7frQcftu3x2ksy95rSqzq3Lacrj5uTcFPG
2HfmujaE67+8po2EQz+4f6GtlY/ARJ5YF9lsBZyUU62q+2U5II+DOeY3eBAjAChk
hpacMbImIL5FtI6Fin2FH+aYGYQJnDdQIV8HMw/ql/wFLp9uH4QksCrXakaxwkE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:53:28 2024 by rpki-client on console-fra.rpki-client.org