Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/goEnzwxsdhS-Ip9YSE4oqIVgzJs.roa
File: goEnzwxsdhS-Ip9YSE4oqIVgzJs.roa (raw, json)
Hash identifier: qcHrRY7jb8ZAflCx4FpnInBN6l+eQZRBY8ruiCukHPQ=
Subject key identifier: 82:81:27:CF:0C:6C:76:14:BE:22:9F:58:48:4E:28:A8:85:60:CC:9B
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 018F052D5813E43FA8EF1C144499DB90626B
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/goEnzwxsdhS-Ip9YSE4oqIVgzJs.roa
Signing time: Mon 22 Apr 2024 09:40:08 +0000
ROA not before: Mon 22 Apr 2024 09:40:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203172
IP address blocks: 123.253.212.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.mft
rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Dec 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:05:2d:58:13:e4:3f:a8:ef:1c:14:44:99:db:90:62:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Apr 22 09:40:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=828127cf0c6c7614be229f58484e28a88560cc9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d4:b8:bc:44:4c:5c:11:dd:87:f6:a2:b4:af:
8e:3e:04:61:cb:2f:58:3e:83:53:16:b2:76:55:a3:
c8:67:c3:e8:13:a7:b7:e9:b2:f0:53:b8:7e:28:1a:
a9:cd:12:bc:0c:11:06:4c:7a:ea:44:70:3d:a3:54:
a6:64:b9:6e:63:5d:7d:85:54:70:c5:c8:c8:33:67:
34:52:3f:b0:cd:24:cb:77:ba:12:15:c7:77:4b:78:
76:76:e6:97:71:12:b6:66:1f:34:46:52:62:79:06:
57:c3:e9:85:16:fe:9e:40:37:f1:3c:91:4f:c2:01:
a0:95:50:80:1a:7e:8f:47:97:67:a3:71:28:fa:ee:
9e:da:e9:6d:19:38:cf:fd:33:ae:30:97:6c:74:16:
f5:cf:73:cd:00:9a:51:5d:8d:b5:1d:8c:1f:ca:47:
19:e3:0f:74:d0:5e:91:4c:23:d4:43:b5:eb:ea:c2:
2a:36:73:c8:78:29:9c:3e:93:a6:60:21:28:1e:a8:
c0:35:d1:ac:b5:3e:0e:8b:e2:f7:bf:f4:40:95:f8:
35:a2:96:da:ea:e2:a7:84:6a:cb:56:fb:0d:fa:8d:
84:3f:53:47:09:76:6f:a7:4c:8b:9e:52:2e:4a:da:
01:81:e1:38:4a:53:56:8e:48:26:44:86:af:52:a5:
5c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:81:27:CF:0C:6C:76:14:BE:22:9F:58:48:4E:28:A8:85:60:CC:9B
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/goEnzwxsdhS-Ip9YSE4oqIVgzJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
123.253.212.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:bd:f5:59:8b:e3:75:63:43:de:ab:87:bf:b5:d2:e8:72:50:
f7:1c:d4:33:95:17:2d:4e:a7:20:3a:d6:0b:51:e2:98:0d:6b:
a4:c6:8a:fc:b4:99:4a:4e:fb:af:25:f3:b2:05:f0:e7:e8:a8:
90:0d:73:1b:00:20:16:39:d2:c6:3a:6e:71:d4:1e:48:ac:1e:
2f:79:8d:98:7b:94:40:68:f3:83:39:07:15:52:92:99:1e:47:
9b:bd:87:c2:77:96:f1:ee:04:51:6d:8f:a6:71:82:54:07:56:
97:1d:40:67:dc:84:fd:b1:78:e5:73:1a:a3:1e:6e:93:02:6a:
f3:50:a1:f1:a9:66:05:13:7e:10:00:8a:a3:3d:fa:30:be:91:
fc:ea:60:b2:06:3b:ed:f2:3b:81:0a:34:ea:f7:27:56:2e:5a:
82:71:e9:73:83:f0:62:d3:00:2e:e4:c2:fb:e6:86:63:97:24:
d6:f0:e2:c6:48:83:ea:15:5f:c3:9c:7c:23:67:68:99:09:4d:
c1:cf:69:e8:7b:49:85:07:12:dc:77:b1:87:7a:b9:f6:91:bb:
8b:44:63:93:2e:68:ad:2d:e3:1f:82:1c:ee:dc:d3:84:4f:00:
ad:59:dc:42:7f:40:8f:d7:57:d7:c1:39:55:33:d9:e4:2b:2a:
84:6d:13:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8FLVgT5D+o7xwURJnbkGJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjQwNDIyMDk0MDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjgxMjdjZjBjNmM3NjE0YmUyMjlmNTg0ODRlMjhhODg1NjBjYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNS4vERMXBHdh/aitK+OPgRhyy9Y
PoNTFrJ2VaPIZ8PoE6e36bLwU7h+KBqpzRK8DBEGTHrqRHA9o1SmZLluY119hVRw
xcjIM2c0Uj+wzSTLd7oSFcd3S3h2duaXcRK2Zh80RlJieQZXw+mFFv6eQDfxPJFP
wgGglVCAGn6PR5dno3Eo+u6e2ultGTjP/TOuMJdsdBb1z3PNAJpRXY21HYwfykcZ
4w900F6RTCPUQ7Xr6sIqNnPIeCmcPpOmYCEoHqjANdGstT4Oi+L3v/RAlfg1opba
6uKnhGrLVvsN+o2EP1NHCXZvp0yLnlIuStoBgeE4SlNWjkgmRIavUqVcUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIKBJ88MbHYUviKfWEhOKKiFYMybMB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvZ29Fbnp3eHNkaFMtSXA5WVNFNG9xSVZnekpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBe/3UMA0G
CSqGSIb3DQEBCwUAA4IBAQB/vfVZi+N1Y0Peq4e/tdLoclD3HNQzlRctTqcgOtYL
UeKYDWukxor8tJlKTvuvJfOyBfDn6KiQDXMbACAWOdLGOm5x1B5IrB4veY2Ye5RA
aPODOQcVUpKZHkebvYfCd5bx7gRRbY+mcYJUB1aXHUBn3IT9sXjlcxqjHm6TAmrz
UKHxqWYFE34QAIqjPfowvpH86mCyBjvt8juBCjTq9ydWLlqCcelzg/Bi0wAu5ML7
5oZjlyTW8OLGSIPqFV/DnHwjZ2iZCU3Bz2noe0mFBxLcd7GHern2kbuLRGOTLmit
LeMfghzu3NOETwCtWdxCf0CP11fXwTlVM9nkKyqEbRNJ
-----END CERTIFICATE-----
Generated at Tue Dec 10 23:23:58 2024 by rpki-client on console-fra.rpki-client.org