Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/qezV-Jfq79C3NrCfT2_EPl8dN_k.roa
File: qezV-Jfq79C3NrCfT2_EPl8dN_k.roa (raw, json)
Hash identifier: 3jvQjedYDXVO3aLbRGmf0j9G6ZbqB6bjswJP5dvCN78=
Subject key identifier: A9:EC:D5:F8:97:EA:EF:D0:B7:36:B0:9F:4F:6F:C4:3E:5F:1D:37:F9
Certificate issuer: /CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Certificate serial: 018CC79339A0CB174D80E4A93F501D97E903
Authority key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/qezV-Jfq79C3NrCfT2_EPl8dN_k.roa
Signing time: Tue 02 Jan 2024 00:29:23 +0000
ROA not before: Tue 02 Jan 2024 00:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 212.43.160.0/19 maxlen: 19
213.147.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.mft
rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 03:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:39:a0:cb:17:4d:80:e4:a9:3f:50:1d:97:e9:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Validity
Not Before: Jan 2 00:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9ecd5f897eaefd0b736b09f4f6fc43e5f1d37f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:59:9a:90:af:eb:6e:1f:73:b7:92:7d:2b:8b:
b6:44:d8:d5:50:34:86:9f:ab:f6:43:bc:0d:dc:15:
24:eb:2f:37:89:f3:7e:64:76:d1:50:01:de:af:89:
06:9f:f2:c2:be:13:ca:35:ea:8c:65:eb:10:fd:ad:
28:2c:bd:3a:90:92:df:7f:fb:7a:9c:85:85:03:29:
77:5a:d1:67:90:e6:42:4f:a5:ca:3d:4a:18:6f:8c:
df:05:87:c9:a6:09:f4:1e:2f:64:1e:ee:20:b3:86:
1e:69:c9:ec:ae:ce:b7:1e:80:5e:78:86:95:5e:6a:
8f:4e:39:08:f7:6f:f7:54:dd:ce:a9:16:7b:71:b1:
1e:92:67:44:8b:79:a3:72:1a:89:c0:45:92:85:dc:
b8:d5:79:91:cc:f7:8e:c7:b1:9d:68:42:dc:5e:06:
c1:30:c0:04:0c:5a:0c:a0:74:6e:cd:1b:20:7b:44:
4a:af:d6:f7:2b:0c:99:6f:ec:7d:4e:a1:7f:2f:51:
bc:33:9f:84:44:aa:3e:0b:4d:99:39:f7:ef:33:b1:
5a:88:a0:ae:ed:45:c5:30:29:32:c0:29:37:84:1b:
d1:cb:ce:85:a0:df:80:a2:e6:91:1d:7c:34:8f:48:
4e:67:fc:c1:17:5f:12:0f:69:ad:99:87:25:1c:ac:
4c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:EC:D5:F8:97:EA:EF:D0:B7:36:B0:9F:4F:6F:C4:3E:5F:1D:37:F9
X509v3 Authority Key Identifier:
keyid:16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/qezV-Jfq79C3NrCfT2_EPl8dN_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.43.160.0/19
213.147.224.0/19
Signature Algorithm: sha256WithRSAEncryption
03:fc:0e:d6:3e:87:e4:6e:67:22:76:82:03:58:fc:be:f8:b0:
3e:7b:12:8a:90:0e:70:5f:9c:d9:a2:30:54:fa:ac:27:ba:27:
84:23:54:38:62:8a:91:81:89:91:24:00:47:03:ac:e7:e9:c7:
e1:51:bc:8f:52:8b:e0:ed:e2:6e:3c:a0:e3:e4:e3:98:51:38:
3e:cd:aa:0b:8e:25:ba:0a:b3:01:a5:e2:37:eb:a4:fe:9f:81:
10:96:4d:98:45:85:73:af:e7:8b:f6:e4:ea:de:91:98:17:c1:
10:e1:e9:ff:b0:db:0e:74:ff:3e:b4:9c:c1:b6:aa:3c:85:12:
e8:eb:f2:a6:2a:61:ed:ec:14:cf:de:e4:1b:07:41:aa:08:6b:
95:4c:67:1e:d7:85:55:36:6d:06:03:f6:bc:17:d3:74:ba:a7:
9c:75:03:f6:82:49:48:04:43:85:53:98:28:39:5c:d0:7e:fa:
8c:1c:0a:7c:f8:2a:1c:73:05:60:3b:22:69:07:89:83:2c:31:
ce:07:00:07:03:c1:a7:68:26:09:e1:24:b4:e3:18:0b:f9:dc:
2c:b4:45:0e:ba:0f:79:69:2c:2b:1f:50:29:1a:45:8e:e5:54:
ea:78:0c:0c:d3:e2:a9:6d:19:89:fd:84:c1:dd:1e:15:f7:5d:
1b:bd:f1:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHkzmgyxdNgOSpP1Adl+kDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MzA3ZDI5ZjU1NDNmMjFlYTMwMDliOTUyM2ZlNzFiOGYx
MzY5Y2EwHhcNMjQwMTAyMDAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWVjZDVmODk3ZWFlZmQwYjczNmIwOWY0ZjZmYzQzZTVmMWQzN2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VmakK/rbh9zt5J9K4u2RNjVUDSG
n6v2Q7wN3BUk6y83ifN+ZHbRUAHer4kGn/LCvhPKNeqMZesQ/a0oLL06kJLff/t6
nIWFAyl3WtFnkOZCT6XKPUoYb4zfBYfJpgn0Hi9kHu4gs4Yeacnsrs63HoBeeIaV
XmqPTjkI92/3VN3OqRZ7cbEekmdEi3mjchqJwEWShdy41XmRzPeOx7GdaELcXgbB
MMAEDFoMoHRuzRsge0RKr9b3KwyZb+x9TqF/L1G8M5+ERKo+C02ZOffvM7FaiKCu
7UXFMCkywCk3hBvRy86FoN+AouaRHXw0j0hOZ/zBF18SD2mtmYclHKxMNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKns1fiX6u/Qtzawn09vxD5fHTf5MB8GA1UdIwQY
MBaAFBYwfSn1VD8h6jAJuVI/5xuPE2nKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2Yt
NGNmZTQwZjA3YTZiLzEvcWV6Vi1KZnE3OUMzTnJDZlQyX0VQbDhkTl9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2YtNGNmZTQwZjA3YTZi
LzEvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQF1CugAwQF
1ZPgMA0GCSqGSIb3DQEBCwUAA4IBAQAD/A7WPofkbmcidoIDWPy++LA+exKKkA5w
X5zZojBU+qwnuieEI1Q4YoqRgYmRJABHA6zn6cfhUbyPUovg7eJuPKDj5OOYUTg+
zaoLjiW6CrMBpeI366T+n4EQlk2YRYVzr+eL9uTq3pGYF8EQ4en/sNsOdP8+tJzB
tqo8hRLo6/KmKmHt7BTP3uQbB0GqCGuVTGce14VVNm0GA/a8F9N0uqecdQP2gklI
BEOFU5goOVzQfvqMHAp8+CoccwVgOyJpB4mDLDHOBwAHA8GnaCYJ4SS04xgL+dws
tEUOug95aSwrH1ApGkWO5VTqeAwM0+KpbRmJ/YTB3R4V910bvfGK
-----END CERTIFICATE-----
Generated at Fri Apr 26 12:19:10 2024 by rpki-client on console-ams.rpki-client.org