Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/Qhah0chOEpnp_0vCeg8YWqGsUuU.roa
File: Qhah0chOEpnp_0vCeg8YWqGsUuU.roa (raw, json)
Hash identifier: LYKZ0+6g5qUWD5gx5tanwSyyvOvASBFq8ikAteZW/tw=
Subject key identifier: 42:16:A1:D1:C8:4E:12:99:E9:FF:4B:C2:7A:0F:18:5A:A1:AC:52:E5
Certificate issuer: /CN=c2eafaa30b340ecf810a4cb9af3b51c702566598
Certificate serial: 018CC94E1259DB5B42B498DE8AF4C351D901
Authority key identifier: C2:EA:FA:A3:0B:34:0E:CF:81:0A:4C:B9:AF:3B:51:C7:02:56:65:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/Qhah0chOEpnp_0vCeg8YWqGsUuU.roa
Signing time: Tue 02 Jan 2024 08:33:06 +0000
ROA not before: Tue 02 Jan 2024 08:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210616
IP address blocks: 212.15.56.0/22 maxlen: 22
212.15.56.0/24 maxlen: 24
212.15.56.0/23 maxlen: 23
212.15.58.0/23 maxlen: 23
212.15.58.0/24 maxlen: 24
212.15.57.0/24 maxlen: 24
212.15.63.0/24 maxlen: 24
212.15.59.0/24 maxlen: 24
212.15.62.0/24 maxlen: 24
212.15.62.0/23 maxlen: 23
212.15.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/wur6ows0Ds-BCky5rztRxwJWZZg.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/wur6ows0Ds-BCky5rztRxwJWZZg.mft
rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:12:59:db:5b:42:b4:98:de:8a:f4:c3:51:d9:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2eafaa30b340ecf810a4cb9af3b51c702566598
Validity
Not Before: Jan 2 08:33:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4216a1d1c84e1299e9ff4bc27a0f185aa1ac52e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:37:13:06:37:7d:cc:9d:b1:72:ea:13:e1:7a:
5f:77:0a:9a:84:b6:cd:f9:cb:e0:cf:42:31:6e:bc:
16:54:bc:25:b8:12:ee:47:5c:6f:74:b9:25:be:a2:
73:ff:1d:41:3c:c4:9a:01:4f:27:5e:0a:a1:b8:0d:
78:74:90:fe:f8:d2:36:ce:90:49:30:cc:48:31:52:
69:49:86:aa:e2:e1:39:12:9d:30:79:76:27:b7:6b:
8b:a0:5b:74:04:13:ed:f9:3a:68:1f:80:7b:26:4a:
d3:f8:3b:d1:8e:42:04:20:bd:11:6c:6f:40:75:13:
d0:ec:1c:59:4a:f9:0e:cf:82:ab:c0:ae:e2:bf:18:
7a:4c:a5:4f:1e:7e:ff:70:6a:20:e7:5c:d8:86:09:
3e:91:b8:4d:63:b0:97:2d:c8:68:58:0f:ea:bf:00:
9b:c9:53:28:f7:17:c3:4e:3a:c2:bb:d8:6e:80:de:
55:d8:ed:2f:69:a7:df:ef:e5:e4:85:bf:f8:13:ac:
2e:18:b1:6a:4a:9f:c8:9d:c4:cb:d4:72:79:c1:f3:
2d:82:ed:e8:1b:79:79:1d:cd:e5:ed:6d:ad:19:5f:
f8:1e:a0:15:3e:db:0e:d0:0b:a6:db:9a:55:cf:8e:
4d:8a:6b:95:ee:d0:1e:0d:99:c8:e7:a4:7a:02:68:
a2:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:16:A1:D1:C8:4E:12:99:E9:FF:4B:C2:7A:0F:18:5A:A1:AC:52:E5
X509v3 Authority Key Identifier:
keyid:C2:EA:FA:A3:0B:34:0E:CF:81:0A:4C:B9:AF:3B:51:C7:02:56:65:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/Qhah0chOEpnp_0vCeg8YWqGsUuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/wur6ows0Ds-BCky5rztRxwJWZZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.15.56.0/22
212.15.61.0-212.15.63.255
Signature Algorithm: sha256WithRSAEncryption
77:1b:39:5f:6a:4d:be:12:c7:6e:0b:ea:40:77:6a:55:9c:3e:
37:bc:fc:e1:50:c6:83:9d:7a:66:df:06:e5:25:69:99:d8:8d:
79:5a:e2:ba:35:df:23:bf:fa:40:4f:f2:ed:66:99:7e:0b:04:
89:ba:06:f4:7d:9a:89:36:52:73:5c:0d:b6:98:52:c9:5d:8d:
17:0f:77:d8:bb:7e:08:c1:93:55:ab:94:0c:f9:a8:d3:32:d3:
ab:b5:7a:bd:18:9f:30:a6:3f:2d:14:01:31:58:f0:02:5e:a7:
bd:6a:bc:99:9a:00:e4:a7:70:5d:b7:3c:c6:05:65:71:d7:d7:
dd:60:de:55:cd:42:6f:e3:f5:ff:75:0d:39:58:99:1e:bf:89:
77:0d:21:8b:9c:92:02:d8:44:9a:6e:95:6c:21:c5:f4:20:0c:
4f:28:b0:cf:75:10:3e:4d:da:3a:09:b1:37:16:8f:76:eb:e0:
54:29:83:fd:28:6f:ec:f6:c1:15:30:fe:08:28:67:22:7b:1e:
6c:84:7c:a1:65:ab:39:82:ae:7d:36:bb:55:cb:a6:0d:e7:10:
c5:fd:01:2b:c8:34:8e:80:3b:cc:a0:82:9a:bf:58:2d:16:93:
31:a5:09:dc:ca:ec:25:45:db:2d:8d:ca:b5:d8:c8:c4:e1:83:
ab:ea:f1:48
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzJThJZ21tCtJjeivTDUdkBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWFmYWEzMGIzNDBlY2Y4MTBhNGNiOWFmM2I1MWM3MDI1
NjY1OTgwHhcNMjQwMTAyMDgzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjE2YTFkMWM4NGUxMjk5ZTlmZjRiYzI3YTBmMTg1YWExYWM1MmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizcTBjd9zJ2xcuoT4XpfdwqahLbN
+cvgz0IxbrwWVLwluBLuR1xvdLklvqJz/x1BPMSaAU8nXgqhuA14dJD++NI2zpBJ
MMxIMVJpSYaq4uE5Ep0weXYnt2uLoFt0BBPt+TpoH4B7JkrT+DvRjkIEIL0RbG9A
dRPQ7BxZSvkOz4KrwK7ivxh6TKVPHn7/cGog51zYhgk+kbhNY7CXLchoWA/qvwCb
yVMo9xfDTjrCu9hugN5V2O0vaaff7+Xkhb/4E6wuGLFqSp/IncTL1HJ5wfMtgu3o
G3l5Hc3l7W2tGV/4HqAVPtsO0Aum25pVz45NimuV7tAeDZnI56R6AmiimQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEIWodHIThKZ6f9LwnoPGFqhrFLlMB8GA1UdIwQY
MBaAFMLq+qMLNA7PgQpMua87UccCVmWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3VyNm93czBEcy1CQ2t5NXJ6dFJ4d0pXWlpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9hMzRhMTYtZjg4MC00ODczLTg2OGIt
NWVjYWZkYTQ3MWY3LzEvUWhhaDBjaE9FcG5wXzB2Q2VnOFlXcUdzVXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9hMzRhMTYtZjg4MC00ODczLTg2OGItNWVjYWZkYTQ3MWY3
LzEvd3VyNm93czBEcy1CQ2t5NXJ6dFJ4d0pXWlpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQC1A84MAwD
BADUDz0DBAbUDwAwDQYJKoZIhvcNAQELBQADggEBAHcbOV9qTb4Sx24L6kB3alWc
Pje8/OFQxoOdembfBuUlaZnYjXla4ro13yO/+kBP8u1mmX4LBIm6BvR9mok2UnNc
DbaYUsldjRcPd9i7fgjBk1WrlAz5qNMy06u1er0YnzCmPy0UATFY8AJep71qvJma
AOSncF23PMYFZXHX191g3lXNQm/j9f91DTlYmR6/iXcNIYuckgLYRJpulWwhxfQg
DE8osM91ED5N2joJsTcWj3br4FQpg/0ob+z2wRUw/ggoZyJ7HmyEfKFlqzmCrn02
u1XLpg3nEMX9ASvINI6AO8yggpq/WC0WkzGlCdzK7CVF2y2NyrXYyMThg6vq8Ug=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:40:10 2024 by rpki-client on console-fra.rpki-client.org