Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/XbOhDQ5QOlqI_dtPZITF3QR-jaY.roa
File: XbOhDQ5QOlqI_dtPZITF3QR-jaY.roa (raw, json)
Hash identifier: ImytIjXZie85K3KcV+1aXiShQsF8za1Fpz0OsO9Fzik=
Subject key identifier: 5D:B3:A1:0D:0E:50:3A:5A:88:FD:DB:4F:64:84:C5:DD:04:7E:8D:A6
Certificate issuer: /CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Certificate serial: 0192903DF2C35D470C8EFCBCF947E185AFCC
Authority key identifier: BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/XbOhDQ5QOlqI_dtPZITF3QR-jaY.roa
Signing time: Tue 15 Oct 2024 12:53:51 +0000
ROA not before: Tue 15 Oct 2024 12:53:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28716
IP address blocks: 212.104.0.0/24 maxlen: 24
212.104.2.0/23 maxlen: 24
212.104.4.0/22 maxlen: 24
212.104.8.0/23 maxlen: 24
212.104.16.0/20 maxlen: 24
212.104.32.0/21 maxlen: 24
212.104.40.0/23 maxlen: 24
212.104.44.0/22 maxlen: 24
212.104.48.0/21 maxlen: 24
212.104.56.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/vIo7xH0TyD99HPcqE34AZvg9Bgg.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/vIo7xH0TyD99HPcqE34AZvg9Bgg.mft
rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:90:3d:f2:c3:5d:47:0c:8e:fc:bc:f9:47:e1:85:af:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Validity
Not Before: Oct 15 12:53:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5db3a10d0e503a5a88fddb4f6484c5dd047e8da6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ae:f3:4d:0a:5b:10:fc:2e:ef:06:2e:00:5e:
89:18:4d:2b:4f:f6:e4:0a:d7:d8:fc:cb:97:ca:84:
5e:d2:6c:fa:15:b9:49:11:fe:fb:3c:0a:db:4b:87:
8d:f2:bb:e9:d5:a8:f6:0b:01:69:41:f6:16:65:fc:
ea:db:bb:f3:ba:d1:39:99:10:52:74:ec:6a:89:1b:
d5:74:99:fc:fc:ab:83:d9:c7:5b:fb:4c:82:c5:1c:
e6:90:16:7a:98:18:8d:78:25:a9:42:7d:12:38:ec:
ce:55:c2:8f:f1:88:6d:64:87:81:50:4b:d2:f3:02:
05:ce:a7:e3:65:0d:a0:19:d9:92:ac:dd:94:d7:33:
47:96:bf:56:63:53:b1:59:52:c8:a2:dc:7f:6f:dd:
0a:cf:31:50:d2:67:67:c0:74:5f:3e:81:b7:ee:5c:
d9:dd:38:a8:b8:a1:da:1a:c2:08:bf:55:69:da:84:
9f:e0:d6:77:ff:1e:73:42:53:86:14:87:1f:b1:1f:
8f:2e:1d:5f:be:63:6b:50:b9:33:a4:54:cc:84:12:
ff:93:90:5e:ef:16:4a:84:08:c0:47:91:11:58:6f:
7b:51:04:b5:ac:a6:49:80:47:b5:18:f8:e7:9e:41:
57:24:b2:1d:ba:e5:ab:a5:63:f8:52:5c:2b:48:fd:
23:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B3:A1:0D:0E:50:3A:5A:88:FD:DB:4F:64:84:C5:DD:04:7E:8D:A6
X509v3 Authority Key Identifier:
keyid:BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/XbOhDQ5QOlqI_dtPZITF3QR-jaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/vIo7xH0TyD99HPcqE34AZvg9Bgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.104.0.0/24
212.104.2.0-212.104.9.255
212.104.16.0-212.104.41.255
212.104.44.0-212.104.63.255
Signature Algorithm: sha256WithRSAEncryption
6f:bb:31:7f:36:3b:ca:2d:53:44:00:a4:9d:ae:b2:61:a2:92:
55:cd:4f:ad:93:04:da:6c:d5:a7:a0:b7:94:54:d1:66:93:fe:
7b:2f:6a:d5:97:f2:4e:59:8d:54:99:25:93:eb:11:97:e7:60:
91:f6:73:77:5f:fd:46:ff:90:e7:19:f7:5a:6f:b5:32:1f:a8:
9d:d5:0e:3e:c7:95:a5:f2:e8:b6:b4:5b:53:62:3e:e5:ce:7e:
55:fe:60:a8:40:bf:40:ae:3c:e9:a3:8d:c1:b9:d3:37:59:b4:
ea:3a:af:d5:22:7a:d0:c5:b4:17:3e:4a:3d:a8:01:ec:79:99:
37:3f:c7:7c:2b:e2:5f:88:b8:a3:61:fe:80:c0:2b:0e:90:64:
d7:0e:a3:09:29:96:66:56:97:77:26:09:cc:7f:b4:db:cf:d4:
64:8f:da:23:bd:3e:57:e7:49:ae:44:b0:2b:aa:7d:09:04:e9:
e6:23:d8:4f:c7:e5:f0:9d:9e:73:f7:14:56:75:20:8b:3f:47:
bf:b9:40:c6:bc:8b:db:d8:15:fc:ba:46:5b:7b:a7:41:3c:2e:
9a:66:98:e0:71:62:64:1c:1f:03:0b:e0:6c:ef:5b:5c:d6:7a:
d9:47:38:4d:8a:e6:ff:06:55:1c:3b:72:bb:c2:93:98:d5:7e:
16:aa:18:46
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZKQPfLDXUcMjvy8+Ufhha/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOGEzYmM0N2QxM2M4M2Y3ZDFjZjcyYTEzN2UwMDY2Zjgz
ZDA2MDgwHhcNMjQxMDE1MTI1MzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGIzYTEwZDBlNTAzYTVhODhmZGRiNGY2NDg0YzVkZDA0N2U4ZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1K7zTQpbEPwu7wYuAF6JGE0rT/bk
CtfY/MuXyoRe0mz6FblJEf77PArbS4eN8rvp1aj2CwFpQfYWZfzq27vzutE5mRBS
dOxqiRvVdJn8/KuD2cdb+0yCxRzmkBZ6mBiNeCWpQn0SOOzOVcKP8YhtZIeBUEvS
8wIFzqfjZQ2gGdmSrN2U1zNHlr9WY1OxWVLIotx/b90KzzFQ0mdnwHRfPoG37lzZ
3TiouKHaGsIIv1Vp2oSf4NZ3/x5zQlOGFIcfsR+PLh1fvmNrULkzpFTMhBL/k5Be
7xZKhAjAR5ERWG97UQS1rKZJgEe1GPjnnkFXJLIduuWrpWP4UlwrSP0jawIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFF2zoQ0OUDpaiP3bT2SExd0Efo2mMB8GA1UdIwQY
MBaAFLyKO8R9E8g/fRz3KhN+AGb4PQYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjIt
NzExM2ZjMWI4NjViLzEvWGJPaERRNVFPbHFJX2R0UFpJVEYzUVItamFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjItNzExM2ZjMWI4NjVi
LzEvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQA1GgAMAwD
BAHUaAIDBAHUaAgwDAMEBNRoEAMEAdRoKDAMAwQC1GgsAwQG1GgAMA0GCSqGSIb3
DQEBCwUAA4IBAQBvuzF/NjvKLVNEAKSdrrJhopJVzU+tkwTabNWnoLeUVNFmk/57
L2rVl/JOWY1UmSWT6xGX52CR9nN3X/1G/5DnGfdab7UyH6id1Q4+x5Wl8ui2tFtT
Yj7lzn5V/mCoQL9Arjzpo43BudM3WbTqOq/VInrQxbQXPko9qAHseZk3P8d8K+Jf
iLijYf6AwCsOkGTXDqMJKZZmVpd3JgnMf7Tbz9Rkj9ojvT5X50muRLArqn0JBOnm
I9hPx+XwnZ5z9xRWdSCLP0e/uUDGvIvb2BX8ukZbe6dBPC6aZpjgcWJkHB8DC+Bs
71tc1nrZRzhNiub/BlUcO3K7wpOY1X4WqhhG
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:47:15 2024 by rpki-client on console-ams.rpki-client.org