Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/kEKdt_4t5tH_5UB5pBQ_KNXrw48.roa
File: kEKdt_4t5tH_5UB5pBQ_KNXrw48.roa (raw, json)
Hash identifier: z0l9eybFPCodKNQc8Kx+T6wxXKaflwhHolnLCdEduMg=
Subject key identifier: 90:42:9D:B7:FE:2D:E6:D1:FF:E5:40:79:A4:14:3F:28:D5:EB:C3:8F
Certificate issuer: /CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Certificate serial: 018DF3C063727B826F1EB694C419FF8621A4
Authority key identifier: BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/kEKdt_4t5tH_5UB5pBQ_KNXrw48.roa
Signing time: Thu 29 Feb 2024 07:24:48 +0000
ROA not before: Thu 29 Feb 2024 07:24:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9000
IP address blocks: 212.50.32.0/24 maxlen: 24
212.50.33.0/24 maxlen: 24
212.50.36.0/24 maxlen: 24
212.50.37.0/24 maxlen: 24
212.50.38.0/24 maxlen: 24
212.50.39.0/24 maxlen: 24
212.50.40.0/24 maxlen: 24
212.50.41.0/24 maxlen: 24
212.50.44.0/24 maxlen: 24
212.50.54.0/24 maxlen: 24
212.50.55.0/24 maxlen: 24
212.50.61.0/24 maxlen: 24
2001:1b68::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.mft
rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f3:c0:63:72:7b:82:6f:1e:b6:94:c4:19:ff:86:21:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Validity
Not Before: Feb 29 07:24:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90429db7fe2de6d1ffe54079a4143f28d5ebc38f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a7:90:2d:65:f6:77:9e:0f:72:89:c4:5a:26:
c9:5b:a1:cf:5a:dc:1c:cc:81:0d:7c:1f:11:46:9e:
95:51:34:d5:6e:06:9b:72:d9:f9:43:4c:f2:2f:52:
a6:2b:3d:34:b4:df:69:c4:c5:b4:d2:93:5c:0e:ed:
5e:5b:49:4d:c5:95:36:a1:6b:33:53:08:86:b3:90:
46:93:4f:52:30:a1:4b:0a:a1:57:59:e4:e5:02:f4:
ac:96:c1:ad:b4:64:81:a9:22:eb:64:55:b9:55:3c:
02:63:0e:39:98:82:71:05:0b:90:a4:4b:30:a6:10:
b5:97:62:1f:8e:31:87:7c:fc:b2:65:bd:0d:aa:19:
21:97:00:c1:67:7b:8b:07:5d:2e:4c:2e:5b:53:4d:
d6:dc:ac:2c:65:8d:04:d9:4b:8b:a3:6a:b0:6f:94:
17:cb:ed:1b:12:73:54:1f:05:63:c8:8b:dc:de:75:
86:bb:ee:35:06:6f:97:f4:13:25:f5:94:93:da:6c:
fa:39:43:80:01:aa:b8:2b:f5:1a:14:84:6a:86:97:
9c:3a:02:ec:b9:52:b9:98:4b:98:67:c9:8a:a1:3b:
13:41:54:c7:ad:f1:ee:75:ea:2b:f6:76:05:49:a2:
30:aa:63:50:f2:18:c6:00:1a:6c:7c:00:4f:c7:9b:
40:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:42:9D:B7:FE:2D:E6:D1:FF:E5:40:79:A4:14:3F:28:D5:EB:C3:8F
X509v3 Authority Key Identifier:
keyid:BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/kEKdt_4t5tH_5UB5pBQ_KNXrw48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.50.32.0/23
212.50.36.0-212.50.41.255
212.50.44.0/24
212.50.54.0/23
212.50.61.0/24
IPv6:
2001:1b68::/29
Signature Algorithm: sha256WithRSAEncryption
37:e9:1b:f7:b1:8d:7f:3c:08:c1:de:c6:d2:61:94:48:55:6d:
0c:6f:e5:42:24:c6:d3:30:f0:9d:d2:4f:9f:44:b5:f2:af:9e:
aa:0f:4f:a6:1b:92:b6:de:54:db:10:bc:25:a7:ec:1a:f8:75:
e2:3b:7f:88:c7:44:30:17:25:de:8b:95:9c:0c:0d:fb:99:21:
0e:0a:36:0a:2a:72:ec:7d:20:05:9b:fe:ab:f4:78:46:18:a1:
04:1a:da:80:6b:49:58:7e:2b:17:ab:88:6e:b3:c8:26:7f:e4:
f4:7b:c6:3f:0b:04:ff:45:51:08:76:cf:59:6b:e6:e7:8c:d3:
0d:53:ec:6d:72:13:3b:b1:b1:10:d9:02:8e:30:af:92:f8:85:
63:2d:8e:a3:99:5d:10:75:81:6c:ea:2f:39:4b:75:08:47:06:
49:a5:63:14:43:b8:5f:0f:2a:d1:0b:25:25:03:ed:d2:92:22:
8d:f7:50:a1:01:3c:a9:f3:e9:f4:be:d0:fd:74:38:28:c7:f4:
f1:0b:60:e0:51:e1:e9:bb:37:de:89:68:79:f9:7e:37:43:04:
5c:b2:24:b7:e2:d3:67:ec:21:87:59:91:94:3c:e6:6c:2b:fa:
2d:dd:94:1e:fd:09:92:6b:48:ab:c6:93:a0:7d:89:da:21:9f:
60:83:43:2d
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAY3zwGNye4JvHraUxBn/hiGkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiOGQ2NGEwZGMyMTk5NmIxYzk5ZTY4Y2M5NTE2OTRlMjkz
ZWRlZmUwHhcNMjQwMjI5MDcyNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDQyOWRiN2ZlMmRlNmQxZmZlNTQwNzlhNDE0M2YyOGQ1ZWJjMzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6eQLWX2d54PconEWibJW6HPWtwc
zIENfB8RRp6VUTTVbgabctn5Q0zyL1KmKz00tN9pxMW00pNcDu1eW0lNxZU2oWsz
UwiGs5BGk09SMKFLCqFXWeTlAvSslsGttGSBqSLrZFW5VTwCYw45mIJxBQuQpEsw
phC1l2IfjjGHfPyyZb0NqhkhlwDBZ3uLB10uTC5bU03W3KwsZY0E2UuLo2qwb5QX
y+0bEnNUHwVjyIvc3nWGu+41Bm+X9BMl9ZST2mz6OUOAAaq4K/UaFIRqhpecOgLs
uVK5mEuYZ8mKoTsTQVTHrfHudeor9nYFSaIwqmNQ8hjGABpsfABPx5tA/wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFJBCnbf+LebR/+VAeaQUPyjV68OPMB8GA1UdIwQY
MBaAFLuNZKDcIZlrHJnmjMlRaU4pPt7+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTQxa29Od2htV3NjbWVhTXlWRnBUaWstM3Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8yMjAzMTgtNDZmMS00ZWJmLWE3OTUt
ZGQ0YTIxN2Q2MDZiLzEva0VLZHRfNHQ1dEhfNVVCNXBCUV9LTlhydzQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8yMjAzMTgtNDZmMS00ZWJmLWE3OTUtZGQ0YTIxN2Q2MDZi
LzEvdTQxa29Od2htV3NjbWVhTXlWRnBUaWstM3Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQB1DIgMAwD
BALUMiQDBAHUMigDBADUMiwDBAHUMjYDBADUMj0wDQQCAAIwBwMFAyABG2gwDQYJ
KoZIhvcNAQELBQADggEBADfpG/exjX88CMHextJhlEhVbQxv5UIkxtMw8J3ST59E
tfKvnqoPT6YbkrbeVNsQvCWn7Br4deI7f4jHRDAXJd6LlZwMDfuZIQ4KNgoqcux9
IAWb/qv0eEYYoQQa2oBrSVh+KxeriG6zyCZ/5PR7xj8LBP9FUQh2z1lr5ueM0w1T
7G1yEzuxsRDZAo4wr5L4hWMtjqOZXRB1gWzqLzlLdQhHBkmlYxRDuF8PKtELJSUD
7dKSIo33UKEBPKnz6fS+0P10OCjH9PELYOBR4em7N96JaHn5fjdDBFyyJLfi02fs
IYdZkZQ85mwr+i3dlB79CZJrSKvGk6B9idohn2CDQy0=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:59:47 2024 by rpki-client on console-ams.rpki-client.org