Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/ctGKlWd4um8lb6xQbeiIgwyF_3w.roa
File: ctGKlWd4um8lb6xQbeiIgwyF_3w.roa (raw, json)
Hash identifier: MH708N9Bt1i0J07aI+TeuAiTU+V4XTI0uY0CvGGAU4M=
Subject key identifier: 72:D1:8A:95:67:78:BA:6F:25:6F:AC:50:6D:E8:88:83:0C:85:FF:7C
Certificate issuer: /CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Certificate serial: 018CC3B73F45D8588EB15627CCDC9D38CED7
Authority key identifier: 2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/ctGKlWd4um8lb6xQbeiIgwyF_3w.roa
Signing time: Mon 01 Jan 2024 06:30:15 +0000
ROA not before: Mon 01 Jan 2024 06:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199855
IP address blocks: 212.14.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:3f:45:d8:58:8e:b1:56:27:cc:dc:9d:38:ce:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Validity
Not Before: Jan 1 06:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72d18a956778ba6f256fac506de888830c85ff7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f8:68:c9:2d:03:d2:72:ec:a2:d6:e4:ff:91:
ad:23:97:8a:81:5d:c3:c6:14:ca:74:fb:ef:f9:fc:
86:c5:c8:b4:0b:7b:a8:ae:5f:31:99:43:9d:10:d1:
39:22:f3:03:4b:36:d6:72:59:eb:5d:f8:3b:ed:8f:
4c:ad:5a:db:0f:e4:5a:da:f2:a1:32:2e:52:83:0e:
dd:a4:93:0b:a0:95:f6:99:af:66:c0:f7:47:63:3f:
7c:7f:cd:f6:0c:e6:39:ae:ce:ba:78:1f:8c:bd:14:
ea:90:aa:63:04:32:1e:2f:c6:6c:37:87:38:ec:93:
04:0a:90:a5:17:98:0c:15:dd:85:55:4b:9c:fe:dc:
14:83:3e:3a:8e:a6:17:a1:f8:ca:b3:30:e3:22:b9:
6f:36:e2:88:3e:61:f2:e1:8b:97:fb:ea:74:a2:04:
16:00:88:51:70:e6:62:ab:c3:0c:28:31:03:97:fb:
a9:9f:4a:07:d9:49:b8:25:9b:65:d2:6d:73:06:d0:
71:98:c2:75:bf:90:2d:2b:b5:76:53:24:85:19:40:
4b:87:e4:12:2f:4d:91:29:16:8f:64:dc:5b:92:dc:
fe:f1:a5:80:3b:18:90:43:c9:d4:f3:f3:97:f6:2a:
c2:b3:5a:89:58:fb:81:7b:25:ce:e9:ed:74:8e:bc:
46:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D1:8A:95:67:78:BA:6F:25:6F:AC:50:6D:E8:88:83:0C:85:FF:7C
X509v3 Authority Key Identifier:
keyid:2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/ctGKlWd4um8lb6xQbeiIgwyF_3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.14.55.0/24
Signature Algorithm: sha256WithRSAEncryption
09:0e:ca:82:a9:02:1b:12:67:82:1e:ca:f7:d3:ef:8b:bf:01:
15:ab:f7:a4:96:a0:87:cc:39:33:fe:0b:9f:58:8b:41:27:7e:
92:cd:20:26:45:7c:34:0a:4c:ff:8d:0f:a5:b8:24:f6:a6:f1:
9a:dd:b8:c9:55:8b:ba:04:fb:a8:70:70:87:00:10:9e:4d:c5:
b9:8d:0a:85:51:04:77:93:03:4a:7d:02:d0:c7:44:af:0e:07:
5b:d8:da:0d:06:49:93:e0:51:81:22:5e:3a:e6:d4:25:9b:06:
e4:1e:58:02:57:3d:fc:37:b0:e8:bc:c2:06:cd:7f:36:5c:0b:
fc:c4:ea:df:17:af:71:3e:46:f1:ad:eb:97:fd:b3:cb:5b:aa:
56:ab:8e:d1:1b:f4:b1:7b:6c:d7:e6:0c:7f:de:f5:17:5f:f8:
b9:9a:24:86:f5:89:79:57:d3:b3:83:f9:2e:95:1b:38:54:e4:
db:c3:87:58:c9:d9:f1:91:74:df:16:ed:48:05:90:50:4e:eb:
73:e8:af:2e:fa:0f:84:4e:ab:9f:e6:16:ab:9e:09:97:0f:d8:
88:c5:c5:56:c5:60:0d:cc:95:fd:2b:0a:fe:e4:10:dc:31:ee:
6d:08:ed:67:d8:e7:97:fa:06:4b:84:20:65:e0:36:a0:ae:c7:
ea:c5:cf:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtz9F2FiOsVYnzNydOM7XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzY0ZGMyMWNiNWZkNGQwYmNiMDJjYzJiNDNmZDc1MWZk
OTFlMWUwHhcNMjQwMTAxMDYzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmQxOGE5NTY3NzhiYTZmMjU2ZmFjNTA2ZGU4ODg4MzBjODVmZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfhoyS0D0nLsotbk/5GtI5eKgV3D
xhTKdPvv+fyGxci0C3uorl8xmUOdENE5IvMDSzbWclnrXfg77Y9MrVrbD+Ra2vKh
Mi5Sgw7dpJMLoJX2ma9mwPdHYz98f832DOY5rs66eB+MvRTqkKpjBDIeL8ZsN4c4
7JMECpClF5gMFd2FVUuc/twUgz46jqYXofjKszDjIrlvNuKIPmHy4YuX++p0ogQW
AIhRcOZiq8MMKDEDl/upn0oH2Um4JZtl0m1zBtBxmMJ1v5AtK7V2UySFGUBLh+QS
L02RKRaPZNxbktz+8aWAOxiQQ8nU8/OX9irCs1qJWPuBeyXO6e10jrxGXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHLRipVneLpvJW+sUG3oiIMMhf98MB8GA1UdIwQY
MBaAFCrGTcIctf1NC8sCzCtD/XUf2R4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAt
MDk3YzNjMWMyNTQwLzEvY3RHS2xXZDR1bThsYjZ4UWJlaUlnd3lGXzN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAtMDk3YzNjMWMyNTQw
LzEvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1A43MA0G
CSqGSIb3DQEBCwUAA4IBAQAJDsqCqQIbEmeCHsr30++LvwEVq/eklqCHzDkz/guf
WItBJ36SzSAmRXw0Ckz/jQ+luCT2pvGa3bjJVYu6BPuocHCHABCeTcW5jQqFUQR3
kwNKfQLQx0SvDgdb2NoNBkmT4FGBIl465tQlmwbkHlgCVz38N7DovMIGzX82XAv8
xOrfF69xPkbxreuX/bPLW6pWq47RG/Sxe2zX5gx/3vUXX/i5miSG9Yl5V9Ozg/ku
lRs4VOTbw4dYydnxkXTfFu1IBZBQTutz6K8u+g+ETquf5harngmXD9iIxcVWxWAN
zJX9Kwr+5BDcMe5tCO1n2OeX+gZLhCBl4Dagrsfqxc8I
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:17:47 2024 by rpki-client on console-ams.rpki-client.org