Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/ECYrJIT23Mr8zc3R9J6WwTH-rZ0.roa
File: ECYrJIT23Mr8zc3R9J6WwTH-rZ0.roa (raw, json)
Hash identifier: nidZRh5FTZgOA8uxcd9MMbCG+4GtzPnJb7yJfpbIM9o=
Subject key identifier: 10:26:2B:24:84:F6:DC:CA:FC:CD:CD:D1:F4:9E:96:C1:31:FE:AD:9D
Certificate issuer: /CN=016e5e31fa8716aaa54e18fcdcfed3fc94db90b5
Certificate serial: 018CC64B65DB3D8603EBDE43289E27B28E95
Authority key identifier: 01:6E:5E:31:FA:87:16:AA:A5:4E:18:FC:DC:FE:D3:FC:94:DB:90:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AW5eMfqHFqqlThj83P7T_JTbkLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/ECYrJIT23Mr8zc3R9J6WwTH-rZ0.roa
Signing time: Mon 01 Jan 2024 18:31:19 +0000
ROA not before: Mon 01 Jan 2024 18:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206805
IP address blocks: 212.8.237.0/24 maxlen: 24
212.8.237.4/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/AW5eMfqHFqqlThj83P7T_JTbkLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/AW5eMfqHFqqlThj83P7T_JTbkLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/AW5eMfqHFqqlThj83P7T_JTbkLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:65:db:3d:86:03:eb:de:43:28:9e:27:b2:8e:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=016e5e31fa8716aaa54e18fcdcfed3fc94db90b5
Validity
Not Before: Jan 1 18:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10262b2484f6dccafccdcdd1f49e96c131fead9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:59:16:83:39:dc:85:c6:16:af:59:9a:10:5f:
87:bb:f3:ff:f8:5c:63:67:f6:f3:3e:2f:73:95:13:
d0:87:db:a5:25:97:ff:16:40:92:21:2f:6f:8d:ef:
36:d4:04:7a:2d:85:34:14:9a:f7:e0:81:61:13:94:
cd:be:a2:06:fe:3a:42:27:9f:67:3e:df:8e:bd:02:
e0:49:db:b9:06:8c:8a:b2:6b:84:fc:60:b4:e7:6a:
7c:69:0b:e4:42:1d:7d:0c:99:13:c3:d3:da:c5:ea:
b5:aa:48:81:30:25:9c:59:ef:c9:5b:19:c4:2d:a1:
92:66:0a:82:82:58:1a:d4:ae:8d:fd:a5:b3:50:23:
d7:27:5a:38:fe:00:96:45:34:af:45:45:40:15:0c:
4f:eb:9e:7d:84:5d:64:53:ce:fe:9b:a8:25:51:28:
c2:32:fa:c4:6c:22:f6:a9:27:9c:79:50:ce:41:4a:
41:c9:f0:f2:ab:38:2d:66:ea:0f:7f:4d:bf:d4:a3:
e7:5b:a2:79:9a:79:72:00:0a:b7:3f:40:b2:c8:de:
c4:bc:18:27:86:cc:a1:f0:81:75:2a:68:36:fc:cc:
80:d8:e2:9f:ba:dc:90:8f:a6:70:6c:27:41:f4:c4:
f6:bd:fa:78:ed:8b:bb:fb:de:b7:ed:3d:a1:c1:4e:
5f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:26:2B:24:84:F6:DC:CA:FC:CD:CD:D1:F4:9E:96:C1:31:FE:AD:9D
X509v3 Authority Key Identifier:
keyid:01:6E:5E:31:FA:87:16:AA:A5:4E:18:FC:DC:FE:D3:FC:94:DB:90:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AW5eMfqHFqqlThj83P7T_JTbkLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/ECYrJIT23Mr8zc3R9J6WwTH-rZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/AW5eMfqHFqqlThj83P7T_JTbkLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.8.237.0/24
Signature Algorithm: sha256WithRSAEncryption
72:2c:fc:09:f0:de:6f:5a:8e:5a:88:04:8e:78:ec:ad:5e:d2:
94:84:5b:b0:3b:95:9f:d7:35:04:4d:4d:6e:eb:ca:cb:19:c7:
ce:a8:a2:c3:e4:74:f1:72:b4:02:88:d2:1e:be:c8:3c:66:ae:
0c:91:50:8f:f9:b7:0a:f8:ec:85:f7:67:10:60:48:5f:e7:12:
8d:69:3a:f3:6a:a4:27:e7:96:bc:39:cd:0b:9f:f3:2f:92:85:
93:a3:b5:50:63:7d:9e:bf:15:09:ea:c8:0f:3e:6d:a1:17:5a:
be:da:26:48:c9:d8:88:1c:c1:23:3a:1b:ee:ef:4f:6c:86:01:
a1:56:aa:66:51:15:1e:7f:a2:ee:7e:5e:18:2b:7a:d4:7b:65:
13:92:76:c8:4e:9c:ae:b6:99:96:9d:0f:94:05:e9:11:dc:0b:
1d:cf:38:a9:76:c3:0d:8a:ec:20:a9:8d:73:84:8e:3a:58:5b:
a1:b2:19:72:ea:fb:b4:cf:aa:27:d4:89:dc:8f:a7:d8:d7:95:
5f:3f:c0:ce:61:f3:75:c8:cb:bc:b5:ff:22:26:90:6f:52:92:
73:a1:2d:f5:d5:ff:fb:38:00:5b:38:07:9e:35:fb:be:fc:72:
b2:6b:b5:fe:97:d2:11:d7:e5:a9:e9:a6:9f:89:e3:77:dc:5a:
15:3b:9b:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS2XbPYYD695DKJ4nso6VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNmU1ZTMxZmE4NzE2YWFhNTRlMThmY2RjZmVkM2ZjOTRk
YjkwYjUwHhcNMjQwMTAxMTgzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDI2MmIyNDg0ZjZkY2NhZmNjZGNkZDFmNDllOTZjMTMxZmVhZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlkWgznchcYWr1maEF+Hu/P/+Fxj
Z/bzPi9zlRPQh9ulJZf/FkCSIS9vje821AR6LYU0FJr34IFhE5TNvqIG/jpCJ59n
Pt+OvQLgSdu5BoyKsmuE/GC052p8aQvkQh19DJkTw9Paxeq1qkiBMCWcWe/JWxnE
LaGSZgqCglga1K6N/aWzUCPXJ1o4/gCWRTSvRUVAFQxP6559hF1kU87+m6glUSjC
MvrEbCL2qSeceVDOQUpByfDyqzgtZuoPf02/1KPnW6J5mnlyAAq3P0CyyN7EvBgn
hsyh8IF1Kmg2/MyA2OKfutyQj6ZwbCdB9MT2vfp47Yu7+9637T2hwU5fvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBAmKySE9tzK/M3N0fSelsEx/q2dMB8GA1UdIwQY
MBaAFAFuXjH6hxaqpU4Y/Nz+0/yU25C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVc1ZU1mcUhGcXFsVGhqODNQN1RfSlRia0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9hZjRlZjgtZWQwNy00YWNkLWE0MmYt
Yzk2YzJjZTg1OWU1LzEvRUNZckpJVDIzTXI4emMzUjlKNld3VEgtclowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9hZjRlZjgtZWQwNy00YWNkLWE0MmYtYzk2YzJjZTg1OWU1
LzEvQVc1ZU1mcUhGcXFsVGhqODNQN1RfSlRia0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1AjtMA0G
CSqGSIb3DQEBCwUAA4IBAQByLPwJ8N5vWo5aiASOeOytXtKUhFuwO5Wf1zUETU1u
68rLGcfOqKLD5HTxcrQCiNIevsg8Zq4MkVCP+bcK+OyF92cQYEhf5xKNaTrzaqQn
55a8Oc0Ln/MvkoWTo7VQY32evxUJ6sgPPm2hF1q+2iZIydiIHMEjOhvu709shgGh
VqpmURUef6Lufl4YK3rUe2UTknbITpyutpmWnQ+UBekR3AsdzzipdsMNiuwgqY1z
hI46WFuhshly6vu0z6on1Incj6fY15VfP8DOYfN1yMu8tf8iJpBvUpJzoS311f/7
OABbOAeeNfu+/HKya7X+l9IR1+Wp6aafieN33FoVO5u0
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:41:50 2024 by rpki-client on console-fra.rpki-client.org