Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/JlPtSZ3Xcsqsv9PDtMRixlGX4NI.roa
File: JlPtSZ3Xcsqsv9PDtMRixlGX4NI.roa (raw, json)
Hash identifier: Mroy6N2FxIzsUearGUAC6EoFuqX0p6R1aQixfM8zUkQ=
Subject key identifier: 26:53:ED:49:9D:D7:72:CA:AC:BF:D3:C3:B4:C4:62:C6:51:97:E0:D2
Certificate issuer: /CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Certificate serial: 018D5A7A968BC77BCD4D359958B688DF92E0
Authority key identifier: 66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/JlPtSZ3Xcsqsv9PDtMRixlGX4NI.roa
Signing time: Tue 30 Jan 2024 13:06:39 +0000
ROA not before: Tue 30 Jan 2024 13:06:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61135
IP address blocks: 212.64.202.0/24 maxlen: 24
212.64.210.0/24 maxlen: 32
212.64.211.0/24 maxlen: 32
212.64.214.0/24 maxlen: 32
212.64.215.0/24 maxlen: 32
212.64.216.0/24 maxlen: 32
212.64.217.0/24 maxlen: 32
212.64.218.0/24 maxlen: 24
212.64.223.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 13:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:7a:96:8b:c7:7b:cd:4d:35:99:58:b6:88:df:92:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Validity
Not Before: Jan 30 13:06:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2653ed499dd772caacbfd3c3b4c462c65197e0d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b7:c7:3e:d8:28:49:06:69:49:24:da:fb:1e:
4e:65:ed:b9:72:2b:5d:94:db:a5:28:ba:91:ac:0b:
2e:e3:8f:78:d6:6f:16:42:7d:39:a1:15:c4:03:5a:
55:89:af:a0:b0:05:c8:4d:79:75:68:8f:f9:bb:e4:
d3:fc:18:d2:51:0a:fe:f7:b2:a7:03:5d:a7:9f:b1:
aa:7f:27:3a:cf:51:c9:b7:d8:34:ac:a6:ff:d3:0f:
92:5c:5c:de:fe:03:a1:ac:8f:cc:54:01:18:c3:82:
02:0e:67:cf:e3:8d:31:94:c2:0a:de:c8:34:e3:3e:
ed:16:a4:7d:05:44:4d:86:3f:72:3a:ec:e7:28:be:
17:e6:76:8b:83:61:f3:07:18:a3:be:9b:c6:3a:8b:
fc:d7:fb:f1:24:91:6f:6d:14:76:52:0d:e1:a1:8b:
fa:ce:1e:0e:f7:cd:7c:64:6c:1c:5b:36:c2:ce:6f:
e5:87:88:7e:55:27:22:26:e8:e8:76:17:e3:c7:56:
b0:f5:a5:34:c8:e1:e3:3c:d0:f7:70:44:88:d5:5a:
8a:8f:f8:e1:c4:ea:40:58:00:96:b5:83:dc:2b:b0:
7f:9f:34:d6:38:18:e8:ee:fd:c2:dc:7a:74:f9:e3:
89:cd:dc:93:b5:1b:cd:15:75:df:52:4d:63:c9:b4:
d5:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:53:ED:49:9D:D7:72:CA:AC:BF:D3:C3:B4:C4:62:C6:51:97:E0:D2
X509v3 Authority Key Identifier:
keyid:66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/JlPtSZ3Xcsqsv9PDtMRixlGX4NI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.64.202.0/24
212.64.210.0/23
212.64.214.0-212.64.218.255
212.64.223.0/24
Signature Algorithm: sha256WithRSAEncryption
13:b3:d8:55:49:ea:02:3c:b2:08:ec:d8:29:b8:a9:94:0a:c2:
a3:66:3d:57:ce:4f:95:5b:fb:26:0f:d1:4b:34:f2:ae:e0:82:
09:99:44:21:0a:69:5e:e7:41:88:af:9b:be:a0:1f:f9:95:7a:
6f:de:31:0e:39:c8:ec:c4:80:61:7a:e8:65:2b:8d:fb:56:2a:
d9:9d:90:22:19:c0:80:62:ca:da:69:03:9a:bd:75:81:92:75:
16:f1:8b:e4:c0:47:69:05:32:e1:d3:8a:13:ee:54:6f:fb:6c:
ae:d2:c2:96:ec:4e:4d:24:43:09:99:2a:b7:06:63:08:d7:de:
f1:4e:a2:38:ae:63:1a:ce:74:24:f0:02:38:72:47:8b:cd:63:
df:ef:fb:0c:9f:e4:5f:79:b1:94:d8:1b:4e:83:82:32:90:06:
40:e0:e7:85:88:f9:aa:b5:14:cf:6d:4a:70:22:d8:5a:e7:22:
f5:eb:04:be:f6:a6:2b:a4:f5:32:56:89:47:c1:6c:d9:bb:5f:
5c:1f:78:8f:d9:00:3d:81:71:39:92:a7:d2:1a:01:73:c0:b1:
bf:aa:8f:23:02:93:2e:3c:0a:99:f0:de:f9:59:1b:c5:82:32:
55:5c:eb:bb:d5:8d:6d:cd:b6:45:a3:d4:cb:40:14:42:dc:b9:
ae:97:94:9b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY1aepaLx3vNTTWZWLaI35LgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NDBmODljZTIyNjQ1Yjk3Mjk3ZDc4MDM3MjZkYzJmYjBl
NWY0YjkwHhcNMjQwMTMwMTMwNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjUzZWQ0OTlkZDc3MmNhYWNiZmQzYzNiNGM0NjJjNjUxOTdlMGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprfHPtgoSQZpSSTa+x5OZe25citd
lNulKLqRrAsu44941m8WQn05oRXEA1pVia+gsAXITXl1aI/5u+TT/BjSUQr+97Kn
A12nn7Gqfyc6z1HJt9g0rKb/0w+SXFze/gOhrI/MVAEYw4ICDmfP440xlMIK3sg0
4z7tFqR9BURNhj9yOuznKL4X5naLg2HzBxijvpvGOov81/vxJJFvbRR2Ug3hoYv6
zh4O9818ZGwcWzbCzm/lh4h+VSciJujodhfjx1aw9aU0yOHjPND3cESI1VqKj/jh
xOpAWACWtYPcK7B/nzTWOBjo7v3C3Hp0+eOJzdyTtRvNFXXfUk1jybTVcwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCZT7Umd13LKrL/Tw7TEYsZRl+DSMB8GA1UdIwQY
MBaAFGZA+JziJkW5cpfXgDcm3C+w5fS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEt
NDRhYjdhOWQ3ZGVhLzEvSmxQdFNaM1hjc3FzdjlQRHRNUml4bEdYNE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEtNDRhYjdhOWQ3ZGVh
LzEvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQA1EDKAwQB
1EDSMAwDBAHUQNYDBADUQNoDBADUQN8wDQYJKoZIhvcNAQELBQADggEBABOz2FVJ
6gI8sgjs2Cm4qZQKwqNmPVfOT5Vb+yYP0Us08q7gggmZRCEKaV7nQYivm76gH/mV
em/eMQ45yOzEgGF66GUrjftWKtmdkCIZwIBiytppA5q9dYGSdRbxi+TAR2kFMuHT
ihPuVG/7bK7SwpbsTk0kQwmZKrcGYwjX3vFOojiuYxrOdCTwAjhyR4vNY9/v+wyf
5F95sZTYG06DgjKQBkDg54WI+aq1FM9tSnAi2FrnIvXrBL72piuk9TJWiUfBbNm7
X1wfeI/ZAD2BcTmSp9IaAXPAsb+qjyMCky48Cpnw3vlZG8WCMlVc67vVjW3NtkWj
1MtAFELcua6XlJs=
-----END CERTIFICATE-----
Generated at Sun Jun 2 19:58:56 2024 by rpki-client on console-ams.rpki-client.org