Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/MIINK5D5NiUt_CvcI8CVLf3_BGE.roa
File: MIINK5D5NiUt_CvcI8CVLf3_BGE.roa (raw, json)
Hash identifier: HQMStv5PKChgciUOSMfD2nVjqmwGwCe13WA4fbf7P5w=
Subject key identifier: 30:82:0D:2B:90:F9:36:25:2D:FC:2B:DC:23:C0:95:2D:FD:FF:04:61
Certificate issuer: /CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Certificate serial: 0192392D630F72CBF6E29C7A96DCC5364176
Authority key identifier: 66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/MIINK5D5NiUt_CvcI8CVLf3_BGE.roa
Signing time: Sat 28 Sep 2024 15:08:48 +0000
ROA not before: Sat 28 Sep 2024 15:08:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61135
IP address blocks: 212.64.201.0/24 maxlen: 24
212.64.202.0/24 maxlen: 24
212.64.210.0/24 maxlen: 32
212.64.211.0/24 maxlen: 32
212.64.214.0/24 maxlen: 32
212.64.216.0/24 maxlen: 32
212.64.217.0/24 maxlen: 32
212.64.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:39:2d:63:0f:72:cb:f6:e2:9c:7a:96:dc:c5:36:41:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Validity
Not Before: Sep 28 15:08:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30820d2b90f936252dfc2bdc23c0952dfdff0461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ed:a2:b8:09:7d:b8:b3:23:e7:25:20:b6:43:
36:9a:05:ae:8b:5a:32:21:1a:fd:c4:63:bb:8e:ec:
3f:98:39:94:dd:e7:eb:c6:50:cf:11:ff:c0:4c:c2:
ba:e5:b3:51:37:89:e6:8b:4e:e4:f3:b4:42:58:9c:
de:c8:50:fe:89:ad:c5:15:a0:74:ca:9e:98:56:2b:
dc:9c:ba:f6:e1:29:3f:9a:bd:11:c7:52:41:d9:24:
c5:bb:1f:20:1d:8d:fc:2d:3e:8e:c9:27:b8:cc:d8:
4c:e5:88:b1:ea:0a:eb:c2:24:2b:ff:0c:35:95:46:
f1:16:77:67:8b:28:39:14:bd:b8:92:9e:0c:72:b6:
f9:0f:7a:60:1f:3b:2f:64:6f:7c:64:65:7a:b9:3f:
43:a0:c0:cf:07:9b:79:e4:a6:e4:17:89:cd:0e:f7:
6c:46:8f:0e:e0:84:f1:e1:39:1b:c3:62:98:f4:6c:
61:3c:1c:8e:3a:01:82:3f:4c:59:3f:20:49:e7:c0:
ad:cb:d4:c4:55:a5:ff:81:89:58:fe:85:c8:57:cd:
2c:21:c3:e8:bf:9d:a5:b0:b6:25:8d:0f:a2:d2:ad:
c2:4f:35:4f:9f:b5:c4:4a:2d:13:39:23:d9:23:38:
08:7f:0c:a1:0d:f6:8d:fc:51:18:48:ff:18:d0:78:
4b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:82:0D:2B:90:F9:36:25:2D:FC:2B:DC:23:C0:95:2D:FD:FF:04:61
X509v3 Authority Key Identifier:
keyid:66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/MIINK5D5NiUt_CvcI8CVLf3_BGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.64.201.0-212.64.202.255
212.64.210.0/23
212.64.214.0/24
212.64.216.0-212.64.218.255
Signature Algorithm: sha256WithRSAEncryption
07:f2:d7:bf:f9:0f:03:b6:58:d1:8b:e2:10:80:15:35:bb:09:
b9:71:c2:2c:d9:b0:6b:46:fd:bb:5a:02:a6:33:cb:5c:05:44:
8d:ed:0e:9f:2b:a0:2f:65:db:2a:7f:49:13:fa:ff:3a:76:d1:
f6:b9:9d:02:ac:32:db:ca:ac:af:97:7c:59:6d:13:c7:31:42:
9a:69:56:aa:59:27:9c:51:99:e2:0e:29:ac:70:e7:f5:20:4e:
13:3e:b3:3d:10:f2:13:82:39:af:35:84:c8:60:a8:52:55:7c:
b2:ae:2c:5a:39:bd:63:54:82:11:6d:54:cc:a9:f4:71:1c:85:
db:92:18:5f:fc:80:7a:ce:06:cb:1b:a2:b9:85:90:54:4c:bb:
ff:b2:a8:20:1f:a1:e9:bf:65:f4:74:7f:20:56:ea:ab:82:ea:
a8:4a:d5:f9:04:e6:11:83:a9:f4:0a:d7:31:9c:d5:4d:3a:74:
c4:fa:c7:3a:75:42:f1:c1:5a:99:9f:4e:15:22:53:ac:8b:09:
9c:5d:fd:4e:2d:18:93:ab:69:e9:3e:cf:d1:7a:6e:c0:94:f3:
f4:b9:1d:63:e0:14:f9:3c:33:20:d4:c6:95:b2:24:71:44:79:
9b:3b:44:54:56:01:2e:23:ad:10:25:3b:f4:37:8a:a6:60:61:
eb:d6:b5:ea
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZI5LWMPcsv24px6ltzFNkF2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NDBmODljZTIyNjQ1Yjk3Mjk3ZDc4MDM3MjZkYzJmYjBl
NWY0YjkwHhcNMjQwOTI4MTUwODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDgyMGQyYjkwZjkzNjI1MmRmYzJiZGMyM2MwOTUyZGZkZmYwNDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+2iuAl9uLMj5yUgtkM2mgWui1oy
IRr9xGO7juw/mDmU3efrxlDPEf/ATMK65bNRN4nmi07k87RCWJzeyFD+ia3FFaB0
yp6YVivcnLr24Sk/mr0Rx1JB2STFux8gHY38LT6OySe4zNhM5Yix6grrwiQr/ww1
lUbxFndniyg5FL24kp4Mcrb5D3pgHzsvZG98ZGV6uT9DoMDPB5t55KbkF4nNDvds
Ro8O4ITx4Tkbw2KY9GxhPByOOgGCP0xZPyBJ58Cty9TEVaX/gYlY/oXIV80sIcPo
v52lsLYljQ+i0q3CTzVPn7XESi0TOSPZIzgIfwyhDfaN/FEYSP8Y0HhL8wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDCCDSuQ+TYlLfwr3CPAlS39/wRhMB8GA1UdIwQY
MBaAFGZA+JziJkW5cpfXgDcm3C+w5fS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEt
NDRhYjdhOWQ3ZGVhLzEvTUlJTks1RDVOaVV0X0N2Y0k4Q1ZMZjNfQkdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEtNDRhYjdhOWQ3ZGVh
LzEvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBADUQMkD
BADUQMoDBAHUQNIDBADUQNYwDAMEA9RA2AMEANRA2jANBgkqhkiG9w0BAQsFAAOC
AQEAB/LXv/kPA7ZY0YviEIAVNbsJuXHCLNmwa0b9u1oCpjPLXAVEje0OnyugL2Xb
Kn9JE/r/OnbR9rmdAqwy28qsr5d8WW0TxzFCmmlWqlknnFGZ4g4prHDn9SBOEz6z
PRDyE4I5rzWEyGCoUlV8sq4sWjm9Y1SCEW1UzKn0cRyF25IYX/yAes4GyxuiuYWQ
VEy7/7KoIB+h6b9l9HR/IFbqq4LqqErV+QTmEYOp9ArXMZzVTTp0xPrHOnVC8cFa
mZ9OFSJTrIsJnF39Ti0Yk6tp6T7P0XpuwJTz9LkdY+AU+TwzINTGlbIkcUR5mztE
VFYBLiOtECU79DeKpmBh69a16g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:13:32 2024 by rpki-client on console-fra.rpki-client.org