Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/TRjKNCruN6VTLjRpdNGmGpiAgGI.roa
File: TRjKNCruN6VTLjRpdNGmGpiAgGI.roa (raw, json)
Hash identifier: DxFdb+FkvU9z8EiLhr4acr6h2NqW34bQUnmGiPTuyfQ=
Subject key identifier: 4D:18:CA:34:2A:EE:37:A5:53:2E:34:69:74:D1:A6:1A:98:80:80:62
Certificate issuer: /CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Certificate serial: 018D5A7A95EADF1F6562F2CD415AE49B6814
Authority key identifier: 66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/TRjKNCruN6VTLjRpdNGmGpiAgGI.roa
Signing time: Tue 30 Jan 2024 13:06:39 +0000
ROA not before: Tue 30 Jan 2024 13:06:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12599
IP address blocks: 212.64.192.0/24 maxlen: 24
212.64.194.0/24 maxlen: 24
212.64.197.0/24 maxlen: 24
212.64.198.0/24 maxlen: 24
212.64.200.0/24 maxlen: 24
212.64.203.0/24 maxlen: 24
212.64.204.0/24 maxlen: 24
212.64.205.0/24 maxlen: 24
212.64.206.0/24 maxlen: 24
212.64.207.0/24 maxlen: 24
212.64.208.0/24 maxlen: 24
212.64.209.0/24 maxlen: 24
212.64.212.0/24 maxlen: 24
212.64.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:7a:95:ea:df:1f:65:62:f2:cd:41:5a:e4:9b:68:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Validity
Not Before: Jan 30 13:06:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d18ca342aee37a5532e346974d1a61a98808062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f7:0e:c3:e9:60:22:74:04:6a:5e:58:e9:8d:
a6:4c:69:7b:1f:6e:ab:4e:c6:b7:11:b3:90:d7:33:
29:2c:4e:25:39:f7:d7:5d:a9:da:5c:74:6c:0e:a5:
d9:cf:96:77:87:75:02:f2:61:82:dd:e3:aa:aa:71:
38:28:18:c2:09:b3:7d:92:b2:bc:2e:59:2f:68:dd:
35:b3:2f:1d:9d:90:04:1a:a9:0a:fe:c9:94:f4:ba:
bc:c6:61:fb:64:e5:31:64:4e:89:61:85:6d:c2:6f:
59:77:4f:1d:2e:37:76:4e:20:ed:48:89:b7:58:9b:
24:da:34:38:be:a2:55:96:28:a2:e4:c9:7b:2b:9d:
d3:cb:e9:00:89:72:af:da:90:07:27:b3:f0:99:71:
bd:4b:aa:a9:09:18:26:77:5f:02:61:d4:ec:ca:ec:
df:8d:13:12:2e:96:58:53:20:76:86:60:90:d3:01:
77:34:45:18:38:7c:2d:8b:cd:a6:b6:07:9d:ba:8a:
ca:b6:a9:91:e2:f8:01:b9:72:c8:ee:fa:c8:67:42:
e6:1e:77:52:7f:8a:d3:7d:48:4e:9b:07:3b:21:fc:
53:d1:a4:77:ac:4f:47:77:00:2f:7e:c8:77:42:93:
96:45:b2:ec:a7:53:2d:07:f8:13:52:79:3a:2f:e6:
e2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:18:CA:34:2A:EE:37:A5:53:2E:34:69:74:D1:A6:1A:98:80:80:62
X509v3 Authority Key Identifier:
keyid:66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/TRjKNCruN6VTLjRpdNGmGpiAgGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.64.192.0/24
212.64.194.0/24
212.64.197.0-212.64.198.255
212.64.200.0/24
212.64.203.0-212.64.209.255
212.64.212.0/24
212.64.220.0/24
Signature Algorithm: sha256WithRSAEncryption
23:9d:36:a2:05:38:b5:c2:4e:32:20:65:32:80:94:30:fe:f2:
f9:9b:ac:21:4c:ee:6b:02:ab:b7:19:bc:14:98:74:7e:7d:31:
c8:06:e9:3e:6e:64:31:00:d8:f4:22:e1:ad:ee:9e:de:5d:49:
0d:90:ef:b0:8e:40:1d:4e:57:0d:9d:82:f6:72:56:d6:e5:1e:
79:ea:0c:cf:be:9e:a1:2c:35:95:80:0e:11:1f:13:47:60:65:
fe:14:cd:bf:21:9c:95:91:d5:a9:f2:8b:bb:22:d9:2b:0e:c1:
79:91:3f:63:98:f4:94:da:b9:d9:70:ff:d2:32:f3:c3:6a:1e:
8c:91:57:83:89:a9:71:65:ae:aa:94:12:dc:dd:f0:10:d6:38:
c6:8b:9c:e4:aa:6f:e8:30:09:df:0a:63:eb:b8:e6:62:65:a6:
c0:46:45:df:0e:41:83:51:b4:86:b5:89:7f:95:56:35:97:65:
c6:c2:08:b8:1b:64:7d:e6:20:71:32:2c:52:37:1b:32:17:1d:
27:79:30:0c:02:25:5d:56:d4:91:ab:7a:8d:b2:59:96:1e:59:
b8:f5:d8:c3:71:b0:02:07:d6:54:95:7e:af:5b:15:f0:28:d5:
e9:a6:14:fe:13:a7:b9:90:04:f7:db:ae:79:d8:5d:b3:04:3b:
2e:8a:5c:6b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAY1aepXq3x9lYvLNQVrkm2gUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NDBmODljZTIyNjQ1Yjk3Mjk3ZDc4MDM3MjZkYzJmYjBl
NWY0YjkwHhcNMjQwMTMwMTMwNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDE4Y2EzNDJhZWUzN2E1NTMyZTM0Njk3NGQxYTYxYTk4ODA4MDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPcOw+lgInQEal5Y6Y2mTGl7H26r
Tsa3EbOQ1zMpLE4lOffXXanaXHRsDqXZz5Z3h3UC8mGC3eOqqnE4KBjCCbN9krK8
LlkvaN01sy8dnZAEGqkK/smU9Lq8xmH7ZOUxZE6JYYVtwm9Zd08dLjd2TiDtSIm3
WJsk2jQ4vqJVliii5Ml7K53Ty+kAiXKv2pAHJ7PwmXG9S6qpCRgmd18CYdTsyuzf
jRMSLpZYUyB2hmCQ0wF3NEUYOHwti82mtgeduorKtqmR4vgBuXLI7vrIZ0LmHndS
f4rTfUhOmwc7IfxT0aR3rE9HdwAvfsh3QpOWRbLsp1MtB/gTUnk6L+bioQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFE0YyjQq7jelUy40aXTRphqYgIBiMB8GA1UdIwQY
MBaAFGZA+JziJkW5cpfXgDcm3C+w5fS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEt
NDRhYjdhOWQ3ZGVhLzEvVFJqS05DcnVONlZUTGpScGROR21HcGlBZ0dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEtNDRhYjdhOWQ3ZGVh
LzEvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQA1EDAAwQA
1EDCMAwDBADUQMUDBADUQMYDBADUQMgwDAMEANRAywMEAdRA0AMEANRA1AMEANRA
3DANBgkqhkiG9w0BAQsFAAOCAQEAI502ogU4tcJOMiBlMoCUMP7y+ZusIUzuawKr
txm8FJh0fn0xyAbpPm5kMQDY9CLhre6e3l1JDZDvsI5AHU5XDZ2C9nJW1uUeeeoM
z76eoSw1lYAOER8TR2Bl/hTNvyGclZHVqfKLuyLZKw7BeZE/Y5j0lNq52XD/0jLz
w2oejJFXg4mpcWWuqpQS3N3wENY4xouc5Kpv6DAJ3wpj67jmYmWmwEZF3w5Bg1G0
hrWJf5VWNZdlxsIIuBtkfeYgcTIsUjcbMhcdJ3kwDAIlXVbUkat6jbJZlh5ZuPXY
w3GwAgfWVJV+r1sV8CjV6aYU/hOnuZAE99uuedhdswQ7Lopcaw==
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:57:05 2024 by rpki-client on console-ams.rpki-client.org