Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/7-ly6BhVGc20VAsisPVpGTjKQvo.roa
File: 7-ly6BhVGc20VAsisPVpGTjKQvo.roa (raw, json)
Hash identifier: dkfHEJO+upO8jidpQvQww6cwPA7yH45J+2neaiz1Wx8=
Subject key identifier: EF:E9:72:E8:18:55:19:CD:B4:54:0B:22:B0:F5:69:19:38:CA:42:FA
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018ECC61D40E7278ADF83F9132851C9485ED
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/7-ly6BhVGc20VAsisPVpGTjKQvo.roa
Signing time: Thu 11 Apr 2024 08:59:07 +0000
ROA not before: Thu 11 Apr 2024 08:59:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12685
IP address blocks: 212.76.160.0/19 maxlen: 19
2a02:5a60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:61:d4:0e:72:78:ad:f8:3f:91:32:85:1c:94:85:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 11 08:59:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=efe972e8185519cdb4540b22b0f5691938ca42fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0c:ab:a0:2e:48:35:2c:12:e3:9f:d5:75:e4:
73:f3:f8:05:fd:14:6c:d6:3d:a1:bd:bb:1e:e4:a4:
ea:56:00:9e:62:83:98:2a:b6:53:ef:59:ff:e6:a3:
3f:a4:3c:60:a1:7b:e3:b8:93:3a:b0:6b:0c:1a:51:
5a:f9:ba:cf:5f:47:34:cf:77:27:1a:6c:a1:0f:c5:
ce:13:e8:2e:30:41:39:e8:aa:ec:ad:7b:91:ad:cf:
c8:41:bc:71:63:25:75:31:5e:f7:23:62:89:b7:c6:
57:17:5c:75:a7:37:bb:24:a4:4c:42:82:63:af:0a:
14:0c:cd:f3:81:0c:47:df:2e:5c:46:44:b5:47:09:
f6:a4:a8:00:84:bc:cf:6f:14:16:f7:e9:43:62:95:
89:c6:ba:5e:e0:c4:2f:49:d2:d5:91:d4:31:36:1d:
ce:76:74:1f:a5:c6:27:3f:10:90:38:3d:b8:e6:7b:
1f:98:e8:90:05:50:d5:6e:8f:13:a9:63:88:8a:4f:
71:0e:7f:71:6b:68:4d:dd:15:1c:23:40:b2:88:04:
11:87:06:f0:47:62:0d:39:74:32:31:7c:58:bc:60:
41:13:a6:f1:12:eb:31:2c:09:03:f5:1b:a8:8f:a3:
37:0f:f3:ba:9c:59:a2:3a:03:9e:f0:94:35:6a:12:
b4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:E9:72:E8:18:55:19:CD:B4:54:0B:22:B0:F5:69:19:38:CA:42:FA
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/7-ly6BhVGc20VAsisPVpGTjKQvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.76.160.0/19
IPv6:
2a02:5a60::/32
Signature Algorithm: sha256WithRSAEncryption
05:14:a1:3a:a7:b1:45:3f:54:b5:6d:79:7d:a2:12:f8:8a:fc:
68:3d:5a:2e:2c:73:53:ea:28:be:07:a3:6f:4a:f8:07:b3:83:
72:74:79:3a:23:41:42:56:8e:67:92:94:cb:01:c4:49:cb:23:
7b:af:83:3c:be:ed:f0:c6:df:57:ee:b1:48:46:be:4e:be:0d:
78:f3:65:5b:b1:b4:e6:f0:d0:2c:6e:2a:18:34:00:01:9f:ca:
0e:54:78:ae:26:ce:0b:99:35:62:d6:9b:11:63:34:32:86:c4:
f4:f5:f3:7a:d8:5e:58:23:1a:51:73:01:48:3c:80:3d:3e:6b:
39:b8:4f:b6:46:20:15:d9:7e:c6:fd:67:56:22:ad:89:51:c1:
2e:7c:b3:9c:38:a2:cb:1c:c7:e1:6a:dd:91:ef:77:cc:0b:12:
2b:f0:01:6b:a9:21:b9:d2:6e:5a:df:cb:3a:e9:b4:2b:d6:32:
f1:9b:36:14:0d:a1:66:0c:0f:94:1e:0d:36:30:5e:76:f2:64:
ba:af:9e:b1:65:ca:f4:1b:3f:a5:4b:28:84:c8:ef:91:a5:7d:
c9:7f:f3:81:b5:91:e1:77:4f:4b:24:af:1c:70:31:5e:47:16:
4e:db:80:37:ab:ed:07:a3:7a:f1:6b:5d:13:17:b5:52:0f:fd:
66:89:8f:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY7MYdQOcnit+D+RMoUclIXtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDExMDg1OTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmU5NzJlODE4NTUxOWNkYjQ1NDBiMjJiMGY1NjkxOTM4Y2E0MmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwyroC5INSwS45/VdeRz8/gF/RRs
1j2hvbse5KTqVgCeYoOYKrZT71n/5qM/pDxgoXvjuJM6sGsMGlFa+brPX0c0z3cn
GmyhD8XOE+guMEE56KrsrXuRrc/IQbxxYyV1MV73I2KJt8ZXF1x1pze7JKRMQoJj
rwoUDM3zgQxH3y5cRkS1Rwn2pKgAhLzPbxQW9+lDYpWJxrpe4MQvSdLVkdQxNh3O
dnQfpcYnPxCQOD245nsfmOiQBVDVbo8TqWOIik9xDn9xa2hN3RUcI0CyiAQRhwbw
R2INOXQyMXxYvGBBE6bxEusxLAkD9Ruoj6M3D/O6nFmiOgOe8JQ1ahK0yQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO/pcugYVRnNtFQLIrD1aRk4ykL6MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvNy1seTZCaFZHYzIwVkFzaXNQVnBHVGpLUXZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1EygMA0E
AgACMAcDBQAqAlpgMA0GCSqGSIb3DQEBCwUAA4IBAQAFFKE6p7FFP1S1bXl9ohL4
ivxoPVouLHNT6ii+B6NvSvgHs4NydHk6I0FCVo5nkpTLAcRJyyN7r4M8vu3wxt9X
7rFIRr5Ovg1482VbsbTm8NAsbioYNAABn8oOVHiuJs4LmTVi1psRYzQyhsT09fN6
2F5YIxpRcwFIPIA9Pms5uE+2RiAV2X7G/WdWIq2JUcEufLOcOKLLHMfhat2R73fM
CxIr8AFrqSG50m5a38s66bQr1jLxmzYUDaFmDA+UHg02MF528mS6r56xZcr0Gz+l
SyiEyO+RpX3Jf/OBtZHhd09LJK8ccDFeRxZO24A3q+0Ho3rxa10TF7VSD/1miY/x
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:27:56 2024 by rpki-client on console-ams.rpki-client.org