Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/7GtHnuRSHdiBGK9BNS6fhWiGnrs.roa
File: 7GtHnuRSHdiBGK9BNS6fhWiGnrs.roa (raw, json)
Hash identifier: 1xfi8JsZTjefG3U9aQmZ2wIKpPQtqFvMx/LJcPpYnf0=
Subject key identifier: EC:6B:47:9E:E4:52:1D:D8:81:18:AF:41:35:2E:9F:85:68:86:9E:BB
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018CC80204AB8DF3821B8204E4A3ADAFDBBA
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/7GtHnuRSHdiBGK9BNS6fhWiGnrs.roa
Signing time: Tue 02 Jan 2024 02:30:24 +0000
ROA not before: Tue 02 Jan 2024 02:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34875
IP address blocks: 212.220.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:04:ab:8d:f3:82:1b:82:04:e4:a3:ad:af:db:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 02:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec6b479ee4521dd88118af41352e9f8568869ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ed:94:db:ac:7b:55:86:ff:8c:5c:88:a1:e6:
db:b7:a7:7f:39:f9:8a:16:56:6e:d2:e9:39:fe:89:
b3:2c:25:ee:13:86:5f:d0:b8:41:7e:6e:60:1f:7c:
61:25:f3:60:62:66:ec:3f:1c:1e:1f:50:10:54:48:
ce:ae:7f:5f:82:e4:55:a9:ab:9b:9d:ba:39:ec:0a:
a8:ef:f2:8e:b3:ba:69:98:3e:c8:05:f8:87:34:3b:
cd:7a:3b:55:d7:b1:5a:ea:ee:f4:b1:37:01:07:fc:
9d:73:50:f8:e4:b6:95:e4:45:43:ea:8d:21:ca:d2:
9f:35:41:4b:6f:1d:67:ae:bc:da:b7:39:28:f6:4b:
dd:58:14:ec:5d:fb:51:da:0b:00:12:c7:d5:f9:5f:
16:af:3b:7d:a5:d6:57:03:aa:ff:d9:bf:e0:f7:f4:
3f:ce:d1:6e:2d:cc:ed:ae:a0:6b:1d:0b:4c:f1:95:
06:72:5d:19:45:c3:97:ee:ea:43:df:e2:83:56:89:
3a:23:31:be:f7:8f:0b:a1:ac:7b:e7:57:b6:cf:b3:
0f:ca:61:eb:14:88:c8:eb:75:c4:36:35:19:2c:ec:
47:11:27:a9:ff:10:70:a9:db:f4:ec:e3:2e:c7:60:
bb:79:19:77:a2:3a:30:ea:55:dc:5c:a2:9b:92:2b:
62:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:6B:47:9E:E4:52:1D:D8:81:18:AF:41:35:2E:9F:85:68:86:9E:BB
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/7GtHnuRSHdiBGK9BNS6fhWiGnrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.220.4.0/24
Signature Algorithm: sha256WithRSAEncryption
47:cc:df:47:91:23:2a:ae:2a:6b:bb:86:72:0a:56:a0:39:c1:
11:82:9d:b4:21:a4:0a:62:bf:0c:34:69:69:f4:e3:c0:d8:ad:
04:54:29:a6:a8:3a:fb:56:35:12:c1:58:a0:77:34:02:65:26:
35:25:da:33:6c:df:86:ff:51:d6:41:ea:b5:ff:9f:16:27:bb:
1d:5b:a2:47:1a:10:0c:69:a8:00:85:c1:ff:49:10:6f:b0:0e:
ad:71:73:94:91:64:a6:70:53:1c:78:47:3f:f3:99:0f:fc:e2:
e2:ae:49:1e:72:75:24:99:24:14:d0:e4:93:2f:4f:39:b9:25:
cf:46:80:d0:bd:5c:47:28:49:07:15:13:5c:67:c5:8e:22:09:
ce:12:5a:6f:dc:66:46:32:41:14:e6:07:4c:c0:61:f7:e8:ef:
af:7e:fe:da:1a:61:4d:8c:66:3e:27:d5:2e:6c:32:7b:a5:cb:
ca:5f:24:4c:ff:e2:51:80:14:43:61:ee:fe:6a:dd:54:fb:80:
ac:bc:a8:84:89:29:c1:2c:50:b3:97:7f:23:ac:4a:35:fe:10:
20:60:b7:e6:82:9a:63:04:14:89:48:68:6a:bd:bc:be:47:9d:
61:f4:e3:a2:b9:10:1b:8d:90:c3:a9:8b:1d:8a:e1:a3:d4:bf:
d3:0e:28:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAgSrjfOCG4IE5KOtr9u6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMTAyMDIzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzZiNDc5ZWU0NTIxZGQ4ODExOGFmNDEzNTJlOWY4NTY4ODY5ZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsu2U26x7VYb/jFyIoebbt6d/OfmK
FlZu0uk5/omzLCXuE4Zf0LhBfm5gH3xhJfNgYmbsPxweH1AQVEjOrn9fguRVqaub
nbo57Aqo7/KOs7ppmD7IBfiHNDvNejtV17Fa6u70sTcBB/ydc1D45LaV5EVD6o0h
ytKfNUFLbx1nrrzatzko9kvdWBTsXftR2gsAEsfV+V8Wrzt9pdZXA6r/2b/g9/Q/
ztFuLcztrqBrHQtM8ZUGcl0ZRcOX7upD3+KDVok6IzG+948Loax751e2z7MPymHr
FIjI63XENjUZLOxHESep/xBwqdv07OMux2C7eRl3ojow6lXcXKKbkitiPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOxrR57kUh3YgRivQTUun4Vohp67MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvN0d0SG51UlNIZGlCR0s5Qk5TNmZoV2lHbnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1NwEMA0G
CSqGSIb3DQEBCwUAA4IBAQBHzN9HkSMqripru4ZyClagOcERgp20IaQKYr8MNGlp
9OPA2K0EVCmmqDr7VjUSwVigdzQCZSY1JdozbN+G/1HWQeq1/58WJ7sdW6JHGhAM
aagAhcH/SRBvsA6tcXOUkWSmcFMceEc/85kP/OLirkkecnUkmSQU0OSTL085uSXP
RoDQvVxHKEkHFRNcZ8WOIgnOElpv3GZGMkEU5gdMwGH36O+vfv7aGmFNjGY+J9Uu
bDJ7pcvKXyRM/+JRgBRDYe7+at1U+4CsvKiEiSnBLFCzl38jrEo1/hAgYLfmgppj
BBSJSGhqvby+R51h9OOiuRAbjZDDqYsdiuGj1L/TDigH
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:43:26 2024 by rpki-client on console-fra.rpki-client.org