Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/Car55AZkoV_56qAs9nimGo8iFm0.roa
File: Car55AZkoV_56qAs9nimGo8iFm0.roa (raw, json)
Hash identifier: GAiDk1MUIgFEEnuHIXAEHctvsPeypZwOBJFkgArn8rI=
Subject key identifier: 09:AA:F9:E4:06:64:A1:5F:F9:EA:A0:2C:F6:78:A6:1A:8F:22:16:6D
Certificate issuer: /CN=a1a2d637cb0accf8721f43e266ce213f8eddd26a
Certificate serial: 01908D871761987AF87CD90CE04F4D868B1B
Authority key identifier: A1:A2:D6:37:CB:0A:CC:F8:72:1F:43:E2:66:CE:21:3F:8E:DD:D2:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oaLWN8sKzPhyH0PiZs4hP47d0mo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/Car55AZkoV_56qAs9nimGo8iFm0.roa
Signing time: Sun 07 Jul 2024 14:09:19 +0000
ROA not before: Sun 07 Jul 2024 14:09:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 212.60.8.0/24 maxlen: 24
212.60.9.0/24 maxlen: 24
212.60.10.0/24 maxlen: 24
212.60.11.0/24 maxlen: 24
2a09:800:2000::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/oaLWN8sKzPhyH0PiZs4hP47d0mo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/oaLWN8sKzPhyH0PiZs4hP47d0mo.mft
rsync://rpki.ripe.net/repository/DEFAULT/oaLWN8sKzPhyH0PiZs4hP47d0mo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Sep 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8d:87:17:61:98:7a:f8:7c:d9:0c:e0:4f:4d:86:8b:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1a2d637cb0accf8721f43e266ce213f8eddd26a
Validity
Not Before: Jul 7 14:09:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09aaf9e40664a15ff9eaa02cf678a61a8f22166d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d6:da:99:71:ff:f0:24:aa:4c:8c:36:79:6d:
48:80:9f:0c:e4:ca:8c:28:b4:cc:25:1b:9d:04:58:
ab:d9:62:da:8f:4c:62:98:25:11:de:f5:1a:71:bc:
77:d8:cf:20:88:35:83:8d:da:0e:4a:ad:56:a4:36:
bc:52:58:07:bf:79:2e:42:03:99:14:fb:3e:63:51:
72:0c:d9:17:59:91:65:da:0d:8d:cd:e1:25:df:bf:
c5:00:f2:a7:a8:13:d5:b3:45:e5:d8:a5:64:d2:16:
0e:fa:02:4b:b1:92:cf:9e:83:d0:89:58:a4:e8:9f:
86:df:69:6a:bf:e4:ea:b7:e5:bb:2a:45:32:53:a8:
3e:78:79:ca:78:bd:34:ea:50:b0:83:c4:96:fd:8b:
e6:c6:1c:fe:ab:45:13:a5:10:87:1d:54:9c:e8:e7:
24:37:24:c8:92:32:ea:c8:b7:a8:eb:6b:4a:0c:c8:
e5:1c:65:2c:d9:26:97:4e:3b:0b:e2:e1:0e:ea:2a:
b3:19:83:11:f2:24:22:b6:c1:9b:c0:0d:90:4f:e7:
55:e5:aa:11:79:7c:d6:bd:f4:98:50:7f:07:7d:13:
6d:c4:cd:54:1d:fc:27:ab:d4:ff:8b:83:24:4a:da:
c3:e8:23:69:55:95:0f:e8:bc:cf:a7:bc:fb:f7:8c:
c2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:AA:F9:E4:06:64:A1:5F:F9:EA:A0:2C:F6:78:A6:1A:8F:22:16:6D
X509v3 Authority Key Identifier:
keyid:A1:A2:D6:37:CB:0A:CC:F8:72:1F:43:E2:66:CE:21:3F:8E:DD:D2:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oaLWN8sKzPhyH0PiZs4hP47d0mo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/Car55AZkoV_56qAs9nimGo8iFm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/oaLWN8sKzPhyH0PiZs4hP47d0mo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.60.8.0/22
IPv6:
2a09:800:2000::/35
Signature Algorithm: sha256WithRSAEncryption
6e:08:06:16:76:66:b1:a2:04:5e:44:83:f0:6a:0d:5b:86:f5:
ed:1f:48:47:e6:14:c4:53:ac:10:19:bc:d2:6e:67:4c:55:55:
11:1f:6c:3f:55:a0:61:bf:cb:13:c5:f0:eb:eb:21:4f:07:45:
b9:68:2d:b0:cf:81:f1:ed:b0:ad:6c:d4:7d:29:43:86:b7:18:
24:3d:1a:0c:4c:fb:4a:17:68:d6:24:e8:d7:7d:0b:16:b5:c9:
fc:4a:b7:c2:4f:9b:34:3a:f4:1a:b8:5a:87:e9:aa:fc:d5:50:
fa:81:09:99:57:21:62:cb:c7:1a:ca:14:2f:d5:5d:16:14:6c:
f0:50:5b:18:f2:6a:03:c9:23:e2:6c:bd:69:c8:1a:af:4f:b4:
c7:1d:5f:06:53:78:9d:f2:58:64:f3:38:34:9f:63:ff:8d:e0:
57:38:45:ad:e2:ad:36:22:3e:53:9a:ec:b2:fc:79:1d:a5:e9:
9d:26:60:40:b1:2f:2a:36:1e:83:aa:5b:ab:ae:02:da:74:b2:
93:5d:71:4a:07:cc:3b:1a:b9:77:df:7b:72:c7:30:fb:d8:50:
9c:4a:ed:e8:78:ca:c5:47:7c:d1:c6:89:51:f4:84:cd:3d:03:
cb:76:d8:59:9b:cd:de:61:a1:88:c5:7b:1c:4f:80:7b:57:8b:
09:c2:6f:e4
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZCNhxdhmHr4fNkM4E9NhosbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYTJkNjM3Y2IwYWNjZjg3MjFmNDNlMjY2Y2UyMTNmOGVk
ZGQyNmEwHhcNMjQwNzA3MTQwOTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWFhZjllNDA2NjRhMTVmZjllYWEwMmNmNjc4YTYxYThmMjIxNjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9bamXH/8CSqTIw2eW1IgJ8M5MqM
KLTMJRudBFir2WLaj0ximCUR3vUacbx32M8giDWDjdoOSq1WpDa8UlgHv3kuQgOZ
FPs+Y1FyDNkXWZFl2g2NzeEl37/FAPKnqBPVs0Xl2KVk0hYO+gJLsZLPnoPQiVik
6J+G32lqv+Tqt+W7KkUyU6g+eHnKeL006lCwg8SW/Yvmxhz+q0UTpRCHHVSc6Ock
NyTIkjLqyLeo62tKDMjlHGUs2SaXTjsL4uEO6iqzGYMR8iQitsGbwA2QT+dV5aoR
eXzWvfSYUH8HfRNtxM1UHfwnq9T/i4MkStrD6CNpVZUP6LzPp7z794zCaQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFAmq+eQGZKFf+eqgLPZ4phqPIhZtMB8GA1UdIwQY
MBaAFKGi1jfLCsz4ch9D4mbOIT+O3dJqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2FMV044c0t6UGh5SDBQaVpzNGhQNDdkMG1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9lZGJmNDQtMzczMi00NGZmLWE5NDQt
ZTIxOTc0YTI5NGJhLzEvQ2FyNTVBWmtvVl81NnFBczluaW1HbzhpRm0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9lZGJmNDQtMzczMi00NGZmLWE5NDQtZTIxOTc0YTI5NGJh
LzEvb2FMV044c0t6UGh5SDBQaVpzNGhQNDdkMG1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQC1DwIMA4E
AgACMAgDBgUqCQgAIDANBgkqhkiG9w0BAQsFAAOCAQEAbggGFnZmsaIEXkSD8GoN
W4b17R9IR+YUxFOsEBm80m5nTFVVER9sP1WgYb/LE8Xw6+shTwdFuWgtsM+B8e2w
rWzUfSlDhrcYJD0aDEz7Shdo1iTo130LFrXJ/Eq3wk+bNDr0Grhah+mq/NVQ+oEJ
mVchYsvHGsoUL9VdFhRs8FBbGPJqA8kj4my9acgar0+0xx1fBlN4nfJYZPM4NJ9j
/43gVzhFreKtNiI+U5rssvx5HaXpnSZgQLEvKjYeg6pbq64C2nSyk11xSgfMOxq5
d997cscw+9hQnErt6HjKxUd80caJUfSEzT0Dy3bYWZvN3mGhiMV7HE+Ae1eLCcJv
5A==
-----END CERTIFICATE-----
Generated at Sat Sep 7 21:20:47 2024 by rpki-client on console-ams.rpki-client.org