Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/r6ZNOKoszuhl0B14014rL1QAqEw.roa
File: r6ZNOKoszuhl0B14014rL1QAqEw.roa (raw, json)
Hash identifier: JBwBen/o/HPAmkJLZg5gdeCN8QNZ90VDjQSQdL9ihyo=
Subject key identifier: AF:A6:4D:38:AA:2C:CE:E8:65:D0:1D:78:D3:5E:2B:2F:54:00:A8:4C
Certificate issuer: /CN=a1a2d637cb0accf8721f43e266ce213f8eddd26a
Certificate serial: 018CC8DFA128F7DC6B0A68B55DA3DA12991D
Authority key identifier: A1:A2:D6:37:CB:0A:CC:F8:72:1F:43:E2:66:CE:21:3F:8E:DD:D2:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oaLWN8sKzPhyH0PiZs4hP47d0mo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/r6ZNOKoszuhl0B14014rL1QAqEw.roa
Signing time: Tue 02 Jan 2024 06:32:28 +0000
ROA not before: Tue 02 Jan 2024 06:32:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209975
IP address blocks: 212.60.8.0/24 maxlen: 24
212.60.8.0/22 maxlen: 22
212.60.9.0/24 maxlen: 24
212.60.11.0/24 maxlen: 24
212.60.10.0/24 maxlen: 24
2a09:800:1002::/48 maxlen: 48
2a09:800:1001::/48 maxlen: 48
2a09:800:4000::/35 maxlen: 35
2a09:800:2000::/35 maxlen: 35
2a09:800::/35 maxlen: 35
2a09:800::/36 maxlen: 36
2a09:800:1000::/48 maxlen: 48
2a09:800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/oaLWN8sKzPhyH0PiZs4hP47d0mo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/oaLWN8sKzPhyH0PiZs4hP47d0mo.mft
rsync://rpki.ripe.net/repository/DEFAULT/oaLWN8sKzPhyH0PiZs4hP47d0mo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:a1:28:f7:dc:6b:0a:68:b5:5d:a3:da:12:99:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1a2d637cb0accf8721f43e266ce213f8eddd26a
Validity
Not Before: Jan 2 06:32:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afa64d38aa2ccee865d01d78d35e2b2f5400a84c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:72:8e:4c:c8:22:f4:58:03:85:8f:3d:3b:85:
21:fe:a3:1f:06:2d:2c:14:18:62:b4:05:bd:97:f4:
41:21:3b:8e:8c:da:ae:80:08:21:98:51:68:f1:23:
c7:c3:b2:3f:a1:fb:65:3c:1f:33:33:4c:57:6b:41:
1d:14:fa:20:74:af:ca:6c:02:f0:23:6e:31:81:9d:
f4:10:0d:ad:5b:c8:dd:61:08:a3:dc:37:23:f4:47:
fc:b3:e8:d4:a6:7d:02:7d:70:f0:30:22:2e:6c:84:
31:ed:6a:40:73:2a:b3:64:cb:fd:f8:f3:ca:79:91:
c2:0c:31:0e:f0:13:d0:26:a3:4a:a3:13:c7:63:70:
0e:64:95:c5:91:32:e7:ad:ad:e3:4e:b9:59:8c:49:
fd:79:dc:a7:e7:8b:d5:cf:ef:6b:41:db:8a:ca:60:
75:40:f7:b6:89:14:bd:fe:0e:45:60:5b:d1:27:12:
f5:54:4c:9b:79:57:9f:56:85:77:3c:65:99:e4:2c:
5c:2b:a4:26:e9:c4:bc:eb:c5:17:aa:8c:8b:9a:41:
04:d4:cd:da:ee:bf:b1:60:3e:ae:06:97:9a:67:ef:
60:74:03:ea:ed:a2:4c:fb:d1:b8:18:ad:90:bb:1b:
34:f7:d7:3f:c5:94:1d:b4:55:9d:32:7e:14:0f:96:
34:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:A6:4D:38:AA:2C:CE:E8:65:D0:1D:78:D3:5E:2B:2F:54:00:A8:4C
X509v3 Authority Key Identifier:
keyid:A1:A2:D6:37:CB:0A:CC:F8:72:1F:43:E2:66:CE:21:3F:8E:DD:D2:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oaLWN8sKzPhyH0PiZs4hP47d0mo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/r6ZNOKoszuhl0B14014rL1QAqEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/oaLWN8sKzPhyH0PiZs4hP47d0mo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.60.8.0/22
IPv6:
2a09:800::/29
Signature Algorithm: sha256WithRSAEncryption
75:0c:5c:80:e0:cf:b8:da:0a:17:6f:fa:26:b0:87:d1:9c:9e:
ff:bf:d8:17:ba:29:2a:bb:68:ed:f0:11:0a:14:85:fb:da:bd:
18:fc:c6:e6:8e:ae:5b:78:5c:cd:ce:31:ae:5b:3e:a6:e1:7a:
9c:77:bc:a4:d9:4a:91:d6:f1:c4:25:f3:21:7f:af:2e:fc:89:
c1:d9:6f:20:ae:9e:9f:de:98:e1:e0:6d:9e:6d:8b:c1:1e:74:
d1:9a:4b:bc:ef:97:04:9d:b2:08:07:4d:94:2d:34:fd:b4:6e:
66:76:98:d8:dd:fa:26:cd:01:be:94:be:12:af:14:07:de:7f:
2d:a8:fe:f4:b7:09:f3:fa:5a:7a:1a:6a:da:4d:a9:e6:98:a1:
48:0e:0e:50:b8:5e:1d:44:23:47:10:fd:3e:cc:5c:ef:1c:a6:
1b:0f:d2:04:2d:38:a9:be:3e:f7:dd:bd:d1:f4:b0:55:88:5b:
d9:bc:5e:cb:4d:37:04:6b:07:e4:cb:b4:48:be:63:4a:c7:08:
b0:58:ee:c0:8d:7d:b4:41:29:f7:62:56:64:6d:30:d6:ae:9d:
42:8a:8b:fb:74:f6:5c:eb:8b:e5:fc:27:c6:a5:5a:df:92:9b:
62:ea:9a:f6:e3:a4:ac:32:02:ec:35:01:86:f3:ff:5d:2e:75:
f3:bb:33:02
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI36Eo99xrCmi1XaPaEpkdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYTJkNjM3Y2IwYWNjZjg3MjFmNDNlMjY2Y2UyMTNmOGVk
ZGQyNmEwHhcNMjQwMTAyMDYzMjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmE2NGQzOGFhMmNjZWU4NjVkMDFkNzhkMzVlMmIyZjU0MDBhODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHKOTMgi9FgDhY89O4Uh/qMfBi0s
FBhitAW9l/RBITuOjNqugAghmFFo8SPHw7I/oftlPB8zM0xXa0EdFPogdK/KbALw
I24xgZ30EA2tW8jdYQij3Dcj9Ef8s+jUpn0CfXDwMCIubIQx7WpAcyqzZMv9+PPK
eZHCDDEO8BPQJqNKoxPHY3AOZJXFkTLnra3jTrlZjEn9edyn54vVz+9rQduKymB1
QPe2iRS9/g5FYFvRJxL1VEybeVefVoV3PGWZ5CxcK6Qm6cS868UXqoyLmkEE1M3a
7r+xYD6uBpeaZ+9gdAPq7aJM+9G4GK2Quxs099c/xZQdtFWdMn4UD5Y0CwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK+mTTiqLM7oZdAdeNNeKy9UAKhMMB8GA1UdIwQY
MBaAFKGi1jfLCsz4ch9D4mbOIT+O3dJqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2FMV044c0t6UGh5SDBQaVpzNGhQNDdkMG1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9lZGJmNDQtMzczMi00NGZmLWE5NDQt
ZTIxOTc0YTI5NGJhLzEvcjZaTk9Lb3N6dWhsMEIxNDAxNHJMMVFBcUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9lZGJmNDQtMzczMi00NGZmLWE5NDQtZTIxOTc0YTI5NGJh
LzEvb2FMV044c0t6UGh5SDBQaVpzNGhQNDdkMG1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQC1DwIMA0E
AgACMAcDBQMqCQgAMA0GCSqGSIb3DQEBCwUAA4IBAQB1DFyA4M+42goXb/omsIfR
nJ7/v9gXuikqu2jt8BEKFIX72r0Y/Mbmjq5beFzNzjGuWz6m4Xqcd7yk2UqR1vHE
JfMhf68u/InB2W8grp6f3pjh4G2ebYvBHnTRmku875cEnbIIB02ULTT9tG5mdpjY
3fomzQG+lL4SrxQH3n8tqP70twnz+lp6GmraTanmmKFIDg5QuF4dRCNHEP0+zFzv
HKYbD9IELTipvj733b3R9LBViFvZvF7LTTcEawfky7RIvmNKxwiwWO7AjX20QSn3
YlZkbTDWrp1Ciov7dPZc64vl/CfGpVrfkpti6pr246SsMgLsNQGG8/9dLnXzuzMC
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:13:43 2024 by rpki-client on console-fra.rpki-client.org