Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/rKbW1lWdjk3xYG-VI4YlY75ihpU.roa
File: rKbW1lWdjk3xYG-VI4YlY75ihpU.roa (raw, json)
Hash identifier: 28a5C9OJvV457TiaNDS6BFI9/yshwZW9egAR14veQH8=
Subject key identifier: AC:A6:D6:D6:55:9D:8E:4D:F1:60:6F:95:23:86:25:63:BE:62:86:95
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01928A3FD4DEF08B088A22B51555CC4826E6
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/rKbW1lWdjk3xYG-VI4YlY75ihpU.roa
Signing time: Mon 14 Oct 2024 08:58:11 +0000
ROA not before: Mon 14 Oct 2024 08:58:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134176
IP address blocks: 217.177.34.0/24 maxlen: 24
217.177.72.0/24 maxlen: 24
217.180.21.0/24 maxlen: 24
217.180.44.0/24 maxlen: 24
217.180.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:3f:d4:de:f0:8b:08:8a:22:b5:15:55:cc:48:26:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Oct 14 08:58:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aca6d6d6559d8e4df1606f9523862563be628695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:58:1c:b8:16:72:3b:f8:6e:3e:6c:aa:2c:80:
aa:33:93:90:5d:a3:25:a8:c8:cb:34:a7:8f:32:64:
1a:2f:2b:9f:83:d7:66:59:79:6e:a0:f7:9f:d2:3e:
e3:cd:7f:11:62:2d:21:5f:07:53:aa:80:00:01:93:
20:80:c9:50:4b:db:82:c1:39:99:c6:37:9d:f0:44:
37:64:45:c4:54:1d:9f:5d:95:42:85:1a:ae:8c:2f:
da:22:ea:07:2b:0b:9b:05:2a:90:1c:96:90:cb:73:
cc:9e:4f:b4:a7:c5:5e:a5:92:ff:ad:0c:11:f1:92:
25:9f:0f:7e:3f:88:77:dc:77:9a:2a:b5:c9:c3:72:
f5:6b:cf:39:f7:2d:6b:ae:37:c7:52:fb:7c:7f:51:
41:30:8d:e7:b5:58:7b:bf:06:55:88:75:c1:f0:6b:
e1:a5:67:db:70:34:91:a8:01:49:6b:40:dc:fb:74:
91:18:97:fd:ab:bd:d2:8a:95:f8:56:d0:a1:a8:3c:
4b:ea:34:af:d1:de:00:7b:ae:ce:6f:9b:9b:19:8d:
cc:92:04:24:ad:e9:9d:15:df:e3:da:8c:85:e7:60:
bb:06:e9:71:9f:d5:e0:14:1b:99:38:bb:85:29:f0:
d7:d8:1d:b7:97:a9:0b:13:df:c0:2a:51:00:b5:76:
fe:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:A6:D6:D6:55:9D:8E:4D:F1:60:6F:95:23:86:25:63:BE:62:86:95
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/rKbW1lWdjk3xYG-VI4YlY75ihpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.177.34.0/24
217.177.72.0/24
217.180.21.0/24
217.180.44.0/24
217.180.47.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:4a:04:1b:76:c0:e3:fa:34:a7:67:9e:5f:f8:cc:c5:0a:cd:
68:37:09:83:fb:d3:1a:19:55:c8:f2:dc:72:7e:43:9a:95:f2:
b7:9d:6c:fe:b6:77:01:92:63:c2:2b:1b:21:67:bc:25:1c:ad:
24:92:9e:99:50:76:71:d7:be:e4:6f:b4:c9:2c:65:a4:68:30:
80:7e:b2:54:e1:5b:fb:ee:56:c4:10:e7:77:38:c7:9f:6b:d7:
e0:0f:7c:6f:cc:c4:8a:d2:1a:9a:f3:80:b2:b2:00:ed:28:e4:
68:95:b7:9f:d0:bf:c3:10:bd:1e:4b:b1:1b:e1:eb:3a:b4:fd:
95:df:60:d5:0e:97:b9:76:8e:cc:f2:43:b4:e1:18:c2:7d:7c:
8c:63:54:e9:26:ff:df:0a:a3:b5:02:af:d7:89:a9:a4:75:33:
ee:fa:22:15:5a:31:3b:4d:55:ac:52:9b:db:02:0b:de:ce:55:
18:6c:bd:5f:e8:4a:79:06:33:89:47:69:11:6d:31:fb:53:cd:
3a:11:4e:8a:b0:af:89:05:68:fa:9b:08:89:42:56:3e:eb:f4:
62:68:f0:96:4a:6f:20:33:e0:89:11:b2:9f:79:58:51:27:e2:
32:90:8c:ca:99:32:6e:e0:e3:0a:87:86:3c:e7:77:ff:f8:40:
67:d9:89:0b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZKKP9Te8IsIiiK1FVXMSCbmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQxMDE0MDg1ODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2E2ZDZkNjU1OWQ4ZTRkZjE2MDZmOTUyMzg2MjU2M2JlNjI4Njk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVgcuBZyO/huPmyqLICqM5OQXaMl
qMjLNKePMmQaLyufg9dmWXluoPef0j7jzX8RYi0hXwdTqoAAAZMggMlQS9uCwTmZ
xjed8EQ3ZEXEVB2fXZVChRqujC/aIuoHKwubBSqQHJaQy3PMnk+0p8VepZL/rQwR
8ZIlnw9+P4h33HeaKrXJw3L1a8859y1rrjfHUvt8f1FBMI3ntVh7vwZViHXB8Gvh
pWfbcDSRqAFJa0Dc+3SRGJf9q73SipX4VtChqDxL6jSv0d4Ae67Ob5ubGY3MkgQk
remdFd/j2oyF52C7Bulxn9XgFBuZOLuFKfDX2B23l6kLE9/AKlEAtXb+WQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKym1tZVnY5N8WBvlSOGJWO+YoaVMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvcktiVzFsV2RqazN4WUctVkk0WWxZNzVpaHBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQA2bEiAwQA
2bFIAwQA2bQVAwQA2bQsAwQA2bQvMA0GCSqGSIb3DQEBCwUAA4IBAQCsSgQbdsDj
+jSnZ55f+MzFCs1oNwmD+9MaGVXI8txyfkOalfK3nWz+tncBkmPCKxshZ7wlHK0k
kp6ZUHZx177kb7TJLGWkaDCAfrJU4Vv77lbEEOd3OMefa9fgD3xvzMSK0hqa84Cy
sgDtKORolbef0L/DEL0eS7Eb4es6tP2V32DVDpe5do7M8kO04RjCfXyMY1TpJv/f
CqO1Aq/XiamkdTPu+iIVWjE7TVWsUpvbAgvezlUYbL1f6Ep5BjOJR2kRbTH7U806
EU6KsK+JBWj6mwiJQlY+6/RiaPCWSm8gM+CJEbKfeVhRJ+IykIzKmTJu4OMKh4Y8
53f/+EBn2YkL
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:56:00 2024 by rpki-client on console-fra.rpki-client.org