Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/vHOhxSNIOwz3ZBtwX9ssT_oSkW4.roa
File: vHOhxSNIOwz3ZBtwX9ssT_oSkW4.roa (raw, json)
Hash identifier: yg/wsbvGY5wNDBubL1680BcQVApj4h7RMcdhsiG1tNI=
Subject key identifier: BC:73:A1:C5:23:48:3B:0C:F7:64:1B:70:5F:DB:2C:4F:FA:12:91:6E
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01928A3FD536AA810EE3197012BD30CC7078
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/vHOhxSNIOwz3ZBtwX9ssT_oSkW4.roa
Signing time: Mon 14 Oct 2024 08:58:12 +0000
ROA not before: Mon 14 Oct 2024 08:58:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201838
IP address blocks: 217.177.34.0/24 maxlen: 24
217.177.72.0/24 maxlen: 24
217.180.21.0/24 maxlen: 24
217.180.44.0/24 maxlen: 24
217.180.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:3f:d5:36:aa:81:0e:e3:19:70:12:bd:30:cc:70:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Oct 14 08:58:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc73a1c523483b0cf7641b705fdb2c4ffa12916e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d1:ec:52:e3:37:c9:42:07:68:3a:09:47:68:
25:1c:e0:10:6d:ee:61:d2:c6:af:3c:7d:b0:4a:60:
b5:5b:bd:4f:4f:78:a8:f1:24:1c:5c:7f:cb:d4:20:
20:12:ae:c1:98:23:b2:13:74:d7:8c:cc:7f:cb:e1:
d3:ef:f3:98:04:2d:b5:89:c1:38:ef:ed:8e:86:72:
a8:1b:2d:ec:cb:93:66:51:82:4b:b0:fd:af:a5:32:
8b:38:3d:01:ca:36:a3:42:07:be:cc:a2:0e:cc:90:
ff:fc:4c:2f:d2:28:96:aa:7b:fa:bf:a5:c6:6f:1d:
1a:07:eb:61:d7:2a:3c:6b:cf:dd:95:64:93:1f:23:
5b:fb:39:71:fb:9f:60:47:d1:a2:fa:cc:17:35:cc:
3f:04:74:ec:bd:9a:af:88:b1:1b:fd:2f:f0:d6:82:
4e:02:0b:c7:36:ce:ec:d4:6a:d5:19:2a:52:32:47:
0f:1c:88:e7:5f:7a:e8:75:19:ed:a3:7c:68:73:eb:
52:1c:30:eb:db:ac:9a:26:dd:e9:e8:a7:5c:87:49:
e4:e4:16:3a:fc:d6:ec:8d:67:cd:0f:33:18:03:49:
b7:53:94:3b:ca:c4:16:c7:86:6b:09:53:04:c8:ed:
13:97:04:3b:03:f0:de:81:14:66:9f:87:47:73:83:
1a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:73:A1:C5:23:48:3B:0C:F7:64:1B:70:5F:DB:2C:4F:FA:12:91:6E
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/vHOhxSNIOwz3ZBtwX9ssT_oSkW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.177.34.0/24
217.177.72.0/24
217.180.21.0/24
217.180.44.0/24
217.180.47.0/24
Signature Algorithm: sha256WithRSAEncryption
75:ca:72:e4:0c:2e:2a:bf:05:53:5a:de:02:78:d1:ef:e0:1f:
23:d1:f2:48:45:e0:33:0b:8b:75:68:f4:fc:57:4f:e2:2b:90:
8c:f6:7c:7b:72:bc:ff:fc:d0:19:a8:5c:ee:48:1c:8e:5b:29:
a6:ff:3b:9b:49:56:9f:37:ec:ed:6c:42:14:d9:47:9c:d1:4e:
09:e9:82:07:c7:24:5e:07:c8:73:61:b5:dc:f9:06:84:ee:6d:
bb:58:7c:a0:61:d0:7e:e0:39:1c:53:a7:8a:17:56:15:09:e6:
c7:90:c2:92:25:cd:88:a7:f3:e5:3f:ac:8d:ad:40:aa:f4:8a:
2f:b0:6f:dd:15:4b:84:7b:f0:6a:82:06:f0:2e:1d:c9:05:f1:
16:29:92:ff:24:97:c2:6b:e2:8d:4d:da:6c:be:9d:a6:7b:9d:
7f:d9:46:ce:b9:32:88:d1:6c:ce:62:46:2a:7c:58:d7:a7:d3:
83:36:f0:08:3a:2d:46:0f:8c:72:99:6c:f6:0e:50:64:7c:a3:
e2:5a:84:ea:cf:82:d1:b1:b0:e4:b9:0e:f7:8c:90:f4:7f:32:
97:1f:f4:92:0b:64:74:62:f4:4a:04:6a:ed:9c:4f:8e:c1:d2:
cd:b9:4d:b3:c9:6d:d3:5a:75:c7:16:79:c8:1e:d8:40:ce:3d:
5b:b8:8b:22
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZKKP9U2qoEO4xlwEr0wzHB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQxMDE0MDg1ODEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzczYTFjNTIzNDgzYjBjZjc2NDFiNzA1ZmRiMmM0ZmZhMTI5MTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNHsUuM3yUIHaDoJR2glHOAQbe5h
0savPH2wSmC1W71PT3io8SQcXH/L1CAgEq7BmCOyE3TXjMx/y+HT7/OYBC21icE4
7+2OhnKoGy3sy5NmUYJLsP2vpTKLOD0ByjajQge+zKIOzJD//Ewv0iiWqnv6v6XG
bx0aB+th1yo8a8/dlWSTHyNb+zlx+59gR9Gi+swXNcw/BHTsvZqviLEb/S/w1oJO
AgvHNs7s1GrVGSpSMkcPHIjnX3rodRnto3xoc+tSHDDr26yaJt3p6Kdch0nk5BY6
/NbsjWfNDzMYA0m3U5Q7ysQWx4ZrCVMEyO0TlwQ7A/DegRRmn4dHc4Ma/wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLxzocUjSDsM92QbcF/bLE/6EpFuMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvdkhPaHhTTklPd3ozWkJ0d1g5c3NUX29Ta1c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQA2bEiAwQA
2bFIAwQA2bQVAwQA2bQsAwQA2bQvMA0GCSqGSIb3DQEBCwUAA4IBAQB1ynLkDC4q
vwVTWt4CeNHv4B8j0fJIReAzC4t1aPT8V0/iK5CM9nx7crz//NAZqFzuSByOWymm
/zubSVafN+ztbEIU2Uec0U4J6YIHxyReB8hzYbXc+QaE7m27WHygYdB+4DkcU6eK
F1YVCebHkMKSJc2Ip/PlP6yNrUCq9IovsG/dFUuEe/BqggbwLh3JBfEWKZL/JJfC
a+KNTdpsvp2me51/2UbOuTKI0WzOYkYqfFjXp9ODNvAIOi1GD4xymWz2DlBkfKPi
WoTqz4LRsbDkuQ73jJD0fzKXH/SSC2R0YvRKBGrtnE+OwdLNuU2zyW3TWnXHFnnI
HthAzj1buIsi
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:56:00 2024 by rpki-client on console-fra.rpki-client.org