Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/RDRmv-dtdesmwh7VUZ1hLVOXBTY.roa
File: RDRmv-dtdesmwh7VUZ1hLVOXBTY.roa (raw, json)
Hash identifier: WYYt3YXQrU6xcVfXuVK50xQqq0oyJyr1pIxhapQEvDw=
Subject key identifier: 44:34:66:BF:E7:6D:75:EB:26:C2:1E:D5:51:9D:61:2D:53:97:05:36
Certificate issuer: /CN=f222fbe85ae408d377b217d4eba7b38b24baf5dd
Certificate serial: 018CC801ECE1C1249C9C6A52D9DAA414FE1C
Authority key identifier: F2:22:FB:E8:5A:E4:08:D3:77:B2:17:D4:EB:A7:B3:8B:24:BA:F5:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8iL76FrkCNN3shfU66eziyS69d0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/RDRmv-dtdesmwh7VUZ1hLVOXBTY.roa
Signing time: Tue 02 Jan 2024 02:30:18 +0000
ROA not before: Tue 02 Jan 2024 02:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43150
IP address blocks: 217.199.199.0/24 maxlen: 24
2a00:4d80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/8iL76FrkCNN3shfU66eziyS69d0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/8iL76FrkCNN3shfU66eziyS69d0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8iL76FrkCNN3shfU66eziyS69d0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 10:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:ec:e1:c1:24:9c:9c:6a:52:d9:da:a4:14:fe:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f222fbe85ae408d377b217d4eba7b38b24baf5dd
Validity
Not Before: Jan 2 02:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=443466bfe76d75eb26c21ed5519d612d53970536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4b:18:27:56:31:00:75:33:ba:dc:f9:d2:5f:
7d:12:f0:a0:64:c9:b5:32:f7:c7:c1:fa:40:f9:5d:
6d:91:d7:b9:60:24:d4:44:07:45:58:0a:cc:ab:17:
37:1b:c1:97:2a:93:11:fe:d9:c4:90:6a:b4:9e:b3:
5f:40:b7:29:38:8d:2f:ca:f0:92:f1:01:df:1f:57:
f7:21:66:c9:4c:62:40:e1:ad:11:bc:3a:48:de:14:
42:cf:be:07:79:bf:12:bf:4f:7e:5f:f8:b2:16:3f:
05:54:c0:a1:f0:89:00:00:f8:f0:50:37:1c:0d:24:
d7:7a:33:c8:87:d9:40:08:bf:d6:f6:76:83:59:78:
dd:9d:6d:de:f5:14:78:fc:10:c6:c4:55:3c:35:75:
fb:88:da:8f:ca:5d:df:0c:40:12:44:87:07:87:25:
d8:f0:7e:32:10:5d:cc:68:8a:e3:5a:68:62:2c:b1:
1d:1b:8b:17:8c:97:84:1d:e3:58:ae:ac:93:d1:8e:
10:17:06:38:c1:fd:68:45:01:f4:d6:ef:1c:a8:e9:
75:f0:9e:5c:af:83:44:c8:89:65:82:26:f6:9c:83:
20:e6:de:cb:78:ce:b5:2a:49:a2:44:1b:26:b0:ea:
33:8e:04:fb:ca:8b:be:c3:b6:ac:c5:ea:c1:82:79:
02:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:34:66:BF:E7:6D:75:EB:26:C2:1E:D5:51:9D:61:2D:53:97:05:36
X509v3 Authority Key Identifier:
keyid:F2:22:FB:E8:5A:E4:08:D3:77:B2:17:D4:EB:A7:B3:8B:24:BA:F5:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8iL76FrkCNN3shfU66eziyS69d0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/RDRmv-dtdesmwh7VUZ1hLVOXBTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/8iL76FrkCNN3shfU66eziyS69d0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.199.199.0/24
IPv6:
2a00:4d80::/48
Signature Algorithm: sha256WithRSAEncryption
b4:36:a8:5d:6b:f7:ef:72:26:f8:9b:5f:07:d0:0a:d0:25:c6:
53:9b:ff:5c:f8:46:85:3f:dd:06:e9:1c:16:d2:e2:05:fb:69:
70:4e:8c:cf:e0:15:e7:04:47:db:75:1d:29:82:c2:80:df:c7:
a8:fc:ae:55:61:7b:45:f9:f9:9f:47:50:28:be:a2:bc:48:4d:
68:9a:da:d9:f5:b7:f5:00:99:42:d5:3b:7b:ff:d6:d9:ef:26:
13:d0:f2:61:b1:da:a1:3c:a6:74:7d:d1:35:47:54:b3:9c:3c:
83:a7:aa:63:b6:40:ce:d0:49:5a:c1:52:28:47:71:3a:d1:ea:
d8:21:fb:8d:ec:be:46:06:96:96:8b:98:d9:38:11:bf:5d:20:
d8:19:49:94:3f:a9:0b:db:82:2e:e5:1a:ce:57:69:50:22:8a:
30:fd:be:8d:1d:1e:d4:b3:5e:7c:e5:74:5d:cc:2d:7e:cb:4f:
c8:41:b8:a8:e5:a1:a8:1d:47:6c:78:66:7a:c0:47:ef:38:59:
32:10:94:56:18:ea:40:4f:58:74:6a:a1:74:1f:42:89:51:53:
ad:60:6b:cb:3a:53:59:3f:51:0d:b5:f5:e7:a0:77:1a:55:12:
8d:cb:34:0f:9e:41:63:5b:cd:d7:18:89:ee:e7:06:5e:7e:d3:
42:a0:1a:0f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIAezhwSScnGpS2dqkFP4cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMjJmYmU4NWFlNDA4ZDM3N2IyMTdkNGViYTdiMzhiMjRi
YWY1ZGQwHhcNMjQwMTAyMDIzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDM0NjZiZmU3NmQ3NWViMjZjMjFlZDU1MTlkNjEyZDUzOTcwNTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUsYJ1YxAHUzutz50l99EvCgZMm1
MvfHwfpA+V1tkde5YCTURAdFWArMqxc3G8GXKpMR/tnEkGq0nrNfQLcpOI0vyvCS
8QHfH1f3IWbJTGJA4a0RvDpI3hRCz74Heb8Sv09+X/iyFj8FVMCh8IkAAPjwUDcc
DSTXejPIh9lACL/W9naDWXjdnW3e9RR4/BDGxFU8NXX7iNqPyl3fDEASRIcHhyXY
8H4yEF3MaIrjWmhiLLEdG4sXjJeEHeNYrqyT0Y4QFwY4wf1oRQH01u8cqOl18J5c
r4NEyIllgib2nIMg5t7LeM61KkmiRBsmsOozjgT7you+w7asxerBgnkCkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEQ0Zr/nbXXrJsIe1VGdYS1TlwU2MB8GA1UdIwQY
MBaAFPIi++ha5AjTd7IX1Ouns4skuvXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGlMNzZGcmtDTk4zc2hmVTY2ZXppeVM2OWQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8xYWE4NzUtMDNiNS00YzE3LWJiMzkt
YjBjMWUzMzA0ZTc0LzEvUkRSbXYtZHRkZXNtd2g3VlVaMWhMVk9YQlRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8xYWE4NzUtMDNiNS00YzE3LWJiMzktYjBjMWUzMzA0ZTc0
LzEvOGlMNzZGcmtDTk4zc2hmVTY2ZXppeVM2OWQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA2cfHMA8E
AgACMAkDBwAqAE2AAAAwDQYJKoZIhvcNAQELBQADggEBALQ2qF1r9+9yJvibXwfQ
CtAlxlOb/1z4RoU/3QbpHBbS4gX7aXBOjM/gFecER9t1HSmCwoDfx6j8rlVhe0X5
+Z9HUCi+orxITWia2tn1t/UAmULVO3v/1tnvJhPQ8mGx2qE8pnR90TVHVLOcPIOn
qmO2QM7QSVrBUihHcTrR6tgh+43svkYGlpaLmNk4Eb9dINgZSZQ/qQvbgi7lGs5X
aVAiijD9vo0dHtSzXnzldF3MLX7LT8hBuKjloagdR2x4ZnrAR+84WTIQlFYY6kBP
WHRqoXQfQolRU61ga8s6U1k/UQ219eegdxpVEo3LNA+eQWNbzdcYie7nBl5+00Kg
Gg8=
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:58:39 2024 by rpki-client on console-ams.rpki-client.org