Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/EXK2FaaRgkgqmhAU_HB4fKydGfo.roa
File: EXK2FaaRgkgqmhAU_HB4fKydGfo.roa (raw, json)
Hash identifier: CsBZSg1EkwPpWi/Wh/J+cxAGVpYtt/iKYImbH76tR4g=
Subject key identifier: 11:72:B6:15:A6:91:82:48:2A:9A:10:14:FC:70:78:7C:AC:9D:19:FA
Certificate issuer: /CN=2ace21090ee4d78677413423dcb2fe01a6e1c622
Certificate serial: 018CC6B77886C2CA37E4D5B36C6D12C1EBC1
Authority key identifier: 2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/EXK2FaaRgkgqmhAU_HB4fKydGfo.roa
Signing time: Mon 01 Jan 2024 20:29:21 +0000
ROA not before: Mon 01 Jan 2024 20:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 217.117.65.0/24 maxlen: 24
217.117.71.0/24 maxlen: 24
217.117.76.0/24 maxlen: 24
87.238.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 07:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:78:86:c2:ca:37:e4:d5:b3:6c:6d:12:c1:eb:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ace21090ee4d78677413423dcb2fe01a6e1c622
Validity
Not Before: Jan 1 20:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1172b615a69182482a9a1014fc70787cac9d19fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:49:8a:60:d8:f2:8c:43:9a:2e:b6:4e:56:c8:
40:b0:47:ed:02:13:42:23:2d:41:86:9c:f4:14:64:
1c:44:b8:68:1e:12:7b:21:db:a8:54:ef:1d:35:16:
d8:fc:f0:c6:89:81:30:bc:5a:53:3f:68:5e:9a:26:
a9:83:fe:b8:2e:0b:d0:af:62:2d:39:4f:33:c9:95:
45:40:4b:25:13:c7:50:41:c0:6d:c2:7c:a0:0a:a0:
f2:50:1a:cb:4c:c8:82:39:48:76:ca:27:cd:37:63:
62:97:85:02:24:35:df:70:6c:d9:2a:15:0a:af:3d:
61:3c:b7:2b:b9:9d:43:03:db:6e:21:14:e6:53:c2:
73:df:f8:58:91:69:15:31:98:33:8d:c8:08:f8:e1:
9c:c9:73:94:a2:ef:a7:96:a0:0e:ca:2b:cf:ca:f0:
cc:d2:29:63:e7:c6:33:64:15:c9:c7:c3:e0:7e:87:
ba:9d:f2:23:be:c0:e3:85:02:4b:4c:e3:7b:05:61:
bc:b8:1f:6b:e7:e4:61:d2:f3:25:d9:36:a8:7e:2e:
fe:4a:3f:e9:d8:77:ec:fa:56:38:a1:eb:71:45:b2:
40:80:55:c7:c0:0c:33:22:8e:ed:37:16:8c:c2:88:
d2:90:36:01:7e:8e:c1:d1:cd:0e:08:42:01:07:59:
cc:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:72:B6:15:A6:91:82:48:2A:9A:10:14:FC:70:78:7C:AC:9D:19:FA
X509v3 Authority Key Identifier:
keyid:2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/EXK2FaaRgkgqmhAU_HB4fKydGfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.154.0/24
217.117.65.0/24
217.117.71.0/24
217.117.76.0/24
Signature Algorithm: sha256WithRSAEncryption
59:a5:73:bc:ec:17:7c:cf:2f:0f:ce:9b:80:3d:e1:f2:c6:ef:
e9:6b:cd:b6:54:95:66:e6:e8:82:4a:0c:fb:26:89:9d:c1:76:
ee:d2:7a:ad:1f:58:c7:e7:f4:a2:95:bb:ab:2a:7b:ce:02:11:
8c:1d:c1:cc:3c:a9:ad:2a:00:be:fd:7c:1b:7b:1d:41:ae:74:
53:cb:d8:16:17:4a:f9:5c:2c:21:23:55:71:58:0b:3c:a1:e6:
e7:ee:d8:02:d8:00:8d:5f:87:fb:fe:31:2d:d9:1c:50:8b:64:
04:5c:ed:6c:dc:09:00:fe:02:f5:45:63:c7:1c:8c:4f:36:a2:
57:af:23:75:2d:c5:b5:f0:86:5c:c6:c6:0c:82:dc:ec:6d:01:
2e:76:29:86:7b:c9:43:f8:2a:2f:92:df:41:f2:c7:76:07:53:
db:f2:69:1f:f8:2e:06:0b:f8:24:1f:fc:41:5f:f5:2f:59:16:
93:e9:a4:ca:a4:46:86:a1:69:a6:b9:30:cb:48:03:a1:22:0b:
85:95:7d:05:92:9b:8e:e9:6e:60:d8:99:fa:3f:58:39:db:5a:
a3:98:4b:62:69:1f:eb:af:a4:14:74:ab:9e:aa:f6:f4:ce:0b:
4c:ec:73:63:80:af:f1:ee:54:7b:d1:4a:02:f0:ba:c3:11:46:
0b:60:d2:45
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGt3iGwso35NWzbG0SwevBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhY2UyMTA5MGVlNGQ3ODY3NzQxMzQyM2RjYjJmZTAxYTZl
MWM2MjIwHhcNMjQwMTAxMjAyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTcyYjYxNWE2OTE4MjQ4MmE5YTEwMTRmYzcwNzg3Y2FjOWQxOWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UmKYNjyjEOaLrZOVshAsEftAhNC
Iy1Bhpz0FGQcRLhoHhJ7IduoVO8dNRbY/PDGiYEwvFpTP2hemiapg/64LgvQr2It
OU8zyZVFQEslE8dQQcBtwnygCqDyUBrLTMiCOUh2yifNN2Nil4UCJDXfcGzZKhUK
rz1hPLcruZ1DA9tuIRTmU8Jz3/hYkWkVMZgzjcgI+OGcyXOUou+nlqAOyivPyvDM
0ilj58YzZBXJx8Pgfoe6nfIjvsDjhQJLTON7BWG8uB9r5+Rh0vMl2Taofi7+Sj/p
2Hfs+lY4oetxRbJAgFXHwAwzIo7tNxaMwojSkDYBfo7B0c0OCEIBB1nMlwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBFythWmkYJIKpoQFPxweHysnRn6MB8GA1UdIwQY
MBaAFCrOIQkO5NeGd0E0I9yy/gGm4cYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3M0aENRN2sxNFozUVRRajNMTC1BYWJoeGlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yOTE1ZjEtODdiYS00YzE4LWFhZjkt
NTkwYTk4MTNkZGRmLzEvRVhLMkZhYVJna2dxbWhBVV9IQjRmS3lkR2ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yOTE1ZjEtODdiYS00YzE4LWFhZjktNTkwYTk4MTNkZGRm
LzEvS3M0aENRN2sxNFozUVRRajNMTC1BYWJoeGlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV+6aAwQA
2XVBAwQA2XVHAwQA2XVMMA0GCSqGSIb3DQEBCwUAA4IBAQBZpXO87Bd8zy8PzpuA
PeHyxu/pa822VJVm5uiCSgz7JomdwXbu0nqtH1jH5/SilburKnvOAhGMHcHMPKmt
KgC+/Xwbex1BrnRTy9gWF0r5XCwhI1VxWAs8oebn7tgC2ACNX4f7/jEt2RxQi2QE
XO1s3AkA/gL1RWPHHIxPNqJXryN1LcW18IZcxsYMgtzsbQEudimGe8lD+Covkt9B
8sd2B1Pb8mkf+C4GC/gkH/xBX/UvWRaT6aTKpEaGoWmmuTDLSAOhIguFlX0FkpuO
6W5g2Jn6P1g521qjmEtiaR/rr6QUdKueqvb0zgtM7HNjgK/x7lR70UoC8LrDEUYL
YNJF
-----END CERTIFICATE-----
Generated at Thu May 2 12:05:27 2024 by rpki-client on console-fra.rpki-client.org