Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/4y7L4loJxAmG7Lrc8oUUJEYU1kE.roa
File: 4y7L4loJxAmG7Lrc8oUUJEYU1kE.roa (raw, json)
Hash identifier: nmSmjd9yEwlo2QtPhNbJ1Iif9VdMzZuHLKo598Gw7HM=
Subject key identifier: E3:2E:CB:E2:5A:09:C4:09:86:EC:BA:DC:F2:85:14:24:46:14:D6:41
Certificate issuer: /CN=d5aa9c11657d8a2a54ce672814b6bdb979618830
Certificate serial: 018E61256731EF5DB24FA4B0A26A140C9C7B
Authority key identifier: D5:AA:9C:11:65:7D:8A:2A:54:CE:67:28:14:B6:BD:B9:79:61:88:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1aqcEWV9iipUzmcoFLa9uXlhiDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/4y7L4loJxAmG7Lrc8oUUJEYU1kE.roa
Signing time: Thu 21 Mar 2024 13:13:44 +0000
ROA not before: Thu 21 Mar 2024 13:13:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215293
IP address blocks: 217.19.1.0/24 maxlen: 24
2a14:22c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/1aqcEWV9iipUzmcoFLa9uXlhiDA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/1aqcEWV9iipUzmcoFLa9uXlhiDA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1aqcEWV9iipUzmcoFLa9uXlhiDA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:61:25:67:31:ef:5d:b2:4f:a4:b0:a2:6a:14:0c:9c:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5aa9c11657d8a2a54ce672814b6bdb979618830
Validity
Not Before: Mar 21 13:13:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e32ecbe25a09c40986ecbadcf28514244614d641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:58:2c:e9:55:df:7d:ec:38:8a:89:d8:fe:a7:
a2:e5:af:2f:8a:99:bb:ff:79:ef:21:39:76:9c:97:
e5:30:6d:8f:c2:05:98:60:dc:e9:dc:a5:48:55:1a:
36:0d:29:4a:89:ab:a7:2e:5b:50:9d:4b:04:09:c4:
96:fc:da:d8:3e:e8:51:2d:85:a9:bd:31:37:8b:14:
18:07:0e:cd:cd:8a:2d:85:a4:37:16:fc:3a:13:f2:
62:8d:99:3d:10:99:6d:9f:02:3a:a2:f9:c7:af:27:
0e:f8:d7:d5:f8:5e:30:7b:bc:99:e7:ea:dc:c7:8e:
f6:94:60:a3:5d:e0:96:1c:08:ad:66:2f:56:3c:9f:
35:5d:a7:c7:e2:d1:f3:62:b4:e4:42:28:a4:bf:4d:
a4:06:08:d2:d5:27:f7:b6:53:71:7c:f3:5e:f5:7e:
63:8b:eb:43:55:96:14:7c:5e:32:a4:d6:98:c8:d3:
2b:f1:8f:33:84:d0:c5:e7:5b:78:36:8e:7b:7e:1e:
f0:98:29:85:1e:0b:36:4b:b9:3b:56:17:bb:07:94:
c4:56:93:19:ab:1d:6d:05:4f:6e:ca:db:e4:b3:9f:
61:8e:7d:dc:bc:a1:d9:ef:a8:2a:06:59:60:e4:b0:
77:04:ec:2a:e7:a8:58:95:93:27:9a:3f:22:07:18:
2b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:2E:CB:E2:5A:09:C4:09:86:EC:BA:DC:F2:85:14:24:46:14:D6:41
X509v3 Authority Key Identifier:
keyid:D5:AA:9C:11:65:7D:8A:2A:54:CE:67:28:14:B6:BD:B9:79:61:88:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1aqcEWV9iipUzmcoFLa9uXlhiDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/4y7L4loJxAmG7Lrc8oUUJEYU1kE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/1aqcEWV9iipUzmcoFLa9uXlhiDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.19.1.0/24
IPv6:
2a14:22c0::/29
Signature Algorithm: sha256WithRSAEncryption
45:bb:15:25:65:fa:b9:e8:e9:36:9d:e2:62:06:87:db:f7:66:
19:1d:66:87:3b:f9:c4:5f:89:28:93:ee:ea:54:d4:25:ee:b2:
7b:ed:18:9f:02:30:61:f8:04:5b:26:ee:bb:88:c7:e8:25:6c:
fb:91:08:31:ce:49:b5:29:23:e3:e5:03:03:54:70:ff:a6:86:
7a:f9:6f:dc:6b:d5:7f:30:58:34:8d:ab:51:64:11:77:2e:20:
d3:e3:5c:31:68:cc:6a:b8:21:74:ce:16:aa:04:97:3a:ad:37:
04:b3:7a:5d:09:4d:d4:93:a2:36:40:ff:b3:9a:60:d1:d2:49:
74:b3:e1:7b:92:07:4a:c2:80:65:ff:73:3f:95:91:67:69:ad:
a3:dc:f6:da:c2:86:92:f0:74:f4:6f:00:d2:23:61:fe:a4:51:
f0:dc:9f:08:76:a3:af:14:94:d4:cc:0c:20:53:46:0a:ce:35:
d5:30:07:c8:9b:e1:07:00:9e:6a:28:40:f7:18:fc:a9:2f:f2:
c1:e1:f1:48:ed:05:8f:2c:f9:d6:5a:b1:8e:0e:46:5f:87:4d:
99:af:7d:10:97:58:d8:06:eb:c0:1a:aa:74:05:cd:1b:0e:47:
3a:5e:76:52:96:82:ac:91:08:20:9c:2f:ed:5d:c8:7e:0c:7f:
5f:7f:d1:f6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY5hJWcx712yT6SwomoUDJx7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YWE5YzExNjU3ZDhhMmE1NGNlNjcyODE0YjZiZGI5Nzk2
MTg4MzAwHhcNMjQwMzIxMTMxMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzJlY2JlMjVhMDljNDA5ODZlY2JhZGNmMjg1MTQyNDQ2MTRkNjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVgs6VXffew4ionY/qei5a8vipm7
/3nvITl2nJflMG2PwgWYYNzp3KVIVRo2DSlKiaunLltQnUsECcSW/NrYPuhRLYWp
vTE3ixQYBw7NzYothaQ3Fvw6E/JijZk9EJltnwI6ovnHrycO+NfV+F4we7yZ5+rc
x472lGCjXeCWHAitZi9WPJ81XafH4tHzYrTkQiikv02kBgjS1Sf3tlNxfPNe9X5j
i+tDVZYUfF4ypNaYyNMr8Y8zhNDF51t4No57fh7wmCmFHgs2S7k7Vhe7B5TEVpMZ
qx1tBU9uytvks59hjn3cvKHZ76gqBllg5LB3BOwq56hYlZMnmj8iBxgrywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOMuy+JaCcQJhuy63PKFFCRGFNZBMB8GA1UdIwQY
MBaAFNWqnBFlfYoqVM5nKBS2vbl5YYgwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWFxY0VXVjlpaXBVem1jb0ZMYTl1WGxoaURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zMDRhNGYtMmNjMC00NTFhLWIxNWYt
Y2Y5OWQ1ZTI1N2U5LzEvNHk3TDRsb0p4QW1HN0xyYzhvVVVKRVlVMWtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zMDRhNGYtMmNjMC00NTFhLWIxNWYtY2Y5OWQ1ZTI1N2U5
LzEvMWFxY0VXVjlpaXBVem1jb0ZMYTl1WGxoaURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2RMBMA0E
AgACMAcDBQMqFCLAMA0GCSqGSIb3DQEBCwUAA4IBAQBFuxUlZfq56Ok2neJiBofb
92YZHWaHO/nEX4kok+7qVNQl7rJ77RifAjBh+ARbJu67iMfoJWz7kQgxzkm1KSPj
5QMDVHD/poZ6+W/ca9V/MFg0jatRZBF3LiDT41wxaMxquCF0zhaqBJc6rTcEs3pd
CU3Uk6I2QP+zmmDR0kl0s+F7kgdKwoBl/3M/lZFnaa2j3PbawoaS8HT0bwDSI2H+
pFHw3J8IdqOvFJTUzAwgU0YKzjXVMAfIm+EHAJ5qKED3GPypL/LB4fFI7QWPLPnW
WrGODkZfh02Zr30Ql1jYBuvAGqp0Bc0bDkc6XnZSloKskQggnC/tXch+DH9ff9H2
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:23:47 2024 by rpki-client on console-ams.rpki-client.org