Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/p5k9eKlAzrQzgAqeNY-XV_N30e0.roa
File: p5k9eKlAzrQzgAqeNY-XV_N30e0.roa (raw, json)
Hash identifier: 5XTM/PiWEtizI3s6iVKa5pmQGMg8uFSrpq11o15u7Xg=
Subject key identifier: A7:99:3D:78:A9:40:CE:B4:33:80:0A:9E:35:8F:97:57:F3:77:D1:ED
Certificate issuer: /CN=554adb72b82ecfafc5705e25febcab5c82d76ee6
Certificate serial: 018CC94AD46F4CDECBE04B8A9B48BB09A126
Authority key identifier: 55:4A:DB:72:B8:2E:CF:AF:C5:70:5E:25:FE:BC:AB:5C:82:D7:6E:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VUrbcrguz6_FcF4l_ryrXILXbuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/p5k9eKlAzrQzgAqeNY-XV_N30e0.roa
Signing time: Tue 02 Jan 2024 08:29:33 +0000
ROA not before: Tue 02 Jan 2024 08:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16297
IP address blocks: 217.118.0.0/20 maxlen: 20
217.118.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/VUrbcrguz6_FcF4l_ryrXILXbuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/VUrbcrguz6_FcF4l_ryrXILXbuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/VUrbcrguz6_FcF4l_ryrXILXbuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:d4:6f:4c:de:cb:e0:4b:8a:9b:48:bb:09:a1:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=554adb72b82ecfafc5705e25febcab5c82d76ee6
Validity
Not Before: Jan 2 08:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7993d78a940ceb433800a9e358f9757f377d1ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d0:7e:ed:56:7c:f5:d0:af:92:ca:35:79:3c:
bd:8e:8a:f3:3b:39:94:f5:ae:8e:2e:fe:d2:60:65:
6e:2f:76:d2:fb:bf:47:07:db:93:ce:35:59:a5:ee:
59:8e:d4:3d:77:71:30:2f:ae:20:28:85:90:fd:fa:
48:5e:b5:b2:d9:03:9d:5b:2e:0e:fd:30:48:c3:b3:
fe:d3:a4:57:c6:f3:8c:c0:d5:1e:e2:b3:45:0e:52:
2c:01:f8:7f:b0:0a:3d:7a:8b:45:f1:cf:1c:5f:d0:
87:02:5f:8c:f7:3b:7d:8b:b6:72:24:73:58:12:5a:
71:c7:e4:dc:03:45:8c:67:6b:5f:e5:bb:02:f6:a4:
9d:37:01:05:e8:7b:7c:9c:ce:66:e0:80:53:b2:00:
e2:44:65:4c:cf:82:e8:06:d0:2a:b7:82:19:cb:3c:
4f:b1:d2:93:67:d5:f6:3f:68:37:48:a4:e3:a0:e1:
d7:2c:aa:32:9a:17:41:cf:93:8f:3f:de:98:46:fd:
64:bc:4a:51:a0:84:e5:26:ff:2a:1c:02:3c:11:5b:
74:39:61:52:d4:fa:77:32:bd:04:e7:69:cc:da:b6:
3a:cc:82:a3:0f:e2:ff:7f:ab:0b:01:13:96:c2:3c:
d0:e2:2b:af:1d:e7:e6:a0:d4:74:a7:33:60:1a:6d:
ec:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:99:3D:78:A9:40:CE:B4:33:80:0A:9E:35:8F:97:57:F3:77:D1:ED
X509v3 Authority Key Identifier:
keyid:55:4A:DB:72:B8:2E:CF:AF:C5:70:5E:25:FE:BC:AB:5C:82:D7:6E:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VUrbcrguz6_FcF4l_ryrXILXbuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/p5k9eKlAzrQzgAqeNY-XV_N30e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/VUrbcrguz6_FcF4l_ryrXILXbuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.118.0.0/20
Signature Algorithm: sha256WithRSAEncryption
88:97:18:e3:74:25:9b:c1:6f:01:d8:22:72:ae:f0:e5:55:43:
25:34:e4:49:30:a3:42:3b:87:c4:29:95:5a:3d:38:47:27:03:
76:73:6c:2b:ea:d6:1e:a3:c0:04:79:ec:91:30:b0:42:7a:ef:
23:95:7d:7e:2f:88:81:d6:65:83:ab:94:c4:44:f0:de:6d:c5:
4e:71:e3:d7:a9:2d:3d:07:b9:31:b8:7e:8b:41:d9:db:a7:c5:
db:99:ea:da:08:44:ee:1c:2f:ae:90:af:b5:82:d0:bc:05:27:
8f:56:eb:1a:83:41:ae:c7:16:47:1b:c0:0a:ad:94:cb:06:da:
c1:62:16:8a:35:01:77:20:9e:6d:7e:a9:75:72:79:8b:58:ef:
76:b3:07:0a:47:89:ad:84:85:2e:a1:62:ec:3c:e1:27:2f:e9:
eb:15:d9:65:21:ec:e3:54:fe:f3:9d:d7:3f:ce:3f:fc:f0:0d:
eb:dc:de:0a:51:bb:4a:bd:6e:1b:85:19:f2:e1:3c:56:55:e4:
ab:01:1f:ee:51:79:d2:2b:ee:4b:7b:89:3c:7f:4e:62:c7:21:
75:57:94:2e:28:12:5e:18:7d:32:12:1d:1b:b2:be:4c:24:d7:
98:b0:be:b2:91:3a:27:42:84:04:b7:94:34:83:1e:61:8c:84:
77:41:37:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJStRvTN7L4EuKm0i7CaEmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NGFkYjcyYjgyZWNmYWZjNTcwNWUyNWZlYmNhYjVjODJk
NzZlZTYwHhcNMjQwMTAyMDgyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzk5M2Q3OGE5NDBjZWI0MzM4MDBhOWUzNThmOTc1N2YzNzdkMWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtB+7VZ89dCvkso1eTy9jorzOzmU
9a6OLv7SYGVuL3bS+79HB9uTzjVZpe5ZjtQ9d3EwL64gKIWQ/fpIXrWy2QOdWy4O
/TBIw7P+06RXxvOMwNUe4rNFDlIsAfh/sAo9eotF8c8cX9CHAl+M9zt9i7ZyJHNY
Elpxx+TcA0WMZ2tf5bsC9qSdNwEF6Ht8nM5m4IBTsgDiRGVMz4LoBtAqt4IZyzxP
sdKTZ9X2P2g3SKTjoOHXLKoymhdBz5OPP96YRv1kvEpRoITlJv8qHAI8EVt0OWFS
1Pp3Mr0E52nM2rY6zIKjD+L/f6sLAROWwjzQ4iuvHefmoNR0pzNgGm3sxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKeZPXipQM60M4AKnjWPl1fzd9HtMB8GA1UdIwQY
MBaAFFVK23K4Ls+vxXBeJf68q1yC127mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlVyYmNyZ3V6Nl9GY0Y0bF9yeXJYSUxYYnVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi81ZTM4OTUtYWU5NS00M2UyLWI3YTEt
NzU4NjNmNDM0NzZhLzEvcDVrOWVLbEF6clF6Z0FxZU5ZLVhWX04zMGUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi81ZTM4OTUtYWU5NS00M2UyLWI3YTEtNzU4NjNmNDM0NzZh
LzEvVlVyYmNyZ3V6Nl9GY0Y0bF9yeXJYSUxYYnVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2XYAMA0G
CSqGSIb3DQEBCwUAA4IBAQCIlxjjdCWbwW8B2CJyrvDlVUMlNORJMKNCO4fEKZVa
PThHJwN2c2wr6tYeo8AEeeyRMLBCeu8jlX1+L4iB1mWDq5TERPDebcVOcePXqS09
B7kxuH6LQdnbp8XbmeraCETuHC+ukK+1gtC8BSePVusag0GuxxZHG8AKrZTLBtrB
YhaKNQF3IJ5tfql1cnmLWO92swcKR4mthIUuoWLsPOEnL+nrFdllIezjVP7zndc/
zj/88A3r3N4KUbtKvW4bhRny4TxWVeSrAR/uUXnSK+5Le4k8f05ixyF1V5QuKBJe
GH0yEh0bsr5MJNeYsL6ykTonQoQEt5Q0gx5hjIR3QTex
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:14:53 2024 by rpki-client on console-ams.rpki-client.org