Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/PAiCNnAV6u6mkf1J0HF8F8NI5iY.roa
File: PAiCNnAV6u6mkf1J0HF8F8NI5iY.roa (raw, json)
Hash identifier: ERaCKtBJ93GmlLidz6FpGTZn5SzSEX/hj2FcCEGNfyk=
Subject key identifier: 3C:08:82:36:70:15:EA:EE:A6:91:FD:49:D0:71:7C:17:C3:48:E6:26
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 018CC4938D862D38FEF6EE708761278B7A32
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/PAiCNnAV6u6mkf1J0HF8F8NI5iY.roa
Signing time: Mon 01 Jan 2024 10:30:53 +0000
ROA not before: Mon 01 Jan 2024 10:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29001
IP address blocks: 217.170.16.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8d:86:2d:38:fe:f6:ee:70:87:61:27:8b:7a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 10:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c0882367015eaeea691fd49d0717c17c348e626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:97:11:54:1f:89:92:98:3e:1b:e9:f1:0d:cf:
16:3b:7e:5d:b1:4d:44:5b:95:97:7a:c5:bb:27:ac:
77:cc:4d:f2:4e:4b:c1:7a:46:97:8b:47:29:e4:47:
84:78:97:27:ab:55:ea:29:a0:c1:e0:71:5f:c8:18:
a5:b8:5f:33:3e:b1:1a:27:e7:54:a8:a1:2a:9d:51:
6f:a3:dc:76:65:eb:14:1d:a9:e2:a5:ca:59:cd:73:
98:ba:c1:90:f4:93:a8:d7:04:c5:e8:7c:7f:a1:9a:
37:b0:6a:64:ef:1f:d5:89:58:dc:e8:83:13:bc:be:
8c:5c:ec:67:7b:d8:f3:64:f7:56:f2:52:12:ae:3e:
e0:b1:3a:08:8c:10:60:3a:2a:56:06:14:c1:bd:1d:
08:f7:22:fc:7b:02:13:c7:e4:29:8f:aa:6f:24:81:
c4:50:37:55:14:c2:e9:44:67:28:d8:9c:c8:36:7f:
b9:c5:d3:5e:3b:b9:19:6e:a9:a4:3a:28:51:78:bb:
c0:6e:35:92:92:f7:15:ab:5b:8b:16:a1:fb:67:54:
b7:38:29:4d:3a:a0:6e:2b:05:2f:ae:56:a0:b1:f7:
ab:09:9c:75:c5:68:8c:dd:f5:7b:fa:60:c3:e2:3e:
4b:d7:53:07:7d:f9:6e:0f:31:ff:0d:3c:1d:3d:2b:
5c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:08:82:36:70:15:EA:EE:A6:91:FD:49:D0:71:7C:17:C3:48:E6:26
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/PAiCNnAV6u6mkf1J0HF8F8NI5iY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.170.16.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:81:30:80:c5:76:19:11:f1:89:76:79:85:ae:f7:78:80:07:
cc:e5:16:08:5b:da:3c:09:2c:1f:40:53:df:1c:36:89:63:b3:
01:0e:81:21:0e:11:61:98:f8:47:2d:94:b6:56:15:a4:5a:46:
6d:fd:78:c0:42:10:69:2c:e3:8e:67:7a:ef:7e:93:45:d8:33:
b8:54:72:5b:23:e3:9c:a0:42:b3:fb:ed:88:e4:61:59:f4:f3:
5f:9c:f2:0c:49:59:65:6a:d6:08:63:51:fc:19:da:ae:87:d1:
dc:08:0a:0b:b6:75:72:4d:f9:bb:86:e2:84:0f:2c:be:ec:9d:
6c:89:37:85:f9:c1:e9:52:dc:9b:86:31:37:70:33:6a:d5:77:
6b:79:b9:d2:21:33:26:2f:ea:18:b1:b3:ec:8e:36:ba:b1:90:
fd:d3:71:e9:d4:cf:b9:24:2e:a9:05:cf:5f:91:e7:f9:03:0f:
ea:4d:2a:19:65:6b:d8:42:ce:76:9f:78:32:76:c7:b4:7f:fc:
e4:05:50:03:8f:ac:a1:d0:95:b8:a5:05:3b:30:05:cd:9a:ed:
38:07:26:ca:2e:0f:ce:c9:63:e8:81:66:5f:67:3b:2e:cb:3d:
6d:8b:8c:93:b7:b7:68:02:22:5c:17:2b:ec:26:97:ae:d9:59:
d8:c4:f3:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk42GLTj+9u5wh2Eni3oyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzA4ODIzNjcwMTVlYWVlYTY5MWZkNDlkMDcxN2MxN2MzNDhlNjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZcRVB+Jkpg+G+nxDc8WO35dsU1E
W5WXesW7J6x3zE3yTkvBekaXi0cp5EeEeJcnq1XqKaDB4HFfyBiluF8zPrEaJ+dU
qKEqnVFvo9x2ZesUHanipcpZzXOYusGQ9JOo1wTF6Hx/oZo3sGpk7x/ViVjc6IMT
vL6MXOxne9jzZPdW8lISrj7gsToIjBBgOipWBhTBvR0I9yL8ewITx+Qpj6pvJIHE
UDdVFMLpRGco2JzINn+5xdNeO7kZbqmkOihReLvAbjWSkvcVq1uLFqH7Z1S3OClN
OqBuKwUvrlagsferCZx1xWiM3fV7+mDD4j5L11MHffluDzH/DTwdPStcowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDwIgjZwFeruppH9SdBxfBfDSOYmMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvUEFpQ05uQVY2dTZta2YxSjBIRjhGOE5JNWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2aoQMA0G
CSqGSIb3DQEBCwUAA4IBAQBsgTCAxXYZEfGJdnmFrvd4gAfM5RYIW9o8CSwfQFPf
HDaJY7MBDoEhDhFhmPhHLZS2VhWkWkZt/XjAQhBpLOOOZ3rvfpNF2DO4VHJbI+Oc
oEKz++2I5GFZ9PNfnPIMSVllatYIY1H8Gdquh9HcCAoLtnVyTfm7huKEDyy+7J1s
iTeF+cHpUtybhjE3cDNq1XdrebnSITMmL+oYsbPsjja6sZD903Hp1M+5JC6pBc9f
kef5Aw/qTSoZZWvYQs52n3gydse0f/zkBVADj6yh0JW4pQU7MAXNmu04BybKLg/O
yWPogWZfZzsuyz1ti4yTt7doAiJcFyvsJpeu2VnYxPMA
-----END CERTIFICATE-----
Generated at Sun May 19 07:45:17 2024 by rpki-client on console-fra.rpki-client.org