Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/lxESx365vJ_KpGfPw5vEvF19eHQ.roa
File: lxESx365vJ_KpGfPw5vEvF19eHQ.roa (raw, json)
Hash identifier: bBgJqf9CbvF2T4+dpktIZXqmJ8kE/vDFoongBVgLSwg=
Subject key identifier: 97:11:12:C7:7E:B9:BC:9F:CA:A4:67:CF:C3:9B:C4:BC:5D:7D:78:74
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 018CC4938D2B25EF7E61B70E295EFB4B03FD
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/lxESx365vJ_KpGfPw5vEvF19eHQ.roa
Signing time: Mon 01 Jan 2024 10:30:53 +0000
ROA not before: Mon 01 Jan 2024 10:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25459
IP address blocks: 217.170.1.0/24 maxlen: 24
217.170.12.0/23 maxlen: 23
217.170.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8d:2b:25:ef:7e:61:b7:0e:29:5e:fb:4b:03:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 10:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=971112c77eb9bc9fcaa467cfc39bc4bc5d7d7874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:10:7a:f6:c5:ab:52:80:f9:1c:0e:66:8c:c6:
49:2e:d5:f8:da:34:45:a3:04:ae:db:30:4a:7d:09:
c5:11:b2:4c:c3:16:a2:44:09:27:cf:ad:71:19:39:
50:aa:3d:c6:d9:e7:c1:87:47:97:c9:ec:b9:bb:e7:
f6:dc:8b:c5:22:e4:44:f6:15:a8:2a:d0:99:ed:50:
02:1f:42:ba:6f:c3:92:49:d7:bd:27:b2:46:c5:44:
69:59:90:73:cc:11:a9:1b:d8:14:83:14:fa:7e:d1:
bf:08:f6:74:7e:2a:3f:da:cc:bb:80:eb:75:21:04:
bb:9e:f4:9a:b8:dd:d1:c4:53:1d:32:53:6a:a0:ad:
8b:56:20:44:c5:23:6c:5b:56:ae:b1:15:28:d6:ce:
a1:47:15:55:11:27:41:9d:0c:22:04:97:b4:d6:38:
18:f6:71:ba:30:2f:7b:18:2a:7a:e9:a5:8b:af:c4:
77:72:17:7e:57:e9:1f:6e:e9:94:e4:49:b1:d7:ff:
4d:21:24:f0:d9:d2:e5:9b:75:bc:f5:f3:10:b3:43:
24:c4:8c:00:12:05:7b:7a:c4:97:61:dc:89:0d:1f:
a2:d4:ee:fa:e3:49:8b:91:1b:80:94:34:1f:10:1e:
f4:2c:8e:7b:cb:ab:fa:72:05:4e:15:bf:39:b8:bf:
ce:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:11:12:C7:7E:B9:BC:9F:CA:A4:67:CF:C3:9B:C4:BC:5D:7D:78:74
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/lxESx365vJ_KpGfPw5vEvF19eHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.170.1.0/24
217.170.12.0-217.170.14.255
Signature Algorithm: sha256WithRSAEncryption
84:75:a8:e9:be:12:08:1a:1b:82:e5:3b:d7:7e:5b:d8:b4:d2:
f6:0f:8f:69:fa:b7:99:8f:8a:ed:a6:28:50:a9:13:3f:71:11:
28:87:91:1a:f3:dd:30:cf:c5:5e:2c:0d:17:46:2d:74:26:4a:
90:c6:e3:c7:96:33:22:58:b5:7b:ff:05:47:22:ad:fa:00:86:
51:e7:37:c2:99:99:99:f6:92:8e:fa:dd:35:66:6a:3e:53:84:
a9:9a:89:d4:88:da:e8:d7:bc:d8:c4:de:ac:43:22:15:d1:6d:
c4:13:0b:12:5a:34:65:8d:c3:8f:73:ff:02:36:90:cf:d7:69:
4c:5e:2c:9b:50:b9:79:58:30:95:4d:99:5d:09:88:2d:ae:6c:
05:e4:12:4d:1a:8e:1e:a0:9d:22:ed:50:fb:e5:58:3d:96:d2:
77:49:ef:ad:26:ce:da:d4:ea:db:f1:df:a3:65:7c:0a:e3:a4:
71:95:45:08:63:2e:65:39:4f:3e:29:fd:87:f5:20:3a:03:a0:
cc:4e:31:b3:32:c6:5b:82:c3:ca:af:52:9c:16:c5:bd:db:d9:
b0:36:9a:f9:35:88:33:ec:d4:22:75:27:bd:ed:67:6d:d2:e5:
ec:b1:d7:55:91:c4:08:54:19:8c:58:a2:cb:1c:5a:d3:41:af:
17:39:19:a6
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzEk40rJe9+YbcOKV77SwP9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzExMTJjNzdlYjliYzlmY2FhNDY3Y2ZjMzliYzRiYzVkN2Q3ODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRB69sWrUoD5HA5mjMZJLtX42jRF
owSu2zBKfQnFEbJMwxaiRAknz61xGTlQqj3G2efBh0eXyey5u+f23IvFIuRE9hWo
KtCZ7VACH0K6b8OSSde9J7JGxURpWZBzzBGpG9gUgxT6ftG/CPZ0fio/2sy7gOt1
IQS7nvSauN3RxFMdMlNqoK2LViBExSNsW1ausRUo1s6hRxVVESdBnQwiBJe01jgY
9nG6MC97GCp66aWLr8R3chd+V+kfbumU5Emx1/9NISTw2dLlm3W89fMQs0MkxIwA
EgV7esSXYdyJDR+i1O7640mLkRuAlDQfEB70LI57y6v6cgVOFb85uL/ObQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJcREsd+ubyfyqRnz8ObxLxdfXh0MB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvbHhFU3gzNjV2Sl9LcEdmUHc1dkV2RjE5ZUhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQA2aoBMAwD
BALZqgwDBADZqg4wDQYJKoZIhvcNAQELBQADggEBAIR1qOm+EggaG4LlO9d+W9i0
0vYPj2n6t5mPiu2mKFCpEz9xESiHkRrz3TDPxV4sDRdGLXQmSpDG48eWMyJYtXv/
BUcirfoAhlHnN8KZmZn2ko763TVmaj5ThKmaidSI2ujXvNjE3qxDIhXRbcQTCxJa
NGWNw49z/wI2kM/XaUxeLJtQuXlYMJVNmV0JiC2ubAXkEk0ajh6gnSLtUPvlWD2W
0ndJ760mztrU6tvx36NlfArjpHGVRQhjLmU5Tz4p/Yf1IDoDoMxOMbMyxluCw8qv
UpwWxb3b2bA2mvk1iDPs1CJ1J73tZ23S5eyx11WRxAhUGYxYosscWtNBrxc5GaY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:51:13 2024 by rpki-client on console-fra.rpki-client.org