Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/61lYLNnGNyoFlnfPR3hz6pO-4p4.roa
File: 61lYLNnGNyoFlnfPR3hz6pO-4p4.roa (raw, json)
Hash identifier: 2RxyoDz8luZfe++e2AW4fcpx8wV+rpCQiI8pO6anhII=
Subject key identifier: EB:59:58:2C:D9:C6:37:2A:05:96:77:CF:47:78:73:EA:93:BE:E2:9E
Certificate issuer: /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial: 019222FF49429261090770C52627B9717C96
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/61lYLNnGNyoFlnfPR3hz6pO-4p4.roa
Signing time: Tue 24 Sep 2024 07:46:48 +0000
ROA not before: Tue 24 Sep 2024 07:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61121
IP address blocks: 217.73.116.0/22 maxlen: 32
217.73.116.0/23 maxlen: 23
217.73.116.0/24 maxlen: 24
217.73.117.0/24 maxlen: 24
217.73.118.0/23 maxlen: 23
217.73.118.0/24 maxlen: 24
217.73.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.mft
rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:22:ff:49:42:92:61:09:07:70:c5:26:27:b9:71:7c:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
Validity
Not Before: Sep 24 07:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb59582cd9c6372a059677cf477873ea93bee29e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b9:69:19:2e:0a:81:ea:69:9b:10:f4:8a:c8:
cd:cf:09:1d:88:23:46:de:d8:ef:c8:67:1a:ad:4c:
bd:4a:cb:20:2e:89:42:31:47:5c:56:bd:df:cd:e8:
46:3c:70:a0:a8:5c:71:2f:c5:dc:34:c4:37:b2:d6:
0e:30:6f:1a:83:6d:83:20:5f:d8:6b:3b:73:b2:28:
6e:71:91:13:8a:99:f2:83:ef:8a:6e:4e:9e:e0:d2:
3d:5a:97:2a:68:88:70:e1:8c:1d:59:eb:39:1b:ea:
1b:d1:7c:5a:d9:25:81:a2:b6:c6:d2:1a:bb:86:4c:
d4:9c:29:28:90:28:95:3a:44:aa:8d:ea:a4:76:86:
1b:ce:ec:e4:6e:af:49:45:ec:2a:bb:66:e2:4a:5f:
0c:f4:bf:57:20:e5:3d:76:af:be:ed:55:f6:b9:68:
0e:9c:55:fe:2f:2a:de:8a:7c:9f:b6:c5:c4:e4:d3:
95:e2:91:3a:a0:88:f5:67:5d:e4:bb:37:ba:de:4c:
b5:91:3b:a8:5b:79:df:cd:38:cc:13:f3:56:88:a6:
27:48:dd:fa:46:33:45:84:c4:4c:58:d8:d1:aa:04:
20:46:dd:4f:36:7d:e1:f6:c9:1d:70:87:6e:5d:60:
f5:45:c0:46:ce:00:df:53:f4:0e:10:2d:e1:ca:f5:
c7:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:59:58:2C:D9:C6:37:2A:05:96:77:CF:47:78:73:EA:93:BE:E2:9E
X509v3 Authority Key Identifier:
keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/61lYLNnGNyoFlnfPR3hz6pO-4p4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.73.116.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:34:3a:cb:f7:76:92:5f:3e:c5:0a:13:b5:b8:10:4d:9f:bf:
44:2f:10:91:80:68:c2:6f:31:b6:48:5d:9a:fd:42:4d:bd:8c:
c5:81:c5:33:91:32:3a:ed:2b:f6:3d:a6:9a:30:96:fe:27:bb:
b1:e6:64:bb:c4:30:d0:0c:f3:70:9c:29:42:b7:d9:f8:79:77:
5a:78:0b:75:70:04:c6:8f:87:c5:5f:90:39:c3:26:e0:a9:ea:
5f:db:b7:4b:bd:df:47:70:7f:6c:4c:51:ad:3f:83:b6:f0:12:
14:c2:26:69:77:8b:d8:05:6f:38:a2:d2:da:39:4b:49:f3:62:
c4:6d:c6:d1:af:39:7a:a2:78:ad:48:53:f5:03:e4:96:2e:6e:
47:6e:8a:da:d7:6a:c8:3c:07:22:6f:0f:c5:60:59:45:5b:45:
2a:b9:77:44:b3:fc:54:ee:e9:a0:79:fa:24:cd:5c:a9:07:2b:
16:48:f6:29:43:47:9e:f5:b7:59:02:5e:5d:52:d1:4d:ba:86:
ae:df:89:fc:a6:00:b1:5c:2d:72:91:03:a8:8e:b1:63:b3:c2:
c9:21:b8:e3:04:d4:8c:bb:a9:82:b1:ce:5e:b8:44:c9:1a:5a:
b3:27:4b:fe:f0:48:d4:84:fb:88:fd:33:47:70:5a:b4:f1:61:
82:e4:81:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIi/0lCkmEJB3DFJie5cXyWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzgxODU1NGE1MTgwOGVlZmI4MjllYzc0NjVhMzIyMmYy
NzAxMjMwHhcNMjQwOTI0MDc0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjU5NTgyY2Q5YzYzNzJhMDU5Njc3Y2Y0Nzc4NzNlYTkzYmVlMjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvblpGS4KgeppmxD0isjNzwkdiCNG
3tjvyGcarUy9SssgLolCMUdcVr3fzehGPHCgqFxxL8XcNMQ3stYOMG8ag22DIF/Y
aztzsihucZETipnyg++Kbk6e4NI9WpcqaIhw4YwdWes5G+ob0Xxa2SWBorbG0hq7
hkzUnCkokCiVOkSqjeqkdoYbzuzkbq9JRewqu2biSl8M9L9XIOU9dq++7VX2uWgO
nFX+LyreinyftsXE5NOV4pE6oIj1Z13kuze63ky1kTuoW3nfzTjME/NWiKYnSN36
RjNFhMRMWNjRqgQgRt1PNn3h9skdcIduXWD1RcBGzgDfU/QOEC3hyvXHFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOtZWCzZxjcqBZZ3z0d4c+qTvuKeMB8GA1UdIwQY
MBaAFI84GFVKUYCO77gp7HRloyIvJwEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgt
YmZiNGJhMzBlNDVhLzEvNjFsWUxObkdOeW9GbG5mUFIzaHo2cE8tNHA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgtYmZiNGJhMzBlNDVh
LzEvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2Ul0MA0G
CSqGSIb3DQEBCwUAA4IBAQB+NDrL93aSXz7FChO1uBBNn79ELxCRgGjCbzG2SF2a
/UJNvYzFgcUzkTI67Sv2PaaaMJb+J7ux5mS7xDDQDPNwnClCt9n4eXdaeAt1cATG
j4fFX5A5wybgqepf27dLvd9HcH9sTFGtP4O28BIUwiZpd4vYBW84otLaOUtJ82LE
bcbRrzl6onitSFP1A+SWLm5Hbora12rIPAcibw/FYFlFW0UquXdEs/xU7umgefok
zVypBysWSPYpQ0ee9bdZAl5dUtFNuoau34n8pgCxXC1ykQOojrFjs8LJIbjjBNSM
u6mCsc5euETJGlqzJ0v+8EjUhPuI/TNHcFq08WGC5IFU
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:16:50 2024 by rpki-client on console-fra.rpki-client.org