Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/9vGgjVyaes1Wn73cREWb8JK4gQc.roa
File: 9vGgjVyaes1Wn73cREWb8JK4gQc.roa (raw, json)
Hash identifier: c9ovAnT4dgp60+Lo0OOwddSaRbXYaY00lF312rsbn4M=
Subject key identifier: F6:F1:A0:8D:5C:9A:7A:CD:56:9F:BD:DC:44:45:9B:F0:92:B8:81:07
Certificate issuer: /CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Certificate serial: 018CC5004862CDFCE71C92ED7E1F0F9EDB29
Authority key identifier: 93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/9vGgjVyaes1Wn73cREWb8JK4gQc.roa
Signing time: Mon 01 Jan 2024 12:29:39 +0000
ROA not before: Mon 01 Jan 2024 12:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50635
IP address blocks: 217.113.10.0/24 maxlen: 24
217.113.10.0/23 maxlen: 23
217.113.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:48:62:cd:fc:e7:1c:92:ed:7e:1f:0f:9e:db:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Validity
Not Before: Jan 1 12:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6f1a08d5c9a7acd569fbddc44459bf092b88107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:55:58:d3:0a:c4:98:44:2c:7e:c8:a6:e3:7f:
59:21:37:9f:8a:15:86:d9:d1:3f:01:d0:72:b8:07:
2a:cb:77:aa:16:e0:07:31:a0:5c:bf:1d:06:59:bc:
47:fa:16:0f:85:5c:c4:8d:3e:8d:d2:23:5b:29:75:
b4:e5:14:66:9c:2b:45:0a:1a:29:d0:a4:2f:c6:bd:
b0:e6:d8:c7:ca:e7:69:94:91:2c:04:18:b7:e0:f6:
cc:3b:c4:01:55:22:61:48:09:b2:e9:30:8d:9b:9f:
5f:3e:fd:a0:6f:e3:c4:d5:d6:65:30:6b:6e:b6:9b:
8f:75:8c:ac:d2:26:b5:d4:27:1d:bb:ff:79:7e:ef:
a6:03:4b:8c:f4:dc:f9:7c:63:29:44:5e:92:a5:29:
6f:f8:2e:0b:68:33:6a:93:c1:b9:6d:20:cf:52:71:
78:aa:34:db:a5:10:fb:56:43:cf:57:32:ea:83:57:
ba:c8:22:75:5a:fb:f7:4f:83:f2:13:c9:b3:23:09:
a2:37:f8:b9:b3:00:9f:63:1d:95:90:bf:6d:a8:25:
fd:45:ec:08:eb:f2:d2:d7:6e:d0:d9:35:56:d1:b6:
3a:4e:e2:d4:a0:c3:ed:9a:b3:97:48:86:d5:b1:b4:
6c:29:91:c1:2a:f4:58:36:42:48:43:a6:46:36:d2:
70:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:F1:A0:8D:5C:9A:7A:CD:56:9F:BD:DC:44:45:9B:F0:92:B8:81:07
X509v3 Authority Key Identifier:
keyid:93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/9vGgjVyaes1Wn73cREWb8JK4gQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.113.10.0/23
Signature Algorithm: sha256WithRSAEncryption
22:7f:c2:99:e1:b5:51:c1:8e:b3:2b:52:3b:91:64:60:49:b6:
5b:45:65:6b:aa:e2:86:b0:c9:c5:bf:7f:36:f2:8c:95:31:ee:
22:8d:f1:53:9d:63:da:b5:19:4a:39:f7:04:2c:5b:5c:38:e9:
db:ef:d7:73:7f:0f:46:54:55:46:66:00:d2:65:9e:2d:83:63:
02:39:e7:0c:6f:fb:07:4a:ca:9a:59:88:7e:9a:16:82:c1:61:
ee:b8:98:c3:33:3b:ea:1d:df:7f:14:16:ff:f9:e7:66:7d:06:
82:82:2c:69:89:58:e6:ef:22:4e:85:8b:ac:72:7b:75:9d:fd:
36:3c:7b:b4:e5:f4:d0:2d:b1:f6:92:97:e0:20:c0:d4:b4:0c:
b2:61:0e:54:08:18:09:24:54:95:5b:60:b4:70:27:a4:21:12:
d3:ab:e2:ff:83:6c:36:2c:01:8c:65:ba:fa:34:db:38:e5:a2:
f3:01:00:b0:ab:97:33:6f:b0:b2:df:66:ad:61:7e:fd:10:c1:
f4:b3:1b:65:bd:e3:73:18:44:2a:78:59:cd:f4:0d:fd:8d:31:
61:e4:92:0c:c0:af:69:c1:74:0e:28:99:c7:12:cd:aa:0f:21:
c8:4e:f8:64:a1:00:18:8b:eb:a6:f2:e1:1c:53:d3:5f:a1:14:
88:17:2a:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAEhizfznHJLtfh8PntspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZThmNGVkNWRkMDYzMDFjNDIzOTg4ZTc4NmRhYmY1MWM1
ZjU2NzQwHhcNMjQwMTAxMTIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmYxYTA4ZDVjOWE3YWNkNTY5ZmJkZGM0NDQ1OWJmMDkyYjg4MTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFVY0wrEmEQsfsim439ZITefihWG
2dE/AdByuAcqy3eqFuAHMaBcvx0GWbxH+hYPhVzEjT6N0iNbKXW05RRmnCtFChop
0KQvxr2w5tjHyudplJEsBBi34PbMO8QBVSJhSAmy6TCNm59fPv2gb+PE1dZlMGtu
tpuPdYys0ia11Ccdu/95fu+mA0uM9Nz5fGMpRF6SpSlv+C4LaDNqk8G5bSDPUnF4
qjTbpRD7VkPPVzLqg1e6yCJ1Wvv3T4PyE8mzIwmiN/i5swCfYx2VkL9tqCX9RewI
6/LS127Q2TVW0bY6TuLUoMPtmrOXSIbVsbRsKZHBKvRYNkJIQ6ZGNtJwWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPbxoI1cmnrNVp+93ERFm/CSuIEHMB8GA1UdIwQY
MBaAFJPo9O1d0GMBxCOYjnhtq/UcX1Z0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQt
MWZjMTllYTczYTJhLzEvOXZHZ2pWeWFlczFXbjczY1JFV2I4Sks0Z1FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQtMWZjMTllYTczYTJh
LzEvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2XEKMA0G
CSqGSIb3DQEBCwUAA4IBAQAif8KZ4bVRwY6zK1I7kWRgSbZbRWVrquKGsMnFv382
8oyVMe4ijfFTnWPatRlKOfcELFtcOOnb79dzfw9GVFVGZgDSZZ4tg2MCOecMb/sH
SsqaWYh+mhaCwWHuuJjDMzvqHd9/FBb/+edmfQaCgixpiVjm7yJOhYuscnt1nf02
PHu05fTQLbH2kpfgIMDUtAyyYQ5UCBgJJFSVW2C0cCekIRLTq+L/g2w2LAGMZbr6
NNs45aLzAQCwq5czb7Cy32atYX79EMH0sxtlveNzGEQqeFnN9A39jTFh5JIMwK9p
wXQOKJnHEs2qDyHITvhkoQAYi+um8uEcU9NfoRSIFypM
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:12:48 2024 by rpki-client on console-fra.rpki-client.org