Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/289e38-ac93-4e8b-a08b-f74baa12fdc9/1/5Zl5VdNkReeiijutw2HWIQgghX8.roa
File: 5Zl5VdNkReeiijutw2HWIQgghX8.roa (raw, json)
Hash identifier: qfAJ3SdJqxoOJalouWEqu4zHBV0ZbtsGQj+0fHm1v9I=
Subject key identifier: E5:99:79:55:D3:64:45:E7:A2:8A:3B:AD:C3:61:D6:21:08:20:85:7F
Certificate issuer: /CN=172289cbb8179fdf38e9f532c9cd7291b4f5c42d
Certificate serial: 01906EA66B9DCFB5376D81D4953C3810C83E
Authority key identifier: 17:22:89:CB:B8:17:9F:DF:38:E9:F5:32:C9:CD:72:91:B4:F5:C4:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FyKJy7gXn9846fUyyc1ykbT1xC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/289e38-ac93-4e8b-a08b-f74baa12fdc9/1/5Zl5VdNkReeiijutw2HWIQgghX8.roa
Signing time: Mon 01 Jul 2024 14:15:18 +0000
ROA not before: Mon 01 Jul 2024 14:15:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31346
IP address blocks: 217.145.177.0/24 maxlen: 24
217.145.178.0/24 maxlen: 24
217.145.180.0/24 maxlen: 24
217.145.181.0/24 maxlen: 24
217.145.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/289e38-ac93-4e8b-a08b-f74baa12fdc9/1/FyKJy7gXn9846fUyyc1ykbT1xC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/289e38-ac93-4e8b-a08b-f74baa12fdc9/1/FyKJy7gXn9846fUyyc1ykbT1xC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/FyKJy7gXn9846fUyyc1ykbT1xC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6e:a6:6b:9d:cf:b5:37:6d:81:d4:95:3c:38:10:c8:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=172289cbb8179fdf38e9f532c9cd7291b4f5c42d
Validity
Not Before: Jul 1 14:15:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5997955d36445e7a28a3badc361d6210820857f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:47:b4:9c:e4:93:e5:37:b5:4c:09:bb:d6:ae:
ff:1d:13:e0:1a:06:7c:5d:6d:44:e4:4e:6e:19:4d:
47:b8:3c:c7:9d:ac:4c:4e:06:54:25:16:a9:dd:57:
b7:fa:94:4a:05:4c:09:f1:19:3e:d0:35:56:48:8f:
22:ef:66:ad:a5:c1:ee:85:b6:02:22:29:13:7c:f7:
4d:a6:6f:09:3d:84:29:90:c5:41:4d:38:3c:ba:a3:
f5:c8:17:1a:c7:f0:1c:72:f1:90:19:dc:f2:a5:f0:
7d:a5:ee:ea:52:94:38:9c:fe:ba:d0:79:df:33:6e:
c1:e2:1d:8f:ca:d7:9d:1b:b4:19:78:95:08:f6:a5:
86:fb:80:9b:8c:20:21:95:c7:39:a4:5b:70:e7:66:
a9:30:c1:02:3c:29:4d:91:b4:2a:2b:a0:3b:a1:0a:
94:2b:ce:49:53:77:81:e7:a7:e4:55:98:7a:f2:1b:
05:dd:fb:50:f0:fd:0f:e5:f2:fe:6d:61:e0:21:97:
5c:bd:86:2e:25:bc:a4:ab:13:29:7e:58:d2:d7:25:
3e:ca:51:2d:73:8c:ad:43:c0:52:93:43:79:40:7b:
90:cd:40:5e:d7:cd:46:3c:84:22:42:ba:c1:db:67:
83:7b:9b:c4:aa:8d:53:74:3f:4a:c2:20:8d:71:9c:
9d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:99:79:55:D3:64:45:E7:A2:8A:3B:AD:C3:61:D6:21:08:20:85:7F
X509v3 Authority Key Identifier:
keyid:17:22:89:CB:B8:17:9F:DF:38:E9:F5:32:C9:CD:72:91:B4:F5:C4:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyKJy7gXn9846fUyyc1ykbT1xC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/289e38-ac93-4e8b-a08b-f74baa12fdc9/1/5Zl5VdNkReeiijutw2HWIQgghX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/289e38-ac93-4e8b-a08b-f74baa12fdc9/1/FyKJy7gXn9846fUyyc1ykbT1xC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.145.177.0-217.145.178.255
217.145.180.0-217.145.182.255
Signature Algorithm: sha256WithRSAEncryption
00:0b:3a:72:71:e5:fe:bb:24:92:45:3c:f3:66:69:09:cd:1c:
a8:65:1b:51:8d:64:da:d8:91:64:7c:f4:67:33:54:12:8c:a6:
1d:48:87:01:1f:a4:9d:96:36:e4:94:ef:c7:d2:77:cf:fa:69:
68:d9:e1:2a:93:96:56:ec:23:fd:24:ac:df:77:70:97:ba:1e:
2a:c5:a1:28:d6:70:b9:f5:78:d4:dc:ed:b5:a5:f8:42:45:98:
51:25:48:bf:66:5c:78:0b:57:be:81:93:8a:50:98:b6:ee:56:
89:ff:25:38:25:7e:91:13:51:35:d4:f4:55:d2:a7:46:ca:7f:
6e:2e:a7:56:a5:36:01:54:d0:87:07:5d:5e:f4:54:f7:31:38:
75:d5:b5:c9:f9:7a:a4:9d:59:01:96:b2:33:90:04:e4:3b:27:
f2:f0:e0:14:1e:6f:8c:eb:00:8f:be:92:ac:99:12:8b:2b:fd:
b4:a2:2c:9a:2d:89:0b:9c:9d:53:8e:f6:4d:b2:32:52:a7:42:
4e:d7:4e:b4:5a:22:d2:2c:5f:0b:1d:7f:ec:24:51:08:3d:93:
9f:f1:08:6e:b3:0e:9e:07:2d:05:a8:c0:0d:ea:e2:8d:6c:95:
ef:61:fb:0c:f6:f5:da:6e:57:c8:66:f6:fc:fd:dc:78:47:b8:
66:ed:d8:98
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZBupmudz7U3bYHUlTw4EMg+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MjI4OWNiYjgxNzlmZGYzOGU5ZjUzMmM5Y2Q3MjkxYjRm
NWM0MmQwHhcNMjQwNzAxMTQxNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTk5Nzk1NWQzNjQ0NWU3YTI4YTNiYWRjMzYxZDYyMTA4MjA4NTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmke0nOST5Te1TAm71q7/HRPgGgZ8
XW1E5E5uGU1HuDzHnaxMTgZUJRap3Ve3+pRKBUwJ8Rk+0DVWSI8i72atpcHuhbYC
IikTfPdNpm8JPYQpkMVBTTg8uqP1yBcax/AccvGQGdzypfB9pe7qUpQ4nP660Hnf
M27B4h2PytedG7QZeJUI9qWG+4CbjCAhlcc5pFtw52apMMECPClNkbQqK6A7oQqU
K85JU3eB56fkVZh68hsF3ftQ8P0P5fL+bWHgIZdcvYYuJbykqxMpfljS1yU+ylEt
c4ytQ8BSk0N5QHuQzUBe181GPIQiQrrB22eDe5vEqo1TdD9KwiCNcZyd3wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOWZeVXTZEXnooo7rcNh1iEIIIV/MB8GA1UdIwQY
MBaAFBciicu4F5/fOOn1MsnNcpG09cQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnlLSnk3Z1huOTg0NmZVeXljMXlrYlQxeEMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8yODllMzgtYWM5My00ZThiLWEwOGIt
Zjc0YmFhMTJmZGM5LzEvNVpsNVZkTmtSZWVpaWp1dHcySFdJUWdnaFg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8yODllMzgtYWM5My00ZThiLWEwOGItZjc0YmFhMTJmZGM5
LzEvRnlLSnk3Z1huOTg0NmZVeXljMXlrYlQxeEMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBADZkbED
BADZkbIwDAMEAtmRtAMEANmRtjANBgkqhkiG9w0BAQsFAAOCAQEAAAs6cnHl/rsk
kkU882ZpCc0cqGUbUY1k2tiRZHz0ZzNUEoymHUiHAR+knZY25JTvx9J3z/ppaNnh
KpOWVuwj/SSs33dwl7oeKsWhKNZwufV41NzttaX4QkWYUSVIv2ZceAtXvoGTilCY
tu5Wif8lOCV+kRNRNdT0VdKnRsp/bi6nVqU2AVTQhwddXvRU9zE4ddW1yfl6pJ1Z
AZayM5AE5Dsn8vDgFB5vjOsAj76SrJkSiyv9tKIsmi2JC5ydU472TbIyUqdCTtdO
tFoi0ixfCx1/7CRRCD2Tn/EIbrMOngctBajADerijWyV72H7DPb12m5XyGb2/P3c
eEe4Zu3YmA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:52:46 2024 by rpki-client on console-fra.rpki-client.org