Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/e155ea-88cd-4414-aab6-23ab58d6415a/1/wiFwvlb4P1lUc4u0Ig1Rv8rBN24.roa
File: wiFwvlb4P1lUc4u0Ig1Rv8rBN24.roa (raw, json)
Hash identifier: JcrVbAr3EkZBZNASqlnVilO3B003i4kGZ/FXdXAiDT8=
Subject key identifier: C2:21:70:BE:56:F8:3F:59:54:73:8B:B4:22:0D:51:BF:CA:C1:37:6E
Certificate issuer: /CN=5de458f21d406466bdf68240f505eefd197ba936
Certificate serial: 018CC5008A6A6454E031E5877734BA643725
Authority key identifier: 5D:E4:58:F2:1D:40:64:66:BD:F6:82:40:F5:05:EE:FD:19:7B:A9:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XeRY8h1AZGa99oJA9QXu_Rl7qTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/e155ea-88cd-4414-aab6-23ab58d6415a/1/wiFwvlb4P1lUc4u0Ig1Rv8rBN24.roa
Signing time: Mon 01 Jan 2024 12:29:56 +0000
ROA not before: Mon 01 Jan 2024 12:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16290
IP address blocks: 217.117.128.0/22 maxlen: 22
217.117.136.0/21 maxlen: 21
84.23.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/e155ea-88cd-4414-aab6-23ab58d6415a/1/XeRY8h1AZGa99oJA9QXu_Rl7qTY.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/e155ea-88cd-4414-aab6-23ab58d6415a/1/XeRY8h1AZGa99oJA9QXu_Rl7qTY.mft
rsync://rpki.ripe.net/repository/DEFAULT/XeRY8h1AZGa99oJA9QXu_Rl7qTY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 06:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:8a:6a:64:54:e0:31:e5:87:77:34:ba:64:37:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5de458f21d406466bdf68240f505eefd197ba936
Validity
Not Before: Jan 1 12:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c22170be56f83f5954738bb4220d51bfcac1376e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:6d:29:21:fe:37:e1:3b:4e:e8:65:46:b8:bf:
2d:ab:96:b9:c9:cc:84:56:ca:ab:1f:01:45:0f:d6:
1a:92:e8:c3:dc:a6:f3:2d:ff:d8:fe:70:e8:04:92:
b2:d3:00:91:00:5a:8b:34:1d:c1:96:e9:5d:d5:fd:
50:0d:74:92:09:0a:18:19:ad:d9:db:e5:06:17:c5:
17:5a:86:62:fa:19:50:1b:09:27:70:c9:f8:9b:0f:
f0:32:05:c4:b5:b1:89:64:d6:8e:79:bc:e7:0e:8b:
20:62:93:25:2e:22:09:18:5b:f2:0f:39:42:54:e3:
4d:75:ec:f9:44:b3:a7:26:1a:54:aa:66:34:a7:34:
b4:a9:2e:48:be:f2:19:60:37:79:82:59:fa:ef:7b:
e8:58:8a:1e:84:c5:fa:2b:8e:f0:61:7d:8a:70:d0:
82:77:8a:51:42:ca:53:20:f2:53:f1:20:48:c1:c3:
fa:ea:06:a2:fc:98:92:27:47:b4:c5:ba:40:d7:e0:
9e:82:5e:22:08:c4:f3:0f:b0:96:a1:27:76:3c:d3:
0c:3a:aa:01:b1:0a:3a:7f:b6:e7:ea:57:f1:51:0c:
6a:90:ad:37:0e:60:97:bd:a1:1d:a5:16:9d:1b:ae:
91:3f:0f:4b:38:ae:c5:6a:15:4c:78:25:b4:8f:f7:
ff:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:21:70:BE:56:F8:3F:59:54:73:8B:B4:22:0D:51:BF:CA:C1:37:6E
X509v3 Authority Key Identifier:
keyid:5D:E4:58:F2:1D:40:64:66:BD:F6:82:40:F5:05:EE:FD:19:7B:A9:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeRY8h1AZGa99oJA9QXu_Rl7qTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e155ea-88cd-4414-aab6-23ab58d6415a/1/wiFwvlb4P1lUc4u0Ig1Rv8rBN24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e155ea-88cd-4414-aab6-23ab58d6415a/1/XeRY8h1AZGa99oJA9QXu_Rl7qTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.23.160.0/19
217.117.128.0/22
217.117.136.0/21
Signature Algorithm: sha256WithRSAEncryption
4a:06:97:ac:c1:bf:ab:96:9e:ef:c5:e4:89:6b:95:f5:bc:d9:
bc:a3:33:d7:c7:b0:47:35:8f:53:d9:25:54:1b:48:0a:03:88:
85:c8:fa:5d:9d:aa:47:1e:ba:6a:c1:9c:af:f5:39:1b:a2:c6:
c9:0c:9c:e7:63:f4:8c:27:12:3d:f5:a5:e5:37:49:fa:08:02:
db:1a:76:89:7b:1d:af:82:5b:ed:64:0d:65:1e:bc:1e:40:e8:
44:0e:7b:11:a8:ba:68:23:4f:03:43:5a:a0:a0:22:ae:30:a7:
96:a7:cb:99:0d:75:70:f0:8c:50:0c:2e:9d:75:ad:67:c4:8d:
d8:6b:4c:51:4d:dc:a7:52:ad:f7:6b:5b:99:b0:dc:91:0c:41:
cd:44:3a:45:02:01:d7:57:c2:0a:c9:7b:ce:d2:26:7f:6d:61:
c2:70:1f:00:7a:21:7c:1e:f6:9c:85:dc:63:32:c6:85:48:60:
f2:eb:84:46:17:4c:53:27:51:73:d7:09:6e:97:6f:61:16:ec:
74:f6:a1:83:fb:2e:93:7e:8e:e6:2c:6c:c1:b0:a2:1a:5b:bd:
49:36:2a:95:08:a8:d0:a0:5d:d5:f0:44:10:b7:ae:3b:d3:c3:
c7:50:c9:b4:73:4a:65:4b:ce:f6:8d:97:13:b4:ea:55:e9:f3:
6b:7c:cb:e1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFAIpqZFTgMeWHdzS6ZDclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTQ1OGYyMWQ0MDY0NjZiZGY2ODI0MGY1MDVlZWZkMTk3
YmE5MzYwHhcNMjQwMTAxMTIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjIxNzBiZTU2ZjgzZjU5NTQ3MzhiYjQyMjBkNTFiZmNhYzEzNzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA220pIf434TtO6GVGuL8tq5a5ycyE
VsqrHwFFD9YakujD3KbzLf/Y/nDoBJKy0wCRAFqLNB3Bluld1f1QDXSSCQoYGa3Z
2+UGF8UXWoZi+hlQGwkncMn4mw/wMgXEtbGJZNaOebznDosgYpMlLiIJGFvyDzlC
VONNdez5RLOnJhpUqmY0pzS0qS5IvvIZYDd5gln673voWIoehMX6K47wYX2KcNCC
d4pRQspTIPJT8SBIwcP66gai/JiSJ0e0xbpA1+Cegl4iCMTzD7CWoSd2PNMMOqoB
sQo6f7bn6lfxUQxqkK03DmCXvaEdpRadG66RPw9LOK7FahVMeCW0j/f/CQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMIhcL5W+D9ZVHOLtCINUb/KwTduMB8GA1UdIwQY
MBaAFF3kWPIdQGRmvfaCQPUF7v0Ze6k2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVSWThoMUFaR2E5OW9KQTlRWHVfUmw3cVRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lMTU1ZWEtODhjZC00NDE0LWFhYjYt
MjNhYjU4ZDY0MTVhLzEvd2lGd3ZsYjRQMWxVYzR1MElnMVJ2OHJCTjI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lMTU1ZWEtODhjZC00NDE0LWFhYjYtMjNhYjU4ZDY0MTVh
LzEvWGVSWThoMUFaR2E5OW9KQTlRWHVfUmw3cVRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFVBegAwQC
2XWAAwQD2XWIMA0GCSqGSIb3DQEBCwUAA4IBAQBKBpeswb+rlp7vxeSJa5X1vNm8
ozPXx7BHNY9T2SVUG0gKA4iFyPpdnapHHrpqwZyv9TkbosbJDJznY/SMJxI99aXl
N0n6CALbGnaJex2vglvtZA1lHrweQOhEDnsRqLpoI08DQ1qgoCKuMKeWp8uZDXVw
8IxQDC6dda1nxI3Ya0xRTdynUq33a1uZsNyRDEHNRDpFAgHXV8IKyXvO0iZ/bWHC
cB8AeiF8HvachdxjMsaFSGDy64RGF0xTJ1Fz1wlul29hFux09qGD+y6Tfo7mLGzB
sKIaW71JNiqVCKjQoF3V8EQQt64708PHUMm0c0plS872jZcTtOpV6fNrfMvh
-----END CERTIFICATE-----
Generated at Tue Dec 3 14:40:45 2024 by rpki-client on console-fra.rpki-client.org