Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/TDENfbCQc1e2jsXb36WH3ZHMPeE.roa
File: TDENfbCQc1e2jsXb36WH3ZHMPeE.roa (raw, json)
Hash identifier: NzqI5XAfVeOZqRpSUShDi2gMsGCBkM/lsKDpJfnz4Po=
Subject key identifier: 4C:31:0D:7D:B0:90:73:57:B6:8E:C5:DB:DF:A5:87:DD:91:CC:3D:E1
Certificate issuer: /CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a
Certificate serial: 018CC500435BB7085F7F7AC0BDEE22EEDB7A
Authority key identifier: AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/TDENfbCQc1e2jsXb36WH3ZHMPeE.roa
Signing time: Mon 01 Jan 2024 12:29:37 +0000
ROA not before: Mon 01 Jan 2024 12:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25584
IP address blocks: 217.173.205.0/24 maxlen: 24
2a04:9444::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/qxyACqG3ihekPhn9mTg1XQQR6Uo.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/qxyACqG3ihekPhn9mTg1XQQR6Uo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:43:5b:b7:08:5f:7f:7a:c0:bd:ee:22:ee:db:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a
Validity
Not Before: Jan 1 12:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c310d7db0907357b68ec5dbdfa587dd91cc3de1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:78:97:97:02:7e:25:70:38:76:ec:01:0e:b8:
30:ba:ff:7c:c0:6b:51:90:47:cb:00:c7:68:c2:c9:
e4:a5:69:21:3f:34:98:1c:f1:60:ae:20:79:d9:6c:
aa:c2:5a:d9:3f:ec:02:02:13:b4:26:95:29:17:f1:
52:df:21:22:00:d0:f4:a9:5f:fa:e8:70:f5:de:b4:
d5:41:1b:ae:cd:30:a7:99:4c:0f:06:f2:5b:ca:1e:
19:9b:b5:bc:e7:05:07:62:63:a6:27:46:40:fc:15:
ad:9d:bd:11:99:89:23:e6:f2:f7:8b:fe:10:41:fe:
91:7b:2d:ec:18:5a:2d:1e:33:c6:aa:df:96:5c:56:
f0:34:38:be:9d:9c:96:bf:31:de:6f:c8:8a:eb:e4:
cf:3b:23:74:c0:65:dd:4d:ed:a2:c1:f6:bf:a2:87:
89:47:b7:59:5b:72:5d:cb:87:cc:84:69:4c:d1:9c:
ee:4c:1b:9a:18:23:9b:02:22:38:7a:12:ab:d0:87:
97:f1:38:12:ab:02:39:aa:e4:58:5b:9c:6e:91:9d:
e4:da:4f:0c:da:a4:82:08:4a:f8:11:8b:5c:b3:07:
cc:5d:f8:7c:ee:08:b0:30:04:2b:71:b7:a4:0d:1f:
e4:48:36:76:14:65:85:23:f8:01:34:c1:b2:b1:ab:
e3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:31:0D:7D:B0:90:73:57:B6:8E:C5:DB:DF:A5:87:DD:91:CC:3D:E1
X509v3 Authority Key Identifier:
keyid:AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/TDENfbCQc1e2jsXb36WH3ZHMPeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/qxyACqG3ihekPhn9mTg1XQQR6Uo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.173.205.0/24
IPv6:
2a04:9444::/30
Signature Algorithm: sha256WithRSAEncryption
67:43:be:e7:2b:8f:53:fc:11:b6:dc:6c:47:c3:37:6f:67:93:
f9:cf:12:79:e9:74:13:bb:79:d8:85:ef:ed:19:80:00:e7:34:
8e:46:94:50:f1:1f:ad:57:72:8f:b4:6f:2c:fb:ce:33:c3:00:
06:92:d1:cb:0c:2e:0d:c3:cb:b2:3f:4e:50:5e:e1:d6:38:4a:
dd:c3:9d:34:60:47:b9:fd:6d:11:ab:4b:8a:52:74:fd:93:56:
66:c5:8f:aa:58:ba:4c:60:35:c1:7a:27:1c:a7:88:49:08:c8:
83:0b:fa:d6:14:d8:67:ef:c0:4c:9f:4d:fa:4d:6e:42:0e:ae:
7e:7c:57:ee:a4:6e:43:4f:dc:77:7a:f2:b8:e4:81:30:ba:46:
4e:1f:fc:dc:ee:48:7b:ab:4a:df:b0:b0:7f:89:d6:d7:06:5e:
60:18:34:71:e6:c9:b1:ff:cc:e0:54:a2:fd:98:54:18:4c:25:
42:ca:57:df:29:02:e3:94:a6:d4:b2:d0:0c:70:2d:85:6b:00:
51:ed:78:cc:c8:86:46:65:af:dd:21:51:7d:83:99:58:23:26:
d1:2e:89:ed:16:ca:70:7f:a9:b9:b4:48:36:8d:67:0c:01:69:
3f:65:c2:11:cb:70:b1:a3:bf:96:7c:3d:9d:fb:d7:91:5a:e5:
b5:7a:9e:af
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAENbtwhff3rAve4i7tt6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMWM4MDBhYTFiNzhhMTdhNDNlMTlmZDk5MzgzNTVkMDQx
MWU5NGEwHhcNMjQwMTAxMTIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzMxMGQ3ZGIwOTA3MzU3YjY4ZWM1ZGJkZmE1ODdkZDkxY2MzZGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHiXlwJ+JXA4duwBDrgwuv98wGtR
kEfLAMdowsnkpWkhPzSYHPFgriB52WyqwlrZP+wCAhO0JpUpF/FS3yEiAND0qV/6
6HD13rTVQRuuzTCnmUwPBvJbyh4Zm7W85wUHYmOmJ0ZA/BWtnb0RmYkj5vL3i/4Q
Qf6Rey3sGFotHjPGqt+WXFbwNDi+nZyWvzHeb8iK6+TPOyN0wGXdTe2iwfa/ooeJ
R7dZW3Jdy4fMhGlM0ZzuTBuaGCObAiI4ehKr0IeX8TgSqwI5quRYW5xukZ3k2k8M
2qSCCEr4EYtcswfMXfh87giwMAQrcbekDR/kSDZ2FGWFI/gBNMGysavjKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEwxDX2wkHNXto7F29+lh92RzD3hMB8GA1UdIwQY
MBaAFKscgAqht4oXpD4Z/Zk4NV0EEelKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXh5QUNxRzNpaGVrUGhuOW1UZzFYUVFSNlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8xYjFjYTAtYmJmMi00NDE5LThhMGMt
NTBjYmNiNWIxOWMyLzEvVERFTmZiQ1FjMWUyanNYYjM2V0gzWkhNUGVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8xYjFjYTAtYmJmMi00NDE5LThhMGMtNTBjYmNiNWIxOWMy
LzEvcXh5QUNxRzNpaGVrUGhuOW1UZzFYUVFSNlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2a3NMA0E
AgACMAcDBQIqBJREMA0GCSqGSIb3DQEBCwUAA4IBAQBnQ77nK49T/BG23GxHwzdv
Z5P5zxJ56XQTu3nYhe/tGYAA5zSORpRQ8R+tV3KPtG8s+84zwwAGktHLDC4Nw8uy
P05QXuHWOErdw500YEe5/W0Rq0uKUnT9k1ZmxY+qWLpMYDXBeiccp4hJCMiDC/rW
FNhn78BMn036TW5CDq5+fFfupG5DT9x3evK45IEwukZOH/zc7kh7q0rfsLB/idbX
Bl5gGDRx5smx/8zgVKL9mFQYTCVCylffKQLjlKbUstAMcC2FawBR7XjMyIZGZa/d
IVF9g5lYIybRLontFspwf6m5tEg2jWcMAWk/ZcIRy3Cxo7+WfD2d+9eRWuW1ep6v
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:00:07 2024 by rpki-client on console-fra.rpki-client.org