Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/1-auehSmgzeVMNLqdBgB6sju514E.roa
File: 1-auehSmgzeVMNLqdBgB6sju514E.roa (raw, json)
Hash identifier: YltSPXEyHAVoSHs429q/hOSpsDL4nqqeQUpBs1kkgiE=
Subject key identifier: F9:AB:9E:85:29:A0:CD:E5:4C:34:BA:9D:06:00:7A:B2:3B:B9:D7:81
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018F711E85D0405ACECCCD7A3C253E7EB890
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/1-auehSmgzeVMNLqdBgB6sju514E.roa
Signing time: Mon 13 May 2024 08:42:56 +0000
ROA not before: Mon 13 May 2024 08:42:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214949
IP address blocks: 217.60.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:71:1e:85:d0:40:5a:ce:cc:cd:7a:3c:25:3e:7e:b8:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: May 13 08:42:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9ab9e8529a0cde54c34ba9d06007ab23bb9d781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b6:04:35:98:03:36:d0:a9:f9:5c:ed:06:49:
ba:03:a4:af:2f:22:80:77:3b:92:be:bd:17:60:49:
97:c7:9d:ef:eb:34:31:65:8f:04:f7:a4:f2:44:8b:
18:51:df:15:b3:7d:ce:97:c4:8a:07:72:ef:d4:20:
9c:79:7b:88:96:21:16:28:4f:b8:c6:02:81:7d:87:
91:f6:56:73:5c:04:e8:a2:7a:9d:f8:e2:72:00:1c:
b7:91:b9:8e:5f:1c:ce:f9:5b:f3:e8:89:42:96:08:
24:71:1a:58:0d:9a:c6:e3:e8:db:30:5d:6f:b3:7f:
ab:ca:87:5a:50:19:d2:e3:9e:58:58:08:c6:42:41:
7c:01:bd:ff:40:dd:ee:55:af:e8:08:d4:21:cf:29:
35:ea:61:0b:42:c1:04:06:3b:f8:3d:01:f5:1a:df:
00:b3:dd:b4:db:45:bc:f5:51:54:7d:97:75:fc:82:
50:bc:b9:e4:3a:df:45:29:8b:93:b2:72:1d:08:2d:
74:e6:36:a0:55:eb:fb:78:86:49:9a:36:84:7b:d9:
5c:c4:b5:27:69:af:76:0a:fe:7d:e5:37:f6:83:ba:
d6:7a:2b:e6:58:42:56:21:04:0f:04:cf:64:0e:03:
ab:e1:89:32:be:ab:2a:ed:0d:12:19:af:0c:3c:3f:
6b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:AB:9E:85:29:A0:CD:E5:4C:34:BA:9D:06:00:7A:B2:3B:B9:D7:81
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/1-auehSmgzeVMNLqdBgB6sju514E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.240.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:bf:9a:49:df:c7:43:38:1a:2d:99:30:cb:3a:77:6d:37:37:
7d:26:06:9a:9f:dd:d5:d9:13:90:fe:b4:21:90:b1:e6:92:a8:
01:42:2c:8c:34:bb:5b:6d:54:52:47:54:31:df:98:df:33:ab:
f0:03:24:9d:b3:d8:4b:1e:18:a9:50:86:bb:85:37:4f:ba:c9:
20:e9:8d:6b:0e:40:a5:79:a7:9c:fe:e7:a1:0e:3c:a4:0e:f0:
d3:ca:4f:25:9e:10:a3:89:44:fd:ff:e2:22:64:f7:a3:40:69:
6b:6f:21:e2:10:dc:87:19:d7:bf:4a:30:a3:dd:47:5e:9c:ce:
be:45:21:1c:02:e0:f6:d1:0a:e6:ba:c8:b1:c8:72:c2:f6:cc:
e2:39:62:2f:3b:7e:39:f5:3c:60:e1:4e:a4:da:bc:08:8f:a7:
c5:7d:a6:16:31:55:e5:56:70:f4:5d:71:8b:f8:63:15:12:0b:
57:86:dd:10:b6:ba:f3:49:6d:63:88:ca:b5:7a:5a:d4:6d:99:
03:0b:7a:02:c3:ed:83:99:36:99:d5:30:7f:5a:46:e2:2c:14:
15:87:f2:4c:5e:42:d6:6b:29:47:9a:1d:ed:c0:52:2c:eb:3d:
b2:8d:7d:47:ed:43:f4:6a:73:64:ba:de:b2:3c:20:55:9f:81:
e8:57:57:d3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY9xHoXQQFrOzM16PCU+friQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwNTEzMDg0MjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWFiOWU4NTI5YTBjZGU1NGMzNGJhOWQwNjAwN2FiMjNiYjlkNzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7YENZgDNtCp+VztBkm6A6SvLyKA
dzuSvr0XYEmXx53v6zQxZY8E96TyRIsYUd8Vs33Ol8SKB3Lv1CCceXuIliEWKE+4
xgKBfYeR9lZzXAToonqd+OJyABy3kbmOXxzO+Vvz6IlClggkcRpYDZrG4+jbMF1v
s3+ryodaUBnS455YWAjGQkF8Ab3/QN3uVa/oCNQhzyk16mELQsEEBjv4PQH1Gt8A
s92020W89VFUfZd1/IJQvLnkOt9FKYuTsnIdCC105jagVev7eIZJmjaEe9lcxLUn
aa92Cv595Tf2g7rWeivmWEJWIQQPBM9kDgOr4Ykyvqsq7Q0SGa8MPD9r5wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPmrnoUpoM3lTDS6nQYAerI7udeBMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvMS1hdWVoU21nemVWTU5McWRCZ0I2c2p1NTE0RS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzIvNzE1ZDE1LTI4MTAtNDgyNy04ZGJkLTBiZWUwNjEyNmIx
YS8xL3JmU1JTSXA4MkVTS1FnbEZoeHdMbVdjdHhtNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANk88DAN
BgkqhkiG9w0BAQsFAAOCAQEADb+aSd/HQzgaLZkwyzp3bTc3fSYGmp/d1dkTkP60
IZCx5pKoAUIsjDS7W21UUkdUMd+Y3zOr8AMknbPYSx4YqVCGu4U3T7rJIOmNaw5A
pXmnnP7noQ48pA7w08pPJZ4Qo4lE/f/iImT3o0Bpa28h4hDchxnXv0owo91HXpzO
vkUhHALg9tEK5rrIschywvbM4jliLzt+OfU8YOFOpNq8CI+nxX2mFjFV5VZw9F1x
i/hjFRILV4bdELa680ltY4jKtXpa1G2ZAwt6AsPtg5k2mdUwf1pG4iwUFYfyTF5C
1mspR5od7cBSLOs9so19R+1D9GpzZLresjwgVZ+B6FdX0w==
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:00:24 2024 by rpki-client on console-fra.rpki-client.org