Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/y2VF54ltp3MfEotpWrsMcPSkFrQ.roa
File: y2VF54ltp3MfEotpWrsMcPSkFrQ.roa (raw, json)
Hash identifier: q/Pi6ORP7isICQBVMuCqYRUgRhGNcgT9FxARZ7ba4qg=
Subject key identifier: CB:65:45:E7:89:6D:A7:73:1F:12:8B:69:5A:BB:0C:70:F4:A4:16:B4
Certificate issuer: /CN=4c7594b0214264f06677609bb4aa4779eb1eecad
Certificate serial: 01934EC4072E4D8FE97334972034552667E5
Authority key identifier: 4C:75:94:B0:21:42:64:F0:66:77:60:9B:B4:AA:47:79:EB:1E:EC:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THWUsCFCZPBmd2CbtKpHeese7K0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/y2VF54ltp3MfEotpWrsMcPSkFrQ.roa
Signing time: Thu 21 Nov 2024 12:48:09 +0000
ROA not before: Thu 21 Nov 2024 12:48:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29263
IP address blocks: 217.68.48.0/20 maxlen: 20
217.68.48.0/21 maxlen: 21
217.68.48.0/22 maxlen: 22
217.68.48.0/28 maxlen: 28
217.68.48.124/30 maxlen: 30
217.68.48.128/30 maxlen: 30
217.68.48.144/29 maxlen: 29
217.68.48.160/27 maxlen: 27
217.68.48.252/32 maxlen: 32
217.68.48.253/32 maxlen: 32
217.68.49.65/32 maxlen: 32
217.68.49.75/32 maxlen: 32
217.68.49.85/32 maxlen: 32
217.68.49.93/32 maxlen: 32
217.68.49.208/29 maxlen: 29
217.68.49.216/29 maxlen: 29
217.68.50.0/24 maxlen: 24
217.68.51.0/24 maxlen: 24
217.68.52.0/22 maxlen: 22
217.68.53.0/24 maxlen: 24
217.68.56.0/21 maxlen: 21
217.68.56.0/22 maxlen: 22
217.68.58.0/24 maxlen: 24
217.68.60.0/22 maxlen: 22
217.68.60.0/24 maxlen: 24
217.68.61.0/24 maxlen: 24
2a02:2400::/32 maxlen: 32
2a02:2400::/34 maxlen: 34
2a02:2400:4000::/34 maxlen: 34
2a02:2400:8000::/34 maxlen: 34
2a02:2400:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/THWUsCFCZPBmd2CbtKpHeese7K0.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/THWUsCFCZPBmd2CbtKpHeese7K0.mft
rsync://rpki.ripe.net/repository/DEFAULT/THWUsCFCZPBmd2CbtKpHeese7K0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4e:c4:07:2e:4d:8f:e9:73:34:97:20:34:55:26:67:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7594b0214264f06677609bb4aa4779eb1eecad
Validity
Not Before: Nov 21 12:48:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb6545e7896da7731f128b695abb0c70f4a416b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:ec:5a:84:08:d0:41:86:c7:63:17:c9:a1:92:
6f:ff:c8:25:40:63:33:1a:81:3f:e2:9f:71:c7:0a:
58:2a:0b:f3:20:4d:6a:6e:0a:8f:a3:71:93:87:5e:
24:e0:51:83:81:4a:24:aa:25:e1:4b:91:9a:d0:21:
2e:91:bf:77:75:4d:87:ce:56:e4:72:62:11:0b:d5:
f1:19:04:b0:1f:5e:fa:f9:ac:1b:07:0b:b9:03:b5:
07:e9:0b:4e:43:86:17:d2:9a:15:2d:0d:0d:36:0f:
54:27:55:dc:67:5d:a1:01:b9:68:a4:ff:8f:2c:6a:
d3:f3:08:2d:2f:f8:f6:93:68:29:94:44:c4:5c:db:
ef:c0:fa:db:e9:80:35:a5:d4:82:3e:7f:53:33:6d:
46:75:dc:6a:88:c4:c8:92:8e:78:70:5b:84:d0:6e:
08:cf:4c:0f:73:96:7e:82:7a:aa:80:e5:b5:92:0f:
89:92:ae:7d:95:fa:4d:5f:5d:8b:11:ea:da:57:43:
91:4a:72:83:db:44:21:5e:be:79:4b:f4:df:da:6d:
0d:c4:bc:15:54:6a:45:3b:d5:ff:13:d4:4c:e4:7c:
65:5c:b5:9c:3a:01:2d:b7:d5:fd:f7:b7:f4:93:a7:
f9:a6:cf:69:a8:8a:c2:9f:6f:81:8a:54:4d:5e:b3:
ef:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:65:45:E7:89:6D:A7:73:1F:12:8B:69:5A:BB:0C:70:F4:A4:16:B4
X509v3 Authority Key Identifier:
keyid:4C:75:94:B0:21:42:64:F0:66:77:60:9B:B4:AA:47:79:EB:1E:EC:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THWUsCFCZPBmd2CbtKpHeese7K0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/y2VF54ltp3MfEotpWrsMcPSkFrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/THWUsCFCZPBmd2CbtKpHeese7K0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.68.48.0/20
IPv6:
2a02:2400::/32
Signature Algorithm: sha256WithRSAEncryption
20:be:f7:22:f5:a2:cc:ba:24:d7:fa:a3:21:05:2e:da:16:31:
6b:6a:f1:50:5e:1b:65:ce:4b:50:ab:02:ce:c7:f6:3c:e1:8b:
5e:a0:20:4b:10:81:fe:71:ef:19:42:9b:f0:8e:34:61:59:76:
1d:18:70:3c:4d:c9:a9:4e:17:9e:c0:a0:33:7a:74:4a:76:c7:
13:86:90:02:d5:f1:d4:e0:ab:58:61:23:bd:b8:73:9e:6e:8b:
d5:2c:36:f6:23:8a:96:03:23:ad:b4:36:06:70:d8:15:aa:67:
04:66:dc:62:e2:59:a3:60:80:8c:04:12:05:d7:0c:31:0c:d9:
9e:0b:41:fc:56:8d:6e:cb:29:d3:7f:51:dc:be:89:28:c1:2b:
ac:bf:1c:52:68:b2:5b:a1:5b:2b:dc:5c:bd:57:07:96:b1:82:
61:e5:f6:55:31:33:46:50:8d:d2:40:9a:e0:45:54:6c:51:95:
e6:5e:28:a0:64:0a:37:fa:bf:67:2c:9b:7b:99:b9:18:91:57:
a3:80:c8:ea:a1:bc:c2:91:54:4e:8d:aa:a8:4b:f9:68:c8:f3:
dc:09:42:29:9d:02:1e:29:5d:dd:47:8e:d8:d9:34:16:bf:8e:
23:79:65:22:8e:c4:02:86:46:30:81:97:1d:3d:10:36:49:34:
78:c3:80:37
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZNOxAcuTY/pczSXIDRVJmflMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzU5NGIwMjE0MjY0ZjA2Njc3NjA5YmI0YWE0Nzc5ZWIx
ZWVjYWQwHhcNMjQxMTIxMTI0ODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjY1NDVlNzg5NmRhNzczMWYxMjhiNjk1YWJiMGM3MGY0YTQxNmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9uxahAjQQYbHYxfJoZJv/8glQGMz
GoE/4p9xxwpYKgvzIE1qbgqPo3GTh14k4FGDgUokqiXhS5Ga0CEukb93dU2Hzlbk
cmIRC9XxGQSwH176+awbBwu5A7UH6QtOQ4YX0poVLQ0NNg9UJ1XcZ12hAblopP+P
LGrT8wgtL/j2k2gplETEXNvvwPrb6YA1pdSCPn9TM21GddxqiMTIko54cFuE0G4I
z0wPc5Z+gnqqgOW1kg+Jkq59lfpNX12LEeraV0ORSnKD20QhXr55S/Tf2m0NxLwV
VGpFO9X/E9RM5HxlXLWcOgEtt9X997f0k6f5ps9pqIrCn2+BilRNXrPvuQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMtlReeJbadzHxKLaVq7DHD0pBa0MB8GA1UdIwQY
MBaAFEx1lLAhQmTwZndgm7SqR3nrHuytMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhXVXNDRkNaUEJtZDJDYnRLcEhlZXNlN0swLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9iODBiNDctYTdiYy00ZWI0LThiZTYt
YjEzMGJmNzZmZTEwLzEveTJWRjU0bHRwM01mRW90cFdyc01jUFNrRnJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9iODBiNDctYTdiYy00ZWI0LThiZTYtYjEzMGJmNzZmZTEw
LzEvVEhXVXNDRkNaUEJtZDJDYnRLcEhlZXNlN0swLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2UQwMA0E
AgACMAcDBQAqAiQAMA0GCSqGSIb3DQEBCwUAA4IBAQAgvvci9aLMuiTX+qMhBS7a
FjFravFQXhtlzktQqwLOx/Y84YteoCBLEIH+ce8ZQpvwjjRhWXYdGHA8TcmpThee
wKAzenRKdscThpAC1fHU4KtYYSO9uHOebovVLDb2I4qWAyOttDYGcNgVqmcEZtxi
4lmjYICMBBIF1wwxDNmeC0H8Vo1uyynTf1HcvokowSusvxxSaLJboVsr3Fy9VweW
sYJh5fZVMTNGUI3SQJrgRVRsUZXmXiigZAo3+r9nLJt7mbkYkVejgMjqobzCkVRO
jaqoS/loyPPcCUIpnQIeKV3dR47Y2TQWv44jeWUijsQChkYwgZcdPRA2STR4w4A3
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:01:15 2024 by rpki-client on console-fra.rpki-client.org