Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/DEDTAWSErjGHjVNeqxftVsgs8C4.roa
File: DEDTAWSErjGHjVNeqxftVsgs8C4.roa (raw, json)
Hash identifier: VWkVJFt6LABue5shuRK4aAz/i+X+zOBxzF8svsKfKqk=
Subject key identifier: 0C:40:D3:01:64:84:AE:31:87:8D:53:5E:AB:17:ED:56:C8:2C:F0:2E
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 019424B2A0F1961AFAF7D1777A4AAE29F1E4
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/DEDTAWSErjGHjVNeqxftVsgs8C4.roa
Signing time: Thu 02 Jan 2025 01:47:53 +0000
ROA not before: Thu 02 Jan 2025 01:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 134176
IP address blocks: 217.177.34.0/24 maxlen: 24
217.177.72.0/24 maxlen: 24
217.180.21.0/24 maxlen: 24
217.180.44.0/24 maxlen: 24
217.180.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:a0:f1:96:1a:fa:f7:d1:77:7a:4a:ae:29:f1:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Jan 2 01:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c40d3016484ae31878d535eab17ed56c82cf02e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cf:27:3f:03:5e:05:86:a5:94:2c:60:b1:c0:
a5:d0:91:6f:a9:7e:b9:e7:ae:36:f9:dc:02:7f:83:
29:23:23:74:63:6b:58:7f:02:fb:e5:ba:1e:97:68:
8e:a0:85:ce:39:e1:ab:0d:91:17:66:01:4b:fe:0c:
08:cf:09:e0:db:2d:9f:cd:a5:13:cb:df:28:1a:c3:
1b:ee:46:19:7c:f9:b5:e4:d8:fe:06:21:f1:98:4b:
31:99:bb:fa:ef:87:dc:aa:af:7a:30:8b:9b:d2:9b:
4b:5a:3a:fb:f5:c1:23:61:25:c4:25:56:e1:c9:30:
c4:52:57:db:e2:29:ec:20:6c:52:ee:37:97:8c:b4:
5b:a7:9b:09:0d:ca:d2:4b:15:81:c0:5f:43:2a:60:
f9:83:a1:be:03:e8:f1:7b:8c:b0:93:68:47:6c:6f:
af:1f:28:d7:d6:a2:0b:7f:4a:ad:b2:1a:e3:44:8b:
f4:73:ff:c2:bd:8e:55:55:86:e6:d2:4b:d2:98:f1:
c8:39:fb:02:f1:ac:3e:75:61:95:e1:a0:39:fa:24:
68:26:3f:84:79:61:88:84:10:70:66:5b:f5:5a:19:
70:e3:84:fc:7f:b2:b1:80:2b:e3:05:f9:1f:6e:7f:
35:e2:f2:5b:c5:5b:95:24:2d:c9:6f:3a:1b:b7:bb:
a7:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:40:D3:01:64:84:AE:31:87:8D:53:5E:AB:17:ED:56:C8:2C:F0:2E
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/DEDTAWSErjGHjVNeqxftVsgs8C4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.177.34.0/24
217.177.72.0/24
217.180.21.0/24
217.180.44.0/24
217.180.47.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:c2:8d:3e:db:6d:af:93:ee:08:6a:57:5e:d7:a8:37:91:c0:
10:fc:43:a5:2b:db:85:01:68:1b:0a:e9:2d:92:f9:94:bd:e1:
56:9b:ce:a5:2e:52:17:d3:e4:f9:a2:5b:af:2f:eb:0b:70:fd:
3f:b3:55:e8:30:4b:1a:98:53:f3:d1:79:8e:a4:6a:4b:db:29:
ac:2d:f7:a7:07:a6:b1:fa:e9:13:55:ff:f6:a6:cb:d1:35:34:
dd:8e:5f:22:04:a7:bf:ed:d7:70:1f:b5:b8:ea:9f:17:0a:6f:
bd:a7:f8:cf:af:18:65:fa:70:4d:65:99:9b:6f:c8:a0:9f:23:
27:21:81:d5:98:d9:0c:34:9c:c0:58:e8:5e:f8:23:2e:16:ad:
9f:a1:cc:ae:a6:58:4d:f3:01:64:1c:e7:34:40:0d:b6:45:e6:
f4:db:73:55:3d:55:40:f5:6b:da:3d:f2:de:39:cb:93:10:b5:
b4:df:9f:85:a1:6a:80:e3:3a:aa:8a:2e:39:16:f5:6e:e4:33:
af:99:5d:53:60:d6:2f:ee:59:bf:0f:48:a8:cc:5f:e7:83:f5:
fc:89:c6:f2:bb:58:fd:12:ee:6b:75:67:fe:21:ec:8c:f7:f9:
db:74:0e:02:14:fa:db:1a:7f:99:92:db:11:62:11:a4:ee:6b:
ed:f1:eb:81
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQksqDxlhr699F3ekquKfHkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMTAyMDE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzQwZDMwMTY0ODRhZTMxODc4ZDUzNWVhYjE3ZWQ1NmM4MmNmMDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0c8nPwNeBYallCxgscCl0JFvqX65
5642+dwCf4MpIyN0Y2tYfwL75boel2iOoIXOOeGrDZEXZgFL/gwIzwng2y2fzaUT
y98oGsMb7kYZfPm15Nj+BiHxmEsxmbv674fcqq96MIub0ptLWjr79cEjYSXEJVbh
yTDEUlfb4insIGxS7jeXjLRbp5sJDcrSSxWBwF9DKmD5g6G+A+jxe4ywk2hHbG+v
HyjX1qILf0qtshrjRIv0c//CvY5VVYbm0kvSmPHIOfsC8aw+dWGV4aA5+iRoJj+E
eWGIhBBwZlv1Whlw44T8f7KxgCvjBfkfbn814vJbxVuVJC3Jbzobt7unpwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAxA0wFkhK4xh41TXqsX7VbILPAuMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvREVEVEFXU0VyakdIalZOZXF4ZnRWc2dzOEM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQA2bEiAwQA
2bFIAwQA2bQVAwQA2bQsAwQA2bQvMA0GCSqGSIb3DQEBCwUAA4IBAQC2wo0+222v
k+4Ialde16g3kcAQ/EOlK9uFAWgbCuktkvmUveFWm86lLlIX0+T5oluvL+sLcP0/
s1XoMEsamFPz0XmOpGpL2ymsLfenB6ax+ukTVf/2psvRNTTdjl8iBKe/7ddwH7W4
6p8XCm+9p/jPrxhl+nBNZZmbb8ignyMnIYHVmNkMNJzAWOhe+CMuFq2focyuplhN
8wFkHOc0QA22Reb023NVPVVA9WvaPfLeOcuTELW035+FoWqA4zqqii45FvVu5DOv
mV1TYNYv7lm/D0iozF/ng/X8icbyu1j9Eu5rdWf+IeyM9/nbdA4CFPrbGn+ZktsR
YhGk7mvt8euB
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:05:18 2025 by rpki-client