Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/tk0w4MkHYzW6M8d0CyA-rbesoRM.roa
File: tk0w4MkHYzW6M8d0CyA-rbesoRM.roa (raw, json)
Hash identifier: eJJn7mXrNJ9k2vCBgWMXyfzpMGFm9QvIqLDFWI01uig=
Subject key identifier: B6:4D:30:E0:C9:07:63:35:BA:33:C7:74:0B:20:3E:AD:B7:AC:A1:13
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 019424B29D1DC99F6DB732E98D0B9D5B69E7
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/tk0w4MkHYzW6M8d0CyA-rbesoRM.roa
Signing time: Thu 02 Jan 2025 01:47:52 +0000
ROA not before: Thu 02 Jan 2025 01:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12390
IP address blocks: 217.177.34.0/24 maxlen: 24
217.177.72.0/24 maxlen: 24
217.180.21.0/24 maxlen: 24
217.180.44.0/24 maxlen: 24
217.180.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:9d:1d:c9:9f:6d:b7:32:e9:8d:0b:9d:5b:69:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Jan 2 01:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b64d30e0c9076335ba33c7740b203eadb7aca113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:45:07:d2:ce:5f:59:ea:5e:c7:b5:bf:72:e8:
fc:6f:13:07:fb:2d:e5:54:7a:28:ee:ca:27:a0:52:
ca:10:f6:10:c7:75:32:e6:d7:97:a0:aa:4a:f4:1f:
4b:8d:2e:6a:4f:32:4e:12:36:40:0e:ab:1d:6d:66:
d2:cb:17:ea:03:83:48:f2:89:51:62:7d:60:88:09:
b1:a2:59:69:8d:aa:63:e7:63:ae:11:8f:eb:de:55:
c5:75:86:83:8e:60:e7:4b:53:67:ed:f0:00:38:b8:
c9:b8:14:23:22:47:55:3c:1f:00:b2:fb:a9:3b:b6:
00:d5:bd:31:8b:50:b7:e3:da:6b:c3:e8:98:50:09:
b0:41:06:c5:c8:bd:71:f4:bd:68:c3:bc:d7:b3:28:
ae:57:10:ae:8c:75:d9:2c:32:aa:7c:17:b3:6f:01:
ac:55:49:e7:c9:0d:04:96:d3:33:59:ae:3f:59:c1:
4c:9e:32:79:38:15:c0:5a:d7:3d:5f:ba:58:52:b3:
82:9c:47:7f:7d:06:76:54:20:53:3b:29:a9:2f:04:
51:1a:98:ef:5d:b4:77:3b:e3:ea:ea:7b:79:72:e4:
68:27:7d:dc:6e:46:ef:2e:32:f7:65:1c:89:2d:2d:
13:28:00:95:c7:95:d7:c1:f9:77:93:13:68:f4:b8:
9a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:4D:30:E0:C9:07:63:35:BA:33:C7:74:0B:20:3E:AD:B7:AC:A1:13
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/tk0w4MkHYzW6M8d0CyA-rbesoRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.177.34.0/24
217.177.72.0/24
217.180.21.0/24
217.180.44.0/24
217.180.47.0/24
Signature Algorithm: sha256WithRSAEncryption
20:dd:c4:cc:fb:e7:45:22:bf:7e:2d:f8:3c:3c:78:20:18:d1:
2e:f3:3b:41:05:9b:74:c6:06:ea:14:42:c6:ee:be:7c:df:a9:
11:19:d6:35:49:28:36:75:99:4f:d1:e2:25:43:67:bf:1c:ff:
e9:63:5d:80:2a:12:dd:04:4a:54:50:5d:83:9c:2b:0f:d4:c3:
8d:79:8b:38:cc:a3:84:37:39:d2:0d:be:14:92:90:50:52:55:
d7:95:b6:04:f1:14:49:e1:30:56:2c:93:53:af:b4:7c:2f:39:
b5:1e:de:14:92:fc:00:a6:0e:2e:45:f4:47:bf:3f:2d:4c:fa:
e7:5b:27:42:ed:1d:e8:50:18:c1:58:fb:e7:11:4d:bb:2d:ba:
97:98:35:96:cf:73:4a:ce:d9:9d:72:b3:bb:b5:e6:74:9b:8b:
31:7e:e6:7d:77:90:3f:cf:c7:f5:6f:cb:f4:d5:15:0d:5d:68:
f5:3e:79:9e:6d:bc:ed:ce:b9:bc:cc:a7:08:0c:be:94:be:ff:
39:fe:4d:65:8f:7a:4b:dd:ce:6c:68:ae:92:b8:94:d7:79:01:
d8:d0:95:70:cb:6e:0f:66:ae:52:27:9b:4a:77:60:f6:f3:9a:
e6:89:df:82:eb:d8:79:03:bf:5c:a1:2b:54:2a:87:74:e4:24:
72:47:58:1e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQksp0dyZ9ttzLpjQudW2nnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMTAyMDE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjRkMzBlMGM5MDc2MzM1YmEzM2M3NzQwYjIwM2VhZGI3YWNhMTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0UH0s5fWepex7W/cuj8bxMH+y3l
VHoo7sonoFLKEPYQx3Uy5teXoKpK9B9LjS5qTzJOEjZADqsdbWbSyxfqA4NI8olR
Yn1giAmxollpjapj52OuEY/r3lXFdYaDjmDnS1Nn7fAAOLjJuBQjIkdVPB8Asvup
O7YA1b0xi1C349prw+iYUAmwQQbFyL1x9L1ow7zXsyiuVxCujHXZLDKqfBezbwGs
VUnnyQ0EltMzWa4/WcFMnjJ5OBXAWtc9X7pYUrOCnEd/fQZ2VCBTOympLwRRGpjv
XbR3O+Pq6nt5cuRoJ33cbkbvLjL3ZRyJLS0TKACVx5XXwfl3kxNo9LiaFwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLZNMODJB2M1ujPHdAsgPq23rKETMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvdGswdzRNa0hZelc2TThkMEN5QS1yYmVzb1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQA2bEiAwQA
2bFIAwQA2bQVAwQA2bQsAwQA2bQvMA0GCSqGSIb3DQEBCwUAA4IBAQAg3cTM++dF
Ir9+Lfg8PHggGNEu8ztBBZt0xgbqFELG7r5836kRGdY1SSg2dZlP0eIlQ2e/HP/p
Y12AKhLdBEpUUF2DnCsP1MONeYs4zKOENznSDb4UkpBQUlXXlbYE8RRJ4TBWLJNT
r7R8Lzm1Ht4UkvwApg4uRfRHvz8tTPrnWydC7R3oUBjBWPvnEU27LbqXmDWWz3NK
ztmdcrO7teZ0m4sxfuZ9d5A/z8f1b8v01RUNXWj1Pnmebbztzrm8zKcIDL6Uvv85
/k1lj3pL3c5saK6SuJTXeQHY0JVwy24PZq5SJ5tKd2D285rmid+C69h5A79coStU
Kod05CRyR1ge
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:00:48 2025 by rpki-client