Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/c2oWG6h2JMsNaBVBRkmFdngotnQ.roa
File: c2oWG6h2JMsNaBVBRkmFdngotnQ.roa (raw, json)
Hash identifier: VXeiVVe87vpEubg6yZImXylXYJt5d4GzGbA7rbIhP+4=
Subject key identifier: 73:6A:16:1B:A8:76:24:CB:0D:68:15:41:46:49:85:76:78:28:B6:74
Certificate issuer: /CN=8b82433ffe94bf3536fec327543d396158202072
Certificate serial: 01921E5AEF1E60A2BCDC44245D9598728AD1
Authority key identifier: 8B:82:43:3F:FE:94:BF:35:36:FE:C3:27:54:3D:39:61:58:20:20:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i4JDP_6UvzU2_sMnVD05YVggIHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/c2oWG6h2JMsNaBVBRkmFdngotnQ.roa
Signing time: Mon 23 Sep 2024 10:08:48 +0000
ROA not before: Mon 23 Sep 2024 10:08:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48383
IP address blocks: 217.12.32.0/22 maxlen: 22
217.12.36.0/24 maxlen: 24
217.12.39.0/24 maxlen: 24
217.12.42.0/23 maxlen: 23
217.12.44.0/23 maxlen: 23
217.12.46.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/i4JDP_6UvzU2_sMnVD05YVggIHI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/i4JDP_6UvzU2_sMnVD05YVggIHI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i4JDP_6UvzU2_sMnVD05YVggIHI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1e:5a:ef:1e:60:a2:bc:dc:44:24:5d:95:98:72:8a:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b82433ffe94bf3536fec327543d396158202072
Validity
Not Before: Sep 23 10:08:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=736a161ba87624cb0d681541464985767828b674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:47:66:92:5a:74:2b:f1:d8:5d:5b:05:15:55:
36:ce:53:32:f2:99:84:0e:6c:e9:55:c9:69:6b:50:
ee:ab:56:a2:2c:a8:69:d4:e8:27:2b:7a:21:a4:ca:
0b:43:94:28:ff:21:fe:2a:31:47:fd:b9:76:12:d3:
1c:1f:c3:b3:a4:a0:32:d9:e1:b1:cf:82:07:20:b4:
92:11:9b:22:34:f9:8c:54:be:3e:4e:9e:56:91:48:
da:78:93:81:4a:74:a6:4c:4b:87:0b:46:1b:a2:81:
80:2f:ba:d4:5f:25:c8:c8:1f:50:55:16:93:9e:25:
b4:08:05:a9:69:b2:86:f6:ed:9f:9c:29:c7:6d:db:
47:53:6e:f5:dc:59:83:1f:2e:45:56:9f:90:95:8d:
bd:6f:34:a5:6d:60:ac:c3:17:3d:b3:f3:40:b7:02:
4f:66:41:a7:b4:c3:ae:16:d9:5e:78:ae:1c:1f:cb:
61:7c:3c:f4:42:b2:17:be:75:50:d4:61:cc:1d:50:
7a:2c:59:27:25:f9:cd:72:8b:48:09:31:01:b1:51:
4b:9a:6a:27:58:11:5d:f3:2b:8f:ba:f0:83:d0:ee:
f2:d7:c7:fb:97:c6:9f:32:ad:2d:e8:15:1b:09:d2:
f7:7e:4f:58:e0:fa:0e:a0:d5:89:71:ce:2c:ca:86:
43:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:6A:16:1B:A8:76:24:CB:0D:68:15:41:46:49:85:76:78:28:B6:74
X509v3 Authority Key Identifier:
keyid:8B:82:43:3F:FE:94:BF:35:36:FE:C3:27:54:3D:39:61:58:20:20:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i4JDP_6UvzU2_sMnVD05YVggIHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/c2oWG6h2JMsNaBVBRkmFdngotnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/i4JDP_6UvzU2_sMnVD05YVggIHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.12.32.0-217.12.36.255
217.12.39.0/24
217.12.42.0-217.12.47.255
Signature Algorithm: sha256WithRSAEncryption
85:6e:20:7c:3c:0d:52:63:79:12:98:2d:fc:60:7e:6a:79:c0:
d5:0e:2c:9a:d0:aa:ac:98:4d:6b:3c:13:c7:aa:d4:ae:23:98:
60:f3:c2:24:e7:5a:cb:5f:77:cf:c7:09:d8:a6:d3:60:27:3b:
91:de:b6:fe:b0:03:61:46:c0:09:60:4e:d2:7a:78:c8:70:8d:
ef:78:c6:2d:bf:68:50:67:17:ac:98:c4:9e:21:05:24:53:1e:
32:e0:fb:b1:a3:6d:dc:17:48:b0:54:da:9d:8b:0f:5f:af:73:
39:49:ad:20:59:48:6f:56:80:78:2a:ab:1f:bd:ce:e9:8e:7e:
60:20:e8:04:48:e7:04:82:14:d6:56:41:6d:4a:20:73:b4:15:
70:fe:91:3d:e5:c5:6c:c4:cc:8c:4a:6b:63:e9:e9:83:96:03:
f4:5f:50:71:62:5f:93:ff:82:1c:59:78:e0:19:a9:3b:fb:4d:
2a:ec:7d:e1:73:21:db:1a:a2:9a:52:9f:22:8f:cc:8e:2c:18:
14:a0:2e:40:43:b8:dd:90:3f:f2:41:4d:73:c5:61:74:27:09:
80:ca:5f:13:2a:99:b5:ef:68:9a:bc:22:cc:21:11:ee:fd:7d:
44:6f:1a:0f:89:e2:da:a7:e0:0a:e1:47:ef:f0:7c:d2:c6:90:
24:53:2c:aa
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZIeWu8eYKK83EQkXZWYcorRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiODI0MzNmZmU5NGJmMzUzNmZlYzMyNzU0M2QzOTYxNTgy
MDIwNzIwHhcNMjQwOTIzMTAwODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzZhMTYxYmE4NzYyNGNiMGQ2ODE1NDE0NjQ5ODU3Njc4MjhiNjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEdmklp0K/HYXVsFFVU2zlMy8pmE
DmzpVclpa1Duq1aiLKhp1OgnK3ohpMoLQ5Qo/yH+KjFH/bl2EtMcH8OzpKAy2eGx
z4IHILSSEZsiNPmMVL4+Tp5WkUjaeJOBSnSmTEuHC0YbooGAL7rUXyXIyB9QVRaT
niW0CAWpabKG9u2fnCnHbdtHU2713FmDHy5FVp+QlY29bzSlbWCswxc9s/NAtwJP
ZkGntMOuFtleeK4cH8thfDz0QrIXvnVQ1GHMHVB6LFknJfnNcotICTEBsVFLmmon
WBFd8yuPuvCD0O7y18f7l8afMq0t6BUbCdL3fk9Y4PoOoNWJcc4syoZDaQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHNqFhuodiTLDWgVQUZJhXZ4KLZ0MB8GA1UdIwQY
MBaAFIuCQz/+lL81Nv7DJ1Q9OWFYICByMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTRKRFBfNlV2elUyX3NNblZEMDVZVmdnSUhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9mNTU5M2QtNjg5Yy00ZGZlLThkOTYt
MmRkNzg5MGRjNjg5LzEvYzJvV0c2aDJKTXNOYUJWQlJrbUZkbmdvdG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9mNTU5M2QtNjg5Yy00ZGZlLThkOTYtMmRkNzg5MGRjNjg5
LzEvaTRKRFBfNlV2elUyX3NNblZEMDVZVmdnSUhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAXZDCAD
BADZDCQDBADZDCcwDAMEAdkMKgMEBNkMIDANBgkqhkiG9w0BAQsFAAOCAQEAhW4g
fDwNUmN5Epgt/GB+annA1Q4smtCqrJhNazwTx6rUriOYYPPCJOday193z8cJ2KbT
YCc7kd62/rADYUbACWBO0np4yHCN73jGLb9oUGcXrJjEniEFJFMeMuD7saNt3BdI
sFTanYsPX69zOUmtIFlIb1aAeCqrH73O6Y5+YCDoBEjnBIIU1lZBbUogc7QVcP6R
PeXFbMTMjEprY+npg5YD9F9QcWJfk/+CHFl44BmpO/tNKux94XMh2xqimlKfIo/M
jiwYFKAuQEO43ZA/8kFNc8VhdCcJgMpfEyqZte9omrwizCER7v19RG8aD4ni2qfg
CuFH7/B80saQJFMsqg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:12:31 2024 by rpki-client on console-fra.rpki-client.org