Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/jIRtXclEyTJjwBpUJGT_WeHTNSc.roa
File: jIRtXclEyTJjwBpUJGT_WeHTNSc.roa (raw, json)
Hash identifier: n7Q9q+6+dREwUDBylfu335Xg7CIjHuOtPIZAXN+11qs=
Subject key identifier: 8C:84:6D:5D:C9:44:C9:32:63:C0:1A:54:24:64:FF:59:E1:D3:35:27
Certificate issuer: /CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Certificate serial: 018CC8017684BA2D70CECEE5CA61F7EFF68A
Authority key identifier: 02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/jIRtXclEyTJjwBpUJGT_WeHTNSc.roa
Signing time: Tue 02 Jan 2024 02:29:48 +0000
ROA not before: Tue 02 Jan 2024 02:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 217.163.11.0/24 maxlen: 24
217.163.23.0/24 maxlen: 24
217.163.30.0/24 maxlen: 24
217.163.28.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 01:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:76:84:ba:2d:70:ce:ce:e5:ca:61:f7:ef:f6:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Validity
Not Before: Jan 2 02:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c846d5dc944c93263c01a542464ff59e1d33527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7a:bb:88:29:b1:21:87:15:af:99:0d:de:b1:
6c:3b:a4:eb:20:b3:31:17:26:e5:77:a3:42:78:2a:
2d:a2:d3:83:ac:79:fe:d2:f5:0f:b6:2d:4e:b5:39:
87:38:be:37:a5:9f:1e:91:ba:ae:d3:62:f9:7c:f9:
6f:3b:fa:7a:f1:ad:88:62:26:f3:e0:20:b3:6e:1a:
9e:6c:39:a5:a9:37:d8:c5:c4:44:2f:9e:3d:68:03:
bc:c8:c7:fa:7d:31:e9:6d:03:1f:3d:eb:8e:37:4e:
d9:1f:72:2a:a2:49:11:b9:44:c3:fa:a2:5f:b1:b0:
f5:77:3c:ec:49:d5:6b:84:ac:66:66:bb:2c:a4:96:
d7:61:99:fd:01:58:47:a4:d3:ae:8a:41:d0:50:d7:
59:bb:96:e9:7b:43:da:e0:32:8b:ec:f2:19:51:d2:
f1:90:a7:54:c6:c4:cf:6b:6a:cd:5f:e7:4e:d7:ad:
79:5c:25:64:c0:9f:12:b4:4a:0b:b2:59:37:5e:85:
ab:82:7e:32:b9:cd:da:94:8f:74:b1:27:0b:64:07:
ac:54:b7:c3:5e:46:9a:bd:d1:ff:a4:39:5b:dd:f7:
ef:d5:e1:d9:6e:eb:c1:5d:1f:51:36:9e:30:33:2d:
39:5d:2f:e8:ee:f8:62:c1:8c:4e:6e:ac:ac:2f:ce:
0d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:84:6D:5D:C9:44:C9:32:63:C0:1A:54:24:64:FF:59:E1:D3:35:27
X509v3 Authority Key Identifier:
keyid:02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/jIRtXclEyTJjwBpUJGT_WeHTNSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.163.11.0/24
217.163.23.0/24
217.163.28.0-217.163.30.255
Signature Algorithm: sha256WithRSAEncryption
23:19:7b:22:d1:91:69:64:1f:85:c8:ac:63:17:0d:1a:e8:12:
0d:bc:1c:f2:59:98:60:f1:d7:56:13:5e:0b:e1:ad:be:f7:65:
ef:f4:ad:b2:a6:86:5e:0e:4d:e9:59:4e:47:55:6f:ae:be:d9:
54:97:ea:ed:f6:e7:f8:c3:7e:26:ec:53:f7:9f:9d:25:ae:0e:
17:72:4d:17:bf:7a:28:de:7a:c4:32:3b:4b:4e:0b:ee:62:57:
51:9f:30:c1:86:30:14:3f:b3:23:94:03:24:cc:ab:cd:e5:a3:
b3:ed:29:df:1a:16:6d:7d:5a:5c:c6:12:f0:9a:2b:41:f3:53:
11:dc:e5:47:74:6c:ca:1b:8e:c3:a9:a6:f0:02:1c:f9:b2:73:
8e:f9:9a:a4:17:24:14:ba:2e:ab:dd:a8:eb:22:ef:3e:16:1c:
c3:78:f4:f3:19:80:09:ff:06:9e:b5:ad:ce:1e:26:71:1e:c3:
8a:51:44:e3:38:d0:fd:35:a3:53:d6:a9:67:6d:ab:e2:d0:ef:
f5:60:c0:43:20:a7:e0:60:23:53:6c:7e:28:49:f8:51:33:22:
58:c1:0e:17:c3:d3:5a:13:1f:96:ab:09:4f:f3:8f:f1:a5:32:
ab:83:98:18:1f:6b:bb:ff:0d:58:3b:da:07:86:7c:a9:2b:1c:
fe:80:cf:6c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzIAXaEui1wzs7lymH37/aKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzJhNGJmYjc3OTY0MDVhNTU2Yjc1OWYxZDE5M2U0YzRk
MzcxMjkwHhcNMjQwMTAyMDIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yzg0NmQ1ZGM5NDRjOTMyNjNjMDFhNTQyNDY0ZmY1OWUxZDMzNTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHq7iCmxIYcVr5kN3rFsO6TrILMx
Fybld6NCeCototODrHn+0vUPti1OtTmHOL43pZ8ekbqu02L5fPlvO/p68a2IYibz
4CCzbhqebDmlqTfYxcREL549aAO8yMf6fTHpbQMfPeuON07ZH3IqokkRuUTD+qJf
sbD1dzzsSdVrhKxmZrsspJbXYZn9AVhHpNOuikHQUNdZu5bpe0Pa4DKL7PIZUdLx
kKdUxsTPa2rNX+dO1615XCVkwJ8StEoLslk3XoWrgn4yuc3alI90sScLZAesVLfD
XkaavdH/pDlb3ffv1eHZbuvBXR9RNp4wMy05XS/o7vhiwYxObqysL84N3QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIyEbV3JRMkyY8AaVCRk/1nh0zUnMB8GA1UdIwQY
MBaAFAIypL+3eWQFpVa3WfHRk+TE03EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEt
M2JiNGQ2MjAwNTE4LzEvaklSdFhjbEV5VEpqd0JwVUpHVF9XZUhUTlNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEtM2JiNGQ2MjAwNTE4
LzEvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQA2aMLAwQA
2aMXMAwDBALZoxwDBADZox4wDQYJKoZIhvcNAQELBQADggEBACMZeyLRkWlkH4XI
rGMXDRroEg28HPJZmGDx11YTXgvhrb73Ze/0rbKmhl4OTelZTkdVb66+2VSX6u32
5/jDfibsU/efnSWuDhdyTRe/eijeesQyO0tOC+5iV1GfMMGGMBQ/syOUAyTMq83l
o7PtKd8aFm19WlzGEvCaK0HzUxHc5Ud0bMobjsOppvACHPmyc475mqQXJBS6Lqvd
qOsi7z4WHMN49PMZgAn/Bp61rc4eJnEew4pRROM40P01o1PWqWdtq+LQ7/VgwEMg
p+BgI1NsfihJ+FEzIljBDhfD01oTH5arCU/zj/GlMquDmBgfa7v/DVg72geGfKkr
HP6Az2w=
-----END CERTIFICATE-----
Generated at Mon May 6 04:15:19 2024 by rpki-client on console-ams.rpki-client.org