Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/sFI6jiwEIOSY78SQlf2VjWq1yOY.roa
File: sFI6jiwEIOSY78SQlf2VjWq1yOY.roa (raw, json)
Hash identifier: yimBWYpH1b7o29JpJ+XFoo7m7QTWoVWXILyzAzkkfAo=
Subject key identifier: B0:52:3A:8E:2C:04:20:E4:98:EF:C4:90:95:FD:95:8D:6A:B5:C8:E6
Certificate issuer: /CN=a9f2fdea263b79fce11389052b0cd940995c6dfe
Certificate serial: 018CC8DF284878DC18F00AA923305726D7E9
Authority key identifier: A9:F2:FD:EA:26:3B:79:FC:E1:13:89:05:2B:0C:D9:40:99:5C:6D:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qfL96iY7efzhE4kFKwzZQJlcbf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/sFI6jiwEIOSY78SQlf2VjWq1yOY.roa
Signing time: Tue 02 Jan 2024 06:31:57 +0000
ROA not before: Tue 02 Jan 2024 06:31:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204471
IP address blocks: 217.197.106.0/24 maxlen: 24
2a12:d8c1::/32 maxlen: 32
2a12:d8c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/qfL96iY7efzhE4kFKwzZQJlcbf4.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/qfL96iY7efzhE4kFKwzZQJlcbf4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qfL96iY7efzhE4kFKwzZQJlcbf4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:28:48:78:dc:18:f0:0a:a9:23:30:57:26:d7:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9f2fdea263b79fce11389052b0cd940995c6dfe
Validity
Not Before: Jan 2 06:31:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0523a8e2c0420e498efc49095fd958d6ab5c8e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:03:64:05:83:64:76:b3:70:35:ce:27:1f:b0:
17:be:40:d5:dd:16:43:da:49:4e:fb:3b:1a:9f:3f:
7e:9a:e0:bf:8f:4c:cf:2a:0a:c2:c7:0e:e4:78:19:
3f:d7:0a:5c:23:3e:05:ee:c4:b3:2f:51:bc:a4:94:
0c:2a:6a:e0:46:e1:68:78:95:2f:5c:26:bc:91:b5:
7c:2b:1c:27:4f:05:28:62:c4:0a:94:20:bc:cf:ae:
ba:fa:02:01:cb:98:5a:08:7e:4e:02:22:8c:a8:cd:
85:1f:d0:03:d0:1b:9f:ac:10:1e:5d:84:a8:82:d7:
2e:68:ec:38:35:62:96:7d:ae:dd:a8:4e:79:82:e1:
99:47:87:fe:7b:16:bf:e7:14:40:3b:b2:d4:d4:98:
25:ee:42:80:ce:0e:ba:7a:e3:8f:6c:b6:46:f9:94:
c4:2f:61:9a:de:07:77:32:ad:0e:9c:6f:7e:f5:d1:
a5:a2:e8:81:f6:02:72:31:07:69:00:2e:5e:74:a8:
1b:3d:37:a2:8c:85:10:e2:c5:2a:67:13:40:ed:2b:
2a:6a:6d:d2:3c:e4:23:e7:27:9d:2d:b6:7d:36:6d:
9b:a8:56:07:4d:d7:8e:bc:76:90:2c:23:7b:aa:41:
9d:61:f2:09:eb:03:9c:3b:b6:99:7b:fd:5b:0a:bb:
b4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:52:3A:8E:2C:04:20:E4:98:EF:C4:90:95:FD:95:8D:6A:B5:C8:E6
X509v3 Authority Key Identifier:
keyid:A9:F2:FD:EA:26:3B:79:FC:E1:13:89:05:2B:0C:D9:40:99:5C:6D:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qfL96iY7efzhE4kFKwzZQJlcbf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/sFI6jiwEIOSY78SQlf2VjWq1yOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/qfL96iY7efzhE4kFKwzZQJlcbf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.197.106.0/24
IPv6:
2a12:d8c0::/31
Signature Algorithm: sha256WithRSAEncryption
b4:84:4d:c8:f8:e5:b6:a4:2f:c3:6f:dc:3b:0e:ed:f8:58:7a:
ce:92:0c:74:92:7d:16:e7:28:72:3a:64:35:4b:0b:6e:2f:46:
14:0f:be:02:ca:aa:2d:28:75:85:84:62:2f:de:60:9b:98:cd:
c9:6c:8a:fb:08:99:11:80:87:45:1d:df:21:44:75:de:4d:77:
2b:b0:42:e2:66:f5:0e:8e:77:2c:41:e4:4a:c0:64:fc:93:34:
af:e4:37:f0:f9:e3:05:f3:c3:76:a8:2a:d6:21:cc:02:a1:00:
eb:70:e3:0a:44:ec:cb:4a:0a:0d:b1:a2:14:1a:d2:88:38:e4:
ca:55:56:9b:31:51:02:c1:97:58:98:d1:dc:c4:7a:73:9c:70:
37:ed:ce:c9:75:12:de:79:3b:a8:86:ea:88:2e:bd:22:0a:a2:
f4:f6:bf:45:35:b0:bc:cd:9b:77:43:7e:2b:4e:13:3c:5a:c8:
31:72:a7:a5:47:fe:f6:67:b1:65:c9:06:fd:d3:df:ea:db:05:
89:aa:f3:5d:b6:5d:ec:b8:f9:9f:ea:07:c3:49:c9:08:fd:2c:
2f:5f:91:64:d3:b7:61:a7:de:2b:6c:60:41:94:ce:43:fc:a3:
ab:e4:c9:cc:91:f4:e6:61:ae:4f:0d:cb:e6:18:87:1f:d6:75:
a0:fc:41:33
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3yhIeNwY8AqpIzBXJtfpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZjJmZGVhMjYzYjc5ZmNlMTEzODkwNTJiMGNkOTQwOTk1
YzZkZmUwHhcNMjQwMTAyMDYzMTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDUyM2E4ZTJjMDQyMGU0OThlZmM0OTA5NWZkOTU4ZDZhYjVjOGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlANkBYNkdrNwNc4nH7AXvkDV3RZD
2klO+zsanz9+muC/j0zPKgrCxw7keBk/1wpcIz4F7sSzL1G8pJQMKmrgRuFoeJUv
XCa8kbV8KxwnTwUoYsQKlCC8z666+gIBy5haCH5OAiKMqM2FH9AD0BufrBAeXYSo
gtcuaOw4NWKWfa7dqE55guGZR4f+exa/5xRAO7LU1Jgl7kKAzg66euOPbLZG+ZTE
L2Ga3gd3Mq0OnG9+9dGlouiB9gJyMQdpAC5edKgbPTeijIUQ4sUqZxNA7Ssqam3S
POQj5yedLbZ9Nm2bqFYHTdeOvHaQLCN7qkGdYfIJ6wOcO7aZe/1bCru0XQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLBSOo4sBCDkmO/EkJX9lY1qtcjmMB8GA1UdIwQY
MBaAFKny/eomO3n84ROJBSsM2UCZXG3+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWZMOTZpWTdlZnpoRTRrRkt3elpRSmxjYmY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My81M2ZmNjItYzFhZC00MjQ0LWI5MWEt
ZjhhZmZlZjExMmQ4LzEvc0ZJNmppd0VJT1NZNzhTUWxmMlZqV3ExeU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My81M2ZmNjItYzFhZC00MjQ0LWI5MWEtZjhhZmZlZjExMmQ4
LzEvcWZMOTZpWTdlZnpoRTRrRkt3elpRSmxjYmY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2cVqMA0E
AgACMAcDBQEqEtjAMA0GCSqGSIb3DQEBCwUAA4IBAQC0hE3I+OW2pC/Db9w7Du34
WHrOkgx0kn0W5yhyOmQ1SwtuL0YUD74CyqotKHWFhGIv3mCbmM3JbIr7CJkRgIdF
Hd8hRHXeTXcrsELiZvUOjncsQeRKwGT8kzSv5Dfw+eMF88N2qCrWIcwCoQDrcOMK
ROzLSgoNsaIUGtKIOOTKVVabMVECwZdYmNHcxHpznHA37c7JdRLeeTuohuqILr0i
CqL09r9FNbC8zZt3Q34rThM8WsgxcqelR/72Z7FlyQb909/q2wWJqvNdtl3suPmf
6gfDSckI/SwvX5Fk07dhp94rbGBBlM5D/KOr5MnMkfTmYa5PDcvmGIcf1nWg/EEz
-----END CERTIFICATE-----
Generated at Sun May 19 20:45:14 2024 by rpki-client on console-fra.rpki-client.org