Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/D8vtTRGocnaS6Ye-JyWyCyhZL2w.roa
File: D8vtTRGocnaS6Ye-JyWyCyhZL2w.roa (raw, json)
Hash identifier: eXsiWxWAzJoeiNWDE28Ahtgk4KfV3UvaIbMuGIguBDU=
Subject key identifier: 0F:CB:ED:4D:11:A8:72:76:92:E9:87:BE:27:25:B2:0B:28:59:2F:6C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193248B516BC68B001F342B31BED5F2E5DA
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/D8vtTRGocnaS6Ye-JyWyCyhZL2w.roa
Signing time: Wed 13 Nov 2024 08:02:10 +0000
ROA not before: Wed 13 Nov 2024 08:02:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204104
IP address blocks: 217.60.238.0/24 maxlen: 24
217.60.243.0/24 maxlen: 24
217.60.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:24:8b:51:6b:c6:8b:00:1f:34:2b:31:be:d5:f2:e5:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 13 08:02:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fcbed4d11a8727692e987be2725b20b28592f6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a1:a8:5b:1e:2b:be:bf:ca:79:d5:d8:bd:4c:
90:94:c2:5b:3f:c9:d5:80:08:a3:bd:5e:fd:d6:c3:
99:78:c6:1a:f1:c7:1c:af:30:48:5b:ba:35:44:2b:
c2:cc:22:8e:49:54:5e:b9:ff:36:8a:28:f8:67:54:
cb:1b:60:78:ec:08:3e:d8:71:9d:c6:72:e7:5c:64:
57:79:d9:5b:c1:5b:00:18:f6:c7:d1:81:36:b0:da:
b3:12:91:5a:2a:e5:9d:f1:7f:bb:3c:f3:a2:58:81:
84:5a:15:1d:bb:22:98:3d:e7:ee:f2:6e:39:75:70:
f2:56:cc:29:54:89:32:72:13:ff:fe:f3:c1:81:52:
3c:75:45:5d:16:94:4a:2d:b5:e7:e7:c9:d1:d0:07:
ae:7b:79:7e:9d:f4:16:0b:07:09:47:75:b5:93:b1:
d7:38:9d:dd:8c:91:ad:32:ba:35:d0:f3:62:21:03:
36:e5:4f:91:2d:b7:8b:fc:c7:c9:61:08:1a:cc:12:
33:eb:44:07:21:d1:f3:9b:34:19:74:5c:a9:05:e2:
3e:25:24:5f:7b:02:61:9f:b9:20:49:14:08:d9:81:
f5:7f:e7:a6:8c:80:e8:eb:a0:e3:1c:31:95:2a:0a:
6e:67:e8:25:99:53:d3:c7:ae:18:86:35:66:7f:cc:
69:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:CB:ED:4D:11:A8:72:76:92:E9:87:BE:27:25:B2:0B:28:59:2F:6C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/D8vtTRGocnaS6Ye-JyWyCyhZL2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.238.0/24
217.60.243.0/24
217.60.246.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:26:de:53:ab:64:68:60:e4:36:97:0d:4b:5c:c0:ae:50:44:
c7:6b:78:87:a0:ca:4f:6d:30:f2:b9:43:8e:18:2d:2c:2c:fc:
e0:bf:87:99:1b:6e:39:b8:5a:d7:fa:3c:eb:32:a8:5c:29:b8:
e5:3a:d7:e5:1f:83:d4:fb:a7:7c:84:3c:6a:45:3a:ad:3e:5c:
a0:be:65:e3:de:4a:6d:42:6c:88:7b:7c:0e:fe:d5:ab:d5:5f:
db:de:ff:36:8a:3e:59:3e:6f:9b:1e:90:1c:f1:16:ce:90:cf:
18:f4:f0:59:57:d8:1c:44:ce:d9:9c:c7:69:85:ed:92:6b:52:
76:97:01:99:96:9a:9d:9f:1a:09:df:7f:bc:15:a0:85:f4:55:
37:ee:ad:d2:55:4e:c5:30:d7:db:67:e4:d3:3e:f9:47:dc:cf:
6a:72:16:3e:9c:21:cf:41:1b:83:ef:cd:62:f3:44:4f:2f:53:
bc:3a:62:49:f8:a5:cf:93:30:cc:04:a6:6b:41:e7:5c:26:9d:
00:48:30:1d:ae:d1:a2:99:4b:4b:30:7f:12:15:bf:2b:20:82:
49:75:14:6c:b3:e5:20:35:83:0c:d5:d1:07:48:f0:cd:54:95:
f1:68:cb:44:e5:7d:ea:93:aa:37:44:85:c4:09:ee:c1:f1:98:
e2:03:f3:3c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMki1FrxosAHzQrMb7V8uXaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTEzMDgwMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmNiZWQ0ZDExYTg3Mjc2OTJlOTg3YmUyNzI1YjIwYjI4NTkyZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6GoWx4rvr/KedXYvUyQlMJbP8nV
gAijvV791sOZeMYa8cccrzBIW7o1RCvCzCKOSVReuf82iij4Z1TLG2B47Ag+2HGd
xnLnXGRXedlbwVsAGPbH0YE2sNqzEpFaKuWd8X+7PPOiWIGEWhUduyKYPefu8m45
dXDyVswpVIkychP//vPBgVI8dUVdFpRKLbXn58nR0Aeue3l+nfQWCwcJR3W1k7HX
OJ3djJGtMro10PNiIQM25U+RLbeL/MfJYQgazBIz60QHIdHzmzQZdFypBeI+JSRf
ewJhn7kgSRQI2YH1f+emjIDo66DjHDGVKgpuZ+glmVPTx64YhjVmf8xphwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA/L7U0RqHJ2kumHviclsgsoWS9sMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvRDh2dFRSR29jbmFTNlllLUp5V3lDeWhaTDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA2TzuAwQA
2TzzAwQA2Tz2MA0GCSqGSIb3DQEBCwUAA4IBAQAqJt5Tq2RoYOQ2lw1LXMCuUETH
a3iHoMpPbTDyuUOOGC0sLPzgv4eZG245uFrX+jzrMqhcKbjlOtflH4PU+6d8hDxq
RTqtPlygvmXj3kptQmyIe3wO/tWr1V/b3v82ij5ZPm+bHpAc8RbOkM8Y9PBZV9gc
RM7ZnMdphe2Sa1J2lwGZlpqdnxoJ33+8FaCF9FU37q3SVU7FMNfbZ+TTPvlH3M9q
chY+nCHPQRuD781i80RPL1O8OmJJ+KXPkzDMBKZrQedcJp0ASDAdrtGimUtLMH8S
Fb8rIIJJdRRss+UgNYMM1dEHSPDNVJXxaMtE5X3qk6o3RIXECe7B8ZjiA/M8
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:30:55 2024 by rpki-client on console-ams.rpki-client.org