Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/dec50d-ee3a-4584-a591-429d668d9228/1/xWsmE-s3EOUDBbf3AOQmKMKjjns.roa
File: xWsmE-s3EOUDBbf3AOQmKMKjjns.roa (raw, json)
Hash identifier: cKKS91Ys3oOAt1kTiGNWNVEqVQtzXNnPK+IGo4ZWgjE=
Subject key identifier: C5:6B:26:13:EB:37:10:E5:03:05:B7:F7:00:E4:26:28:C2:A3:8E:7B
Certificate issuer: /CN=7dae7b5c9a30198bd7178b48b85f0b221a5e1eb7
Certificate serial: 018CC9BC727F274F76258C4014D91A5F7C12
Authority key identifier: 7D:AE:7B:5C:9A:30:19:8B:D7:17:8B:48:B8:5F:0B:22:1A:5E:1E:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fa57XJowGYvXF4tIuF8LIhpeHrc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/dec50d-ee3a-4584-a591-429d668d9228/1/xWsmE-s3EOUDBbf3AOQmKMKjjns.roa
Signing time: Tue 02 Jan 2024 10:33:39 +0000
ROA not before: Tue 02 Jan 2024 10:33:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29337
IP address blocks: 217.70.241.0/24 maxlen: 24
217.70.240.0/20 maxlen: 20
217.70.242.0/24 maxlen: 24
217.70.246.0/24 maxlen: 24
217.70.244.0/24 maxlen: 24
217.70.245.0/24 maxlen: 24
217.70.243.0/24 maxlen: 24
217.70.248.0/24 maxlen: 24
217.70.249.0/24 maxlen: 24
217.70.253.0/24 maxlen: 24
217.70.247.0/24 maxlen: 24
217.70.251.0/24 maxlen: 24
217.70.252.0/24 maxlen: 24
217.70.250.0/24 maxlen: 24
217.70.255.0/24 maxlen: 24
217.70.254.0/24 maxlen: 24
185.140.191.0/24 maxlen: 24
185.140.190.0/24 maxlen: 24
185.140.188.0/22 maxlen: 22
185.140.188.0/24 maxlen: 24
185.140.189.0/24 maxlen: 24
217.70.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/dec50d-ee3a-4584-a591-429d668d9228/1/fa57XJowGYvXF4tIuF8LIhpeHrc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/dec50d-ee3a-4584-a591-429d668d9228/1/fa57XJowGYvXF4tIuF8LIhpeHrc.mft
rsync://rpki.ripe.net/repository/DEFAULT/fa57XJowGYvXF4tIuF8LIhpeHrc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:72:7f:27:4f:76:25:8c:40:14:d9:1a:5f:7c:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dae7b5c9a30198bd7178b48b85f0b221a5e1eb7
Validity
Not Before: Jan 2 10:33:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c56b2613eb3710e50305b7f700e42628c2a38e7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:c8:d5:7c:91:70:13:40:14:59:a9:f5:c6:9c:
94:57:05:32:5e:b4:1f:cd:95:d2:e2:a7:98:85:bb:
bf:7f:38:31:02:0a:b0:91:01:ff:48:91:b7:91:cc:
78:9f:49:fc:df:36:e7:d3:ff:d5:69:6b:58:e5:8e:
2c:48:c7:06:de:4d:0b:1d:80:2e:d8:8a:9a:71:9d:
c8:ec:11:14:35:a5:59:ec:7d:e8:2b:f3:bd:c7:08:
8b:1f:c3:66:b0:1f:94:7d:a4:03:90:b0:ad:49:a4:
8a:a1:5a:d3:a7:55:53:a0:89:05:fa:d6:ee:9e:e2:
f7:a8:45:33:60:29:45:b7:8e:80:e6:f2:31:1a:d0:
05:b1:f9:65:ab:aa:fc:47:bf:f2:6d:e7:d6:a4:ea:
78:0d:93:35:14:ff:80:99:b0:16:e4:11:fe:60:11:
fc:b4:1f:d7:05:65:47:b0:1a:d6:39:5b:08:d2:79:
bf:38:9c:83:07:23:01:a6:65:dd:58:88:9b:20:8e:
30:a1:35:57:f5:e4:0f:c6:85:a8:cb:90:f4:e8:97:
45:bf:c0:4b:46:61:34:c4:6b:e4:66:31:18:df:a6:
3b:e7:1e:01:4d:fc:d2:f4:13:eb:2b:5f:08:5c:fc:
65:55:d9:81:ab:45:83:97:41:22:66:29:81:67:33:
8e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:6B:26:13:EB:37:10:E5:03:05:B7:F7:00:E4:26:28:C2:A3:8E:7B
X509v3 Authority Key Identifier:
keyid:7D:AE:7B:5C:9A:30:19:8B:D7:17:8B:48:B8:5F:0B:22:1A:5E:1E:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa57XJowGYvXF4tIuF8LIhpeHrc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/dec50d-ee3a-4584-a591-429d668d9228/1/xWsmE-s3EOUDBbf3AOQmKMKjjns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/dec50d-ee3a-4584-a591-429d668d9228/1/fa57XJowGYvXF4tIuF8LIhpeHrc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.188.0/22
217.70.240.0/20
Signature Algorithm: sha256WithRSAEncryption
9a:47:20:a8:dd:6b:05:40:22:94:bd:45:16:e4:02:dd:9c:e2:
e4:36:ea:e8:cb:05:88:b6:b0:85:b1:a4:92:32:61:93:5d:46:
5e:ae:a7:ee:37:fc:93:8e:9b:e1:37:bb:46:28:ca:e3:63:0d:
8e:ad:6d:45:79:f6:93:01:d5:bb:de:9f:5e:8e:f3:81:ea:b3:
52:75:e4:ac:cc:3d:05:f3:90:76:1d:57:64:3a:c7:d5:8b:61:
ea:dc:d6:70:7f:58:a2:6b:1a:61:94:98:45:b9:54:8b:90:8e:
76:e0:47:ef:ea:78:fe:38:e9:2a:70:1b:cc:de:bb:61:34:68:
de:02:25:11:bd:ba:2c:99:07:ad:88:72:56:89:af:40:60:92:
9d:3a:9e:48:9f:39:26:d6:8f:a6:be:02:6d:11:62:f4:44:a6:
ea:a5:e2:7f:99:f7:85:d0:5b:53:49:a2:08:8b:ac:2e:be:c5:
69:f2:88:36:e7:8c:cc:cc:03:c4:d1:6c:ab:e6:f3:f4:92:5e:
db:63:72:f5:62:54:b4:31:52:75:9b:a7:6a:82:86:99:a3:60:
9d:31:c9:e3:0c:03:47:fc:00:54:96:0d:b5:41:d4:95:f2:66:
8e:5f:fc:9e:1f:3c:97:f4:bc:42:ae:63:e9:55:34:af:20:10:
46:e5:ed:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvHJ/J092JYxAFNkaX3wSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYWU3YjVjOWEzMDE5OGJkNzE3OGI0OGI4NWYwYjIyMWE1
ZTFlYjcwHhcNMjQwMTAyMTAzMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTZiMjYxM2ViMzcxMGU1MDMwNWI3ZjcwMGU0MjYyOGMyYTM4ZTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA98jVfJFwE0AUWan1xpyUVwUyXrQf
zZXS4qeYhbu/fzgxAgqwkQH/SJG3kcx4n0n83zbn0//VaWtY5Y4sSMcG3k0LHYAu
2IqacZ3I7BEUNaVZ7H3oK/O9xwiLH8NmsB+UfaQDkLCtSaSKoVrTp1VToIkF+tbu
nuL3qEUzYClFt46A5vIxGtAFsfllq6r8R7/ybefWpOp4DZM1FP+AmbAW5BH+YBH8
tB/XBWVHsBrWOVsI0nm/OJyDByMBpmXdWIibII4woTVX9eQPxoWoy5D06JdFv8BL
RmE0xGvkZjEY36Y75x4BTfzS9BPrK18IXPxlVdmBq0WDl0EiZimBZzOOZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMVrJhPrNxDlAwW39wDkJijCo457MB8GA1UdIwQY
MBaAFH2ue1yaMBmL1xeLSLhfCyIaXh63MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmE1N1hKb3dHWXZYRjR0SXVGOExJaHBlSHJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9kZWM1MGQtZWUzYS00NTg0LWE1OTEt
NDI5ZDY2OGQ5MjI4LzEveFdzbUUtczNFT1VEQmJmM0FPUW1LTUtqam5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9kZWM1MGQtZWUzYS00NTg0LWE1OTEtNDI5ZDY2OGQ5MjI4
LzEvZmE1N1hKb3dHWXZYRjR0SXVGOExJaHBlSHJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYy8AwQE
2UbwMA0GCSqGSIb3DQEBCwUAA4IBAQCaRyCo3WsFQCKUvUUW5ALdnOLkNuroywWI
trCFsaSSMmGTXUZerqfuN/yTjpvhN7tGKMrjYw2OrW1FefaTAdW73p9ejvOB6rNS
deSszD0F85B2HVdkOsfVi2Hq3NZwf1iiaxphlJhFuVSLkI524Efv6nj+OOkqcBvM
3rthNGjeAiURvbosmQetiHJWia9AYJKdOp5Inzkm1o+mvgJtEWL0RKbqpeJ/mfeF
0FtTSaIIi6wuvsVp8og254zMzAPE0Wyr5vP0kl7bY3L1YlS0MVJ1m6dqgoaZo2Cd
McnjDANH/ABUlg21QdSV8maOX/yeHzyX9LxCrmPpVTSvIBBG5e3U
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:45:46 2024 by rpki-client on console-ams.rpki-client.org