Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/wC2CIDmq7XPKcBvPGFiPRucATOw.roa
File: wC2CIDmq7XPKcBvPGFiPRucATOw.roa (raw, json)
Hash identifier: 2HpbHTFpj0DvUZsG87H8lcThDqRm6rWFqT0+IxWyTfY=
Subject key identifier: C0:2D:82:20:39:AA:ED:73:CA:70:1B:CF:18:58:8F:46:E7:00:4C:EC
Certificate issuer: /CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Certificate serial: 018CF09E136224FB2D0127B70F17767BC906
Authority key identifier: 42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/wC2CIDmq7XPKcBvPGFiPRucATOw.roa
Signing time: Tue 09 Jan 2024 23:45:40 +0000
ROA not before: Tue 09 Jan 2024 23:45:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21379
IP address blocks: 217.147.160.0/24 maxlen: 24
217.147.163.0/24 maxlen: 24
217.147.161.0/24 maxlen: 24
217.147.164.0/24 maxlen: 24
217.147.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.mft
rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f0:9e:13:62:24:fb:2d:01:27:b7:0f:17:76:7b:c9:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Validity
Not Before: Jan 9 23:45:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c02d822039aaed73ca701bcf18588f46e7004cec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6f:52:05:8b:04:a6:91:d9:e1:ce:2c:81:99:
ae:7c:2b:32:67:3a:a7:f3:56:c2:4c:74:e6:3f:69:
76:42:94:02:25:24:50:04:c6:0c:c3:73:f6:a0:a7:
27:90:ec:a5:c0:3f:25:1e:65:02:e4:8d:72:bc:e7:
2d:9e:bf:42:78:c4:eb:0c:99:6d:21:c3:5a:ae:a6:
7a:a9:13:c4:82:1e:56:c3:ed:c7:2c:fd:91:e6:9a:
02:2c:4d:74:fa:b2:b4:db:3e:43:f9:fd:3e:ff:d4:
cc:fb:9c:ed:d8:87:a2:e2:b3:a6:53:36:9f:15:df:
13:55:fa:5c:06:e4:71:e0:5a:34:13:8c:ef:51:ca:
b7:a9:f2:f6:d5:4f:e8:96:00:89:28:4f:41:5a:a1:
97:56:6d:73:66:e6:b4:79:ac:a7:da:35:a7:9b:f4:
08:82:a9:ac:2b:7a:3e:c6:70:1a:93:4c:63:07:8a:
1e:05:58:0b:e9:8a:87:6f:71:3f:cb:a4:42:0a:c1:
2f:41:f9:7e:b7:31:6a:f9:34:21:44:25:3e:a7:f4:
9a:67:eb:53:ec:b6:b8:23:34:af:ac:a7:04:39:7a:
eb:83:00:0c:f5:cc:f1:e6:18:50:4a:4b:69:ac:56:
51:b0:70:2d:44:51:c9:0c:79:1d:68:f0:33:7e:97:
ef:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:2D:82:20:39:AA:ED:73:CA:70:1B:CF:18:58:8F:46:E7:00:4C:EC
X509v3 Authority Key Identifier:
keyid:42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/wC2CIDmq7XPKcBvPGFiPRucATOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.160.0-217.147.164.255
Signature Algorithm: sha256WithRSAEncryption
70:3f:21:06:d3:d1:3e:9d:29:ab:d5:65:a7:b7:bf:76:18:46:
73:0a:e5:29:6b:e4:7b:41:85:6b:b0:0a:82:bc:dd:65:ca:de:
52:16:9f:c1:fe:8a:98:14:12:cb:a0:4b:72:2a:b9:82:28:89:
39:f9:2b:95:11:48:41:30:2d:5c:20:b4:e3:6c:75:be:6d:8b:
54:c3:37:1a:45:14:ac:44:0f:d9:7f:cb:e4:36:fa:2c:2e:04:
7e:ed:29:ce:d8:4b:83:c5:ae:87:65:38:d1:5d:fb:28:31:09:
62:85:8e:9a:5b:59:8c:1b:c0:98:8e:10:8e:6f:b4:7d:10:db:
b0:2e:b3:62:1b:fd:8e:9b:9f:07:15:51:43:f5:b1:e6:3a:6a:
3b:48:1f:6c:83:c9:55:52:63:1a:0f:85:76:73:4d:2f:4e:f1:
35:69:b9:bf:37:d0:01:82:a3:59:6b:58:71:03:d7:07:26:6e:
a0:d5:15:a5:71:fe:d4:80:dc:72:09:e9:ab:6c:8f:55:e8:7a:
f6:6c:a1:c7:d1:59:1b:79:7e:32:b6:f2:fe:99:df:9f:3d:b5:
85:b2:d2:c0:1a:4a:25:6c:50:28:67:5d:e1:9b:b6:42:1e:9c:
76:2d:0c:98:6a:f8:40:e3:69:5f:89:8e:13:62:b2:aa:2d:32:
65:8f:fa:f7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzwnhNiJPstASe3Dxd2e8kGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjhhYjJiYTI0ODc5ZTQ1YzQ0NTQ4NmZjZWIyMWFmNDY2
NTZkNWEwHhcNMjQwMTA5MjM0NTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDJkODIyMDM5YWFlZDczY2E3MDFiY2YxODU4OGY0NmU3MDA0Y2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsm9SBYsEppHZ4c4sgZmufCsyZzqn
81bCTHTmP2l2QpQCJSRQBMYMw3P2oKcnkOylwD8lHmUC5I1yvOctnr9CeMTrDJlt
IcNarqZ6qRPEgh5Ww+3HLP2R5poCLE10+rK02z5D+f0+/9TM+5zt2Iei4rOmUzaf
Fd8TVfpcBuRx4Fo0E4zvUcq3qfL21U/olgCJKE9BWqGXVm1zZua0eayn2jWnm/QI
gqmsK3o+xnAak0xjB4oeBVgL6YqHb3E/y6RCCsEvQfl+tzFq+TQhRCU+p/SaZ+tT
7La4IzSvrKcEOXrrgwAM9czx5hhQSktprFZRsHAtRFHJDHkdaPAzfpfv6wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMAtgiA5qu1zynAbzxhYj0bnAEzsMB8GA1UdIwQY
MBaAFEL4qyuiSHnkXERUhvzrIa9GZW1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYt
MTc2OWZlZjZiZTk2LzEvd0MyQ0lEbXE3WFBLY0J2UEdGaVBSdWNBVE93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYtMTc2OWZlZjZiZTk2
LzEvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAXZk6AD
BADZk6QwDQYJKoZIhvcNAQELBQADggEBAHA/IQbT0T6dKavVZae3v3YYRnMK5Slr
5HtBhWuwCoK83WXK3lIWn8H+ipgUEsugS3IquYIoiTn5K5URSEEwLVwgtONsdb5t
i1TDNxpFFKxED9l/y+Q2+iwuBH7tKc7YS4PFrodlONFd+ygxCWKFjppbWYwbwJiO
EI5vtH0Q27Aus2Ib/Y6bnwcVUUP1seY6ajtIH2yDyVVSYxoPhXZzTS9O8TVpub83
0AGCo1lrWHED1wcmbqDVFaVx/tSA3HIJ6atsj1XoevZsocfRWRt5fjK28v6Z3589
tYWy0sAaSiVsUChnXeGbtkIenHYtDJhq+EDjaV+JjhNisqotMmWP+vc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:59:44 2024 by rpki-client on console-fra.rpki-client.org