Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/al50n4VedPswUwVZlNsFfmqRBiY.roa
File: al50n4VedPswUwVZlNsFfmqRBiY.roa (raw, json)
Hash identifier: +jDgiaVLpDAueCHpu0Pv2tT9HQMF7ghBMRiVlfje8h0=
Subject key identifier: 6A:5E:74:9F:85:5E:74:FB:30:53:05:59:94:DB:05:7E:6A:91:06:26
Certificate issuer: /CN=f030658f16d2d88d34164592fcd4de13131f1695
Certificate serial: 018E2CF1D59ACF3B8B9A9DD7CB987BC7B8EE
Authority key identifier: F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/al50n4VedPswUwVZlNsFfmqRBiY.roa
Signing time: Mon 11 Mar 2024 09:57:10 +0000
ROA not before: Mon 11 Mar 2024 09:57:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52000
IP address blocks: 217.196.97.0/24 maxlen: 24
217.196.100.0/24 maxlen: 24
217.196.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.mft
rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2c:f1:d5:9a:cf:3b:8b:9a:9d:d7:cb:98:7b:c7:b8:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f030658f16d2d88d34164592fcd4de13131f1695
Validity
Not Before: Mar 11 09:57:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a5e749f855e74fb3053055994db057e6a910626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f1:ab:b6:01:e7:96:5e:fb:d7:f9:c5:e3:1a:
38:cf:a3:72:03:95:12:2f:94:f2:24:24:92:65:b2:
10:b7:19:40:29:83:08:bb:38:1e:ff:f9:5a:f9:2a:
8f:db:7b:4c:db:c2:f3:0b:c3:25:bc:d2:b2:f5:00:
08:3d:39:31:85:23:58:e0:48:8b:82:cc:65:46:a7:
81:b8:a3:ce:59:ad:70:9b:bd:77:29:ed:2b:b1:77:
a6:58:05:1c:f8:91:40:9c:21:7c:3f:cf:ab:fc:96:
49:82:d1:8b:36:ab:7e:75:10:6f:14:d7:52:c2:c1:
c4:39:72:60:d8:56:1e:3b:04:29:18:cf:45:f1:16:
da:83:08:80:3d:5e:5a:6c:37:ef:3e:20:b0:0e:1f:
a5:93:bb:4d:6a:e4:5d:8f:c3:b3:aa:37:10:8c:7a:
4c:f2:44:14:c9:a5:db:30:88:42:3c:62:e7:0e:c7:
40:98:7b:d1:c0:d6:1d:6c:84:37:57:86:56:d9:0f:
7a:92:68:16:2b:3a:b4:91:8e:a9:e8:9b:12:65:88:
fd:e0:6f:62:53:f5:13:e4:6b:e8:f6:6e:18:4c:ba:
20:43:5f:9f:b2:66:64:4a:47:16:e5:c4:5d:3b:29:
1d:35:54:81:53:4e:bb:c8:b3:49:9e:a9:2f:25:3a:
85:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:5E:74:9F:85:5E:74:FB:30:53:05:59:94:DB:05:7E:6A:91:06:26
X509v3 Authority Key Identifier:
keyid:F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/al50n4VedPswUwVZlNsFfmqRBiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.196.97.0/24
217.196.100.0/23
Signature Algorithm: sha256WithRSAEncryption
33:f6:09:c7:99:b3:8a:ad:2c:20:b1:5f:f2:da:90:4b:e9:66:
dc:3d:4d:c7:4a:59:2c:c8:e7:ca:5e:5e:a4:9c:65:2e:7c:57:
76:e2:55:c1:1a:80:4d:54:27:b3:71:9e:d7:24:60:8e:d9:ff:
11:3b:ce:32:24:70:41:15:23:ee:7d:53:b4:40:4e:f8:bb:18:
b1:1f:b9:ef:dd:d6:46:a4:5a:63:b7:24:24:2a:8a:d8:25:8a:
b6:42:53:93:b5:22:ff:f5:c7:47:39:2d:80:3a:86:13:2c:ef:
8b:c5:f7:0c:35:45:26:b5:6c:50:cc:bc:9a:48:be:1a:f9:76:
9c:ad:df:d2:30:0f:b8:1e:e8:8c:13:b9:2c:87:24:c3:09:01:
ad:f5:83:e9:e4:d0:1a:e7:1e:de:4f:91:ee:08:af:d9:e3:97:
f7:1c:1f:69:45:c7:88:bc:68:a0:04:e6:59:65:93:d3:76:db:
f9:d1:30:0f:69:39:34:64:69:a1:31:1c:be:d6:37:a2:93:1a:
1a:2e:5d:a0:a9:fb:e8:ff:82:1f:ba:07:d5:52:80:5e:db:cf:
9d:d9:cd:1f:e0:c2:dc:85:32:8e:bf:0f:b7:a8:ca:79:08:fa:
91:78:f1:8e:34:84:af:f2:1e:cc:b2:5a:6b:cd:ba:50:7e:03:
97:45:fe:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4s8dWazzuLmp3Xy5h7x7juMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzA2NThmMTZkMmQ4OGQzNDE2NDU5MmZjZDRkZTEzMTMx
ZjE2OTUwHhcNMjQwMzExMDk1NzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTVlNzQ5Zjg1NWU3NGZiMzA1MzA1NTk5NGRiMDU3ZTZhOTEwNjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PGrtgHnll771/nF4xo4z6NyA5US
L5TyJCSSZbIQtxlAKYMIuzge//la+SqP23tM28LzC8MlvNKy9QAIPTkxhSNY4EiL
gsxlRqeBuKPOWa1wm713Ke0rsXemWAUc+JFAnCF8P8+r/JZJgtGLNqt+dRBvFNdS
wsHEOXJg2FYeOwQpGM9F8RbagwiAPV5abDfvPiCwDh+lk7tNauRdj8OzqjcQjHpM
8kQUyaXbMIhCPGLnDsdAmHvRwNYdbIQ3V4ZW2Q96kmgWKzq0kY6p6JsSZYj94G9i
U/UT5Gvo9m4YTLogQ1+fsmZkSkcW5cRdOykdNVSBU067yLNJnqkvJTqF+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGpedJ+FXnT7MFMFWZTbBX5qkQYmMB8GA1UdIwQY
MBaAFPAwZY8W0tiNNBZFkvzU3hMTHxaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYt
ODk0ODA1Mjg5Y2MwLzEvYWw1MG40VmVkUHN3VXdWWmxOc0ZmbXFSQmlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYtODk0ODA1Mjg5Y2Mw
LzEvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2cRhAwQB
2cRkMA0GCSqGSIb3DQEBCwUAA4IBAQAz9gnHmbOKrSwgsV/y2pBL6WbcPU3HSlks
yOfKXl6knGUufFd24lXBGoBNVCezcZ7XJGCO2f8RO84yJHBBFSPufVO0QE74uxix
H7nv3dZGpFpjtyQkKorYJYq2QlOTtSL/9cdHOS2AOoYTLO+LxfcMNUUmtWxQzLya
SL4a+Xacrd/SMA+4HuiME7kshyTDCQGt9YPp5NAa5x7eT5HuCK/Z45f3HB9pRceI
vGigBOZZZZPTdtv50TAPaTk0ZGmhMRy+1jeikxoaLl2gqfvo/4IfugfVUoBe28+d
2c0f4MLchTKOvw+3qMp5CPqRePGONISv8h7MslprzbpQfgOXRf7f
-----END CERTIFICATE-----
Generated at Tue May 7 13:47:40 2024 by rpki-client on console-fra.rpki-client.org