Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/67bbc5-64ae-41d5-93d3-3b2894f0e69c/1/srhxg9ELohCK3Jk49Vic8vDJv0o.roa
File: srhxg9ELohCK3Jk49Vic8vDJv0o.roa (raw, json)
Hash identifier: IIqyLrZLtm8L26Fgy0yKvM5Eh/ebP2fUZAQxk2lspzc=
Subject key identifier: B2:B8:71:83:D1:0B:A2:10:8A:DC:99:38:F5:58:9C:F2:F0:C9:BF:4A
Certificate issuer: /CN=027e5858fa543fe3ff474d8d76ab9701ea010b0b
Certificate serial: 01914BECB2FD1EC7CB7A130DF799E5780856
Authority key identifier: 02:7E:58:58:FA:54:3F:E3:FF:47:4D:8D:76:AB:97:01:EA:01:0B:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/An5YWPpUP-P_R02NdquXAeoBCws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/67bbc5-64ae-41d5-93d3-3b2894f0e69c/1/srhxg9ELohCK3Jk49Vic8vDJv0o.roa
Signing time: Tue 13 Aug 2024 13:28:09 +0000
ROA not before: Tue 13 Aug 2024 13:28:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214443
IP address blocks: 217.61.242.0/23 maxlen: 23
217.61.242.0/24 maxlen: 24
217.61.243.0/24 maxlen: 24
2a01:e600::/29 maxlen: 29
2a01:e600::/32 maxlen: 32
2a01:e601::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/67bbc5-64ae-41d5-93d3-3b2894f0e69c/1/An5YWPpUP-P_R02NdquXAeoBCws.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/67bbc5-64ae-41d5-93d3-3b2894f0e69c/1/An5YWPpUP-P_R02NdquXAeoBCws.mft
rsync://rpki.ripe.net/repository/DEFAULT/An5YWPpUP-P_R02NdquXAeoBCws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4b:ec:b2:fd:1e:c7:cb:7a:13:0d:f7:99:e5:78:08:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=027e5858fa543fe3ff474d8d76ab9701ea010b0b
Validity
Not Before: Aug 13 13:28:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2b87183d10ba2108adc9938f5589cf2f0c9bf4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0a:ff:61:e3:eb:c4:4d:fd:fc:d7:e5:ff:fd:
9e:4f:4a:fa:0c:d1:2d:46:64:b9:a2:95:5c:24:79:
6d:f2:30:bd:e2:e3:e8:91:2d:12:3a:9b:f9:29:91:
2e:6f:db:10:14:0e:3a:69:f7:4f:3e:cb:48:02:81:
fc:7d:ca:62:be:ae:2c:e1:f8:37:f6:f7:10:84:bc:
ee:3a:19:e7:8c:6d:e3:aa:ab:7c:89:e0:00:e7:04:
4f:33:68:da:33:c2:9a:d6:df:4f:af:45:50:31:73:
d2:57:f9:c8:b6:58:5e:c0:67:8f:a4:31:23:32:88:
1b:92:1c:b5:8c:60:ad:09:e6:74:b6:f8:52:fb:f0:
f8:09:e3:f6:f4:9d:fd:26:8e:c1:43:5d:b5:32:07:
1d:69:e3:28:d4:14:a3:53:9c:b4:69:57:fd:a9:b4:
65:91:ce:b9:1d:b6:b1:2e:37:8b:23:9c:1f:a7:cb:
ad:12:e3:59:ed:07:4e:e7:9d:84:12:e4:cc:65:98:
59:4a:76:18:6d:43:81:ac:aa:f7:d3:59:f6:99:3d:
84:75:64:ba:0c:3e:74:23:e9:22:1d:28:d2:7f:3d:
c8:37:58:08:d6:63:e8:84:3e:05:38:00:4f:00:47:
c5:e0:92:bb:f5:b8:15:5e:a6:89:d9:bb:2c:eb:74:
50:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:B8:71:83:D1:0B:A2:10:8A:DC:99:38:F5:58:9C:F2:F0:C9:BF:4A
X509v3 Authority Key Identifier:
keyid:02:7E:58:58:FA:54:3F:E3:FF:47:4D:8D:76:AB:97:01:EA:01:0B:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/An5YWPpUP-P_R02NdquXAeoBCws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/67bbc5-64ae-41d5-93d3-3b2894f0e69c/1/srhxg9ELohCK3Jk49Vic8vDJv0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/67bbc5-64ae-41d5-93d3-3b2894f0e69c/1/An5YWPpUP-P_R02NdquXAeoBCws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.61.242.0/23
IPv6:
2a01:e600::/29
Signature Algorithm: sha256WithRSAEncryption
93:7d:c6:92:fe:1d:82:75:df:75:21:9b:e3:52:e0:e8:fc:50:
f4:2e:87:47:1f:8d:e1:28:28:d6:ee:fc:2e:57:11:c4:79:8b:
67:39:67:92:4f:12:26:76:82:d0:11:04:81:d9:71:e3:09:92:
6c:11:e4:d6:f8:68:84:8b:ef:1e:9a:ef:55:65:d7:43:46:76:
ff:65:b7:37:b6:e1:64:7e:14:4b:40:aa:55:c2:87:71:c8:d9:
81:bd:2c:20:9b:40:70:79:be:20:3b:8c:3a:7e:b7:c3:19:d9:
57:04:35:46:5b:62:76:81:f6:4f:a6:b4:e4:39:e7:ab:3a:dc:
23:e7:84:b3:dc:bf:7c:c5:28:bd:03:28:34:11:43:87:30:b2:
be:09:c0:a7:9a:84:bc:24:0f:0d:c4:43:8b:f9:af:b7:26:f9:
10:28:42:03:96:49:d0:8d:28:77:3a:71:3f:4a:ce:13:42:27:
59:f0:66:dc:af:73:c3:ec:35:d5:ae:d6:9d:50:10:47:27:e0:
b1:eb:29:55:e5:ca:80:a6:3e:7b:2c:59:e6:2e:db:f7:f0:73:
3f:34:77:2d:86:30:9a:3f:b7:87:28:a2:aa:cb:ce:dd:a0:93:
2c:8b:9d:9b:23:66:03:43:dc:07:ed:61:38:62:f9:0b:42:ef:
de:7d:0e:d0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZFL7LL9HsfLehMN95nleAhWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyN2U1ODU4ZmE1NDNmZTNmZjQ3NGQ4ZDc2YWI5NzAxZWEw
MTBiMGIwHhcNMjQwODEzMTMyODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmI4NzE4M2QxMGJhMjEwOGFkYzk5MzhmNTU4OWNmMmYwYzliZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gr/YePrxE39/Nfl//2eT0r6DNEt
RmS5opVcJHlt8jC94uPokS0SOpv5KZEub9sQFA46afdPPstIAoH8fcpivq4s4fg3
9vcQhLzuOhnnjG3jqqt8ieAA5wRPM2jaM8Ka1t9Pr0VQMXPSV/nItlhewGePpDEj
Mogbkhy1jGCtCeZ0tvhS+/D4CeP29J39Jo7BQ121MgcdaeMo1BSjU5y0aVf9qbRl
kc65HbaxLjeLI5wfp8utEuNZ7QdO552EEuTMZZhZSnYYbUOBrKr301n2mT2EdWS6
DD50I+kiHSjSfz3IN1gI1mPohD4FOABPAEfF4JK79bgVXqaJ2bss63RQXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLK4cYPRC6IQityZOPVYnPLwyb9KMB8GA1UdIwQY
MBaAFAJ+WFj6VD/j/0dNjXarlwHqAQsLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW41WVdQcFVQLVBfUjAyTmRxdVhBZW9CQ3dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82N2JiYzUtNjRhZS00MWQ1LTkzZDMt
M2IyODk0ZjBlNjljLzEvc3JoeGc5RUxvaENLM0prNDlWaWM4dkRKdjBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82N2JiYzUtNjRhZS00MWQ1LTkzZDMtM2IyODk0ZjBlNjlj
LzEvQW41WVdQcFVQLVBfUjAyTmRxdVhBZW9CQ3dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQB2T3yMA0E
AgACMAcDBQMqAeYAMA0GCSqGSIb3DQEBCwUAA4IBAQCTfcaS/h2Cdd91IZvjUuDo
/FD0LodHH43hKCjW7vwuVxHEeYtnOWeSTxImdoLQEQSB2XHjCZJsEeTW+GiEi+8e
mu9VZddDRnb/Zbc3tuFkfhRLQKpVwodxyNmBvSwgm0Bweb4gO4w6frfDGdlXBDVG
W2J2gfZPprTkOeerOtwj54Sz3L98xSi9Ayg0EUOHMLK+CcCnmoS8JA8NxEOL+a+3
JvkQKEIDlknQjSh3OnE/Ss4TQidZ8Gbcr3PD7DXVrtadUBBHJ+Cx6ylV5cqApj57
LFnmLtv38HM/NHcthjCaP7eHKKKqy87doJMsi52bI2YDQ9wH7WE4YvkLQu/efQ7Q
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:56:14 2024 by rpki-client on console-fra.rpki-client.org