Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/7b2Qox9u4Js-4ExWRi8J7FCWdic.roa
File: 7b2Qox9u4Js-4ExWRi8J7FCWdic.roa (raw, json)
Hash identifier: 5zbFiA+C3xgEzyKkT4aygC7jGknLQSRyIRGxWO3b+2Q=
Subject key identifier: ED:BD:90:A3:1F:6E:E0:9B:3E:E0:4C:56:46:2F:09:EC:50:96:76:27
Certificate issuer: /CN=ada5d52b3ca87454575b65b720eef81a262a5f3a
Certificate serial: 018CC492F3C4441E552B29AF78868CB27705
Authority key identifier: AD:A5:D5:2B:3C:A8:74:54:57:5B:65:B7:20:EE:F8:1A:26:2A:5F:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raXVKzyodFRXW2W3IO74GiYqXzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/7b2Qox9u4Js-4ExWRi8J7FCWdic.roa
Signing time: Mon 01 Jan 2024 10:30:14 +0000
ROA not before: Mon 01 Jan 2024 10:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201160
IP address blocks: 217.8.123.0/24 maxlen: 24
217.8.122.0/24 maxlen: 24
217.8.121.0/24 maxlen: 24
217.8.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/raXVKzyodFRXW2W3IO74GiYqXzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/raXVKzyodFRXW2W3IO74GiYqXzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/raXVKzyodFRXW2W3IO74GiYqXzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:f3:c4:44:1e:55:2b:29:af:78:86:8c:b2:77:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada5d52b3ca87454575b65b720eef81a262a5f3a
Validity
Not Before: Jan 1 10:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=edbd90a31f6ee09b3ee04c56462f09ec50967627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ed:2a:a1:5f:16:27:1a:75:76:39:10:ec:7f:
2e:b8:13:0d:4d:d0:4e:13:92:86:3f:db:3f:0d:1d:
d3:2a:35:13:38:cb:33:9d:16:44:07:7e:fe:16:ae:
19:33:41:a5:82:aa:7b:ab:8d:ee:6e:8a:e1:20:09:
7e:3c:d3:9c:20:27:11:b6:a8:9f:49:47:00:13:27:
4c:09:16:46:58:0b:a6:ac:1f:67:58:90:cb:1e:f5:
6d:e1:d9:9f:d7:90:55:fe:c0:02:25:d0:e8:fd:ca:
4f:f9:1a:4b:fd:24:d4:fa:f9:a2:ce:81:34:7d:29:
61:7d:c5:99:a2:04:83:62:19:2a:1e:96:f4:c1:65:
34:3e:ce:0b:26:ab:a8:5f:3c:ab:ce:4d:80:99:28:
5b:4f:a2:d1:a2:8b:d0:9f:ca:8c:de:71:10:8a:be:
45:69:51:5a:75:74:03:51:f3:aa:82:fc:ee:46:a6:
1b:e7:51:e7:6f:af:5c:da:e8:00:8b:75:2a:1e:94:
89:fe:70:d8:b8:f7:7f:23:2b:95:37:4d:34:74:dc:
56:48:8d:06:62:56:de:7c:6d:ae:21:ac:99:e9:c5:
6a:9b:29:37:9f:d6:12:93:6c:2e:17:44:13:1c:69:
ce:87:98:07:ad:17:de:83:b6:f9:bb:be:4b:f2:f9:
ca:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:BD:90:A3:1F:6E:E0:9B:3E:E0:4C:56:46:2F:09:EC:50:96:76:27
X509v3 Authority Key Identifier:
keyid:AD:A5:D5:2B:3C:A8:74:54:57:5B:65:B7:20:EE:F8:1A:26:2A:5F:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raXVKzyodFRXW2W3IO74GiYqXzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/7b2Qox9u4Js-4ExWRi8J7FCWdic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/raXVKzyodFRXW2W3IO74GiYqXzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.8.120.0/22
Signature Algorithm: sha256WithRSAEncryption
55:10:2f:8b:b6:75:0c:f8:96:ed:72:70:e9:72:9c:0c:14:74:
4d:50:71:34:eb:2c:f1:e1:d7:78:4c:cd:5b:f8:f2:27:46:22:
79:1a:30:c6:65:b0:49:10:de:ae:56:d5:2a:1e:4d:ba:56:34:
00:73:36:1f:0f:63:3c:2a:12:1c:c1:4f:03:bc:d3:de:44:6b:
28:d2:27:07:f5:ea:1b:fa:1c:3d:ee:89:78:18:5f:17:cf:5d:
ee:4b:8e:69:f7:af:d1:9e:52:47:3a:a5:80:43:79:1a:df:ac:
b6:7e:a8:0e:f9:7f:c3:aa:18:96:83:aa:e5:17:5b:68:1e:39:
b0:7a:97:1b:ec:7b:ac:19:2f:c6:53:8f:94:76:cf:2f:6f:bb:
51:cb:05:e9:7e:f2:a4:3d:c0:7a:e7:b0:70:6b:2c:eb:29:69:
5b:1c:67:f7:8e:3a:51:9a:56:75:85:f5:01:32:82:a5:87:e5:
50:58:fc:63:c9:2a:bb:5d:08:55:f9:d6:11:9c:cc:f9:4e:11:
eb:8e:1d:03:6d:a1:03:da:41:c1:91:39:fc:9a:1b:c5:88:e1:
5f:d0:fb:cc:84:94:3b:21:44:a8:0a:57:c0:f6:d2:93:56:26:
d4:1d:63:42:cb:ce:29:b3:31:91:fe:58:76:b8:90:29:de:f5:
d4:38:0a:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkvPERB5VKymveIaMsncFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTVkNTJiM2NhODc0NTQ1NzViNjViNzIwZWVmODFhMjYy
YTVmM2EwHhcNMjQwMTAxMTAzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGJkOTBhMzFmNmVlMDliM2VlMDRjNTY0NjJmMDllYzUwOTY3NjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+0qoV8WJxp1djkQ7H8uuBMNTdBO
E5KGP9s/DR3TKjUTOMsznRZEB37+Fq4ZM0Glgqp7q43uborhIAl+PNOcICcRtqif
SUcAEydMCRZGWAumrB9nWJDLHvVt4dmf15BV/sACJdDo/cpP+RpL/STU+vmizoE0
fSlhfcWZogSDYhkqHpb0wWU0Ps4LJquoXzyrzk2AmShbT6LRoovQn8qM3nEQir5F
aVFadXQDUfOqgvzuRqYb51Hnb69c2ugAi3UqHpSJ/nDYuPd/IyuVN000dNxWSI0G
YlbefG2uIayZ6cVqmyk3n9YSk2wuF0QTHGnOh5gHrRfeg7b5u75L8vnK5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO29kKMfbuCbPuBMVkYvCexQlnYnMB8GA1UdIwQY
MBaAFK2l1Ss8qHRUV1tltyDu+BomKl86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFYVkt6eW9kRlJYVzJXM0lPNzRHaVlxWHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81ZDg0NTMtMDM4MC00NzVlLTllZGMt
ZDE4YWI0ZjdmNWRmLzEvN2IyUW94OXU0SnMtNEV4V1JpOEo3RkNXZGljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81ZDg0NTMtMDM4MC00NzVlLTllZGMtZDE4YWI0ZjdmNWRm
LzEvcmFYVkt6eW9kRlJYVzJXM0lPNzRHaVlxWHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2Qh4MA0G
CSqGSIb3DQEBCwUAA4IBAQBVEC+LtnUM+JbtcnDpcpwMFHRNUHE06yzx4dd4TM1b
+PInRiJ5GjDGZbBJEN6uVtUqHk26VjQAczYfD2M8KhIcwU8DvNPeRGso0icH9eob
+hw97ol4GF8Xz13uS45p96/RnlJHOqWAQ3ka36y2fqgO+X/DqhiWg6rlF1toHjmw
epcb7HusGS/GU4+Uds8vb7tRywXpfvKkPcB657BwayzrKWlbHGf3jjpRmlZ1hfUB
MoKlh+VQWPxjySq7XQhV+dYRnMz5ThHrjh0DbaED2kHBkTn8mhvFiOFf0PvMhJQ7
IUSoClfA9tKTVibUHWNCy84pszGR/lh2uJAp3vXUOAq/
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:13:20 2024 by rpki-client on console-ams.rpki-client.org