Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/1gq5wLllHo-iex5MKjHn9Fzt-UM.roa
File: 1gq5wLllHo-iex5MKjHn9Fzt-UM.roa (raw, json)
Hash identifier: Ef536kHGc1NDOoLRr6XmSwcM0XZqZ4p5j2JJy8eRax0=
Subject key identifier: D6:0A:B9:C0:B9:65:1E:8F:A2:7B:1E:4C:2A:31:E7:F4:5C:ED:F9:43
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 018CC795182866A68C0EB34118D0CC6388A8
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/1gq5wLllHo-iex5MKjHn9Fzt-UM.roa
Signing time: Tue 02 Jan 2024 00:31:26 +0000
ROA not before: Tue 02 Jan 2024 00:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24940
IP address blocks: 217.78.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 00:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:18:28:66:a6:8c:0e:b3:41:18:d0:cc:63:88:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Jan 2 00:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d60ab9c0b9651e8fa27b1e4c2a31e7f45cedf943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7b:71:c8:ac:05:d2:03:4e:0b:df:13:22:a8:
f4:32:d3:b5:99:85:e2:97:b6:1a:3d:c6:8c:e4:ca:
e1:2a:3b:c2:a2:9a:ad:69:42:3b:ff:ca:cb:3a:5f:
60:70:70:60:d2:7b:cb:38:69:f8:31:69:55:a7:10:
f0:85:df:f9:6b:d8:e6:c6:a6:3f:4a:5c:88:b0:3a:
70:e1:66:7c:65:17:1b:63:a0:11:f0:d6:6a:44:ec:
75:4d:67:76:a6:0b:ea:bf:63:d2:00:28:c3:23:f7:
d4:4e:a1:03:ce:ca:22:27:48:df:c4:d7:d4:72:23:
54:23:f5:58:30:01:f0:7c:dd:8d:1e:c1:d5:41:3e:
6b:ae:90:62:51:35:b2:48:57:c2:1c:74:90:d8:e3:
f5:1e:3e:81:c7:e3:d5:12:18:a9:f3:4c:2b:84:4e:
36:a0:98:94:fc:73:02:51:68:51:7f:1f:62:b9:3f:
29:a1:5d:0a:51:14:b5:64:aa:66:26:6a:42:c0:50:
1a:cf:ab:d9:84:a7:b3:31:dd:d8:ab:e2:b3:3c:19:
fa:35:36:f5:ed:72:51:fe:53:b5:98:56:78:f5:89:
f3:e0:42:76:c9:21:aa:3a:5f:8b:30:1a:fc:a3:a9:
0b:34:e9:cf:2f:e6:f5:4b:85:fe:11:b0:fc:58:a7:
ea:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:0A:B9:C0:B9:65:1E:8F:A2:7B:1E:4C:2A:31:E7:F4:5C:ED:F9:43
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/1gq5wLllHo-iex5MKjHn9Fzt-UM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.78.237.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:b2:5d:38:2a:69:63:fd:32:bc:e8:b3:43:54:2e:07:b6:56:
62:92:c4:34:d7:2e:80:01:c1:67:3f:32:03:87:94:51:56:78:
ac:57:c5:5e:bf:14:1e:34:71:bd:8d:cd:8e:c3:54:7f:c2:7e:
7f:83:02:63:70:d7:0a:ee:67:3e:c4:45:70:28:e1:96:af:ba:
47:a5:6d:58:89:72:a3:f8:3a:0a:a9:df:2b:3d:a5:b1:92:c1:
9e:32:49:55:b0:31:e0:c6:cc:93:84:9f:7d:e2:cb:a8:55:08:
3a:69:c7:a6:f9:7e:e8:40:ec:e6:f3:ec:73:8c:ce:a4:ba:27:
51:4c:6b:fa:a1:d5:84:a3:3d:81:fd:18:62:25:cb:1e:da:5f:
a9:6b:5c:88:e2:15:f4:29:93:ca:03:ad:8a:bb:6c:89:82:cc:
21:b0:56:05:c5:b0:4d:c2:04:b0:6d:c1:83:20:cf:c2:b7:ce:
f5:9e:82:2a:ac:8c:32:e5:3f:03:f3:c9:e3:16:48:b8:19:2c:
5b:c9:41:df:46:94:55:33:46:65:e8:9d:c2:72:0c:48:b1:45:
78:98:25:19:74:ce:69:d9:ef:64:8e:a7:7a:10:33:db:20:05:
01:b5:1e:b8:36:97:1d:0f:f6:f0:ab:7c:62:14:00:cd:58:6b:
8e:ab:15:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlRgoZqaMDrNBGNDMY4ioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjQwMTAyMDAzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjBhYjljMGI5NjUxZThmYTI3YjFlNGMyYTMxZTdmNDVjZWRmOTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXtxyKwF0gNOC98TIqj0MtO1mYXi
l7YaPcaM5MrhKjvCopqtaUI7/8rLOl9gcHBg0nvLOGn4MWlVpxDwhd/5a9jmxqY/
SlyIsDpw4WZ8ZRcbY6AR8NZqROx1TWd2pgvqv2PSACjDI/fUTqEDzsoiJ0jfxNfU
ciNUI/VYMAHwfN2NHsHVQT5rrpBiUTWySFfCHHSQ2OP1Hj6Bx+PVEhip80wrhE42
oJiU/HMCUWhRfx9iuT8poV0KURS1ZKpmJmpCwFAaz6vZhKezMd3Yq+KzPBn6NTb1
7XJR/lO1mFZ49Ynz4EJ2ySGqOl+LMBr8o6kLNOnPL+b1S4X+EbD8WKfqmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNYKucC5ZR6PonseTCox5/Rc7flDMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvMWdxNXdMbGxIby1pZXg1TUtqSG45Rnp0LVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2U7tMA0G
CSqGSIb3DQEBCwUAA4IBAQCjsl04Kmlj/TK86LNDVC4HtlZiksQ01y6AAcFnPzID
h5RRVnisV8VevxQeNHG9jc2Ow1R/wn5/gwJjcNcK7mc+xEVwKOGWr7pHpW1YiXKj
+DoKqd8rPaWxksGeMklVsDHgxsyThJ994suoVQg6acem+X7oQOzm8+xzjM6kuidR
TGv6odWEoz2B/RhiJcse2l+pa1yI4hX0KZPKA62Ku2yJgswhsFYFxbBNwgSwbcGD
IM/Ct871noIqrIwy5T8D88njFki4GSxbyUHfRpRVM0Zl6J3CcgxIsUV4mCUZdM5p
2e9kjqd6EDPbIAUBtR64NpcdD/bwq3xiFADNWGuOqxWm
-----END CERTIFICATE-----
Generated at Fri May 3 08:01:19 2024 by rpki-client on console-fra.rpki-client.org