Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/aplkZ0HL9ZaZ5ASQElr3H2YSvHM.roa
File: aplkZ0HL9ZaZ5ASQElr3H2YSvHM.roa (raw, json)
Hash identifier: IuE4aqi5iAemciMCZECKsUFlm6Ji/N8cH4INk9fMQQk=
Subject key identifier: 6A:99:64:67:41:CB:F5:96:99:E4:04:90:12:5A:F7:1F:66:12:BC:73
Certificate issuer: /CN=7d965ea6b39c22aec2ad2d4d4c0a3a313df1defa
Certificate serial: 018F4DEEA617BBDE4D3C228BC64987AD7213
Authority key identifier: 7D:96:5E:A6:B3:9C:22:AE:C2:AD:2D:4D:4C:0A:3A:31:3D:F1:DE:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fZZeprOcIq7CrS1NTAo6MT3x3vo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/aplkZ0HL9ZaZ5ASQElr3H2YSvHM.roa
Signing time: Mon 06 May 2024 12:43:56 +0000
ROA not before: Mon 06 May 2024 12:43:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200235
IP address blocks: 217.18.91.0/24 maxlen: 24
2a13:79c0:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/fZZeprOcIq7CrS1NTAo6MT3x3vo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/fZZeprOcIq7CrS1NTAo6MT3x3vo.mft
rsync://rpki.ripe.net/repository/DEFAULT/fZZeprOcIq7CrS1NTAo6MT3x3vo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4d:ee:a6:17:bb:de:4d:3c:22:8b:c6:49:87:ad:72:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d965ea6b39c22aec2ad2d4d4c0a3a313df1defa
Validity
Not Before: May 6 12:43:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a99646741cbf59699e40490125af71f6612bc73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:77:7c:b9:e6:c6:c2:6f:c5:5b:a4:65:62:86:
19:10:1d:ca:1e:32:56:11:4c:ce:39:67:12:d0:9c:
b5:53:7d:cd:c6:ed:f0:72:77:6c:84:c4:97:e3:26:
04:e2:86:c5:72:a6:3d:cb:9a:ce:93:4d:11:e4:9d:
6b:32:79:d8:cb:97:14:22:0f:d0:bb:40:1e:0a:93:
5f:d1:db:ee:95:ae:4b:11:66:85:57:f5:27:ea:f2:
37:05:56:e1:eb:2d:61:ad:fd:84:db:a3:f1:70:56:
4b:b8:f8:b9:80:32:d2:06:5a:81:dd:08:8b:73:92:
a1:c7:27:70:d1:a4:ca:7c:91:6e:9e:1a:2c:2d:e3:
e9:53:fd:db:4f:1c:53:69:71:69:9d:ee:b8:91:92:
b5:90:46:ea:3e:22:9d:a1:ca:ce:f7:58:fb:f9:25:
73:b2:19:78:bd:46:31:99:46:be:00:c6:96:38:79:
15:c9:2e:16:b0:2a:64:df:1e:c0:37:3f:53:48:5f:
64:a4:94:8b:7e:f7:df:cb:82:ca:58:3a:db:4e:bd:
02:eb:e3:14:2f:dd:cb:62:70:eb:34:62:26:b5:2e:
ec:39:23:6c:2c:99:96:b6:d8:72:b5:c6:f6:c5:d5:
40:ad:28:b2:33:9d:0c:e2:0a:79:c7:51:75:7d:c6:
e5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:99:64:67:41:CB:F5:96:99:E4:04:90:12:5A:F7:1F:66:12:BC:73
X509v3 Authority Key Identifier:
keyid:7D:96:5E:A6:B3:9C:22:AE:C2:AD:2D:4D:4C:0A:3A:31:3D:F1:DE:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fZZeprOcIq7CrS1NTAo6MT3x3vo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/aplkZ0HL9ZaZ5ASQElr3H2YSvHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/fZZeprOcIq7CrS1NTAo6MT3x3vo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.18.91.0/24
IPv6:
2a13:79c0:100::/40
Signature Algorithm: sha256WithRSAEncryption
df:e1:a8:15:c1:32:8f:cb:cb:42:10:28:5b:e3:08:ca:fc:c1:
33:44:2f:45:47:df:3e:67:da:95:aa:dd:99:bf:cd:f5:4b:13:
3c:2c:ed:87:67:7a:ea:67:0c:a9:7e:24:61:4f:18:c6:98:5d:
20:70:7c:a3:b1:c1:a3:60:a6:76:75:c4:f9:e9:47:e2:30:b7:
21:36:37:ba:11:e7:fe:70:ce:d0:39:0d:68:5a:6f:12:15:ad:
eb:d8:c6:de:12:f9:58:4d:a0:a4:01:78:3a:bd:dc:20:e1:61:
25:b5:07:b2:8d:87:d4:95:41:c5:6a:ce:c1:95:80:c9:1e:81:
4d:27:f8:32:23:ee:3a:7c:44:ab:56:55:c7:4a:5d:47:0b:2d:
6c:98:4a:f2:eb:b4:ff:3f:9d:36:79:98:cd:3b:3b:81:3f:e0:
c1:56:67:2c:93:90:a0:30:e5:c7:54:2a:c0:6e:c8:50:19:bf:
90:35:9f:0d:e5:38:f5:d3:42:47:0f:25:6e:ff:68:d0:20:6f:
a9:07:7d:12:d5:81:ec:7d:bc:b6:ba:de:5d:95:3c:e3:4c:63:
d8:64:c6:b6:ab:8e:4c:7a:5b:1c:84:c8:69:8e:a6:5f:e2:61:
bb:a3:9d:3c:00:c0:c6:ed:1f:1a:e0:9d:36:12:6b:a3:a4:92:
0e:59:a5:dc
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY9N7qYXu95NPCKLxkmHrXITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkOTY1ZWE2YjM5YzIyYWVjMmFkMmQ0ZDRjMGEzYTMxM2Rm
MWRlZmEwHhcNMjQwNTA2MTI0MzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTk5NjQ2NzQxY2JmNTk2OTllNDA0OTAxMjVhZjcxZjY2MTJiYzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHd8uebGwm/FW6RlYoYZEB3KHjJW
EUzOOWcS0Jy1U33Nxu3wcndshMSX4yYE4obFcqY9y5rOk00R5J1rMnnYy5cUIg/Q
u0AeCpNf0dvula5LEWaFV/Un6vI3BVbh6y1hrf2E26PxcFZLuPi5gDLSBlqB3QiL
c5Khxydw0aTKfJFunhosLePpU/3bTxxTaXFpne64kZK1kEbqPiKdocrO91j7+SVz
shl4vUYxmUa+AMaWOHkVyS4WsCpk3x7ANz9TSF9kpJSLfvffy4LKWDrbTr0C6+MU
L93LYnDrNGImtS7sOSNsLJmWtthytcb2xdVArSiyM50M4gp5x1F1fcbl4wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFGqZZGdBy/WWmeQEkBJa9x9mErxzMB8GA1UdIwQY
MBaAFH2WXqaznCKuwq0tTUwKOjE98d76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlpaZXByT2NJcTdDclMxTlRBbzZNVDN4M3ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kYmIyMmItMmExYS00NzYyLWEwZjct
MzJmNWE5NTA3NzMxLzEvYXBsa1owSEw5WmFaNUFTUUVscjNIMllTdkhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kYmIyMmItMmExYS00NzYyLWEwZjctMzJmNWE5NTA3NzMx
LzEvZlpaZXByT2NJcTdDclMxTlRBbzZNVDN4M3ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQA2RJbMA4E
AgACMAgDBgAqE3nAATANBgkqhkiG9w0BAQsFAAOCAQEA3+GoFcEyj8vLQhAoW+MI
yvzBM0QvRUffPmfalardmb/N9UsTPCzth2d66mcMqX4kYU8YxphdIHB8o7HBo2Cm
dnXE+elH4jC3ITY3uhHn/nDO0DkNaFpvEhWt69jG3hL5WE2gpAF4Or3cIOFhJbUH
so2H1JVBxWrOwZWAyR6BTSf4MiPuOnxEq1ZVx0pdRwstbJhK8uu0/z+dNnmYzTs7
gT/gwVZnLJOQoDDlx1QqwG7IUBm/kDWfDeU49dNCRw8lbv9o0CBvqQd9EtWB7H28
trreXZU840xj2GTGtquOTHpbHITIaY6mX+Jhu6OdPADAxu0fGuCdNhJro6SSDlml
3A==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:59:32 2024 by rpki-client on console-ams.rpki-client.org