Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/Exo16zEYgO3PueRCaRsMKkkEhy0.roa
File: Exo16zEYgO3PueRCaRsMKkkEhy0.roa (raw, json)
Hash identifier: kH5z+KdUp6OrMDZjKD02kQC0jLALZ4m/6if0eLS0ZaE=
Subject key identifier: 13:1A:35:EB:31:18:80:ED:CF:B9:E4:42:69:1B:0C:2A:49:04:87:2D
Certificate issuer: /CN=4984d0cc6703bf942c6dac89dff1a7bf6632ea8b
Certificate serial: 019427B51683130B855DEE1EA661792BA7AF
Authority key identifier: 49:84:D0:CC:67:03:BF:94:2C:6D:AC:89:DF:F1:A7:BF:66:32:EA:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/Exo16zEYgO3PueRCaRsMKkkEhy0.roa
Signing time: Thu 02 Jan 2025 15:49:26 +0000
ROA not before: Thu 02 Jan 2025 15:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47292
IP address blocks: 217.23.96.0/24 maxlen: 24
217.23.97.0/24 maxlen: 24
217.23.98.0/24 maxlen: 24
217.23.99.0/24 maxlen: 24
217.23.100.0/24 maxlen: 24
217.23.101.0/24 maxlen: 24
217.23.102.0/24 maxlen: 24
217.23.103.0/24 maxlen: 24
217.23.104.0/24 maxlen: 24
217.23.105.0/24 maxlen: 24
217.23.106.0/24 maxlen: 24
217.23.107.0/24 maxlen: 24
217.23.108.0/24 maxlen: 24
217.23.109.0/24 maxlen: 24
217.23.110.0/24 maxlen: 24
217.23.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.mft
rsync://rpki.ripe.net/repository/DEFAULT/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 12:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:16:83:13:0b:85:5d:ee:1e:a6:61:79:2b:a7:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4984d0cc6703bf942c6dac89dff1a7bf6632ea8b
Validity
Not Before: Jan 2 15:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=131a35eb311880edcfb9e442691b0c2a4904872d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a5:f3:75:b1:ab:4d:c7:69:24:91:d1:78:95:
b7:ea:05:1c:8e:66:69:68:98:9e:d3:0d:10:7c:23:
de:4e:22:36:da:3a:bb:ed:8d:43:c7:55:1c:9f:71:
44:56:50:f0:d0:93:b8:1b:fa:0c:c2:66:2a:8f:4d:
d6:61:ed:da:79:0b:6b:4e:ca:43:10:65:8d:9e:b4:
25:51:6c:95:51:ed:b6:ef:68:11:ca:b6:7b:72:a2:
76:90:5f:77:16:01:76:50:52:65:9f:e0:a9:5f:1b:
c2:3b:2d:80:ef:94:7c:41:18:2b:6e:2d:16:a8:ce:
ef:5a:8c:7d:8e:10:c5:99:1a:48:bb:68:7f:30:d6:
55:63:be:1d:2d:7b:e8:d7:d1:e7:df:fd:78:8a:37:
8a:cd:e8:05:ce:94:1f:86:50:61:9c:8d:fd:a4:25:
03:c2:06:f3:06:e9:1d:28:bf:c6:d5:1f:d8:f1:04:
5d:73:c7:7e:fe:83:7a:9e:96:c4:0c:dd:c9:16:0b:
4e:4f:e6:76:2b:cb:7d:fb:dc:bc:0e:79:a1:cb:0e:
2d:ae:94:69:b7:94:45:2b:6e:d3:8a:11:e9:21:0d:
5c:d8:fa:92:c3:e8:25:28:42:c5:51:74:66:43:f9:
b5:43:09:2c:43:c0:22:15:2d:ac:f8:c8:60:26:0d:
c8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:1A:35:EB:31:18:80:ED:CF:B9:E4:42:69:1B:0C:2A:49:04:87:2D
X509v3 Authority Key Identifier:
keyid:49:84:D0:CC:67:03:BF:94:2C:6D:AC:89:DF:F1:A7:BF:66:32:EA:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/Exo16zEYgO3PueRCaRsMKkkEhy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.23.96.0/20
Signature Algorithm: sha256WithRSAEncryption
37:ef:91:b7:28:8e:df:39:78:8a:38:f3:b1:50:20:29:b5:bc:
eb:32:2f:d9:9d:a1:b3:53:97:25:9f:34:35:d3:2e:03:0a:dc:
95:76:97:39:27:5b:71:63:f7:92:ea:2e:f3:f8:20:c0:ee:69:
5c:bc:20:ca:48:be:f2:de:b3:b8:33:90:02:7c:95:56:95:a6:
6f:e3:92:f9:dc:75:13:21:81:f7:29:ec:62:8c:c5:4f:bd:ca:
2b:f1:b2:cf:cd:40:d8:f6:d1:3d:54:75:22:c1:8a:dd:d4:dc:
1e:72:c1:ee:b0:13:99:da:15:c4:5d:c3:04:38:33:da:f5:b4:
46:67:2b:17:f7:2f:df:e8:e3:39:bf:24:ce:8a:87:4c:23:9d:
4c:44:81:d3:cd:4e:6e:5d:44:72:1a:95:51:93:e9:80:14:cd:
a6:08:27:af:2e:0e:90:f3:80:09:76:51:4a:d2:d6:0c:4c:80:
98:71:08:b0:53:0b:68:55:db:72:01:4d:00:c8:df:47:ba:60:
b4:eb:6b:d2:06:a1:cd:e0:eb:77:ea:39:af:32:14:df:e0:36:
79:d2:fd:8d:a3:99:9e:1a:12:88:81:f2:c4:60:99:49:bf:2d:
39:78:44:be:5c:69:68:d6:78:80:53:14:c5:e5:bd:ff:64:53:
d4:40:11:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntRaDEwuFXe4epmF5K6evMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODRkMGNjNjcwM2JmOTQyYzZkYWM4OWRmZjFhN2JmNjYz
MmVhOGIwHhcNMjUwMTAyMTU0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzFhMzVlYjMxMTg4MGVkY2ZiOWU0NDI2OTFiMGMyYTQ5MDQ4NzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaXzdbGrTcdpJJHReJW36gUcjmZp
aJie0w0QfCPeTiI22jq77Y1Dx1Ucn3FEVlDw0JO4G/oMwmYqj03WYe3aeQtrTspD
EGWNnrQlUWyVUe2272gRyrZ7cqJ2kF93FgF2UFJln+CpXxvCOy2A75R8QRgrbi0W
qM7vWox9jhDFmRpIu2h/MNZVY74dLXvo19Hn3/14ijeKzegFzpQfhlBhnI39pCUD
wgbzBukdKL/G1R/Y8QRdc8d+/oN6npbEDN3JFgtOT+Z2K8t9+9y8Dnmhyw4trpRp
t5RFK27TihHpIQ1c2PqSw+glKELFUXRmQ/m1QwksQ8AiFS2s+MhgJg3IPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBMaNesxGIDtz7nkQmkbDCpJBIctMB8GA1UdIwQY
MBaAFEmE0MxnA7+ULG2sid/xp79mMuqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1lUUXpHY0R2NVFzYmF5SjNfR252Mll5Nm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hNTgzMTEtZTY3NC00MDVjLTk4ZjIt
MTQ3MGJjY2VlYjFiLzEvRXhvMTZ6RVlnTzNQdWVSQ2FSc01La2tFaHkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9hNTgzMTEtZTY3NC00MDVjLTk4ZjItMTQ3MGJjY2VlYjFi
LzEvU1lUUXpHY0R2NVFzYmF5SjNfR252Mll5Nm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2RdgMA0G
CSqGSIb3DQEBCwUAA4IBAQA375G3KI7fOXiKOPOxUCAptbzrMi/ZnaGzU5clnzQ1
0y4DCtyVdpc5J1txY/eS6i7z+CDA7mlcvCDKSL7y3rO4M5ACfJVWlaZv45L53HUT
IYH3KexijMVPvcor8bLPzUDY9tE9VHUiwYrd1NwecsHusBOZ2hXEXcMEODPa9bRG
ZysX9y/f6OM5vyTOiodMI51MRIHTzU5uXURyGpVRk+mAFM2mCCevLg6Q84AJdlFK
0tYMTICYcQiwUwtoVdtyAU0AyN9HumC062vSBqHN4Ot36jmvMhTf4DZ50v2No5me
GhKIgfLEYJlJvy05eES+XGlo1niAUxTF5b3/ZFPUQBGo
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:58:56 2025 by rpki-client