Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/KAqe88nI6FfD3vymQ4phK8zT4EM.roa
File: KAqe88nI6FfD3vymQ4phK8zT4EM.roa (raw, json)
Hash identifier: uGr6kA1Orr3KDRG5wli33YF13LQTUc7dQlC5EqvSRSI=
Subject key identifier: 28:0A:9E:F3:C9:C8:E8:57:C3:DE:FC:A6:43:8A:61:2B:CC:D3:E0:43
Certificate issuer: /CN=4984d0cc6703bf942c6dac89dff1a7bf6632ea8b
Certificate serial: 018CC49377324B88DF217C28A108DD2263FE
Authority key identifier: 49:84:D0:CC:67:03:BF:94:2C:6D:AC:89:DF:F1:A7:BF:66:32:EA:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/KAqe88nI6FfD3vymQ4phK8zT4EM.roa
Signing time: Mon 01 Jan 2024 10:30:47 +0000
ROA not before: Mon 01 Jan 2024 10:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47292
IP address blocks: 217.23.98.0/24 maxlen: 24
217.23.96.0/24 maxlen: 24
217.23.97.0/24 maxlen: 24
217.23.102.0/24 maxlen: 24
217.23.100.0/24 maxlen: 24
217.23.101.0/24 maxlen: 24
217.23.105.0/24 maxlen: 24
217.23.99.0/24 maxlen: 24
217.23.103.0/24 maxlen: 24
217.23.104.0/24 maxlen: 24
217.23.108.0/24 maxlen: 24
217.23.109.0/24 maxlen: 24
217.23.107.0/24 maxlen: 24
217.23.106.0/24 maxlen: 24
217.23.110.0/24 maxlen: 24
217.23.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.mft
rsync://rpki.ripe.net/repository/DEFAULT/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:77:32:4b:88:df:21:7c:28:a1:08:dd:22:63:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4984d0cc6703bf942c6dac89dff1a7bf6632ea8b
Validity
Not Before: Jan 1 10:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=280a9ef3c9c8e857c3defca6438a612bccd3e043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:81:2f:21:2c:a5:ef:d2:b9:23:22:0a:16:1d:
52:26:8d:c2:0b:c8:bf:15:b2:ce:ba:4a:a0:38:77:
80:57:e1:94:9e:e6:c0:49:0d:c3:5a:08:b1:52:78:
11:ba:b4:a8:cc:60:b1:2b:d4:05:86:d4:71:ac:06:
09:5c:1b:b5:98:9a:a3:f4:4c:a8:f7:ae:c9:f9:96:
8e:cb:4a:47:ff:4b:2a:e5:ae:e7:7b:b6:03:a6:77:
a5:b4:f7:50:ff:ae:d7:08:dc:53:ea:19:74:8c:78:
0c:ca:75:31:9b:c9:ef:70:81:33:87:4a:3e:5e:f5:
b3:a4:a4:ee:23:83:dd:57:7b:71:de:53:d9:4b:af:
b3:39:e0:ac:26:bd:0c:63:ca:4c:45:ee:14:af:bf:
93:c3:08:b0:16:a8:b7:50:fd:d5:2a:16:8f:1e:a6:
ba:39:81:82:0e:22:f4:b8:4f:f7:54:97:33:5b:2a:
cc:5a:6c:62:f8:95:06:d7:fc:b8:29:e0:a6:52:a9:
da:58:4f:90:16:cc:b5:c4:9c:9b:c2:b5:fc:49:51:
d3:bf:8a:e7:75:20:44:23:da:79:34:c7:bf:a9:27:
29:2f:ea:ea:db:88:52:bb:f5:ca:30:0e:25:e1:a2:
ab:1a:ea:a7:c4:c2:42:8c:cf:39:f7:4c:0a:4d:61:
bf:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:0A:9E:F3:C9:C8:E8:57:C3:DE:FC:A6:43:8A:61:2B:CC:D3:E0:43
X509v3 Authority Key Identifier:
keyid:49:84:D0:CC:67:03:BF:94:2C:6D:AC:89:DF:F1:A7:BF:66:32:EA:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/KAqe88nI6FfD3vymQ4phK8zT4EM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.23.96.0/20
Signature Algorithm: sha256WithRSAEncryption
0f:e9:c5:73:3a:00:27:e5:b9:82:f3:c6:55:69:e9:53:60:1c:
73:38:5d:16:07:09:ef:5c:df:e3:8a:6a:20:3d:7d:fa:d0:4d:
6d:71:9a:96:3a:48:e7:7d:92:2d:fc:88:f7:dd:a5:84:a7:b6:
fb:a2:50:8a:21:28:d6:52:cf:a4:00:fb:ea:29:45:83:d0:10:
06:24:79:68:3d:68:63:d7:d5:27:c0:82:6e:e8:aa:a3:71:7e:
1d:42:90:22:1e:97:ed:12:f9:4f:7b:04:ac:f8:88:e4:44:b0:
03:37:84:4f:bd:82:4c:7b:0c:f2:5f:eb:8d:7a:b3:20:e6:ca:
c7:13:ac:12:96:90:b4:97:c9:1a:79:57:a7:4f:32:64:bf:f4:
ef:54:44:41:68:1d:32:69:c3:5a:a8:9c:b9:f1:26:91:fb:8f:
a4:d8:3f:90:cb:91:91:fb:0f:5c:31:b3:9b:5b:1a:0c:ac:7f:
4b:d6:04:04:06:5c:f3:8e:54:e9:76:3b:28:6c:1e:51:69:b7:
21:a6:8c:6f:2e:07:65:88:09:18:fd:d9:ab:83:95:74:cc:b6:
4a:57:5e:ab:8b:86:4d:4c:7a:e2:c9:ed:8a:73:a3:9f:6b:84:
99:49:f6:71:03:6f:24:3a:fb:20:4a:13:52:a8:ea:f2:5c:2c:
10:05:db:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk3cyS4jfIXwooQjdImP+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODRkMGNjNjcwM2JmOTQyYzZkYWM4OWRmZjFhN2JmNjYz
MmVhOGIwHhcNMjQwMTAxMTAzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODBhOWVmM2M5YzhlODU3YzNkZWZjYTY0MzhhNjEyYmNjZDNlMDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoEvISyl79K5IyIKFh1SJo3CC8i/
FbLOukqgOHeAV+GUnubASQ3DWgixUngRurSozGCxK9QFhtRxrAYJXBu1mJqj9Eyo
967J+ZaOy0pH/0sq5a7ne7YDpneltPdQ/67XCNxT6hl0jHgMynUxm8nvcIEzh0o+
XvWzpKTuI4PdV3tx3lPZS6+zOeCsJr0MY8pMRe4Ur7+TwwiwFqi3UP3VKhaPHqa6
OYGCDiL0uE/3VJczWyrMWmxi+JUG1/y4KeCmUqnaWE+QFsy1xJybwrX8SVHTv4rn
dSBEI9p5NMe/qScpL+rq24hSu/XKMA4l4aKrGuqnxMJCjM8590wKTWG/RQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCgKnvPJyOhXw978pkOKYSvM0+BDMB8GA1UdIwQY
MBaAFEmE0MxnA7+ULG2sid/xp79mMuqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1lUUXpHY0R2NVFzYmF5SjNfR252Mll5Nm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hNTgzMTEtZTY3NC00MDVjLTk4ZjIt
MTQ3MGJjY2VlYjFiLzEvS0FxZTg4bkk2RmZEM3Z5bVE0cGhLOHpUNEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9hNTgzMTEtZTY3NC00MDVjLTk4ZjItMTQ3MGJjY2VlYjFi
LzEvU1lUUXpHY0R2NVFzYmF5SjNfR252Mll5Nm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2RdgMA0G
CSqGSIb3DQEBCwUAA4IBAQAP6cVzOgAn5bmC88ZVaelTYBxzOF0WBwnvXN/jimog
PX360E1tcZqWOkjnfZIt/Ij33aWEp7b7olCKISjWUs+kAPvqKUWD0BAGJHloPWhj
19UnwIJu6KqjcX4dQpAiHpftEvlPewSs+IjkRLADN4RPvYJMewzyX+uNerMg5srH
E6wSlpC0l8kaeVenTzJkv/TvVERBaB0yacNaqJy58SaR+4+k2D+Qy5GR+w9cMbOb
WxoMrH9L1gQEBlzzjlTpdjsobB5RabchpoxvLgdliAkY/dmrg5V0zLZKV16ri4ZN
THriye2Kc6Ofa4SZSfZxA28kOvsgShNSqOryXCwQBdvH
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:02:36 2024 by rpki-client on console-fra.rpki-client.org