Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/ldLrAAZFLaZ1dYfg6XkV-57rvlg.roa
File: ldLrAAZFLaZ1dYfg6XkV-57rvlg.roa (raw, json)
Hash identifier: +KKkO9mNU5+0rJTZw4OeFL8vRcLPfnDVOqFwERSS+Vg=
Subject key identifier: 95:D2:EB:00:06:45:2D:A6:75:75:87:E0:E9:79:15:FB:9E:EB:BE:58
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 019036A2C28D312780B0E56A6B940E56C1D2
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/ldLrAAZFLaZ1dYfg6XkV-57rvlg.roa
Signing time: Thu 20 Jun 2024 17:12:34 +0000
ROA not before: Thu 20 Jun 2024 17:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198154
IP address blocks: 217.60.242.0/24 maxlen: 24
217.60.244.0/24 maxlen: 24
217.60.245.0/24 maxlen: 24
217.60.247.0/24 maxlen: 24
217.60.249.0/24 maxlen: 24
217.60.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jul 2024 18:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:36:a2:c2:8d:31:27:80:b0:e5:6a:6b:94:0e:56:c1:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jun 20 17:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95d2eb0006452da6757587e0e97915fb9eebbe58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6d:9c:67:79:ee:e4:a8:dd:3d:a2:59:52:0e:
41:79:ae:29:90:e1:6e:37:d8:ad:38:e4:da:9c:d0:
22:5c:85:95:59:c6:61:5d:34:16:4b:ba:a8:7c:8d:
64:66:70:f7:3b:15:02:39:99:d8:4a:0b:79:6f:c5:
a4:fa:e6:44:ff:d8:81:de:6d:b7:6e:f8:9a:91:0f:
5e:8f:4d:e5:1c:e0:17:80:8f:e1:9e:3e:cb:aa:b2:
d4:08:ee:e8:c6:83:9f:a7:b8:93:fb:be:c1:29:72:
6c:98:81:53:3b:e1:92:14:b4:88:74:a3:9d:bc:02:
f6:da:21:a6:04:0d:46:d0:5c:ba:98:cb:95:88:e5:
9a:07:7f:a9:13:77:59:4e:3f:e2:30:9a:a6:82:bf:
c5:0a:88:26:bd:fb:8d:43:0c:e9:4b:50:24:74:98:
6f:15:b7:0c:56:90:b0:7a:ca:d4:e1:b3:be:72:d4:
96:2d:bc:23:92:65:08:a4:88:0d:09:7f:ae:de:9b:
22:4b:ba:e7:95:72:8e:46:de:f9:9a:bd:9a:71:47:
e2:83:e7:4e:19:fc:d3:8b:ee:a8:82:30:7b:8f:c4:
c8:53:1c:6f:31:e0:48:17:3d:1d:e4:88:39:a2:9d:
41:6a:5c:16:93:bb:10:56:b3:27:2d:99:88:44:a2:
d0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:D2:EB:00:06:45:2D:A6:75:75:87:E0:E9:79:15:FB:9E:EB:BE:58
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/ldLrAAZFLaZ1dYfg6XkV-57rvlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.242.0/24
217.60.244.0/23
217.60.247.0/24
217.60.249.0/24
217.60.252.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:32:71:7a:dd:70:fd:ca:df:03:e8:1a:2d:3c:73:d1:61:97:
fc:f2:f0:ec:87:31:1d:53:63:0c:ed:64:d2:03:c6:c1:a6:79:
f2:24:68:85:7e:87:fa:1d:96:79:25:6b:36:53:3c:10:42:dc:
90:d7:06:4a:70:ec:d9:f3:7b:5c:f0:2f:d4:a0:ba:e8:0c:75:
29:d3:99:f8:25:f9:e8:84:7d:20:29:29:c7:c7:32:6f:08:10:
b4:6b:ea:1e:9e:05:c9:78:4a:fe:68:9f:b2:a3:26:fd:d7:a2:
96:8e:eb:29:81:79:23:8d:57:a1:44:ef:96:ea:d6:c0:6b:18:
ac:7f:4f:b2:d4:56:fe:f9:f2:8b:35:07:6c:25:97:13:ba:74:
13:1f:18:bb:ba:df:d3:ed:9f:95:e4:bc:2f:d6:8d:2c:75:42:
0d:29:2b:7c:7d:0f:78:ad:7a:eb:43:fb:34:31:b4:ef:84:ee:
2e:9a:59:36:3e:20:5f:70:a5:db:03:18:4e:1f:bb:5c:a8:c0:
94:8b:78:22:d6:c8:45:49:fb:c5:eb:8d:f7:73:a1:50:60:42:
c8:b8:e5:57:c2:37:bc:cc:fe:6c:4f:6b:35:63:df:d5:4e:11:
65:5d:0f:d2:ee:28:55:76:73:d3:ca:5f:f0:6b:b6:bb:26:82:
e0:7b:95:41
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZA2osKNMSeAsOVqa5QOVsHSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwNjIwMTcxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWQyZWIwMDA2NDUyZGE2NzU3NTg3ZTBlOTc5MTVmYjllZWJiZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwm2cZ3nu5KjdPaJZUg5Bea4pkOFu
N9itOOTanNAiXIWVWcZhXTQWS7qofI1kZnD3OxUCOZnYSgt5b8Wk+uZE/9iB3m23
bviakQ9ej03lHOAXgI/hnj7LqrLUCO7oxoOfp7iT+77BKXJsmIFTO+GSFLSIdKOd
vAL22iGmBA1G0Fy6mMuViOWaB3+pE3dZTj/iMJqmgr/FCogmvfuNQwzpS1AkdJhv
FbcMVpCwesrU4bO+ctSWLbwjkmUIpIgNCX+u3psiS7rnlXKORt75mr2acUfig+dO
GfzTi+6ogjB7j8TIUxxvMeBIFz0d5Ig5op1BalwWk7sQVrMnLZmIRKLQiwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJXS6wAGRS2mdXWH4Ol5Ffue675YMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvbGRMckFBWkZMYVoxZFlmZzZYa1YtNTdydmxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQA2TzyAwQB
2Tz0AwQA2Tz3AwQA2Tz5AwQA2Tz8MA0GCSqGSIb3DQEBCwUAA4IBAQC4MnF63XD9
yt8D6BotPHPRYZf88vDshzEdU2MM7WTSA8bBpnnyJGiFfof6HZZ5JWs2UzwQQtyQ
1wZKcOzZ83tc8C/UoLroDHUp05n4JfnohH0gKSnHxzJvCBC0a+oengXJeEr+aJ+y
oyb916KWjuspgXkjjVehRO+W6tbAaxisf0+y1Fb++fKLNQdsJZcTunQTHxi7ut/T
7Z+V5Lwv1o0sdUINKSt8fQ94rXrrQ/s0MbTvhO4umlk2PiBfcKXbAxhOH7tcqMCU
i3gi1shFSfvF6433c6FQYELIuOVXwje8zP5sT2s1Y9/VThFlXQ/S7ihVdnPTyl/w
a7a7JoLge5VB
-----END CERTIFICATE-----
Generated at Thu Jul 4 03:39:48 2024 by rpki-client on console.sobornost.net