Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/JH3vPdZJ1ybMe6ZybxZUFMoqN6c.roa
File: JH3vPdZJ1ybMe6ZybxZUFMoqN6c.roa (raw, json)
Hash identifier: 4ZN07ghgSBwCIcXHeKqRU2aSK4GIO6v2nO7rXMwdH0o=
Subject key identifier: 24:7D:EF:3D:D6:49:D7:26:CC:7B:A6:72:6F:16:54:14:CA:2A:37:A7
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2E9E3B9703E734F8FB68830F546FE
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/JH3vPdZJ1ybMe6ZybxZUFMoqN6c.roa
Signing time: Thu 02 Jan 2025 01:48:12 +0000
ROA not before: Thu 02 Jan 2025 01:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28699
IP address blocks: 109.205.120.0/21 maxlen: 21
109.205.126.0/24 maxlen: 24
185.27.92.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:e9:e3:b9:70:3e:73:4f:8f:b6:88:30:f5:46:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=247def3dd649d726cc7ba6726f165414ca2a37a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:82:c6:f5:fe:9a:5d:d4:aa:1b:9c:53:0f:b8:
8e:0b:8e:74:a3:6c:f0:3b:3a:22:1c:b6:4a:fe:84:
b8:dd:27:da:88:54:65:db:56:3c:24:03:18:59:e1:
c9:b4:ba:61:1e:cf:15:29:76:66:5d:d9:35:3c:69:
7a:e2:4b:85:cc:cf:0e:ae:ca:4f:2c:1e:50:74:ac:
9b:7f:4b:30:f4:94:3f:bd:7e:35:28:3e:aa:bf:67:
cd:39:6a:19:8e:03:aa:e0:0a:7b:b1:34:d1:9d:64:
74:ad:c2:6d:29:a0:4a:8b:fc:be:e5:af:24:9a:ce:
0d:db:81:88:e7:6b:e7:16:5c:c1:fb:f0:78:d2:4a:
33:ef:6c:ac:fa:d8:af:37:19:53:4d:d9:e8:b4:66:
e6:92:27:65:02:2c:c0:bf:73:b3:d5:18:ed:35:af:
b9:ee:8e:a8:ab:1c:d1:f5:78:07:d7:fc:a6:8f:18:
c2:2b:f6:c0:30:4f:2b:02:83:1e:1d:e8:60:9c:f6:
0a:d4:0d:29:6c:44:0e:a4:9d:1b:cd:e6:0d:3f:6d:
51:63:e8:40:67:e0:7f:7b:a8:29:cb:4c:5c:30:a9:
5d:b7:c1:3d:8a:93:6a:65:38:f8:ef:1d:f4:00:ab:
c2:6e:60:ca:14:56:ec:c2:10:9a:dc:fd:62:6b:9b:
fe:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:7D:EF:3D:D6:49:D7:26:CC:7B:A6:72:6F:16:54:14:CA:2A:37:A7
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/JH3vPdZJ1ybMe6ZybxZUFMoqN6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.120.0/21
185.27.92.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:54:c3:50:38:62:a4:58:3d:93:a4:8d:a1:71:99:6e:d5:cd:
1f:5e:c1:9f:34:c3:89:a6:0e:a5:f7:3f:c6:66:88:24:04:44:
b0:ee:ed:01:05:30:d3:45:8f:40:a5:ce:25:b6:28:ec:8c:28:
c1:8a:87:f9:f5:bd:49:39:65:d8:d9:ff:35:73:39:88:03:3f:
01:f3:e8:5c:bf:1d:58:21:d1:d2:aa:2b:cc:2f:8c:4d:e0:11:
62:9a:32:58:71:54:de:b9:b1:cf:10:bd:cc:80:e3:8d:11:b4:
56:fb:a8:aa:20:19:91:7f:67:a5:e3:6e:33:6c:8b:f8:57:69:
6e:6a:15:4d:b0:48:40:e9:26:32:ba:4f:42:04:f2:45:79:e6:
a0:13:0e:6a:47:fc:f1:f1:5f:32:40:0f:77:33:82:6d:2a:3e:
62:91:40:8f:94:d9:83:cc:b2:16:df:30:4e:bf:84:9c:83:a1:
23:8f:92:de:a5:ca:1f:76:b7:4f:f0:ee:f2:45:58:a0:a2:44:
15:d5:ec:55:98:6f:94:c6:ca:68:2a:5f:35:a4:0a:ef:cf:ea:
51:d6:f6:62:33:fc:c7:52:af:99:65:51:c5:4e:63:31:86:96:
39:13:6a:fa:70:4c:a4:11:0f:d6:8f:29:c6:dc:e2:91:86:6a:
65:95:62:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQksunjuXA+c0+Ptogw9Ub+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDdkZWYzZGQ2NDlkNzI2Y2M3YmE2NzI2ZjE2NTQxNGNhMmEzN2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoLG9f6aXdSqG5xTD7iOC450o2zw
OzoiHLZK/oS43SfaiFRl21Y8JAMYWeHJtLphHs8VKXZmXdk1PGl64kuFzM8OrspP
LB5QdKybf0sw9JQ/vX41KD6qv2fNOWoZjgOq4Ap7sTTRnWR0rcJtKaBKi/y+5a8k
ms4N24GI52vnFlzB+/B40koz72ys+tivNxlTTdnotGbmkidlAizAv3Oz1RjtNa+5
7o6oqxzR9XgH1/ymjxjCK/bAME8rAoMeHehgnPYK1A0pbEQOpJ0bzeYNP21RY+hA
Z+B/e6gpy0xcMKldt8E9ipNqZTj47x30AKvCbmDKFFbswhCa3P1ia5v+kQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCR97z3WSdcmzHumcm8WVBTKKjenMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvSkgzdlBkWkoxeWJNZTZaeWJ4WlVGTW9xTjZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDbc14AwQC
uRtcMA0GCSqGSIb3DQEBCwUAA4IBAQBKVMNQOGKkWD2TpI2hcZlu1c0fXsGfNMOJ
pg6l9z/GZogkBESw7u0BBTDTRY9Apc4ltijsjCjBiof59b1JOWXY2f81czmIAz8B
8+hcvx1YIdHSqivML4xN4BFimjJYcVTeubHPEL3MgOONEbRW+6iqIBmRf2el424z
bIv4V2luahVNsEhA6SYyuk9CBPJFeeagEw5qR/zx8V8yQA93M4JtKj5ikUCPlNmD
zLIW3zBOv4Scg6Ejj5LepcofdrdP8O7yRVigokQV1exVmG+UxspoKl81pArvz+pR
1vZiM/zHUq+ZZVHFTmMxhpY5E2r6cEykEQ/WjynG3OKRhmpllWKz
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:51 2025 by rpki-client