Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/p2FJTbKZxxBxtXrNJ4Di1VjkFCI.roa
File: p2FJTbKZxxBxtXrNJ4Di1VjkFCI.roa (raw, json)
Hash identifier: m12vKxRxkrdXLcaY3MlwEqwI5o2+I9pDov63ovpkHWw=
Subject key identifier: A7:61:49:4D:B2:99:C7:10:71:B5:7A:CD:27:80:E2:D5:58:E4:14:22
Certificate issuer: /CN=33c342c06aacc359d39439ff58defa8ea1875748
Certificate serial: 018CC500BA69F0503BDB69F278C3039657F8
Authority key identifier: 33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/p2FJTbKZxxBxtXrNJ4Di1VjkFCI.roa
Signing time: Mon 01 Jan 2024 12:30:08 +0000
ROA not before: Mon 01 Jan 2024 12:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51238
IP address blocks: 109.236.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.mft
rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 12:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:ba:69:f0:50:3b:db:69:f2:78:c3:03:96:57:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33c342c06aacc359d39439ff58defa8ea1875748
Validity
Not Before: Jan 1 12:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a761494db299c71071b57acd2780e2d558e41422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1d:91:c1:32:c1:da:b9:b2:6d:7b:6a:04:c0:
c8:9d:27:fd:a9:83:f0:8a:53:c6:94:82:6c:84:31:
53:6d:3e:4c:f9:4e:23:28:32:16:95:62:15:19:87:
86:3f:08:e4:e5:76:80:cd:89:8e:93:2e:b1:2a:42:
7d:42:93:91:5e:5b:e5:aa:8c:1f:6e:2a:2f:89:09:
72:42:c7:16:25:22:c0:90:3f:ee:5c:33:44:bd:cc:
f8:b9:05:23:d5:01:7a:66:c0:36:75:57:3e:2b:ae:
2e:5c:39:22:27:0b:23:27:04:c7:80:2c:08:b9:0c:
e0:bf:71:9e:b0:4b:8b:35:0f:23:9b:28:47:6c:f0:
6f:ae:e5:9e:8b:4f:b2:c9:0e:be:25:99:aa:f9:f2:
84:9a:3d:26:1f:f1:8d:c7:e4:12:b2:2c:6c:2a:9b:
b3:3f:e4:2d:1f:ce:6b:f4:3c:91:2e:db:8b:10:70:
32:90:20:92:de:7b:18:94:ee:0f:20:64:3a:9b:ed:
30:be:09:dd:4f:09:64:15:f7:e5:3f:15:85:bf:8e:
2b:5c:68:8a:d7:39:44:50:fd:52:30:8b:e5:66:99:
d7:58:cf:cf:d6:d1:b2:ec:55:4e:de:88:30:e0:39:
cb:51:a9:51:96:d2:42:20:83:9c:b7:44:45:17:bb:
8b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:61:49:4D:B2:99:C7:10:71:B5:7A:CD:27:80:E2:D5:58:E4:14:22
X509v3 Authority Key Identifier:
keyid:33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/p2FJTbKZxxBxtXrNJ4Di1VjkFCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.250.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:99:78:6e:5d:b9:04:c0:55:44:e3:1e:e0:2b:0a:82:98:1b:
ec:3a:b1:0c:29:e0:a6:38:4b:a5:c7:de:df:51:3e:a7:3c:ec:
90:b9:2a:c8:4b:d2:75:07:16:2c:6a:36:cc:3c:a2:1a:46:c6:
c1:f0:b8:d3:97:2b:00:b0:da:f0:59:31:f2:5c:10:ab:42:46:
22:c4:7e:35:f1:2d:b9:00:78:55:c1:8c:38:c2:4f:2c:4a:3b:
a9:28:33:1b:2e:4f:71:c7:13:a6:b7:9b:29:8f:84:29:5d:cb:
b1:a6:61:b6:35:eb:fe:f6:59:bc:70:26:04:0d:61:c4:68:e8:
6a:c8:6f:ba:e3:96:a7:78:9b:2a:5a:8e:cc:f1:83:8a:67:18:
38:12:4d:e5:98:4e:f9:1f:90:bb:47:ee:2e:aa:7f:c9:7e:0b:
05:55:51:08:a6:fe:53:7e:40:8e:2f:b6:b5:b3:53:fc:6b:7e:
56:42:57:46:4d:7a:2a:5b:a2:4c:88:6d:e6:a0:d0:dd:fa:85:
b8:d4:b7:b3:65:3a:3e:0a:cd:16:dd:74:a7:66:78:6c:eb:29:
4f:da:22:e2:74:02:05:dc:80:c1:3d:03:d7:e2:32:67:6f:8e:
59:fb:3b:34:9b:2b:be:a4:3a:90:9c:0b:64:21:0a:20:80:a6:
38:b9:d1:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFALpp8FA722nyeMMDllf4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYzM0MmMwNmFhY2MzNTlkMzk0MzlmZjU4ZGVmYThlYTE4
NzU3NDgwHhcNMjQwMTAxMTIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzYxNDk0ZGIyOTljNzEwNzFiNTdhY2QyNzgwZTJkNTU4ZTQxNDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApB2RwTLB2rmybXtqBMDInSf9qYPw
ilPGlIJshDFTbT5M+U4jKDIWlWIVGYeGPwjk5XaAzYmOky6xKkJ9QpORXlvlqowf
bioviQlyQscWJSLAkD/uXDNEvcz4uQUj1QF6ZsA2dVc+K64uXDkiJwsjJwTHgCwI
uQzgv3GesEuLNQ8jmyhHbPBvruWei0+yyQ6+JZmq+fKEmj0mH/GNx+QSsixsKpuz
P+QtH85r9DyRLtuLEHAykCCS3nsYlO4PIGQ6m+0wvgndTwlkFfflPxWFv44rXGiK
1zlEUP1SMIvlZpnXWM/P1tGy7FVO3ogw4DnLUalRltJCIIOct0RFF7uLXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKdhSU2ymccQcbV6zSeA4tVY5BQiMB8GA1UdIwQY
MBaAFDPDQsBqrMNZ05Q5/1je+o6hh1dIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUt
N2YyMzMzNjA0OTk3LzEvcDJGSlRiS1p4eEJ4dFhyTko0RGkxVmprRkNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUtN2YyMzMzNjA0OTk3
LzEvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbez6MA0G
CSqGSIb3DQEBCwUAA4IBAQCmmXhuXbkEwFVE4x7gKwqCmBvsOrEMKeCmOEulx97f
UT6nPOyQuSrIS9J1BxYsajbMPKIaRsbB8LjTlysAsNrwWTHyXBCrQkYixH418S25
AHhVwYw4wk8sSjupKDMbLk9xxxOmt5spj4QpXcuxpmG2Nev+9lm8cCYEDWHEaOhq
yG+645aneJsqWo7M8YOKZxg4Ek3lmE75H5C7R+4uqn/JfgsFVVEIpv5TfkCOL7a1
s1P8a35WQldGTXoqW6JMiG3moNDd+oW41LezZTo+Cs0W3XSnZnhs6ylP2iLidAIF
3IDBPQPX4jJnb45Z+zs0myu+pDqQnAtkIQoggKY4udGt
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:57:28 2024 by rpki-client on console-ams.rpki-client.org