Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/mCFvEEPRkAp8HoSjX6w0Kwhotk8.roa
File: mCFvEEPRkAp8HoSjX6w0Kwhotk8.roa (raw, json)
Hash identifier: HNIjg3fahMZfXV5/J8DUnBcxNwS5kkMwdeP9VmkDgDY=
Subject key identifier: 98:21:6F:10:43:D1:90:0A:7C:1E:84:A3:5F:AC:34:2B:08:68:B6:4F
Certificate issuer: /CN=76ef0a0ee8fa154d7ada438af1212269ce0acc41
Certificate serial: 018E0E8CD38F0DAA2E476F4A62EB7D71CB01
Authority key identifier: 76:EF:0A:0E:E8:FA:15:4D:7A:DA:43:8A:F1:21:22:69:CE:0A:CC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/du8KDuj6FU162kOK8SEiac4KzEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/mCFvEEPRkAp8HoSjX6w0Kwhotk8.roa
Signing time: Tue 05 Mar 2024 12:18:13 +0000
ROA not before: Tue 05 Mar 2024 12:18:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 109.71.240.0/24 maxlen: 24
109.71.241.0/24 maxlen: 24
109.71.243.0/24 maxlen: 24
109.71.244.0/24 maxlen: 24
109.71.245.0/24 maxlen: 24
109.71.246.0/24 maxlen: 24
109.71.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/du8KDuj6FU162kOK8SEiac4KzEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/du8KDuj6FU162kOK8SEiac4KzEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/du8KDuj6FU162kOK8SEiac4KzEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 09:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:8c:d3:8f:0d:aa:2e:47:6f:4a:62:eb:7d:71:cb:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76ef0a0ee8fa154d7ada438af1212269ce0acc41
Validity
Not Before: Mar 5 12:18:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98216f1043d1900a7c1e84a35fac342b0868b64f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:74:e9:a6:59:4e:83:8c:dd:23:dc:20:5b:de:
84:df:c8:41:10:23:b3:3b:79:f2:e8:f3:7e:1c:c4:
ff:01:05:4a:8a:57:cd:1c:8b:dd:ac:a5:bf:0c:35:
e3:2a:b7:3e:5f:cd:8f:7e:c8:c3:67:79:85:da:65:
74:5e:4c:18:62:31:03:5c:9b:cb:25:36:c0:d1:c3:
3d:af:61:f3:08:68:29:cd:a9:7d:8d:55:22:15:90:
a3:f8:2b:b7:6f:05:03:54:2d:a6:06:c3:02:ed:a4:
a1:ed:14:a7:5d:92:3b:8e:df:fe:86:d4:89:ef:5f:
6a:b8:d5:be:da:b2:3b:f2:03:db:4e:3f:e4:9a:a8:
35:73:d0:67:d9:d0:f5:2d:af:c1:80:98:62:a8:3d:
d4:fc:32:ae:eb:01:39:95:ae:86:e4:cf:2d:57:38:
9d:49:f4:7c:d9:04:99:05:3d:56:49:39:86:ca:cc:
a9:35:d7:0a:c5:5f:b1:69:01:7f:69:c0:a6:bb:2d:
65:94:ed:f0:c4:59:7f:2e:89:11:40:72:71:0d:4a:
a7:35:13:48:cf:1e:8f:41:70:36:07:f9:93:08:87:
a9:05:2e:1a:ad:5c:c8:af:60:f3:b8:fe:58:0b:06:
7d:0f:6c:12:e5:0a:62:2d:0e:8f:a8:06:34:3e:88:
ac:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:21:6F:10:43:D1:90:0A:7C:1E:84:A3:5F:AC:34:2B:08:68:B6:4F
X509v3 Authority Key Identifier:
keyid:76:EF:0A:0E:E8:FA:15:4D:7A:DA:43:8A:F1:21:22:69:CE:0A:CC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/du8KDuj6FU162kOK8SEiac4KzEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/mCFvEEPRkAp8HoSjX6w0Kwhotk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/du8KDuj6FU162kOK8SEiac4KzEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.240.0/23
109.71.243.0-109.71.247.255
Signature Algorithm: sha256WithRSAEncryption
83:7f:fa:2f:3d:02:9f:17:e1:dc:50:8c:ac:72:56:48:63:29:
0e:4d:3c:34:f7:66:72:9d:06:79:76:58:8a:f8:77:ed:9f:a3:
0d:a8:5b:c4:a6:d2:53:99:7f:c2:00:63:46:9a:6a:bc:20:c6:
dd:37:3e:6b:57:9b:c2:40:2b:e1:65:87:4c:ad:c3:03:6b:7e:
a1:a8:6f:1b:3f:df:e5:04:07:2d:5b:3d:89:f7:50:93:06:52:
0a:4e:e7:89:43:56:ce:84:c2:70:78:01:2e:df:63:d4:06:c3:
82:fd:8c:d3:8f:37:b8:98:a5:c1:a4:1c:fd:42:60:00:8a:66:
bd:2e:2e:40:e8:0e:cb:4b:93:37:23:99:f5:d2:77:9b:25:8a:
89:f4:cf:fa:f0:32:f7:aa:01:9a:63:ee:1c:e5:9d:1e:5e:fa:
64:2c:32:12:38:d8:29:14:b4:29:bd:79:65:eb:16:de:ac:9f:
0f:f3:34:5f:fe:dc:56:3b:bd:68:5b:9d:b2:5b:35:9e:fe:83:
82:66:5f:9b:ee:77:33:c6:92:9d:b4:1b:da:a6:d3:44:4d:cf:
af:33:51:e2:d9:d9:6c:98:fc:a2:73:25:82:0e:0e:03:51:20:
61:2a:a8:91:36:5f:34:14:c9:aa:02:97:59:a8:5f:b7:d2:20:
35:7e:41:86
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY4OjNOPDaouR29KYut9ccsBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZWYwYTBlZThmYTE1NGQ3YWRhNDM4YWYxMjEyMjY5Y2Uw
YWNjNDEwHhcNMjQwMzA1MTIxODEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODIxNmYxMDQzZDE5MDBhN2MxZTg0YTM1ZmFjMzQyYjA4NjhiNjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3TppllOg4zdI9wgW96E38hBECOz
O3ny6PN+HMT/AQVKilfNHIvdrKW/DDXjKrc+X82PfsjDZ3mF2mV0XkwYYjEDXJvL
JTbA0cM9r2HzCGgpzal9jVUiFZCj+Cu3bwUDVC2mBsMC7aSh7RSnXZI7jt/+htSJ
719quNW+2rI78gPbTj/kmqg1c9Bn2dD1La/BgJhiqD3U/DKu6wE5la6G5M8tVzid
SfR82QSZBT1WSTmGysypNdcKxV+xaQF/acCmuy1llO3wxFl/LokRQHJxDUqnNRNI
zx6PQXA2B/mTCIepBS4arVzIr2DzuP5YCwZ9D2wS5QpiLQ6PqAY0PoisdQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJghbxBD0ZAKfB6Eo1+sNCsIaLZPMB8GA1UdIwQY
MBaAFHbvCg7o+hVNetpDivEhImnOCsxBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHU4S0R1ajZGVTE2MmtPSzhTRWlhYzRLekVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8xNjg2YzMtZGE3MC00YjU0LWFiMmIt
M2JlOTk1ZDJiYmRhLzEvbUNGdkVFUFJrQXA4SG9Talg2dzBLd2hvdGs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8xNjg2YzMtZGE3MC00YjU0LWFiMmItM2JlOTk1ZDJiYmRh
LzEvZHU4S0R1ajZGVTE2MmtPSzhTRWlhYzRLekVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBbUfwMAwD
BABtR/MDBANtR/AwDQYJKoZIhvcNAQELBQADggEBAIN/+i89Ap8X4dxQjKxyVkhj
KQ5NPDT3ZnKdBnl2WIr4d+2fow2oW8Sm0lOZf8IAY0aaarwgxt03PmtXm8JAK+Fl
h0ytwwNrfqGobxs/3+UEBy1bPYn3UJMGUgpO54lDVs6EwnB4AS7fY9QGw4L9jNOP
N7iYpcGkHP1CYACKZr0uLkDoDstLkzcjmfXSd5slion0z/rwMveqAZpj7hzlnR5e
+mQsMhI42CkUtCm9eWXrFt6snw/zNF/+3FY7vWhbnbJbNZ7+g4JmX5vudzPGkp20
G9qm00RNz68zUeLZ2WyY/KJzJYIODgNRIGEqqJE2XzQUyaoCl1moX7fSIDV+QYY=
-----END CERTIFICATE-----
Generated at Tue Nov 26 11:18:34 2024 by rpki-client on console-fra.rpki-client.org