Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/pLbRc24qYapgpT-r5E4tL1TCQUA.roa
File: pLbRc24qYapgpT-r5E4tL1TCQUA.roa (raw, json)
Hash identifier: 22OdoF2hQsKOl0PCrfOVITNGxP4nF29w1vSxeI4ILtI=
Subject key identifier: A4:B6:D1:73:6E:2A:61:AA:60:A5:3F:AB:E4:4E:2D:2F:54:C2:41:40
Certificate issuer: /CN=d356ae625d9506df4a3e577b24a86fce3c73a8f8
Certificate serial: 018CC26D1E8DE8F1CB1689D775A8D710D01B
Authority key identifier: D3:56:AE:62:5D:95:06:DF:4A:3E:57:7B:24:A8:6F:CE:3C:73:A8:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01auYl2VBt9KPld7JKhvzjxzqPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/pLbRc24qYapgpT-r5E4tL1TCQUA.roa
Signing time: Mon 01 Jan 2024 00:29:40 +0000
ROA not before: Mon 01 Jan 2024 00:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1653
IP address blocks: 109.105.126.0/25 maxlen: 25
109.105.126.128/25 maxlen: 25
2001:948:58::/48 maxlen: 48
2001:948:59::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/01auYl2VBt9KPld7JKhvzjxzqPg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/01auYl2VBt9KPld7JKhvzjxzqPg.mft
rsync://rpki.ripe.net/repository/DEFAULT/01auYl2VBt9KPld7JKhvzjxzqPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 May 2024 07:03:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:1e:8d:e8:f1:cb:16:89:d7:75:a8:d7:10:d0:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d356ae625d9506df4a3e577b24a86fce3c73a8f8
Validity
Not Before: Jan 1 00:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4b6d1736e2a61aa60a53fabe44e2d2f54c24140
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:5b:8d:5b:38:66:27:71:19:ff:a0:3b:6d:d7:
ab:f3:52:5a:b2:46:ea:6e:27:99:7d:65:47:6a:2e:
dc:9c:fa:26:da:bd:7b:b2:dd:1d:48:88:43:d8:5b:
29:d9:47:0f:60:eb:ff:ef:da:55:be:2a:24:d5:e5:
21:c7:2c:f3:ea:d3:b6:44:bb:58:b9:6d:f9:8a:a0:
9c:40:dd:7e:e3:b1:95:4e:0d:c5:84:ef:39:8b:5b:
87:64:00:dc:8b:db:3a:0e:bd:4b:f2:b0:72:7f:8a:
f9:65:a6:34:52:c2:fb:6e:45:54:a6:b8:fe:b4:e9:
b9:e4:4d:b8:f3:58:10:e8:ab:1a:8a:20:3e:74:5f:
a8:75:24:4f:3e:1e:01:40:f7:e8:e5:14:61:e4:fe:
7f:5d:88:13:b8:23:8e:06:95:87:e8:c0:d9:29:20:
c0:5c:5c:2c:a3:81:43:e4:e4:ac:fc:66:8e:f3:b4:
e5:d5:09:97:e8:b4:ca:5c:87:3d:66:5d:58:bb:d1:
52:af:35:d0:1b:33:a1:a6:3a:54:16:8c:4d:1c:09:
d4:54:cf:8e:b8:f5:b2:eb:c1:06:ce:99:3d:1b:6c:
f3:98:fd:22:b4:ef:e2:a2:68:79:5e:7a:38:be:e2:
24:af:b0:9e:72:d2:39:4b:00:ec:90:7b:ab:8b:75:
50:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:B6:D1:73:6E:2A:61:AA:60:A5:3F:AB:E4:4E:2D:2F:54:C2:41:40
X509v3 Authority Key Identifier:
keyid:D3:56:AE:62:5D:95:06:DF:4A:3E:57:7B:24:A8:6F:CE:3C:73:A8:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01auYl2VBt9KPld7JKhvzjxzqPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/pLbRc24qYapgpT-r5E4tL1TCQUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/01auYl2VBt9KPld7JKhvzjxzqPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.126.0/24
IPv6:
2001:948:58::/47
Signature Algorithm: sha256WithRSAEncryption
bb:d5:b0:a9:6b:67:b3:9f:0e:9b:f8:d1:d1:a6:dc:f2:8b:11:
63:c4:f5:33:5b:0a:a1:d7:1d:c6:4b:ab:69:f0:9c:14:73:95:
85:0d:a1:65:db:64:43:28:6b:1f:5e:4c:6e:ac:80:76:fe:55:
01:88:12:f5:e3:af:fa:92:87:7c:7d:6a:e2:f0:7d:2d:17:c9:
d9:dc:38:ed:87:08:cd:3e:82:d1:0d:04:20:98:50:32:6d:9e:
29:9c:67:f3:81:07:8f:db:74:08:d0:1b:a9:aa:90:04:fa:33:
d0:04:23:3e:69:b7:e0:6e:6b:b6:e5:a6:2b:2c:a2:d3:d8:07:
bc:58:d3:78:5d:77:4f:ae:67:4a:61:4a:bc:7e:1b:f4:9a:38:
ba:a3:49:18:16:e7:ac:4c:8f:49:8e:f3:f1:48:e9:53:5e:8a:
b2:a7:10:45:90:a5:e8:09:7a:55:11:16:58:30:80:47:8d:73:
73:92:39:6e:ea:cf:8c:e4:8c:03:e8:d7:6a:34:11:da:f8:e7:
11:29:40:a5:8f:98:4b:9b:d2:5d:d5:aa:95:1f:ea:0a:9f:3a:
d1:67:c0:fd:6a:23:82:42:09:0f:7c:ce:73:b0:fd:6a:95:eb:
73:77:64:51:98:dd:e7:70:31:c5:96:fb:f2:03:b7:72:59:09:
78:a3:a5:3c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbR6N6PHLFonXdajXENAbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNTZhZTYyNWQ5NTA2ZGY0YTNlNTc3YjI0YTg2ZmNlM2M3
M2E4ZjgwHhcNMjQwMTAxMDAyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGI2ZDE3MzZlMmE2MWFhNjBhNTNmYWJlNDRlMmQyZjU0YzI0MTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVuNWzhmJ3EZ/6A7bder81Jaskbq
bieZfWVHai7cnPom2r17st0dSIhD2Fsp2UcPYOv/79pVviok1eUhxyzz6tO2RLtY
uW35iqCcQN1+47GVTg3FhO85i1uHZADci9s6Dr1L8rByf4r5ZaY0UsL7bkVUprj+
tOm55E2481gQ6KsaiiA+dF+odSRPPh4BQPfo5RRh5P5/XYgTuCOOBpWH6MDZKSDA
XFwso4FD5OSs/GaO87Tl1QmX6LTKXIc9Zl1Yu9FSrzXQGzOhpjpUFoxNHAnUVM+O
uPWy68EGzpk9G2zzmP0itO/iomh5Xno4vuIkr7CectI5SwDskHuri3VQgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKS20XNuKmGqYKU/q+ROLS9UwkFAMB8GA1UdIwQY
MBaAFNNWrmJdlQbfSj5XeySob848c6j4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDFhdVlsMlZCdDlLUGxkN0pLaHZ6anh6cVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83YTY1NDUtNTI3Ny00MGYzLWIzNjYt
MmVhODdlNmVhMmEwLzEvcExiUmMyNHFZYXBncFQtcjVFNHRMMVRDUVVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83YTY1NDUtNTI3Ny00MGYzLWIzNjYtMmVhODdlNmVhMmEw
LzEvMDFhdVlsMlZCdDlLUGxkN0pLaHZ6anh6cVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAbWl+MA8E
AgACMAkDBwEgAQlIAFgwDQYJKoZIhvcNAQELBQADggEBALvVsKlrZ7OfDpv40dGm
3PKLEWPE9TNbCqHXHcZLq2nwnBRzlYUNoWXbZEMoax9eTG6sgHb+VQGIEvXjr/qS
h3x9auLwfS0XydncOO2HCM0+gtENBCCYUDJtnimcZ/OBB4/bdAjQG6mqkAT6M9AE
Iz5pt+Bua7blpissotPYB7xY03hdd0+uZ0phSrx+G/SaOLqjSRgW56xMj0mO8/FI
6VNeirKnEEWQpegJelURFlgwgEeNc3OSOW7qz4zkjAPo12o0Edr45xEpQKWPmEub
0l3VqpUf6gqfOtFnwP1qI4JCCQ98znOw/WqV63N3ZFGY3edwMcWW+/IDt3JZCXij
pTw=
-----END CERTIFICATE-----
Generated at Wed May 29 09:27:55 2024 by rpki-client on console-fra.rpki-client.org