Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/drL0dFt8ESK0rijIgcxamuW08M0.roa
File: drL0dFt8ESK0rijIgcxamuW08M0.roa (raw, json)
Hash identifier: scNmkIiGui5gfwb9cU1BGgdxIhKnyOvTw0JqckMZuvQ=
Subject key identifier: 76:B2:F4:74:5B:7C:11:22:B4:AE:28:C8:81:CC:5A:9A:E5:B4:F0:CD
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 018CC500C580D677EEDBA80ABA085BC625E1
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/drL0dFt8ESK0rijIgcxamuW08M0.roa
Signing time: Mon 01 Jan 2024 12:30:11 +0000
ROA not before: Mon 01 Jan 2024 12:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34661
IP address blocks: 109.122.0.0/20 maxlen: 20
109.122.16.0/20 maxlen: 20
109.122.32.0/22 maxlen: 22
109.122.36.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:c5:80:d6:77:ee:db:a8:0a:ba:08:5b:c6:25:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Jan 1 12:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76b2f4745b7c1122b4ae28c881cc5a9ae5b4f0cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:03:1a:db:f4:d5:88:7d:9e:66:f1:fd:f5:7b:
82:22:81:e8:bd:55:23:17:eb:78:9c:06:3a:1d:6f:
14:a3:09:fb:04:1e:62:4a:35:be:3c:50:5d:77:b1:
14:ad:50:b4:91:25:1a:bc:a1:b0:1a:3c:68:67:a8:
08:11:05:06:e3:be:3e:4c:18:bc:dc:84:a6:e3:18:
ce:05:fd:a5:2b:77:b6:be:91:b0:33:5a:3a:c3:53:
82:b8:2f:f9:76:f3:b2:4c:8f:1d:44:d6:87:e3:29:
d7:d9:dc:f9:ab:c7:48:52:6c:51:40:3e:4e:32:cd:
ba:40:ed:4f:b2:2b:aa:8b:cc:ca:4c:5c:3a:0e:b0:
45:23:c8:96:99:f5:74:63:ba:c6:76:f4:1e:a9:24:
41:7e:1f:62:3a:f5:36:f7:a6:9f:91:39:b6:d6:58:
04:68:d0:fc:10:82:e2:b8:7a:e6:01:db:d0:d6:7b:
cc:66:40:a6:71:ae:c7:49:a2:84:eb:52:42:c9:5c:
70:4a:68:c1:3d:d6:c2:e9:4a:69:2e:e8:a7:ff:22:
90:8b:79:a7:e7:78:09:f3:c6:2b:11:2b:cd:04:ec:
cf:22:c9:71:67:48:1c:a0:03:69:1a:39:df:3a:1c:
f1:ad:d0:7d:53:7a:26:44:f3:f4:cb:db:12:ac:c2:
f2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B2:F4:74:5B:7C:11:22:B4:AE:28:C8:81:CC:5A:9A:E5:B4:F0:CD
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/drL0dFt8ESK0rijIgcxamuW08M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.0.0-109.122.39.255
Signature Algorithm: sha256WithRSAEncryption
15:47:71:52:ab:15:ab:8a:02:91:f5:84:5f:39:de:ef:68:7b:
d7:19:30:9d:b4:1c:8d:17:18:c5:3b:c8:42:54:0d:eb:ea:94:
2c:5e:94:fc:ac:8c:b9:86:c2:d5:6b:9a:70:bf:6f:e9:19:21:
43:77:40:cc:02:f5:68:03:cc:cc:05:80:eb:9e:44:d7:02:22:
0c:98:71:30:1c:ae:aa:e0:59:39:ad:20:72:03:0b:24:ad:39:
60:a9:d3:14:ed:0f:64:d4:74:b0:3a:6b:7a:ed:e9:4b:2e:11:
c2:58:f8:1c:e9:35:b7:07:5a:bb:97:25:54:82:05:65:8b:42:
5e:6d:4c:73:9f:46:14:84:31:a1:ae:70:f1:30:4d:24:68:24:
1e:e1:43:ad:3b:dd:a9:14:f7:a6:d1:df:45:9f:bc:d3:29:29:
51:1a:e0:73:79:9b:90:da:e1:44:a6:fc:70:6b:00:b3:6b:9c:
03:17:17:2c:f6:31:58:66:50:9c:b3:3a:00:86:c0:ea:91:65:
f7:de:cc:f3:66:7c:49:0a:9f:91:73:b4:3b:e5:c3:b2:e2:35:
89:22:89:e7:ea:c0:60:eb:42:7f:9f:9b:af:ca:a6:1e:9c:e6:
88:12:3e:b8:62:74:f6:f1:5b:a9:95:ad:26:92:b7:f9:34:4a:
d1:e7:7d:78
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzFAMWA1nfu26gKughbxiXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjQwMTAxMTIzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmIyZjQ3NDViN2MxMTIyYjRhZTI4Yzg4MWNjNWE5YWU1YjRmMGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAMa2/TViH2eZvH99XuCIoHovVUj
F+t4nAY6HW8Uown7BB5iSjW+PFBdd7EUrVC0kSUavKGwGjxoZ6gIEQUG474+TBi8
3ISm4xjOBf2lK3e2vpGwM1o6w1OCuC/5dvOyTI8dRNaH4ynX2dz5q8dIUmxRQD5O
Ms26QO1Psiuqi8zKTFw6DrBFI8iWmfV0Y7rGdvQeqSRBfh9iOvU296afkTm21lgE
aND8EILiuHrmAdvQ1nvMZkCmca7HSaKE61JCyVxwSmjBPdbC6UppLuin/yKQi3mn
53gJ88YrESvNBOzPIslxZ0gcoANpGjnfOhzxrdB9U3omRPP0y9sSrMLy4QIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFHay9HRbfBEitK4oyIHMWprltPDNMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvZHJMMGRGdDhFU0swcmlqSWdjeGFtdVcwOE0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwFtegME
A216IDANBgkqhkiG9w0BAQsFAAOCAQEAFUdxUqsVq4oCkfWEXzne72h71xkwnbQc
jRcYxTvIQlQN6+qULF6U/KyMuYbC1WuacL9v6RkhQ3dAzAL1aAPMzAWA655E1wIi
DJhxMByuquBZOa0gcgMLJK05YKnTFO0PZNR0sDpreu3pSy4Rwlj4HOk1twdau5cl
VIIFZYtCXm1Mc59GFIQxoa5w8TBNJGgkHuFDrTvdqRT3ptHfRZ+80ykpURrgc3mb
kNrhRKb8cGsAs2ucAxcXLPYxWGZQnLM6AIbA6pFl997M82Z8SQqfkXO0O+XDsuI1
iSKJ5+rAYOtCf5+br8qmHpzmiBI+uGJ09vFbqZWtJpK3+TRK0ed9eA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:22:58 2024 by rpki-client on console-ams.rpki-client.org