Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/t9MerRCqSlcpNX20Y92pQEHmilw.roa
File: t9MerRCqSlcpNX20Y92pQEHmilw.roa (raw, json)
Hash identifier: fPZlt1niFqWOOv9JMMfDlIpsKrLC6tji/AGwUxNMUiw=
Subject key identifier: B7:D3:1E:AD:10:AA:4A:57:29:35:7D:B4:63:DD:A9:40:41:E6:8A:5C
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 019322F4D2C8DD3547BD826F5EA7FC96FB6E
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/t9MerRCqSlcpNX20Y92pQEHmilw.roa
Signing time: Wed 13 Nov 2024 00:38:10 +0000
ROA not before: Wed 13 Nov 2024 00:38:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 109.111.40.0/22 maxlen: 24
176.221.26.0/23 maxlen: 24
185.65.60.0/24 maxlen: 24
185.65.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.mft
rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 15:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:22:f4:d2:c8:dd:35:47:bd:82:6f:5e:a7:fc:96:fb:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Nov 13 00:38:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7d31ead10aa4a5729357db463dda94041e68a5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:eb:a1:b9:e6:b5:6b:cd:5c:81:7a:26:e6:9b:
d7:71:17:8c:0f:06:6e:ca:ad:48:88:57:37:13:d2:
c9:0d:25:28:f3:11:b5:7d:bc:55:83:82:36:b7:b3:
ce:27:79:3a:8f:f1:1e:75:79:1b:1c:94:88:80:40:
8b:de:a8:5a:1f:89:71:34:cd:b9:ad:79:28:87:3d:
41:fd:66:ce:61:6b:34:8b:ad:d1:52:ac:a8:13:40:
3f:57:fe:af:f9:a0:b2:05:33:22:2d:c4:52:1e:b8:
6b:7a:17:04:fb:d0:e7:3b:28:be:c0:ca:8c:24:28:
0c:95:64:10:2a:0e:0d:95:b6:40:40:1c:47:b1:ee:
84:ea:95:0f:97:1f:92:ef:80:5b:8b:a9:0d:a4:1c:
27:ff:26:e4:f8:d2:e3:63:88:40:6d:6b:85:0a:c3:
73:55:d2:b7:07:c7:27:e5:f3:72:90:ce:be:1d:71:
1f:4b:23:69:2b:56:e0:cf:24:f1:2b:8e:79:b7:cd:
69:1e:2b:8c:6f:6d:00:52:5b:a2:54:8f:5d:35:6d:
99:06:da:8f:b0:d6:fb:f9:e4:ba:08:47:67:72:bf:
77:78:db:3f:3e:77:a8:d3:32:e9:5e:67:8c:69:af:
e8:67:1a:39:ba:de:dc:50:34:32:da:74:ab:3d:67:
c0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:D3:1E:AD:10:AA:4A:57:29:35:7D:B4:63:DD:A9:40:41:E6:8A:5C
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/t9MerRCqSlcpNX20Y92pQEHmilw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.40.0/22
176.221.26.0/23
185.65.60.0/23
Signature Algorithm: sha256WithRSAEncryption
10:82:2b:aa:8c:fa:30:6e:33:56:32:f9:0f:89:9d:35:21:04:
43:87:39:1f:2f:71:1a:28:93:0d:72:de:42:d5:19:a9:38:a8:
6f:0a:84:68:2e:88:83:bd:d8:72:52:68:28:89:73:98:a2:a6:
39:ca:a8:ef:7f:b3:36:a6:9b:0a:dd:fc:18:be:1a:d3:9c:f7:
56:2e:32:3c:8e:6d:cd:05:bf:d1:ec:68:91:56:cc:5f:12:19:
ad:4a:25:32:6d:8b:f5:b1:ff:f1:15:4c:da:3a:50:8f:d6:c3:
38:60:ec:d1:cb:ae:23:6b:b0:53:17:60:8d:03:ce:b6:35:04:
39:37:df:7b:b1:34:97:ef:3f:78:16:8b:66:f3:dc:a7:35:ce:
34:a2:5d:0c:96:a4:b3:88:c9:ab:bd:01:83:86:fa:fa:4e:d1:
e3:48:3b:d0:4f:6e:9c:d1:17:4e:14:50:c9:22:92:f7:75:a8:
e8:80:8d:aa:f8:50:52:af:71:4e:7e:ef:ce:66:8f:e0:59:00:
e4:8a:30:2d:8a:3d:c8:23:1d:f2:81:89:46:54:5d:54:ce:f2:
6d:67:c3:e9:4b:58:53:f6:0e:6e:d3:a3:ce:41:f2:7d:d0:a6:
05:d0:bc:cf:02:40:24:5a:3d:37:8f:8f:7a:76:dd:ef:75:19:
b2:fd:a8:ff
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMi9NLI3TVHvYJvXqf8lvtuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQxMTEzMDAzODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2QzMWVhZDEwYWE0YTU3MjkzNTdkYjQ2M2RkYTk0MDQxZTY4YTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+uhuea1a81cgXom5pvXcReMDwZu
yq1IiFc3E9LJDSUo8xG1fbxVg4I2t7POJ3k6j/EedXkbHJSIgECL3qhaH4lxNM25
rXkohz1B/WbOYWs0i63RUqyoE0A/V/6v+aCyBTMiLcRSHrhrehcE+9DnOyi+wMqM
JCgMlWQQKg4NlbZAQBxHse6E6pUPlx+S74Bbi6kNpBwn/ybk+NLjY4hAbWuFCsNz
VdK3B8cn5fNykM6+HXEfSyNpK1bgzyTxK455t81pHiuMb20AUluiVI9dNW2ZBtqP
sNb7+eS6CEdncr93eNs/Pneo0zLpXmeMaa/oZxo5ut7cUDQy2nSrPWfAoQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLfTHq0QqkpXKTV9tGPdqUBB5opcMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvdDlNZXJSQ3FTbGNwTlgyMFk5MnBRRUhtaWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCbW8oAwQB
sN0aAwQBuUE8MA0GCSqGSIb3DQEBCwUAA4IBAQAQgiuqjPowbjNWMvkPiZ01IQRD
hzkfL3EaKJMNct5C1RmpOKhvCoRoLoiDvdhyUmgoiXOYoqY5yqjvf7M2ppsK3fwY
vhrTnPdWLjI8jm3NBb/R7GiRVsxfEhmtSiUybYv1sf/xFUzaOlCP1sM4YOzRy64j
a7BTF2CNA862NQQ5N997sTSX7z94Fotm89ynNc40ol0MlqSziMmrvQGDhvr6TtHj
SDvQT26c0RdOFFDJIpL3dajogI2q+FBSr3FOfu/OZo/gWQDkijAtij3IIx3ygYlG
VF1UzvJtZ8PpS1hT9g5u06POQfJ90KYF0LzPAkAkWj03j496dt3vdRmy/aj/
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:31:24 2024 by rpki-client on console-fra.rpki-client.org