Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/_kGwnIEn3Lzkrp24--xBLlQ6F0o.roa
File: _kGwnIEn3Lzkrp24--xBLlQ6F0o.roa (raw, json)
Hash identifier: gCECmcstpPjsgi3NYfVDFOkCVBHtrsMMWdtfYqtoyTs=
Subject key identifier: FE:41:B0:9C:81:27:DC:BC:E4:AE:9D:B8:FB:EC:41:2E:54:3A:17:4A
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0193252F31AE49918C2831A0D17BDF0D84B6
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/_kGwnIEn3Lzkrp24--xBLlQ6F0o.roa
Signing time: Wed 13 Nov 2024 11:01:09 +0000
ROA not before: Wed 13 Nov 2024 11:01:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12697
IP address blocks: 109.122.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:25:2f:31:ae:49:91:8c:28:31:a0:d1:7b:df:0d:84:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Nov 13 11:01:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe41b09c8127dcbce4ae9db8fbec412e543a174a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1c:e0:9c:11:70:fb:b6:44:c0:9f:16:e6:e5:
83:a3:b8:fc:de:73:ff:ce:2b:63:15:aa:8e:d1:a9:
c2:21:b8:c8:e2:b3:14:8f:72:35:d9:04:ea:e0:df:
af:21:bc:33:4c:af:12:4d:79:56:dc:70:6c:1f:4d:
7f:83:d7:d3:3d:cb:c8:9d:d6:b5:cd:cc:0b:05:4a:
30:0e:98:11:07:c4:ad:5c:d7:d0:78:28:cc:b9:a0:
c0:a4:68:c3:32:c3:13:0b:c0:7b:bc:77:24:c1:71:
b1:40:b2:0b:46:26:21:74:67:91:ac:a2:33:98:72:
3d:d9:db:74:0f:29:4e:51:1c:2b:2b:9b:66:83:86:
b3:15:ec:89:71:c3:62:27:40:a5:50:e8:b0:b7:1a:
dc:04:91:63:68:37:35:4f:5c:a2:2d:4c:f2:a8:27:
ae:b3:f1:b5:95:81:5e:86:ec:83:cc:e4:2e:f1:a0:
7e:16:b3:96:97:cc:3b:ca:1f:f8:b3:6e:f1:2f:81:
88:a3:0f:8a:44:b6:5f:80:2f:dc:fd:e0:5e:94:e8:
b4:0d:54:ba:e3:6d:b2:27:f4:f5:06:bf:e5:61:7d:
b5:05:7b:a0:30:c1:2f:11:26:5b:c8:4b:c6:08:4e:
3b:48:82:6c:43:c2:4f:82:d1:b4:00:7f:99:43:f0:
22:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:41:B0:9C:81:27:DC:BC:E4:AE:9D:B8:FB:EC:41:2E:54:3A:17:4A
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/_kGwnIEn3Lzkrp24--xBLlQ6F0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.251.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:3b:35:31:e3:18:51:b5:70:49:5a:61:cb:24:88:9b:55:0c:
b7:b5:ea:db:2e:ec:e4:64:9b:96:24:b0:f9:4a:f4:2a:11:5e:
ef:e4:bb:85:26:3c:8e:26:b0:9c:cb:0a:37:21:ba:9a:c4:52:
0e:39:54:86:e3:33:1f:44:85:0d:bf:cc:ea:9f:c3:41:31:0b:
ad:58:11:8b:00:21:35:52:8c:ee:2f:13:1e:00:ee:c8:57:77:
3a:a6:e9:fe:4b:4a:13:bb:82:01:3e:1c:a7:68:ec:b7:ae:2c:
30:b2:be:30:fc:de:02:22:d1:26:31:dc:bf:79:c1:e4:e3:8a:
8f:e5:c8:2b:36:06:6e:fe:b9:d0:4c:cd:cc:b8:a5:3b:67:f1:
9b:11:fe:0e:20:85:c1:0f:e3:c1:ea:6e:cf:5d:6d:7a:2c:6f:
bb:1b:30:a1:6f:11:25:2d:fc:3c:ef:20:c9:92:0b:b0:54:f9:
4d:28:3a:f0:57:e1:b2:53:95:d7:a3:fc:d6:8d:0c:4d:44:e4:
32:92:00:88:c7:e8:d6:84:6c:8d:7a:c3:06:d7:71:94:d3:55:
a4:cf:7c:7e:b8:48:a4:17:29:15:15:b7:55:ec:07:73:f3:54:
56:0f:ba:47:a3:19:12:f3:1c:8a:63:4b:cc:fd:cc:54:77:a5:
b6:95:f6:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMlLzGuSZGMKDGg0XvfDYS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQxMTEzMTEwMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTQxYjA5YzgxMjdkY2JjZTRhZTlkYjhmYmVjNDEyZTU0M2ExNzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRzgnBFw+7ZEwJ8W5uWDo7j83nP/
zitjFaqO0anCIbjI4rMUj3I12QTq4N+vIbwzTK8STXlW3HBsH01/g9fTPcvInda1
zcwLBUowDpgRB8StXNfQeCjMuaDApGjDMsMTC8B7vHckwXGxQLILRiYhdGeRrKIz
mHI92dt0DylOURwrK5tmg4azFeyJccNiJ0ClUOiwtxrcBJFjaDc1T1yiLUzyqCeu
s/G1lYFehuyDzOQu8aB+FrOWl8w7yh/4s27xL4GIow+KRLZfgC/c/eBelOi0DVS6
422yJ/T1Br/lYX21BXugMMEvESZbyEvGCE47SIJsQ8JPgtG0AH+ZQ/AixQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP5BsJyBJ9y85K6duPvsQS5UOhdKMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvX2tHd25JRW4zTHprcnAyNC0teEJMbFE2RjBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXr7MA0G
CSqGSIb3DQEBCwUAA4IBAQAtOzUx4xhRtXBJWmHLJIibVQy3terbLuzkZJuWJLD5
SvQqEV7v5LuFJjyOJrCcywo3IbqaxFIOOVSG4zMfRIUNv8zqn8NBMQutWBGLACE1
UozuLxMeAO7IV3c6pun+S0oTu4IBPhynaOy3riwwsr4w/N4CItEmMdy/ecHk44qP
5cgrNgZu/rnQTM3MuKU7Z/GbEf4OIIXBD+PB6m7PXW16LG+7GzChbxElLfw87yDJ
kguwVPlNKDrwV+GyU5XXo/zWjQxNROQykgCIx+jWhGyNesMG13GU01Wkz3x+uEik
FykVFbdV7Adz81RWD7pHoxkS8xyKY0vM/cxUd6W2lfbt
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:12:57 2024 by rpki-client on console-fra.rpki-client.org