Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/xf-rBr_dbCggR6ojx_SzY6RS_hQ.roa
File: xf-rBr_dbCggR6ojx_SzY6RS_hQ.roa (raw, json)
Hash identifier: D760C7rjyuufJhBDEIBEw5gRk8kdR4Q39Tlu3cFQFFA=
Subject key identifier: C5:FF:AB:06:BF:DD:6C:28:20:47:AA:23:C7:F4:B3:63:A4:52:FE:14
Certificate issuer: /CN=9ab2f9975a91e71379da100ec84bd44a0a280d9b
Certificate serial: 018CC6B783DD48B49954D2B7AB8373228EBD
Authority key identifier: 9A:B2:F9:97:5A:91:E7:13:79:DA:10:0E:C8:4B:D4:4A:0A:28:0D:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mrL5l1qR5xN52hAOyEvUSgooDZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/xf-rBr_dbCggR6ojx_SzY6RS_hQ.roa
Signing time: Mon 01 Jan 2024 20:29:24 +0000
ROA not before: Mon 01 Jan 2024 20:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43510
IP address blocks: 109.239.4.0/24 maxlen: 24
109.239.0.0/23 maxlen: 23
109.239.0.0/20 maxlen: 20
109.239.3.0/24 maxlen: 24
109.239.2.0/24 maxlen: 24
109.239.5.0/24 maxlen: 24
109.239.11.0/24 maxlen: 24
109.239.7.0/24 maxlen: 24
109.239.6.0/24 maxlen: 24
109.239.8.0/24 maxlen: 24
109.239.10.0/24 maxlen: 24
109.239.9.0/24 maxlen: 24
109.239.12.0/24 maxlen: 24
109.239.13.0/24 maxlen: 24
109.239.15.0/24 maxlen: 24
109.239.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/mrL5l1qR5xN52hAOyEvUSgooDZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/mrL5l1qR5xN52hAOyEvUSgooDZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mrL5l1qR5xN52hAOyEvUSgooDZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:03:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:83:dd:48:b4:99:54:d2:b7:ab:83:73:22:8e:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ab2f9975a91e71379da100ec84bd44a0a280d9b
Validity
Not Before: Jan 1 20:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5ffab06bfdd6c282047aa23c7f4b363a452fe14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:81:26:a7:66:19:5f:f6:89:44:c5:14:8c:f9:
07:3e:7d:87:55:11:23:c5:c8:19:1a:5f:2e:fc:cd:
90:e3:a3:3b:42:0a:e6:d5:07:8f:45:21:6f:7d:b7:
38:81:b4:b8:9a:5d:93:16:a2:f0:bf:1d:d8:04:54:
5e:31:ef:cd:a2:3f:5a:f9:72:da:8c:21:94:7c:88:
d9:ef:dc:6c:a3:bb:2b:54:90:9c:35:88:18:c6:e0:
5d:e3:22:1e:4a:62:06:a9:ba:e5:14:e1:7c:62:0d:
0f:fe:45:5d:fd:20:89:07:82:86:5e:4f:55:57:71:
46:3d:8c:69:50:db:48:21:7e:da:8e:39:a2:dc:8d:
ed:b6:88:db:e1:d4:58:0c:a1:70:b3:db:89:96:49:
5a:5b:68:c1:c7:a9:45:e7:b2:3f:de:00:26:27:c7:
38:39:9b:36:e4:35:65:70:b8:6f:39:bb:c4:a4:f6:
e2:8d:c1:50:74:3d:1b:0c:c1:42:55:da:35:eb:42:
cf:a4:ed:51:19:99:e1:56:86:83:4f:47:89:ff:16:
d3:97:cf:f1:ca:8e:bc:7d:a0:4b:9f:11:1e:9f:af:
39:86:5b:94:30:d2:72:ce:63:88:47:16:f4:d2:8f:
5c:a1:dc:f7:d6:a3:6a:93:1f:99:d0:5c:b1:be:91:
68:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FF:AB:06:BF:DD:6C:28:20:47:AA:23:C7:F4:B3:63:A4:52:FE:14
X509v3 Authority Key Identifier:
keyid:9A:B2:F9:97:5A:91:E7:13:79:DA:10:0E:C8:4B:D4:4A:0A:28:0D:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mrL5l1qR5xN52hAOyEvUSgooDZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/xf-rBr_dbCggR6ojx_SzY6RS_hQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/mrL5l1qR5xN52hAOyEvUSgooDZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.239.0.0/20
Signature Algorithm: sha256WithRSAEncryption
08:8b:b3:00:c9:46:83:72:b5:03:b5:8d:d7:aa:0e:e5:17:66:
57:9d:f1:f3:78:2a:7d:bd:07:53:d2:40:45:55:9b:69:29:5c:
8e:32:36:67:49:c2:06:f0:b9:9e:ce:fb:58:e1:fd:67:e7:da:
93:dc:e7:71:c7:c6:7e:df:e1:a3:75:3d:b4:8e:0b:b4:76:d0:
ff:a4:41:71:a6:28:ed:dd:e2:f1:5d:d7:e9:b5:8e:8e:c5:24:
3c:5f:be:36:ea:23:4c:3d:cd:8e:fd:06:4b:40:f2:7d:03:46:
67:30:e7:e6:58:b4:82:98:6f:b7:c0:1f:fa:47:1b:a0:d8:69:
0f:53:46:3a:e8:e8:f3:09:ed:70:45:18:8c:78:92:8a:82:89:
23:80:95:c1:8a:b0:d3:d8:a7:0a:2c:ca:4d:2a:f0:bb:17:7c:
69:34:ba:23:41:fb:d2:fd:15:24:d1:c6:94:dd:e9:2e:33:2b:
3e:d5:5e:85:1d:66:ab:02:fc:d3:3e:9f:52:82:61:63:f5:60:
8d:fc:26:e5:98:e0:37:12:7a:0a:6b:86:f2:21:95:3b:b5:c9:
58:d2:3a:bb:48:9c:d0:47:c2:1c:d6:99:08:3c:a4:32:b0:75:
cb:b6:0e:58:9c:ae:12:f9:4f:4f:53:40:22:90:38:b4:00:c0:
e5:73:f3:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt4PdSLSZVNK3q4NzIo69MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhYjJmOTk3NWE5MWU3MTM3OWRhMTAwZWM4NGJkNDRhMGEy
ODBkOWIwHhcNMjQwMTAxMjAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWZmYWIwNmJmZGQ2YzI4MjA0N2FhMjNjN2Y0YjM2M2E0NTJmZTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4Emp2YZX/aJRMUUjPkHPn2HVREj
xcgZGl8u/M2Q46M7Qgrm1QePRSFvfbc4gbS4ml2TFqLwvx3YBFReMe/Noj9a+XLa
jCGUfIjZ79xso7srVJCcNYgYxuBd4yIeSmIGqbrlFOF8Yg0P/kVd/SCJB4KGXk9V
V3FGPYxpUNtIIX7ajjmi3I3ttojb4dRYDKFws9uJlklaW2jBx6lF57I/3gAmJ8c4
OZs25DVlcLhvObvEpPbijcFQdD0bDMFCVdo160LPpO1RGZnhVoaDT0eJ/xbTl8/x
yo68faBLnxEen685hluUMNJyzmOIRxb00o9codz31qNqkx+Z0FyxvpFomQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMX/qwa/3WwoIEeqI8f0s2OkUv4UMB8GA1UdIwQY
MBaAFJqy+ZdakecTedoQDshL1EoKKA2bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXJMNWwxcVI1eE41MmhBT3lFdlVTZ29vRFpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8wN2E0ODctMjZjYi00YjE4LWJiMzkt
MTVmZTA2ZmZmOGJjLzEveGYtckJyX2RiQ2dnUjZvanhfU3pZNlJTX2hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8wN2E0ODctMjZjYi00YjE4LWJiMzktMTVmZTA2ZmZmOGJj
LzEvbXJMNWwxcVI1eE41MmhBT3lFdlVTZ29vRFpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEbe8AMA0G
CSqGSIb3DQEBCwUAA4IBAQAIi7MAyUaDcrUDtY3Xqg7lF2ZXnfHzeCp9vQdT0kBF
VZtpKVyOMjZnScIG8LmezvtY4f1n59qT3Odxx8Z+3+GjdT20jgu0dtD/pEFxpijt
3eLxXdfptY6OxSQ8X7426iNMPc2O/QZLQPJ9A0ZnMOfmWLSCmG+3wB/6Rxug2GkP
U0Y66OjzCe1wRRiMeJKKgokjgJXBirDT2KcKLMpNKvC7F3xpNLojQfvS/RUk0caU
3ekuMys+1V6FHWarAvzTPp9SgmFj9WCN/CblmOA3EnoKa4byIZU7tclY0jq7SJzQ
R8Ic1pkIPKQysHXLtg5YnK4S+U9PU0AikDi0AMDlc/PN
-----END CERTIFICATE-----
Generated at Fri Jun 7 15:59:55 2024 by rpki-client on console-fra.rpki-client.org