Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/xYrO1PXu7z2F_ZuoL-wCUAlK8P8.roa
File: xYrO1PXu7z2F_ZuoL-wCUAlK8P8.roa (raw, json)
Hash identifier: 8U8w4wzCiqMzY11Ar23O9j2815rpaH6XMp/B/uJcMP0=
Subject key identifier: C5:8A:CE:D4:F5:EE:EF:3D:85:FD:9B:A8:2F:EC:02:50:09:4A:F0:FF
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 0191568284A06524AB5F11279574F37AAB7B
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/xYrO1PXu7z2F_ZuoL-wCUAlK8P8.roa
Signing time: Thu 15 Aug 2024 14:47:59 +0000
ROA not before: Thu 15 Aug 2024 14:47:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214798
IP address blocks: 109.120.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Sep 2024 11:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:56:82:84:a0:65:24:ab:5f:11:27:95:74:f3:7a:ab:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Aug 15 14:47:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c58aced4f5eeef3d85fd9ba82fec0250094af0ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b0:87:01:34:80:fc:fe:3c:78:03:4d:30:9b:
ff:33:f3:39:fc:66:d4:6e:62:ff:fa:07:09:25:df:
af:29:32:46:79:2e:d7:aa:89:86:a0:0e:bc:e9:b0:
3d:7e:78:2f:4e:e9:35:cd:85:b0:97:2c:4b:4c:11:
83:be:9b:09:7c:df:ab:27:42:9b:18:6a:ad:1c:31:
f4:fe:65:05:68:1b:8d:d1:4f:18:da:fb:35:04:5a:
25:2d:e2:8c:f1:1e:c2:16:b0:90:2b:78:0b:c2:6a:
fb:a3:47:1d:5e:3b:da:1e:30:df:a9:20:47:22:b3:
e0:8e:40:79:4a:c5:c7:bd:a0:22:1b:b6:26:f5:d5:
1f:53:66:92:93:7b:db:bd:5e:a5:e8:77:0c:90:29:
dd:fd:a6:7e:d5:80:64:0a:33:a7:fe:f6:c8:4f:5b:
9e:63:68:d6:81:97:8c:70:24:b1:09:fb:86:bf:f6:
72:01:6e:e6:65:9b:a8:2b:3c:52:8b:16:7e:3f:b6:
66:e5:85:33:a0:e7:9a:ac:20:29:df:2a:35:30:8c:
a1:e4:eb:76:95:47:a8:c3:56:3a:91:37:ae:68:a2:
5b:44:68:63:ab:90:65:1f:5e:19:e6:81:dc:c3:7f:
2a:fc:e5:81:cb:0a:26:d1:a5:03:b5:b3:b5:5e:ce:
ad:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:8A:CE:D4:F5:EE:EF:3D:85:FD:9B:A8:2F:EC:02:50:09:4A:F0:FF
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/xYrO1PXu7z2F_ZuoL-wCUAlK8P8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.120.158.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:01:d7:c9:aa:0e:a2:7e:2c:67:aa:f2:ce:5e:45:77:06:28:
ef:0d:53:f2:de:3d:87:c9:3c:1f:2c:cb:d4:79:a9:be:0e:f4:
d4:9e:03:e8:52:c6:60:d2:d8:f8:b6:f4:c8:42:3f:c4:38:9c:
56:3f:8e:f7:d8:6f:b3:f7:56:6b:c1:14:8c:f9:2f:fa:7b:4c:
62:ee:dd:11:f3:49:15:93:e2:ab:97:53:cc:83:78:1a:e3:72:
e8:cf:c5:0b:f6:bf:1f:c0:a7:47:56:88:0e:45:ae:e6:3c:57:
4a:7e:ec:7d:b1:a9:ea:48:30:d5:6a:5f:fc:fa:ba:2b:be:d8:
cc:92:f7:7b:a3:a9:f4:1e:e4:66:96:1d:17:f9:c5:93:16:91:
ba:48:cb:4d:50:59:29:ae:7b:45:90:72:d8:5a:aa:18:1f:22:
9a:20:2a:b9:2b:33:a0:43:df:29:1c:13:90:c1:18:98:28:7c:
dd:59:e7:10:69:a5:ae:20:23:47:6f:19:2c:96:6f:e5:c1:23:
50:a8:7d:7c:20:1b:ec:76:ef:ff:39:c2:19:b8:8b:ff:be:16:
e7:e9:1e:e1:e6:c1:39:8c:64:70:97:83:f1:9f:22:ae:2e:e1:
af:d9:ed:01:46:6c:4d:f3:1a:b7:a1:42:42:1d:dc:d8:94:72:
10:0d:dd:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFWgoSgZSSrXxEnlXTzeqt7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwODE1MTQ0NzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNThhY2VkNGY1ZWVlZjNkODVmZDliYTgyZmVjMDI1MDA5NGFmMGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrCHATSA/P48eANNMJv/M/M5/GbU
bmL/+gcJJd+vKTJGeS7XqomGoA686bA9fngvTuk1zYWwlyxLTBGDvpsJfN+rJ0Kb
GGqtHDH0/mUFaBuN0U8Y2vs1BFolLeKM8R7CFrCQK3gLwmr7o0cdXjvaHjDfqSBH
IrPgjkB5SsXHvaAiG7Ym9dUfU2aSk3vbvV6l6HcMkCnd/aZ+1YBkCjOn/vbIT1ue
Y2jWgZeMcCSxCfuGv/ZyAW7mZZuoKzxSixZ+P7Zm5YUzoOearCAp3yo1MIyh5Ot2
lUeow1Y6kTeuaKJbRGhjq5BlH14Z5oHcw38q/OWBywom0aUDtbO1Xs6tDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMWKztT17u89hf2bqC/sAlAJSvD/MB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEveFlyTzFQWHU3ejJGX1p1b0wtd0NVQWxLOFA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXieMA0G
CSqGSIb3DQEBCwUAA4IBAQArAdfJqg6ifixnqvLOXkV3BijvDVPy3j2HyTwfLMvU
eam+DvTUngPoUsZg0tj4tvTIQj/EOJxWP4732G+z91ZrwRSM+S/6e0xi7t0R80kV
k+Krl1PMg3ga43Loz8UL9r8fwKdHVogORa7mPFdKfux9sanqSDDVal/8+rorvtjM
kvd7o6n0HuRmlh0X+cWTFpG6SMtNUFkprntFkHLYWqoYHyKaICq5KzOgQ98pHBOQ
wRiYKHzdWecQaaWuICNHbxkslm/lwSNQqH18IBvsdu//OcIZuIv/vhbn6R7h5sE5
jGRwl4PxnyKuLuGv2e0BRmxN8xq3oUJCHdzYlHIQDd3C
-----END CERTIFICATE-----
Generated at Thu Sep 19 20:12:09 2024 by rpki-client on console-ams.rpki-client.org