Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/3j5q8d5167H4bp5beAjxahvygyM.roa
File: 3j5q8d5167H4bp5beAjxahvygyM.roa (raw, json)
Hash identifier: kS9izPoa0XxOJcT9nooPbhIhbZMm0KI3GMN1lix9rA4=
Subject key identifier: DE:3E:6A:F1:DE:75:EB:B1:F8:6E:9E:5B:78:08:F1:6A:1B:F2:83:23
Certificate issuer: /CN=a47f708c34a5e71daf3d2e54b99ab74f069ef80b
Certificate serial: 019201B2D02F3736BE4D7BD228DEF6A98C4F
Authority key identifier: A4:7F:70:8C:34:A5:E7:1D:AF:3D:2E:54:B9:9A:B7:4F:06:9E:F8:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pH9wjDSl5x2vPS5UuZq3Twae-As.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/3j5q8d5167H4bp5beAjxahvygyM.roa
Signing time: Tue 17 Sep 2024 20:35:48 +0000
ROA not before: Tue 17 Sep 2024 20:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 109.202.124.0/24 maxlen: 24
109.202.126.0/24 maxlen: 24
2a03:e182::/32 maxlen: 32
2a03:e183::/32 maxlen: 32
2a03:e184::/32 maxlen: 32
2a03:e185::/32 maxlen: 32
2a03:e186::/32 maxlen: 32
2a03:e187::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/pH9wjDSl5x2vPS5UuZq3Twae-As.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/pH9wjDSl5x2vPS5UuZq3Twae-As.mft
rsync://rpki.ripe.net/repository/DEFAULT/pH9wjDSl5x2vPS5UuZq3Twae-As.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:01:b2:d0:2f:37:36:be:4d:7b:d2:28:de:f6:a9:8c:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a47f708c34a5e71daf3d2e54b99ab74f069ef80b
Validity
Not Before: Sep 17 20:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de3e6af1de75ebb1f86e9e5b7808f16a1bf28323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:44:36:a6:bf:7c:88:d5:d4:88:f4:b1:57:9b:
2e:ab:e8:69:d3:7e:8b:60:5a:fe:12:f2:a5:bc:f2:
60:2f:4a:69:67:21:e2:6f:40:f4:b5:6b:36:b8:43:
36:db:bb:fe:06:4c:ba:0b:8e:cf:a3:77:25:61:2b:
86:07:8e:09:7b:46:fe:5f:00:d0:c3:18:9a:51:c6:
bd:58:12:7e:a5:6a:85:8c:41:e2:e7:dd:06:ff:16:
50:e8:b5:90:21:33:4a:a3:e0:0a:fe:0d:dd:9a:40:
48:a5:7a:9d:2d:99:30:a9:dd:58:2d:32:a7:03:4d:
94:23:f1:26:b5:76:2c:72:01:3b:15:3b:dc:db:da:
85:0e:c3:9b:db:1c:c5:09:cf:8b:1b:82:9a:23:14:
b3:0b:ea:d2:f7:bf:f1:67:cd:ee:2b:2d:aa:48:6a:
95:af:8e:f5:bb:55:36:c7:95:17:ee:ff:e1:2a:cf:
01:44:f4:1a:2c:3a:ad:e9:d9:ab:0e:e3:50:51:73:
20:d8:2f:33:be:ba:2e:3b:31:e0:42:7d:c3:18:19:
bb:b9:27:e6:ec:9d:18:0f:04:f3:6a:8d:5d:cb:3f:
db:d7:72:d8:94:77:a7:69:9b:c2:d4:39:b5:92:7f:
03:a9:8a:6e:1a:4a:9f:cc:9d:4c:9a:d7:d1:97:b1:
76:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:3E:6A:F1:DE:75:EB:B1:F8:6E:9E:5B:78:08:F1:6A:1B:F2:83:23
X509v3 Authority Key Identifier:
keyid:A4:7F:70:8C:34:A5:E7:1D:AF:3D:2E:54:B9:9A:B7:4F:06:9E:F8:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pH9wjDSl5x2vPS5UuZq3Twae-As.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/3j5q8d5167H4bp5beAjxahvygyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/pH9wjDSl5x2vPS5UuZq3Twae-As.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.202.124.0/24
109.202.126.0/24
IPv6:
2a03:e182::-2a03:e187:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
66:80:dd:5b:e2:65:19:3c:d5:6d:4b:82:ab:b0:a0:66:31:1e:
05:1c:6d:8f:01:44:08:a2:27:8d:c7:7b:5e:43:51:0f:c9:dd:
c6:8d:75:a8:de:23:c4:72:ac:5e:5f:ad:93:21:7e:3c:b2:46:
9f:6d:aa:ab:fd:72:4f:09:8e:de:95:d4:f0:fa:a7:4a:ca:23:
b7:e8:c5:41:46:37:ac:11:4f:51:38:f3:7d:e8:ae:ab:19:38:
2f:63:8f:13:8c:25:de:17:a7:3c:01:df:48:ad:89:e6:3e:87:
81:2c:bd:2f:41:55:5f:fc:a4:4e:ae:19:5c:24:6b:04:81:ed:
12:d1:44:90:77:e9:24:58:18:4d:e3:62:98:e7:c3:36:7f:e2:
a4:cc:b5:d9:f8:80:8f:7a:4d:6e:9a:6d:bb:2d:1a:da:76:46:
2d:69:1f:25:32:99:ca:ab:37:1f:11:0a:f2:71:45:75:6a:29:
4b:ff:09:e9:60:43:2d:a4:1e:de:c2:ac:7c:b2:32:9b:68:9c:
ff:d8:9c:7d:d8:8f:61:09:2f:9c:a6:10:8b:e0:08:f1:27:36:
d2:17:0f:29:ac:cd:a4:95:a8:2a:1a:d3:e6:89:ad:4a:9c:6f:
d0:33:82:31:c9:14:3b:55:44:5f:3b:69:83:36:d0:2c:73:6a:
5d:09:2e:00
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZIBstAvNza+TXvSKN72qYxPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0N2Y3MDhjMzRhNWU3MWRhZjNkMmU1NGI5OWFiNzRmMDY5
ZWY4MGIwHhcNMjQwOTE3MjAzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTNlNmFmMWRlNzVlYmIxZjg2ZTllNWI3ODA4ZjE2YTFiZjI4MzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEQ2pr98iNXUiPSxV5suq+hp036L
YFr+EvKlvPJgL0ppZyHib0D0tWs2uEM227v+Bky6C47Po3clYSuGB44Je0b+XwDQ
wxiaUca9WBJ+pWqFjEHi590G/xZQ6LWQITNKo+AK/g3dmkBIpXqdLZkwqd1YLTKn
A02UI/EmtXYscgE7FTvc29qFDsOb2xzFCc+LG4KaIxSzC+rS97/xZ83uKy2qSGqV
r471u1U2x5UX7v/hKs8BRPQaLDqt6dmrDuNQUXMg2C8zvrouOzHgQn3DGBm7uSfm
7J0YDwTzao1dyz/b13LYlHenaZvC1Dm1kn8DqYpuGkqfzJ1MmtfRl7F2aQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFN4+avHedeux+G6eW3gI8Wob8oMjMB8GA1UdIwQY
MBaAFKR/cIw0pecdrz0uVLmat08GnvgLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEg5d2pEU2w1eDJ2UFM1VXVacTNUd2FlLUFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wMTlhMWUtYmU5OC00MTRjLThjMmMt
NmIyN2ZmMjI1N2M2LzEvM2o1cThkNTE2N0g0YnA1YmVBanhhaHZ5Z3lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wMTlhMWUtYmU5OC00MTRjLThjMmMtNmIyN2ZmMjI1N2M2
LzEvcEg5d2pEU2w1eDJ2UFM1VXVacTNUd2FlLUFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAbcp8AwQA
bcp+MBYEAgACMBAwDgMFASoD4YIDBQMqA+GAMA0GCSqGSIb3DQEBCwUAA4IBAQBm
gN1b4mUZPNVtS4KrsKBmMR4FHG2PAUQIoieNx3teQ1EPyd3GjXWo3iPEcqxeX62T
IX48skafbaqr/XJPCY7eldTw+qdKyiO36MVBRjesEU9ROPN96K6rGTgvY48TjCXe
F6c8Ad9IrYnmPoeBLL0vQVVf/KROrhlcJGsEge0S0USQd+kkWBhN42KY58M2f+Kk
zLXZ+ICPek1umm27LRradkYtaR8lMpnKqzcfEQrycUV1ailL/wnpYEMtpB7ewqx8
sjKbaJz/2Jx92I9hCS+cphCL4AjxJzbSFw8prM2klagqGtPmia1KnG/QM4IxyRQ7
VURfO2mDNtAsc2pdCS4A
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:36:17 2024 by rpki-client on console-fra.rpki-client.org