Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/j-9U4DI-atm6fVgm8PUjxMDP77A.roa
File: j-9U4DI-atm6fVgm8PUjxMDP77A.roa (raw, json)
Hash identifier: RiBlLkYIVdXTqFRMsrzca7dzWOHxAsdA7F4xMAYbS0g=
Subject key identifier: 8F:EF:54:E0:32:3E:6A:D9:BA:7D:58:26:F0:F5:23:C4:C0:CF:EF:B0
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 018F813FABAAE3792F89D7B4D6C273B6539F
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/j-9U4DI-atm6fVgm8PUjxMDP77A.roa
Signing time: Thu 16 May 2024 11:53:04 +0000
ROA not before: Thu 16 May 2024 11:53:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63023
IP address blocks: 109.172.80.0/22 maxlen: 22
178.130.132.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Dec 2024 23:40:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:81:3f:ab:aa:e3:79:2f:89:d7:b4:d6:c2:73:b6:53:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: May 16 11:53:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fef54e0323e6ad9ba7d5826f0f523c4c0cfefb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fd:a2:97:03:2c:62:d5:3e:b0:2a:22:4c:15:
57:5b:ba:3b:7d:de:57:40:3b:6a:e4:1e:ca:b1:7e:
13:06:6a:b0:ac:18:26:8e:b6:48:40:82:44:f8:07:
1a:2d:5e:5a:ea:7b:e3:aa:22:d8:9c:49:61:77:46:
b5:10:13:e4:06:cb:be:0c:52:e1:35:cb:1e:f7:22:
ad:03:c0:cd:61:2c:6d:83:25:93:b7:25:1f:43:d0:
96:58:e6:98:4a:3f:e2:ab:a3:05:00:22:76:31:1f:
37:23:c7:f5:fd:af:ba:b9:6f:08:69:56:70:fb:37:
3b:c9:8d:7b:1c:f8:40:fd:81:e5:31:58:0e:38:be:
94:8c:cf:b5:3e:49:4d:19:00:78:50:24:96:d4:76:
2e:51:e0:08:25:2a:68:93:77:e1:98:dc:ca:87:30:
ee:82:6f:80:5f:2d:33:43:38:d6:01:d1:6a:ad:c0:
7a:ef:ac:5f:0d:6f:83:c2:4f:13:68:e0:86:94:93:
8f:a2:94:ab:66:e2:b7:2f:a0:e7:3a:8f:a9:fb:dc:
a1:d2:ca:8c:e9:67:56:bd:0e:0a:93:93:4c:de:80:
a4:44:21:10:f1:cf:b0:75:e3:de:0c:f9:bc:7d:89:
70:1c:f5:22:e8:bd:10:47:29:4b:2d:18:fc:81:e0:
73:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:EF:54:E0:32:3E:6A:D9:BA:7D:58:26:F0:F5:23:C4:C0:CF:EF:B0
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/j-9U4DI-atm6fVgm8PUjxMDP77A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.172.80.0/22
178.130.132.0/22
Signature Algorithm: sha256WithRSAEncryption
63:28:99:f6:14:7e:54:c9:c0:d4:6c:45:65:b9:df:3b:e7:f7:
90:85:d3:a8:f8:26:f5:59:e2:34:0e:56:78:85:d0:e9:5f:0b:
fc:56:fe:a4:0f:16:61:9a:e9:b8:cb:2a:b1:f0:29:00:00:b6:
dd:fe:59:dd:0f:44:09:e5:4c:19:e2:22:2e:02:e6:ad:19:50:
b3:7a:db:6c:b9:51:5c:10:f3:c4:3f:5d:58:22:16:a9:b9:33:
b5:c6:ba:69:11:a6:be:90:e5:9c:5e:b2:3f:a3:13:4c:a5:b9:
88:9a:7a:e5:f8:34:ca:8f:b7:92:70:c4:42:4b:06:ee:9b:ae:
36:31:03:c5:c7:30:c6:51:0f:2a:0b:14:67:13:f9:89:60:d7:
50:ee:b2:4a:2c:ef:e5:43:2c:f0:31:09:c2:ec:46:30:2e:2b:
0a:0c:90:20:c2:a9:fd:b6:cf:1d:9a:c9:9f:af:3a:91:91:35:
60:39:06:a9:22:cf:17:95:21:43:bc:f2:ea:27:f6:87:5d:1c:
a1:45:b3:59:b1:fd:a0:9e:5b:93:88:9d:e4:c3:8b:94:4e:48:
d3:9c:be:34:b8:5c:a4:cb:46:c5:34:35:ff:a4:80:c2:c1:62:
90:d1:6a:2c:8c:f5:86:1b:a9:17:1a:1a:26:88:91:2b:44:4c:
a8:42:8d:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+BP6uq43kvide01sJztlOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQwNTE2MTE1MzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmVmNTRlMDMyM2U2YWQ5YmE3ZDU4MjZmMGY1MjNjNGMwY2ZlZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuP2ilwMsYtU+sCoiTBVXW7o7fd5X
QDtq5B7KsX4TBmqwrBgmjrZIQIJE+AcaLV5a6nvjqiLYnElhd0a1EBPkBsu+DFLh
Ncse9yKtA8DNYSxtgyWTtyUfQ9CWWOaYSj/iq6MFACJ2MR83I8f1/a+6uW8IaVZw
+zc7yY17HPhA/YHlMVgOOL6UjM+1PklNGQB4UCSW1HYuUeAIJSpok3fhmNzKhzDu
gm+AXy0zQzjWAdFqrcB676xfDW+Dwk8TaOCGlJOPopSrZuK3L6DnOo+p+9yh0sqM
6WdWvQ4Kk5NM3oCkRCEQ8c+wdePeDPm8fYlwHPUi6L0QRylLLRj8geBzhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI/vVOAyPmrZun1YJvD1I8TAz++wMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvai05VTRESS1hdG02ZlZnbThQVWp4TURQNzdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCbaxQAwQC
soKEMA0GCSqGSIb3DQEBCwUAA4IBAQBjKJn2FH5UycDUbEVlud875/eQhdOo+Cb1
WeI0DlZ4hdDpXwv8Vv6kDxZhmum4yyqx8CkAALbd/lndD0QJ5UwZ4iIuAuatGVCz
ettsuVFcEPPEP11YIhapuTO1xrppEaa+kOWcXrI/oxNMpbmImnrl+DTKj7eScMRC
Swbum642MQPFxzDGUQ8qCxRnE/mJYNdQ7rJKLO/lQyzwMQnC7EYwLisKDJAgwqn9
ts8dmsmfrzqRkTVgOQapIs8XlSFDvPLqJ/aHXRyhRbNZsf2gnluTiJ3kw4uUTkjT
nL40uFyky0bFNDX/pIDCwWKQ0WosjPWGG6kXGhomiJErREyoQo1I
-----END CERTIFICATE-----
Generated at Tue Dec 10 05:19:13 2024 by rpki-client on console-fra.rpki-client.org