Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/5mtfRprDrfSdR1jZ1zgxKCpRJNQ.roa
File: 5mtfRprDrfSdR1jZ1zgxKCpRJNQ.roa (raw, json)
Hash identifier: q9BJygCq4AaerqWhS9sh1yEYFyh+OEUk2veUp+o7y2w=
Subject key identifier: E6:6B:5F:46:9A:C3:AD:F4:9D:47:58:D9:D7:38:31:28:2A:51:24:D4
Certificate issuer: /CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Certificate serial: 018FECA0BBE8F9BA45DA6CBD0BBFB6738FC7
Authority key identifier: 89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/5mtfRprDrfSdR1jZ1zgxKCpRJNQ.roa
Signing time: Thu 06 Jun 2024 08:18:27 +0000
ROA not before: Thu 06 Jun 2024 08:18:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203214
IP address blocks: 109.224.0.0/18 maxlen: 18
109.224.0.0/21 maxlen: 21
109.224.1.0/24 maxlen: 24
109.224.2.0/23 maxlen: 23
109.224.4.0/22 maxlen: 22
109.224.5.0/24 maxlen: 24
109.224.8.0/21 maxlen: 21
109.224.8.0/22 maxlen: 22
109.224.12.0/23 maxlen: 23
109.224.12.0/24 maxlen: 24
109.224.13.0/24 maxlen: 24
109.224.14.0/23 maxlen: 23
109.224.14.0/24 maxlen: 24
109.224.15.0/24 maxlen: 24
109.224.16.0/22 maxlen: 22
109.224.20.0/22 maxlen: 22
109.224.24.0/22 maxlen: 22
109.224.28.0/24 maxlen: 24
109.224.29.0/24 maxlen: 24
109.224.30.0/23 maxlen: 23
109.224.32.0/22 maxlen: 22
109.224.32.0/24 maxlen: 24
109.224.36.0/22 maxlen: 22
109.224.40.0/21 maxlen: 21
109.224.40.0/24 maxlen: 24
109.224.41.0/24 maxlen: 24
109.224.42.0/23 maxlen: 23
109.224.42.0/24 maxlen: 24
109.224.43.0/24 maxlen: 24
109.224.44.0/22 maxlen: 22
109.224.44.0/24 maxlen: 24
109.224.45.0/24 maxlen: 24
109.224.46.0/24 maxlen: 24
109.224.47.0/24 maxlen: 24
109.224.48.0/21 maxlen: 21
109.224.48.0/22 maxlen: 22
109.224.52.0/22 maxlen: 22
109.224.56.0/21 maxlen: 21
109.224.56.0/22 maxlen: 22
109.224.60.0/22 maxlen: 22
185.118.96.0/22 maxlen: 22
185.118.96.0/24 maxlen: 24
185.141.8.0/24 maxlen: 24
185.141.9.0/24 maxlen: 24
185.141.10.0/24 maxlen: 24
185.141.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.mft
rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 16:26:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ec:a0:bb:e8:f9:ba:45:da:6c:bd:0b:bf:b6:73:8f:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Validity
Not Before: Jun 6 08:18:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e66b5f469ac3adf49d4758d9d73831282a5124d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:68:3e:1b:bc:8e:a4:1b:95:68:66:a5:0c:33:
62:ed:fd:1a:47:e6:81:8d:08:b4:6b:c1:66:1c:e2:
c7:21:5a:4b:e1:d0:dd:49:31:2d:e4:6e:87:95:a6:
26:69:47:87:e7:54:c7:f8:26:62:5e:d8:70:02:7f:
ed:89:3a:20:2b:4d:aa:c9:be:a7:70:75:6e:8f:35:
c1:96:db:1e:e1:3b:b4:56:c6:a5:c0:c4:ac:6f:69:
a0:ea:38:e1:0c:f2:2f:1d:8c:83:5c:da:16:c6:69:
55:42:56:71:6e:6e:14:c1:c4:fc:e7:de:0a:ae:c8:
a3:8d:83:0c:35:2e:3b:60:0a:e6:be:58:67:3d:83:
3c:b1:6c:96:6a:45:3b:b3:8b:11:0e:88:3b:05:e9:
1f:e2:48:01:2e:d9:2b:b0:26:3a:55:00:c4:09:e4:
3a:4f:17:d7:9c:18:01:f3:fc:30:a0:bf:85:56:84:
d1:4a:07:ca:66:ef:b4:b8:4c:37:23:ea:9e:db:d3:
37:31:d4:20:03:d5:9a:b5:21:1d:dc:79:ab:a2:17:
54:d6:17:ad:ec:f0:0e:73:6b:64:db:b2:95:7d:13:
53:c5:97:e3:f3:e5:70:54:cd:98:c7:fe:07:2e:1b:
32:f1:01:a1:b3:35:70:f7:51:9c:03:ba:1a:40:f3:
7f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:6B:5F:46:9A:C3:AD:F4:9D:47:58:D9:D7:38:31:28:2A:51:24:D4
X509v3 Authority Key Identifier:
keyid:89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/5mtfRprDrfSdR1jZ1zgxKCpRJNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.0.0/18
185.118.96.0/22
185.141.8.0/22
Signature Algorithm: sha256WithRSAEncryption
24:64:da:a1:de:3a:86:57:d5:c4:71:b2:67:66:41:38:65:fc:
39:f0:ce:99:ee:92:f5:99:22:81:68:d7:ff:c8:87:1b:d6:70:
d2:55:24:33:89:5c:47:db:44:a6:dd:3c:79:0b:5a:0a:e4:50:
2b:29:97:dd:fb:a3:30:7e:bd:8d:5d:75:8e:8b:00:2a:49:0a:
4d:f3:d9:b6:be:da:d2:07:7b:2f:6e:d2:8b:36:99:73:e6:c9:
00:de:c7:cf:c8:a0:6e:43:49:5c:51:b4:11:01:9f:4f:af:ee:
0d:5f:c4:d2:d5:3e:04:5c:bf:4b:b0:6f:da:fc:bb:92:f7:6f:
97:af:a6:4a:bd:ad:24:99:8b:78:42:c6:66:d9:a1:d1:d1:6e:
14:22:4a:03:56:7f:3b:b5:e1:ee:85:1b:0e:f1:30:3e:5b:9f:
03:1e:d5:e5:f8:f0:2f:c4:87:5f:47:11:aa:cd:ed:67:30:b8:
31:b5:a4:9d:ac:97:29:9d:50:e9:5d:f4:5f:7a:ca:6f:10:e0:
7d:d3:2c:5b:61:65:bc:b8:56:72:83:d9:dc:42:4c:93:70:0f:
00:a4:82:48:03:67:dd:cf:f3:7e:70:b6:59:c9:14:ef:7d:af:
dc:5e:a9:8c:0c:bc:7d:2a:18:26:bb:2d:36:dc:be:c1:ae:96:
f7:8f:b3:64
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/soLvo+bpF2my9C7+2c4/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmVkNmU0YjVjN2MxOWRiOThjNTc0MzJhZjRkY2Y2MzBi
ZjYwYWUwHhcNMjQwNjA2MDgxODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjZiNWY0NjlhYzNhZGY0OWQ0NzU4ZDlkNzM4MzEyODJhNTEyNGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWg+G7yOpBuVaGalDDNi7f0aR+aB
jQi0a8FmHOLHIVpL4dDdSTEt5G6HlaYmaUeH51TH+CZiXthwAn/tiTogK02qyb6n
cHVujzXBltse4Tu0VsalwMSsb2mg6jjhDPIvHYyDXNoWxmlVQlZxbm4UwcT8594K
rsijjYMMNS47YArmvlhnPYM8sWyWakU7s4sRDog7Bekf4kgBLtkrsCY6VQDECeQ6
TxfXnBgB8/wwoL+FVoTRSgfKZu+0uEw3I+qe29M3MdQgA9WatSEd3HmrohdU1het
7PAOc2tk27KVfRNTxZfj8+VwVM2Yx/4HLhsy8QGhszVw91GcA7oaQPN/dQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOZrX0aaw630nUdY2dc4MSgqUSTUMB8GA1UdIwQY
MBaAFIlu1uS1x8GduYxXQyr03PYwv2CuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYt
ZGMxZmY2NzQ2ZDJlLzEvNW10ZlJwckRyZlNkUjFqWjF6Z3hLQ3BSSk5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYtZGMxZmY2NzQ2ZDJl
LzEvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQGbeAAAwQC
uXZgAwQCuY0IMA0GCSqGSIb3DQEBCwUAA4IBAQAkZNqh3jqGV9XEcbJnZkE4Zfw5
8M6Z7pL1mSKBaNf/yIcb1nDSVSQziVxH20Sm3Tx5C1oK5FArKZfd+6Mwfr2NXXWO
iwAqSQpN89m2vtrSB3svbtKLNplz5skA3sfPyKBuQ0lcUbQRAZ9Pr+4NX8TS1T4E
XL9LsG/a/LuS92+Xr6ZKva0kmYt4QsZm2aHR0W4UIkoDVn87teHuhRsO8TA+W58D
HtXl+PAvxIdfRxGqze1nMLgxtaSdrJcpnVDpXfRfespvEOB90yxbYWW8uFZyg9nc
QkyTcA8ApIJIA2fdz/N+cLZZyRTvfa/cXqmMDLx9Khgmuy023L7Brpb3j7Nk
-----END CERTIFICATE-----
Generated at Fri Jun 28 21:57:33 2024 by rpki-client on console-ams.rpki-client.org