Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/r-DPGMFRID5R-xWnBSAYnp36D6E.roa
File: r-DPGMFRID5R-xWnBSAYnp36D6E.roa (raw, json)
Hash identifier: 9Z+qwkaVjPyqUrg8V5GXBKhweUM8CGQTaZcF605ND1o=
Subject key identifier: AF:E0:CF:18:C1:51:20:3E:51:FB:15:A7:05:20:18:9E:9D:FA:0F:A1
Certificate issuer: /CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Certificate serial: 018D9D16F4E25BE0C0A576707F8777A0377E
Authority key identifier: 89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/r-DPGMFRID5R-xWnBSAYnp36D6E.roa
Signing time: Mon 12 Feb 2024 11:32:23 +0000
ROA not before: Mon 12 Feb 2024 11:32:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 109.224.0.0/18 maxlen: 18
109.224.1.0/24 maxlen: 24
109.224.2.0/23 maxlen: 23
109.224.4.0/22 maxlen: 22
109.224.5.0/24 maxlen: 24
109.224.8.0/22 maxlen: 22
109.224.12.0/24 maxlen: 24
109.224.13.0/24 maxlen: 24
109.224.14.0/24 maxlen: 24
109.224.15.0/24 maxlen: 24
109.224.16.0/22 maxlen: 22
109.224.20.0/22 maxlen: 22
109.224.24.0/22 maxlen: 22
109.224.28.0/24 maxlen: 24
109.224.29.0/24 maxlen: 24
109.224.30.0/23 maxlen: 23
109.224.32.0/22 maxlen: 22
109.224.32.0/24 maxlen: 24
109.224.36.0/22 maxlen: 22
109.224.41.0/24 maxlen: 24
109.224.43.0/24 maxlen: 24
109.224.44.0/22 maxlen: 22
109.224.48.0/22 maxlen: 22
109.224.52.0/22 maxlen: 22
109.224.56.0/22 maxlen: 22
109.224.60.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.mft
rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:16:f4:e2:5b:e0:c0:a5:76:70:7f:87:77:a0:37:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Validity
Not Before: Feb 12 11:32:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afe0cf18c151203e51fb15a70520189e9dfa0fa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1f:96:4d:64:86:98:05:c2:8c:38:d2:6d:07:
05:9d:42:78:9c:5e:05:66:27:77:d4:ff:eb:30:e0:
0d:c6:25:3e:04:9e:c5:3b:d8:fd:af:0a:11:71:87:
1a:ce:b2:98:67:92:84:75:40:6a:36:7c:a5:fe:54:
fe:35:01:6c:d8:fd:ac:2b:93:89:54:c9:b2:d4:3b:
b9:7e:80:fa:8b:8d:a1:ea:68:c8:85:d3:4f:2b:8e:
c4:fd:4c:37:96:ef:db:24:1a:3a:b5:e8:d1:09:93:
04:81:20:ad:fc:9b:11:55:56:c7:66:03:31:d3:27:
6a:4c:c6:ab:6f:eb:76:54:56:96:9e:f4:82:f4:f8:
f1:78:c4:75:e7:ba:8e:f9:c6:1d:8d:d1:0b:23:56:
a7:40:be:72:9c:2a:7c:ee:69:5a:5e:f8:ab:7f:af:
19:ef:b7:64:56:75:a3:73:e8:5b:8c:99:f4:20:0d:
ac:7b:1b:cb:00:6d:0a:93:5f:15:2b:53:40:7d:93:
44:d3:94:4f:3b:b0:df:dd:8d:f4:3d:17:04:e8:77:
6b:c6:8c:e8:6f:e0:33:ea:3a:38:25:07:e4:76:71:
57:ea:37:d2:45:b0:8d:08:3a:c2:d6:02:69:8f:75:
47:3d:b6:62:7a:0d:ea:9a:1b:92:e6:b5:8a:28:02:
d2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:E0:CF:18:C1:51:20:3E:51:FB:15:A7:05:20:18:9E:9D:FA:0F:A1
X509v3 Authority Key Identifier:
keyid:89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/r-DPGMFRID5R-xWnBSAYnp36D6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.0.0/18
Signature Algorithm: sha256WithRSAEncryption
78:da:a1:0c:3f:3b:47:c3:e9:aa:73:86:ef:d7:67:a6:fb:0b:
65:37:70:dd:d6:ff:35:ed:c2:fe:66:27:5b:68:57:06:08:d1:
23:c7:f7:ad:f6:85:d3:88:6c:06:a1:23:90:6e:8e:c8:73:a4:
02:36:54:83:a4:67:e1:c1:4f:b2:f9:da:b2:46:ee:eb:8e:16:
cc:d4:a6:f8:06:1b:75:97:98:41:2a:ed:59:a4:3b:09:fe:6c:
5d:7b:9a:d2:d4:c1:f3:f4:7e:dc:3a:06:39:bc:7f:85:62:77:
3b:63:52:d0:95:d8:b9:01:16:e3:de:83:d9:cd:23:c7:ef:e2:
ac:d7:f1:5b:83:a3:7f:27:3e:84:e2:6f:e7:f3:5e:65:b3:5a:
57:d1:e4:ff:ca:9c:1f:28:5e:18:2a:80:9b:6e:a9:87:d8:54:
49:2b:dd:a1:87:30:9d:43:d7:0b:dd:09:82:18:e5:f0:dc:f8:
ea:ce:c8:70:08:e3:e5:8b:8b:ba:10:bc:fa:30:9c:18:ba:a9:
02:de:57:b2:05:ed:80:3b:16:ba:dd:80:e7:e7:09:19:2e:9f:
e6:b0:e6:6f:1a:45:c8:e2:43:cf:d6:d0:e2:33:77:fa:cd:3f:
31:a7:7f:bd:3a:7b:8f:d3:0a:5e:9a:7c:c3:a8:fe:ce:a4:b0:
d9:d1:e6:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2dFvTiW+DApXZwf4d3oDd+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmVkNmU0YjVjN2MxOWRiOThjNTc0MzJhZjRkY2Y2MzBi
ZjYwYWUwHhcNMjQwMjEyMTEzMjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmUwY2YxOGMxNTEyMDNlNTFmYjE1YTcwNTIwMTg5ZTlkZmEwZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph+WTWSGmAXCjDjSbQcFnUJ4nF4F
Zid31P/rMOANxiU+BJ7FO9j9rwoRcYcazrKYZ5KEdUBqNnyl/lT+NQFs2P2sK5OJ
VMmy1Du5foD6i42h6mjIhdNPK47E/Uw3lu/bJBo6tejRCZMEgSCt/JsRVVbHZgMx
0ydqTMarb+t2VFaWnvSC9PjxeMR157qO+cYdjdELI1anQL5ynCp87mlaXvirf68Z
77dkVnWjc+hbjJn0IA2sexvLAG0Kk18VK1NAfZNE05RPO7Df3Y30PRcE6Hdrxozo
b+Az6jo4JQfkdnFX6jfSRbCNCDrC1gJpj3VHPbZieg3qmhuS5rWKKALSbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK/gzxjBUSA+UfsVpwUgGJ6d+g+hMB8GA1UdIwQY
MBaAFIlu1uS1x8GduYxXQyr03PYwv2CuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYt
ZGMxZmY2NzQ2ZDJlLzEvci1EUEdNRlJJRDVSLXhXbkJTQVlucDM2RDZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYtZGMxZmY2NzQ2ZDJl
LzEvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGbeAAMA0G
CSqGSIb3DQEBCwUAA4IBAQB42qEMPztHw+mqc4bv12em+wtlN3Dd1v817cL+Zidb
aFcGCNEjx/et9oXTiGwGoSOQbo7Ic6QCNlSDpGfhwU+y+dqyRu7rjhbM1Kb4Bht1
l5hBKu1ZpDsJ/mxde5rS1MHz9H7cOgY5vH+FYnc7Y1LQldi5ARbj3oPZzSPH7+Ks
1/Fbg6N/Jz6E4m/n815ls1pX0eT/ypwfKF4YKoCbbqmH2FRJK92hhzCdQ9cL3QmC
GOXw3PjqzshwCOPli4u6ELz6MJwYuqkC3leyBe2AOxa63YDn5wkZLp/msOZvGkXI
4kPP1tDiM3f6zT8xp3+9OnuP0wpemnzDqP7OpLDZ0eZ2
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:18:47 2024 by rpki-client on console-ams.rpki-client.org