Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/d021f9-a001-452b-a5ee-abbf1f078ad3/1/CDUJExHuCJVPUownDG0KoC95j6g.roa
File: CDUJExHuCJVPUownDG0KoC95j6g.roa (raw, json)
Hash identifier: ec1LWrgiCmmzqFwlIQnZ7qEB99QoLDe3mTnBITPZ9Fo=
Subject key identifier: 08:35:09:13:11:EE:08:95:4F:52:8C:27:0C:6D:0A:A0:2F:79:8F:A8
Certificate issuer: /CN=adbc5f7721a4accb9635de175bbc6d31e17c9a8d
Certificate serial: 019426D98317868D494E3D9767F45B7222D3
Authority key identifier: AD:BC:5F:77:21:A4:AC:CB:96:35:DE:17:5B:BC:6D:31:E1:7C:9A:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rbxfdyGkrMuWNd4XW7xtMeF8mo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/d021f9-a001-452b-a5ee-abbf1f078ad3/1/CDUJExHuCJVPUownDG0KoC95j6g.roa
Signing time: Thu 02 Jan 2025 11:49:36 +0000
ROA not before: Thu 02 Jan 2025 11:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210592
IP address blocks: 109.107.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/d021f9-a001-452b-a5ee-abbf1f078ad3/1/rbxfdyGkrMuWNd4XW7xtMeF8mo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/d021f9-a001-452b-a5ee-abbf1f078ad3/1/rbxfdyGkrMuWNd4XW7xtMeF8mo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/rbxfdyGkrMuWNd4XW7xtMeF8mo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:83:17:86:8d:49:4e:3d:97:67:f4:5b:72:22:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adbc5f7721a4accb9635de175bbc6d31e17c9a8d
Validity
Not Before: Jan 2 11:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0835091311ee08954f528c270c6d0aa02f798fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:5a:88:ac:61:a6:3d:54:1d:ed:e4:d6:47:bd:
0d:5c:84:be:26:c0:13:11:f6:de:8b:45:55:0c:66:
d0:6e:7c:98:d0:fb:ae:ff:39:7d:0d:bd:58:62:ed:
7a:4c:89:48:16:00:7b:69:17:bf:ee:7b:ac:26:7a:
0d:24:d1:f8:48:57:8b:60:c7:db:6e:ad:30:a9:90:
81:2e:0f:09:90:cf:3b:cc:9a:e6:2c:d3:d7:91:71:
5f:b2:0c:3f:35:b6:8a:4d:8c:24:63:a2:50:3a:3f:
25:eb:82:cf:dc:0d:da:eb:f6:2f:86:bf:3a:b0:f6:
d3:a0:8c:ac:5d:0b:ed:fa:d2:f1:31:4a:99:f2:9a:
7f:5f:c9:8c:da:b9:d7:37:b3:bc:f8:cf:2c:a2:6a:
c3:71:f7:f1:41:80:b3:7e:fe:24:6b:86:4c:92:c7:
21:33:eb:09:3e:8d:97:24:81:c7:c5:db:18:7d:b9:
03:0c:a2:cf:fb:10:e9:74:87:6d:09:5f:18:a5:09:
14:a0:ad:44:39:91:21:f1:b2:3d:9e:8d:9d:13:2e:
58:ac:74:5d:5c:f3:59:cc:f9:36:05:54:f9:62:08:
a9:ef:05:40:81:66:6f:6e:f9:c7:33:6f:11:f1:9c:
25:2c:b1:96:7f:06:85:b9:85:52:4d:d5:fc:52:2e:
23:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:35:09:13:11:EE:08:95:4F:52:8C:27:0C:6D:0A:A0:2F:79:8F:A8
X509v3 Authority Key Identifier:
keyid:AD:BC:5F:77:21:A4:AC:CB:96:35:DE:17:5B:BC:6D:31:E1:7C:9A:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rbxfdyGkrMuWNd4XW7xtMeF8mo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d021f9-a001-452b-a5ee-abbf1f078ad3/1/CDUJExHuCJVPUownDG0KoC95j6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d021f9-a001-452b-a5ee-abbf1f078ad3/1/rbxfdyGkrMuWNd4XW7xtMeF8mo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.129.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:af:be:ff:d7:85:e7:8e:a8:96:59:54:73:2b:a3:f1:37:1e:
8b:0f:c2:ee:8c:7e:44:27:0f:c3:34:21:37:f4:75:87:05:d8:
e4:7b:db:a5:55:00:5b:4a:d8:ab:41:23:20:64:85:f1:f4:05:
53:c7:12:0f:aa:1d:62:14:6e:b4:ae:87:21:eb:c6:d7:8f:59:
76:e5:35:89:e2:06:8b:09:47:71:c9:87:d7:3e:f5:5f:e9:66:
83:68:5c:14:e3:be:38:ac:39:22:42:04:d2:8a:31:4b:16:ea:
d1:b4:a6:24:d1:45:04:ae:14:b7:c3:3b:34:2a:0a:8b:2f:8d:
15:a1:91:fc:88:9e:d0:ec:c4:b3:ab:76:e3:c8:4b:4a:6f:77:
f2:c0:79:d1:9e:11:bf:65:ea:ef:17:3c:dd:02:e2:c7:33:a7:
04:7b:5e:bd:6e:ac:0d:d0:9b:70:82:70:be:5a:87:31:9c:18:
81:aa:64:6d:bc:c3:dd:7c:30:b5:fd:ed:a8:12:ac:0f:b5:a5:
9b:07:ba:02:a8:b3:06:1b:93:ef:8f:6e:92:97:fa:d2:3c:6c:
08:0c:2e:35:49:3e:d4:6e:d2:5b:2f:53:65:7c:8e:83:14:46:
60:3e:1c:f0:dc:5f:bd:3f:7a:5d:24:2a:cd:52:37:7a:99:d3:
ad:40:f4:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2YMXho1JTj2XZ/RbciLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYmM1Zjc3MjFhNGFjY2I5NjM1ZGUxNzViYmM2ZDMxZTE3
YzlhOGQwHhcNMjUwMTAyMTE0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODM1MDkxMzExZWUwODk1NGY1MjhjMjcwYzZkMGFhMDJmNzk4ZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51qIrGGmPVQd7eTWR70NXIS+JsAT
Efbei0VVDGbQbnyY0Puu/zl9Db1YYu16TIlIFgB7aRe/7nusJnoNJNH4SFeLYMfb
bq0wqZCBLg8JkM87zJrmLNPXkXFfsgw/NbaKTYwkY6JQOj8l64LP3A3a6/Yvhr86
sPbToIysXQvt+tLxMUqZ8pp/X8mM2rnXN7O8+M8somrDcffxQYCzfv4ka4ZMksch
M+sJPo2XJIHHxdsYfbkDDKLP+xDpdIdtCV8YpQkUoK1EOZEh8bI9no2dEy5YrHRd
XPNZzPk2BVT5Ygip7wVAgWZvbvnHM28R8ZwlLLGWfwaFuYVSTdX8Ui4jdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAg1CRMR7giVT1KMJwxtCqAveY+oMB8GA1UdIwQY
MBaAFK28X3chpKzLljXeF1u8bTHhfJqNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmJ4ZmR5R2tyTXVXTmQ0WFc3eHRNZUY4bW8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9kMDIxZjktYTAwMS00NTJiLWE1ZWUt
YWJiZjFmMDc4YWQzLzEvQ0RVSkV4SHVDSlZQVW93bkRHMEtvQzk1ajZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9kMDIxZjktYTAwMS00NTJiLWE1ZWUtYWJiZjFmMDc4YWQz
LzEvcmJ4ZmR5R2tyTXVXTmQ0WFc3eHRNZUY4bW8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWuBMA0G
CSqGSIb3DQEBCwUAA4IBAQAMr77/14XnjqiWWVRzK6PxNx6LD8LujH5EJw/DNCE3
9HWHBdjke9ulVQBbStirQSMgZIXx9AVTxxIPqh1iFG60roch68bXj1l25TWJ4gaL
CUdxyYfXPvVf6WaDaFwU4744rDkiQgTSijFLFurRtKYk0UUErhS3wzs0KgqLL40V
oZH8iJ7Q7MSzq3bjyEtKb3fywHnRnhG/ZervFzzdAuLHM6cEe169bqwN0JtwgnC+
WocxnBiBqmRtvMPdfDC1/e2oEqwPtaWbB7oCqLMGG5Pvj26Sl/rSPGwIDC41ST7U
btJbL1NlfI6DFEZgPhzw3F+9P3pdJCrNUjd6mdOtQPQx
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:30 2025 by rpki-client