Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/RNXnZ6tSnf-hLEK25bTBgFR3KWY.roa
File: RNXnZ6tSnf-hLEK25bTBgFR3KWY.roa (raw, json)
Hash identifier: j8zbSO2ktDh4hlM6lC87JtSye9ArNt2wTxfDZfWqIUY=
Subject key identifier: 44:D5:E7:67:AB:52:9D:FF:A1:2C:42:B6:E5:B4:C1:80:54:77:29:66
Certificate issuer: /CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Certificate serial: 018CC26D0690857DA0050319DB092E9EB028
Authority key identifier: 4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/RNXnZ6tSnf-hLEK25bTBgFR3KWY.roa
Signing time: Mon 01 Jan 2024 00:29:34 +0000
ROA not before: Mon 01 Jan 2024 00:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39650
IP address blocks: 109.162.253.0/24 maxlen: 24
109.162.250.0/24 maxlen: 24
109.162.251.0/24 maxlen: 24
109.162.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.mft
rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:06:90:85:7d:a0:05:03:19:db:09:2e:9e:b0:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Validity
Not Before: Jan 1 00:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44d5e767ab529dffa12c42b6e5b4c18054772966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:fb:9e:f5:00:ca:1d:3a:4d:ab:a7:38:08:6e:
ba:80:40:ab:6e:25:cb:bc:53:89:60:13:d5:06:e1:
02:43:d3:e9:ea:24:ac:ee:00:e0:21:a0:59:9f:db:
1b:be:9e:b2:51:cc:e7:b5:6d:43:ed:a9:91:e2:95:
5d:ae:11:db:51:1e:b4:89:e2:b6:ff:66:2f:24:2d:
f1:3a:18:8c:d5:5d:e1:62:92:a5:9b:cf:9f:89:50:
8c:15:2a:99:35:9d:d0:a4:87:a6:50:e3:35:7b:39:
4a:1e:9a:3d:0a:1b:1f:1b:60:48:93:d4:db:ef:11:
e5:a7:37:f9:ca:6c:d2:d0:79:9e:f7:e8:5e:1a:47:
d1:94:06:a9:fe:4a:9c:ff:47:91:b7:8f:ff:b3:e7:
67:de:f5:55:2c:1c:55:87:06:80:f9:f7:7a:20:f4:
ee:fb:e3:55:bf:00:8a:85:6a:dc:88:fc:5e:a8:03:
45:7e:41:fd:9a:41:7f:c1:fb:f7:a5:03:fb:9b:0b:
84:be:86:5f:25:24:a3:01:23:4c:2c:42:0d:50:79:
72:b4:ee:fc:15:ab:42:ae:da:e4:8e:4f:75:21:01:
d4:84:da:d7:7d:2f:96:2c:de:59:08:40:23:d4:e3:
f5:74:e1:0c:01:5c:1d:66:d7:62:24:06:e8:bb:19:
14:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:D5:E7:67:AB:52:9D:FF:A1:2C:42:B6:E5:B4:C1:80:54:77:29:66
X509v3 Authority Key Identifier:
keyid:4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/RNXnZ6tSnf-hLEK25bTBgFR3KWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.162.250.0-109.162.253.255
Signature Algorithm: sha256WithRSAEncryption
b2:f3:f6:38:c9:27:ce:72:50:5f:9e:c5:dd:6c:a1:0e:3a:a2:
da:65:28:81:e0:c2:ec:f4:b5:c7:82:d0:d0:86:7c:70:0b:37:
6c:cc:92:e6:db:94:94:3d:b8:c0:9a:a2:8b:44:e0:1f:9b:f9:
52:ad:b4:d8:8e:64:93:76:86:30:da:3f:6a:f4:34:af:83:2e:
bb:29:4c:a0:ce:82:6d:3a:97:9a:fa:f5:48:b9:f4:67:69:09:
90:2d:4d:1f:63:c6:a0:ec:3a:6a:18:f1:4d:f6:81:a0:bd:01:
e3:ce:2f:88:ef:06:67:18:be:cb:fb:7f:e7:2c:4f:d1:99:ac:
10:a8:fb:83:92:c2:90:a2:03:48:d3:73:09:fe:65:71:ec:2d:
03:0f:91:ff:97:72:85:d2:69:b2:0e:16:b6:27:01:e5:27:bf:
8e:bd:d5:0f:93:7b:9c:a2:55:4a:c8:58:fc:3f:67:5f:2f:23:
1d:18:6c:d6:3a:de:b6:e6:19:b4:4d:d8:de:d9:3f:d7:74:f6:
a9:55:d2:ce:43:54:6c:ee:e8:3e:04:51:ee:a3:1a:9b:e8:65:
43:ba:65:2a:7e:7d:6c:a5:92:40:99:71:ed:28:f0:97:c3:b9:
67:c7:4f:52:9a:15:3e:3d:5e:9c:53:99:23:1d:c5:88:ee:6c:
5a:c2:fa:89
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzCbQaQhX2gBQMZ2wkunrAoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDc0ZmJiYmFlNThkZDA4NzZkOTllODBlYzgyYTExYTQ0
NzdmN2UwHhcNMjQwMTAxMDAyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGQ1ZTc2N2FiNTI5ZGZmYTEyYzQyYjZlNWI0YzE4MDU0NzcyOTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPue9QDKHTpNq6c4CG66gECrbiXL
vFOJYBPVBuECQ9Pp6iSs7gDgIaBZn9sbvp6yUczntW1D7amR4pVdrhHbUR60ieK2
/2YvJC3xOhiM1V3hYpKlm8+fiVCMFSqZNZ3QpIemUOM1ezlKHpo9ChsfG2BIk9Tb
7xHlpzf5ymzS0Hme9+heGkfRlAap/kqc/0eRt4//s+dn3vVVLBxVhwaA+fd6IPTu
++NVvwCKhWrciPxeqANFfkH9mkF/wfv3pQP7mwuEvoZfJSSjASNMLEINUHlytO78
FatCrtrkjk91IQHUhNrXfS+WLN5ZCEAj1OP1dOEMAVwdZtdiJAbouxkUjwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFETV52erUp3/oSxCtuW0wYBUdylmMB8GA1UdIwQY
MBaAFE3XT7u65Y3Qh22Z6A7IKhGkR39+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmIt
OGVhYjdmNGZlNzdlLzEvUk5Yblo2dFNuZi1oTEVLMjViVEJnRlIzS1dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdl
LzEvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFtovoD
BAFtovwwDQYJKoZIhvcNAQELBQADggEBALLz9jjJJ85yUF+exd1soQ46otplKIHg
wuz0tceC0NCGfHALN2zMkubblJQ9uMCaootE4B+b+VKttNiOZJN2hjDaP2r0NK+D
LrspTKDOgm06l5r69Ui59GdpCZAtTR9jxqDsOmoY8U32gaC9AePOL4jvBmcYvsv7
f+csT9GZrBCo+4OSwpCiA0jTcwn+ZXHsLQMPkf+XcoXSabIOFrYnAeUnv4691Q+T
e5yiVUrIWPw/Z18vIx0YbNY63rbmGbRN2N7ZP9d09qlV0s5DVGzu6D4EUe6jGpvo
ZUO6ZSp+fWylkkCZce0o8JfDuWfHT1KaFT49XpxTmSMdxYjubFrC+ok=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:19:28 2024 by rpki-client on console-ams.rpki-client.org