Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/9dF_4EitZ1J07YGbeXFQlYYh8XY.roa
File: 9dF_4EitZ1J07YGbeXFQlYYh8XY.roa (raw, json)
Hash identifier: npHlZbox5TOFolc/Tk0Qw06/OxE/Up61FdH9zEZe3Nk=
Subject key identifier: F5:D1:7F:E0:48:AD:67:52:74:ED:81:9B:79:71:50:95:86:21:F1:76
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 018CC4255A06BA29487BE89DF0C40045BFAE
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/9dF_4EitZ1J07YGbeXFQlYYh8XY.roa
Signing time: Mon 01 Jan 2024 08:30:31 +0000
ROA not before: Mon 01 Jan 2024 08:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40676
IP address blocks: 107.181.135.0/24 maxlen: 24
2a07:9940:3333::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.mft
rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:5a:06:ba:29:48:7b:e8:9d:f0:c4:00:45:bf:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 08:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5d17fe048ad675274ed819b797150958621f176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:44:44:43:49:4a:d8:35:cb:73:d9:ef:e8:d1:
7d:e3:3b:fc:96:2f:90:60:75:c0:64:35:e3:bc:71:
e6:c0:5e:e7:a8:6b:f5:54:58:93:4b:75:95:30:60:
c3:34:40:36:d3:46:17:06:9e:b2:32:3a:74:b5:86:
5b:03:cb:35:94:4f:44:0b:d0:2d:c4:ec:1c:2f:4c:
c3:3e:fd:4f:1c:d7:2f:92:3b:9d:4b:98:57:9c:8a:
da:78:75:9e:9c:da:bc:fd:0a:b3:7e:db:60:cb:c3:
86:14:a6:a5:76:60:11:36:2e:63:f4:1b:45:47:46:
85:1c:e8:41:f2:54:67:7c:c0:42:32:f9:76:bc:dc:
63:a4:5c:66:d9:96:20:ed:c1:82:2d:c5:af:80:b6:
b8:49:a0:70:cb:be:0a:5f:7b:10:21:16:24:27:ff:
68:ce:61:e1:d5:15:e8:9c:d7:bc:63:e6:72:7f:44:
2a:0c:51:11:39:c1:f9:f3:59:28:a9:30:9e:f3:8d:
42:2e:ef:34:f4:56:b2:1e:4a:2f:47:55:89:cd:69:
a9:2c:fe:ef:67:1f:63:bc:5c:52:07:40:0b:2b:52:
ac:11:5e:e1:40:7e:99:70:8e:73:a5:9e:04:6d:b1:
e0:e1:8a:fc:b4:7a:6b:37:f0:b2:ac:5f:39:91:97:
05:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:D1:7F:E0:48:AD:67:52:74:ED:81:9B:79:71:50:95:86:21:F1:76
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/9dF_4EitZ1J07YGbeXFQlYYh8XY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.181.135.0/24
IPv6:
2a07:9940:3333::/48
Signature Algorithm: sha256WithRSAEncryption
7b:ed:ab:67:80:02:66:26:f2:56:d7:69:2e:8e:70:81:27:24:
45:3e:0b:af:2d:57:67:72:a1:95:d5:d7:c2:8d:54:99:99:5d:
23:85:0f:5a:75:2a:af:3b:2b:94:0e:12:85:9a:06:e5:48:ce:
ee:c9:d3:04:4f:1a:e1:a8:ca:f8:9e:b1:ad:1c:0a:14:52:e8:
8d:23:e4:74:8d:93:1e:52:78:57:33:21:50:b8:ea:ea:7c:a9:
dd:15:03:3b:31:76:23:1d:90:6b:0b:95:53:32:07:6f:39:e1:
fa:06:33:b4:8d:19:4f:27:65:e4:98:69:b3:a2:29:bd:41:c9:
4a:86:64:2e:00:7f:ed:35:64:11:53:2f:3e:ea:7d:aa:2f:94:
e1:b6:c3:74:85:ed:f9:c8:9f:ca:6e:e7:03:7b:2b:52:2f:bd:
8c:1c:0f:29:d4:72:0c:ae:0b:7f:39:8b:58:df:bf:d4:a5:63:
bc:d8:b7:2e:75:5a:47:f3:c2:a4:ba:5a:0c:38:8f:dd:fc:85:
e0:99:f9:15:84:ab:21:aa:b0:2f:49:98:8a:dc:fb:b5:f7:5f:
a3:0a:8f:c2:b8:3f:cb:88:f0:44:69:48:84:0c:70:20:c0:bf:
f9:8a:e1:f0:d5:c9:a9:7a:72:53:d9:d6:3f:0d:d2:56:5b:0e:
7b:29:2c:68
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJVoGuilIe+id8MQARb+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjQwMTAxMDgzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWQxN2ZlMDQ4YWQ2NzUyNzRlZDgxOWI3OTcxNTA5NTg2MjFmMTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUREQ0lK2DXLc9nv6NF94zv8li+Q
YHXAZDXjvHHmwF7nqGv1VFiTS3WVMGDDNEA200YXBp6yMjp0tYZbA8s1lE9EC9At
xOwcL0zDPv1PHNcvkjudS5hXnIraeHWenNq8/Qqzfttgy8OGFKaldmARNi5j9BtF
R0aFHOhB8lRnfMBCMvl2vNxjpFxm2ZYg7cGCLcWvgLa4SaBwy74KX3sQIRYkJ/9o
zmHh1RXonNe8Y+Zyf0QqDFEROcH581koqTCe841CLu809FayHkovR1WJzWmpLP7v
Zx9jvFxSB0ALK1KsEV7hQH6ZcI5zpZ4EbbHg4Yr8tHprN/CyrF85kZcFewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPXRf+BIrWdSdO2Bm3lxUJWGIfF2MB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvOWRGXzRFaXRaMUowN1lHYmVYRlFsWVloOFhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAa7WHMA8E
AgACMAkDBwAqB5lAMzMwDQYJKoZIhvcNAQELBQADggEBAHvtq2eAAmYm8lbXaS6O
cIEnJEU+C68tV2dyoZXV18KNVJmZXSOFD1p1Kq87K5QOEoWaBuVIzu7J0wRPGuGo
yviesa0cChRS6I0j5HSNkx5SeFczIVC46up8qd0VAzsxdiMdkGsLlVMyB2854foG
M7SNGU8nZeSYabOiKb1ByUqGZC4Af+01ZBFTLz7qfaovlOG2w3SF7fnIn8pu5wN7
K1IvvYwcDynUcgyuC385i1jfv9SlY7zYty51WkfzwqS6Wgw4j938heCZ+RWEqyGq
sC9JmIrc+7X3X6MKj8K4P8uI8ERpSIQMcCDAv/mK4fDVyal6clPZ1j8N0lZbDnsp
LGg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:47:27 2024 by rpki-client on console-fra.rpki-client.org