Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/RGe03AmPFmz4k7dus-WLNnlSX7A.roa
File: RGe03AmPFmz4k7dus-WLNnlSX7A.roa (raw, json)
Hash identifier: JUGnFv5uVcX3l9tCk6pklKaS0w2uW1bA4sSUJzlYg+s=
Subject key identifier: 44:67:B4:DC:09:8F:16:6C:F8:93:B7:6E:B3:E5:8B:36:79:52:5F:B0
Certificate issuer: /CN=b9c3633acbf63c2ecb10205b9b92580abb4eb87e
Certificate serial: 018CC4922C24E68096C265A0B97232BBC126
Authority key identifier: B9:C3:63:3A:CB:F6:3C:2E:CB:10:20:5B:9B:92:58:0A:BB:4E:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ucNjOsv2PC7LECBbm5JYCrtOuH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/RGe03AmPFmz4k7dus-WLNnlSX7A.roa
Signing time: Mon 01 Jan 2024 10:29:23 +0000
ROA not before: Mon 01 Jan 2024 10:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210483
IP address blocks: 109.107.130.0/24 maxlen: 24
2a11:cd40:f00d::/48 maxlen: 48
2a11:cd40:1000::/48 maxlen: 48
2a11:cd40::/48 maxlen: 48
2a11:cd40:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/ucNjOsv2PC7LECBbm5JYCrtOuH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/ucNjOsv2PC7LECBbm5JYCrtOuH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ucNjOsv2PC7LECBbm5JYCrtOuH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:2c:24:e6:80:96:c2:65:a0:b9:72:32:bb:c1:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9c3633acbf63c2ecb10205b9b92580abb4eb87e
Validity
Not Before: Jan 1 10:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4467b4dc098f166cf893b76eb3e58b3679525fb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:aa:60:f0:c1:45:b0:9d:0c:58:b5:db:fb:07:
70:1b:c7:c3:31:19:56:a1:cb:ea:d2:1a:31:5a:a9:
44:01:31:58:f0:47:92:1c:ed:43:ff:a5:97:cc:83:
f6:a6:7e:de:01:9c:b9:b3:ad:26:cc:f6:6a:7c:ff:
28:e7:a4:15:4d:e7:d1:57:26:ef:9a:bc:b0:6c:ba:
4c:b5:dd:7f:92:bd:23:fe:56:d9:bd:26:b6:5f:1e:
c9:9d:70:db:7d:06:43:e9:7e:e1:7c:62:1e:2a:8f:
45:48:43:2d:30:7b:c8:7a:00:fa:e9:04:94:ac:62:
76:79:06:26:00:95:86:79:54:60:c5:fe:35:78:e8:
5f:ef:2d:f4:6a:58:8c:90:04:e9:60:58:a6:9f:6d:
d0:e1:ea:85:3a:1b:25:6d:c7:09:85:84:f3:4c:20:
7a:52:2c:47:c0:19:fd:7f:71:fc:09:78:b5:d3:63:
02:be:4e:b8:95:a9:13:5c:ee:84:1b:37:5e:1f:63:
fa:ea:4a:50:c0:c8:03:25:bd:2d:c3:27:0b:f2:a7:
7c:d2:c3:f4:d4:7d:86:c9:03:65:b5:1f:71:04:3f:
39:c1:47:f3:47:94:a4:c6:8d:7b:49:cc:da:de:38:
ec:6e:87:8f:ae:fc:4b:41:83:e1:36:93:65:d7:35:
e7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:67:B4:DC:09:8F:16:6C:F8:93:B7:6E:B3:E5:8B:36:79:52:5F:B0
X509v3 Authority Key Identifier:
keyid:B9:C3:63:3A:CB:F6:3C:2E:CB:10:20:5B:9B:92:58:0A:BB:4E:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucNjOsv2PC7LECBbm5JYCrtOuH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/RGe03AmPFmz4k7dus-WLNnlSX7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/ucNjOsv2PC7LECBbm5JYCrtOuH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.130.0/24
IPv6:
2a11:cd40::/48
2a11:cd40:1000::/48
2a11:cd40:2000::/48
2a11:cd40:f00d::/48
Signature Algorithm: sha256WithRSAEncryption
5a:d6:69:73:df:59:5a:79:fd:56:b4:30:35:67:dc:d8:d5:51:
11:81:ea:22:f8:ee:4e:58:d9:8c:81:46:21:63:f6:75:6d:b5:
ba:31:1b:3b:9e:14:a8:71:c6:46:91:d0:e8:bc:da:7d:01:05:
3f:39:48:5d:56:fb:b4:37:3a:86:c7:55:3c:e2:a1:7e:45:1d:
a7:a4:a9:5b:d4:6e:53:d0:07:d9:f6:01:12:65:1f:18:91:e6:
b5:ca:3c:c0:0a:aa:34:04:6a:a6:40:69:34:3f:91:35:89:1f:
1e:ff:4f:28:db:5e:57:14:35:5f:fc:94:bd:f5:69:66:f8:6c:
89:8a:d8:7c:de:f5:34:1f:b7:c2:f7:a8:73:5c:c0:90:17:3f:
15:4a:02:be:38:aa:f9:72:78:f6:6b:d7:72:f4:cd:08:8b:09:
6b:ff:87:da:3c:1e:71:22:2a:ca:30:04:e1:ef:59:e4:89:33:
90:b6:47:57:89:71:26:75:6f:79:7b:59:eb:ab:7f:d9:72:14:
64:a8:18:28:cb:0d:43:92:42:36:32:42:ff:80:c6:4c:c1:cb:
18:b9:71:27:78:90:56:70:dc:4a:1f:5f:40:64:74:cf:bd:92:
8c:c5:71:3b:c3:87:b5:31:82:e2:17:16:5e:f6:b0:fd:e4:ee:
6b:d1:ca:c9
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzEkiwk5oCWwmWguXIyu8EmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YzM2MzNhY2JmNjNjMmVjYjEwMjA1YjliOTI1ODBhYmI0
ZWI4N2UwHhcNMjQwMTAxMTAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDY3YjRkYzA5OGYxNjZjZjg5M2I3NmViM2U1OGIzNjc5NTI1ZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqpg8MFFsJ0MWLXb+wdwG8fDMRlW
ocvq0hoxWqlEATFY8EeSHO1D/6WXzIP2pn7eAZy5s60mzPZqfP8o56QVTefRVybv
mrywbLpMtd1/kr0j/lbZvSa2Xx7JnXDbfQZD6X7hfGIeKo9FSEMtMHvIegD66QSU
rGJ2eQYmAJWGeVRgxf41eOhf7y30aliMkATpYFimn23Q4eqFOhslbccJhYTzTCB6
UixHwBn9f3H8CXi102MCvk64lakTXO6EGzdeH2P66kpQwMgDJb0twycL8qd80sP0
1H2GyQNltR9xBD85wUfzR5Skxo17Scza3jjsboePrvxLQYPhNpNl1zXnEwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFERntNwJjxZs+JO3brPlizZ5Ul+wMB8GA1UdIwQY
MBaAFLnDYzrL9jwuyxAgW5uSWAq7Trh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWNOak9zdjJQQzdMRUNCYm01SllDcnRPdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8wY2QyZjMtMGY2YS00ZWFhLTk4NDUt
OTllY2E1NjUxMDIzLzEvUkdlMDNBbVBGbXo0azdkdXMtV0xObmxTWDdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8wY2QyZjMtMGY2YS00ZWFhLTk4NDUtOTllY2E1NjUxMDIz
LzEvdWNOak9zdjJQQzdMRUNCYm01SllDcnRPdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAMBAIAATAGAwQAbWuCMCoE
AgACMCQDBwAqEc1AAAADBwAqEc1AEAADBwAqEc1AIAADBwAqEc1A8A0wDQYJKoZI
hvcNAQELBQADggEBAFrWaXPfWVp5/Va0MDVn3NjVURGB6iL47k5Y2YyBRiFj9nVt
tboxGzueFKhxxkaR0Oi82n0BBT85SF1W+7Q3OobHVTzioX5FHaekqVvUblPQB9n2
ARJlHxiR5rXKPMAKqjQEaqZAaTQ/kTWJHx7/TyjbXlcUNV/8lL31aWb4bImK2Hze
9TQft8L3qHNcwJAXPxVKAr44qvlyePZr13L0zQiLCWv/h9o8HnEiKsowBOHvWeSJ
M5C2R1eJcSZ1b3l7Weurf9lyFGSoGCjLDUOSQjYyQv+AxkzByxi5cSd4kFZw3Eof
X0BkdM+9kozFcTvDh7UxguIXFl72sP3k7mvRysk=
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:04:11 2024 by rpki-client on console-fra.rpki-client.org