Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/06MswTUUU6oaj3FVeLmKaeZ-kj0.roa
File: 06MswTUUU6oaj3FVeLmKaeZ-kj0.roa (raw, json)
Hash identifier: KjbQvRY3/Ia5lNOozuCz+6ivDQ4uyR48+8ce+hIfANs=
Subject key identifier: D3:A3:2C:C1:35:14:53:AA:1A:8F:71:55:78:B9:8A:69:E6:7E:92:3D
Certificate issuer: /CN=05e9fca0a8584feb1c12319071423061b08fe456
Certificate serial: 018CEE47536CE6C12EA18ACC671BCF55A0D3
Authority key identifier: 05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/06MswTUUU6oaj3FVeLmKaeZ-kj0.roa
Signing time: Tue 09 Jan 2024 12:51:40 +0000
ROA not before: Tue 09 Jan 2024 12:51:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48030
IP address blocks: 109.107.160.0/24 maxlen: 24
109.107.180.0/24 maxlen: 24
109.107.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ee:47:53:6c:e6:c1:2e:a1:8a:cc:67:1b:cf:55:a0:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05e9fca0a8584feb1c12319071423061b08fe456
Validity
Not Before: Jan 9 12:51:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3a32cc1351453aa1a8f715578b98a69e67e923d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:24:e8:f1:61:55:f8:e3:1f:d0:d2:85:eb:aa:
53:e9:f7:4f:35:2e:33:02:fb:4a:74:d8:2f:b4:6c:
2c:46:07:19:52:7b:01:1a:ee:ef:6b:af:15:69:39:
c2:26:50:8c:9d:c7:6f:14:82:ea:c4:91:22:29:f3:
4e:1a:09:66:80:c7:55:97:df:97:76:25:32:44:02:
76:b3:25:3f:c5:dd:e0:c8:15:a0:b5:25:3d:f0:28:
b3:e9:88:14:8f:e4:50:9b:ec:a6:dc:69:cc:ed:a9:
70:7b:b9:d0:13:4a:90:48:3f:c2:8e:63:28:3c:95:
15:12:b9:c6:25:08:42:be:9f:a6:2d:8b:b5:67:2d:
bf:e1:1f:df:20:74:f9:98:bc:9a:bd:bb:ea:4f:36:
26:9c:10:bd:2d:4d:92:d3:90:0d:a8:c6:12:aa:24:
c7:3f:14:f3:9b:6a:56:f4:63:90:0c:6f:1a:22:a4:
37:6b:d7:02:30:ab:63:17:9f:f9:46:ff:5e:c8:f5:
f7:be:b3:4c:c3:03:95:4a:66:da:06:4d:3f:86:b6:
ff:c7:f4:d8:31:71:67:c1:c1:34:1d:ad:73:6c:e4:
b3:73:fe:16:7d:e0:5c:e5:3d:ef:6d:ad:e8:68:3f:
27:dc:6e:7a:28:b0:78:2c:06:2b:d8:9d:89:3d:8f:
49:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:A3:2C:C1:35:14:53:AA:1A:8F:71:55:78:B9:8A:69:E6:7E:92:3D
X509v3 Authority Key Identifier:
keyid:05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/06MswTUUU6oaj3FVeLmKaeZ-kj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.160.0/24
109.107.180.0/24
109.107.191.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:be:e5:09:29:a5:9e:1d:36:a8:eb:ff:ab:7d:84:83:6d:7b:
83:4b:f9:24:3b:72:39:5e:d3:81:94:f8:d6:52:04:da:5b:9c:
bd:f6:35:70:0c:67:66:12:a6:5d:7a:22:e3:a6:c8:47:38:db:
81:80:4f:bb:5f:c4:a1:ba:c9:e2:72:6f:6c:1b:5d:52:e5:81:
c7:5a:21:d0:fc:9f:17:bf:a0:b8:2e:5f:41:12:7e:cd:4f:82:
e4:a0:b3:6e:96:4b:9b:77:d1:8e:83:4f:b7:b9:c2:8e:c5:10:
cf:3c:9f:35:f0:1d:a6:45:f0:87:43:2b:26:df:63:19:63:e1:
b3:12:d9:72:14:29:fb:a0:5c:66:b5:65:31:fb:fa:aa:3a:b4:
dc:55:ef:5e:d9:5a:c6:85:d8:8a:8e:9c:6c:b3:8f:e8:a7:a3:
24:fc:c9:62:3a:a8:fd:76:b1:24:91:db:7a:f9:41:0f:56:5d:
c2:a6:58:cc:58:fb:fc:d6:24:80:ce:54:84:3a:db:ad:a3:2c:
72:ea:1b:16:78:3a:43:90:13:0f:80:c8:c4:1d:a8:1a:65:33:
0e:c7:40:2b:73:a5:9e:d7:68:5b:74:2e:52:b8:e0:33:96:fb:
eb:15:23:1c:17:5b:57:7f:ef:61:3a:e4:b8:41:68:4a:2d:a0:
b9:12:42:70
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzuR1Ns5sEuoYrMZxvPVaDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZTlmY2EwYTg1ODRmZWIxYzEyMzE5MDcxNDIzMDYxYjA4
ZmU0NTYwHhcNMjQwMTA5MTI1MTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2EzMmNjMTM1MTQ1M2FhMWE4ZjcxNTU3OGI5OGE2OWU2N2U5MjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCTo8WFV+OMf0NKF66pT6fdPNS4z
AvtKdNgvtGwsRgcZUnsBGu7va68VaTnCJlCMncdvFILqxJEiKfNOGglmgMdVl9+X
diUyRAJ2syU/xd3gyBWgtSU98Ciz6YgUj+RQm+ym3GnM7alwe7nQE0qQSD/CjmMo
PJUVErnGJQhCvp+mLYu1Zy2/4R/fIHT5mLyavbvqTzYmnBC9LU2S05ANqMYSqiTH
PxTzm2pW9GOQDG8aIqQ3a9cCMKtjF5/5Rv9eyPX3vrNMwwOVSmbaBk0/hrb/x/TY
MXFnwcE0Ha1zbOSzc/4WfeBc5T3vba3oaD8n3G56KLB4LAYr2J2JPY9JVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNOjLME1FFOqGo9xVXi5imnmfpI9MB8GA1UdIwQY
MBaAFAXp/KCoWE/rHBIxkHFCMGGwj+RWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMt
ZGVlM2VkNDk3YWVlLzEvMDZNc3dUVVVVNm9hajNGVmVMbUthZVota2owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMtZGVlM2VkNDk3YWVl
LzEvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbWugAwQA
bWu0AwQAbWu/MA0GCSqGSIb3DQEBCwUAA4IBAQC/vuUJKaWeHTao6/+rfYSDbXuD
S/kkO3I5XtOBlPjWUgTaW5y99jVwDGdmEqZdeiLjpshHONuBgE+7X8Shusnicm9s
G11S5YHHWiHQ/J8Xv6C4Ll9BEn7NT4LkoLNulkubd9GOg0+3ucKOxRDPPJ818B2m
RfCHQysm32MZY+GzEtlyFCn7oFxmtWUx+/qqOrTcVe9e2VrGhdiKjpxss4/op6Mk
/MliOqj9drEkkdt6+UEPVl3CpljMWPv81iSAzlSEOtutoyxy6hsWeDpDkBMPgMjE
HagaZTMOx0Arc6We12hbdC5SuOAzlvvrFSMcF1tXf+9hOuS4QWhKLaC5EkJw
-----END CERTIFICATE-----
Generated at Fri May 10 15:49:24 2024 by rpki-client on console-fra.rpki-client.org