Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/j1ZbmJr2a3cl93pUNrNuHJVQWVA.roa
File: j1ZbmJr2a3cl93pUNrNuHJVQWVA.roa (raw, json)
Hash identifier: Z5JM6hU55VxAZ/yCIxYHdAdqTCSmWySg9rsqtMzCRVE=
Subject key identifier: 8F:56:5B:98:9A:F6:6B:77:25:F7:7A:54:36:B3:6E:1C:95:50:59:50
Certificate issuer: /CN=05e9fca0a8584feb1c12319071423061b08fe456
Certificate serial: 018CEE4756C8C629CEF12176172489A591FE
Authority key identifier: 05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/j1ZbmJr2a3cl93pUNrNuHJVQWVA.roa
Signing time: Tue 09 Jan 2024 12:51:41 +0000
ROA not before: Tue 09 Jan 2024 12:51:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 109.107.181.0/24 maxlen: 24
109.107.189.0/24 maxlen: 24
109.107.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ee:47:56:c8:c6:29:ce:f1:21:76:17:24:89:a5:91:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05e9fca0a8584feb1c12319071423061b08fe456
Validity
Not Before: Jan 9 12:51:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f565b989af66b7725f77a5436b36e1c95505950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:96:13:5e:f3:29:6d:1a:a0:f9:a2:12:b8:30:
fd:bb:68:be:d7:04:ad:90:9d:3a:11:73:3e:02:79:
5d:9e:05:8d:fa:40:70:c8:31:92:09:06:85:b4:76:
c6:92:7e:71:41:08:f3:67:be:ff:24:a6:af:f0:d7:
c2:93:f7:8b:da:8e:3e:0d:9d:20:7e:97:61:0e:c4:
83:2e:99:50:eb:d2:80:94:98:3c:47:d9:d6:6b:5c:
b5:64:aa:8b:8b:47:fd:59:e8:1a:c5:d7:00:e6:59:
ed:66:6d:20:0d:e0:01:25:35:ad:58:15:74:10:2e:
3a:f3:c3:41:60:31:5d:5e:30:5e:c4:c4:04:e9:2f:
bc:85:57:b1:5b:5f:d0:c7:c0:74:3c:de:0d:24:e8:
67:6f:32:b8:59:b3:ce:25:8b:63:2e:6f:e2:19:93:
c2:64:40:46:d3:46:b3:f9:3c:94:86:14:f6:d8:f4:
e8:90:da:c6:9c:12:1f:bf:10:cc:c3:ad:dc:38:70:
ff:14:7a:14:b6:c0:75:ae:6b:93:84:68:53:2a:2e:
52:7c:29:cf:62:93:c4:2d:f8:51:06:e1:85:13:70:
39:10:22:d6:6c:ac:a6:0d:dd:36:0c:43:5f:94:f7:
18:00:63:da:a4:e0:df:a7:4b:67:6c:17:8b:5c:f4:
e6:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:56:5B:98:9A:F6:6B:77:25:F7:7A:54:36:B3:6E:1C:95:50:59:50
X509v3 Authority Key Identifier:
keyid:05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/j1ZbmJr2a3cl93pUNrNuHJVQWVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.181.0/24
109.107.189.0-109.107.190.255
Signature Algorithm: sha256WithRSAEncryption
6f:ed:d1:d7:ed:d5:cc:70:d5:4f:5b:7f:f4:cd:6c:ba:7f:bf:
36:a6:85:e2:f7:56:34:90:d5:e5:75:07:3c:47:01:d5:f6:d8:
66:5b:68:db:ea:ea:60:fc:2e:b7:55:e9:39:90:e9:e7:48:49:
61:e0:29:45:5f:9f:ef:cf:22:b1:21:c3:da:e5:19:8d:25:a7:
de:98:f0:5d:ce:38:21:8b:31:ea:90:a4:58:23:65:44:50:79:
61:fe:37:ca:43:0c:6c:66:a1:fa:67:9e:1c:9e:f0:48:6e:8e:
03:9a:14:6b:07:f5:97:4c:56:8f:bc:cc:cc:ec:f9:29:79:a4:
7b:ee:4b:26:10:da:a9:7e:16:6a:76:ab:db:0d:c2:53:c2:3c:
46:5c:43:4a:21:0a:87:f2:67:38:49:1b:ed:ae:e9:08:11:83:
59:44:3c:86:57:48:de:4a:5c:ba:9a:0b:1d:e6:15:0b:71:0c:
9a:39:0e:71:4e:19:4f:44:78:82:26:db:4a:18:14:42:d1:e4:
63:1b:42:2e:43:08:22:6f:e4:ef:0c:99:61:ee:ae:c9:d7:80:
f4:a7:5b:c8:0f:4d:57:70:dd:9b:8a:e5:2f:cb:7e:ec:23:87:
ca:12:7a:e9:1a:1e:38:79:55:b1:4b:b1:85:df:c3:a4:2c:82:
64:20:a9:e6
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzuR1bIxinO8SF2FySJpZH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZTlmY2EwYTg1ODRmZWIxYzEyMzE5MDcxNDIzMDYxYjA4
ZmU0NTYwHhcNMjQwMTA5MTI1MTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjU2NWI5ODlhZjY2Yjc3MjVmNzdhNTQzNmIzNmUxYzk1NTA1OTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspYTXvMpbRqg+aISuDD9u2i+1wSt
kJ06EXM+AnldngWN+kBwyDGSCQaFtHbGkn5xQQjzZ77/JKav8NfCk/eL2o4+DZ0g
fpdhDsSDLplQ69KAlJg8R9nWa1y1ZKqLi0f9WegaxdcA5lntZm0gDeABJTWtWBV0
EC4688NBYDFdXjBexMQE6S+8hVexW1/Qx8B0PN4NJOhnbzK4WbPOJYtjLm/iGZPC
ZEBG00az+TyUhhT22PTokNrGnBIfvxDMw63cOHD/FHoUtsB1rmuThGhTKi5SfCnP
YpPELfhRBuGFE3A5ECLWbKymDd02DENflPcYAGPapODfp0tnbBeLXPTm/wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFI9WW5ia9mt3Jfd6VDazbhyVUFlQMB8GA1UdIwQY
MBaAFAXp/KCoWE/rHBIxkHFCMGGwj+RWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMt
ZGVlM2VkNDk3YWVlLzEvajFaYm1KcjJhM2NsOTNwVU5yTnVISlZRV1ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMtZGVlM2VkNDk3YWVl
LzEvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAbWu1MAwD
BABta70DBABta74wDQYJKoZIhvcNAQELBQADggEBAG/t0dft1cxw1U9bf/TNbLp/
vzamheL3VjSQ1eV1BzxHAdX22GZbaNvq6mD8LrdV6TmQ6edISWHgKUVfn+/PIrEh
w9rlGY0lp96Y8F3OOCGLMeqQpFgjZURQeWH+N8pDDGxmofpnnhye8EhujgOaFGsH
9ZdMVo+8zMzs+Sl5pHvuSyYQ2ql+Fmp2q9sNwlPCPEZcQ0ohCofyZzhJG+2u6QgR
g1lEPIZXSN5KXLqaCx3mFQtxDJo5DnFOGU9EeIIm20oYFELR5GMbQi5DCCJv5O8M
mWHursnXgPSnW8gPTVdw3ZuK5S/Lfuwjh8oSeukaHjh5VbFLsYXfw6QsgmQgqeY=
-----END CERTIFICATE-----
Generated at Fri May 10 15:49:24 2024 by rpki-client on console-fra.rpki-client.org