Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/ngDsKjLdEPkffT8yCkrOkh0LpPc.roa
File: ngDsKjLdEPkffT8yCkrOkh0LpPc.roa (raw, json)
Hash identifier: eB6smXi06i9eWRIQGQkROly4VxL4meeriQ51G1Yrorc=
Subject key identifier: 9E:00:EC:2A:32:DD:10:F9:1F:7D:3F:32:0A:4A:CE:92:1D:0B:A4:F7
Certificate issuer: /CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Certificate serial: 018CC26D00C5451AEF69C2D974657D725D79
Authority key identifier: 60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/ngDsKjLdEPkffT8yCkrOkh0LpPc.roa
Signing time: Mon 01 Jan 2024 00:29:32 +0000
ROA not before: Mon 01 Jan 2024 00:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57511
IP address blocks: 109.95.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 18:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:00:c5:45:1a:ef:69:c2:d9:74:65:7d:72:5d:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Validity
Not Before: Jan 1 00:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e00ec2a32dd10f91f7d3f320a4ace921d0ba4f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3d:27:88:7b:f6:25:1e:7e:d1:1e:bb:da:33:
83:33:a6:dd:93:59:90:8e:54:5a:c1:b3:7e:75:02:
20:74:ee:eb:cb:02:c2:dc:28:07:03:42:2a:48:3c:
58:03:4e:62:19:cb:3d:52:a9:82:26:b3:67:d5:ec:
31:08:ba:7e:fe:04:9f:ce:ac:58:e4:96:22:27:6a:
74:13:47:af:82:bb:0a:09:e0:78:7b:8a:35:93:54:
a4:eb:fa:7c:87:65:04:5e:f5:94:81:60:82:93:18:
1d:2f:14:3c:3d:89:3b:74:7a:25:95:4a:b7:80:a5:
30:9f:67:d5:e7:5d:cb:5e:3a:d7:7b:66:f0:df:61:
0a:80:b2:83:d5:68:b7:7d:14:e7:c0:d4:94:33:67:
84:31:30:ea:d4:4b:1c:d4:32:aa:24:eb:b8:c3:3b:
2a:0a:3e:07:89:0b:ee:7e:f0:28:e0:a1:79:91:7f:
7b:5c:2d:d0:42:4c:a0:03:9f:a4:37:c1:c8:6d:e5:
69:94:4f:c3:88:1f:20:c3:c8:5b:04:6e:56:ac:3f:
6d:c3:67:37:12:c8:5e:76:c4:25:16:cd:19:8d:d3:
67:98:e4:a5:91:ca:90:c1:dc:0f:6b:bb:44:76:9e:
0c:9f:39:d3:71:7f:2d:68:dc:7d:c0:82:09:a1:26:
0f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:00:EC:2A:32:DD:10:F9:1F:7D:3F:32:0A:4A:CE:92:1D:0B:A4:F7
X509v3 Authority Key Identifier:
keyid:60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/ngDsKjLdEPkffT8yCkrOkh0LpPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.65.0/24
Signature Algorithm: sha256WithRSAEncryption
86:af:ab:b1:66:eb:9a:7d:77:d1:b1:6c:19:e8:b4:2b:14:99:
a3:d8:fa:0f:0d:8d:7b:00:93:09:50:53:e4:e7:2e:b6:1b:ce:
e0:4e:30:67:50:ea:48:d4:c9:11:72:b2:50:fb:e7:04:f3:4d:
fb:e9:63:2e:35:65:f3:1f:05:6a:4d:44:95:25:4f:f8:06:b3:
01:63:d2:c7:fa:c0:cd:63:6b:0a:44:5e:e2:64:29:98:16:43:
e1:c8:42:7d:4f:e9:6c:60:7b:46:87:28:eb:68:5b:81:68:cd:
32:19:67:96:43:cf:d0:80:5c:aa:da:8e:c0:3f:6c:25:57:85:
9e:7c:e1:eb:91:1c:d3:34:7d:cf:4a:3f:fc:3d:03:3d:80:00:
43:87:70:b9:2d:c8:60:fc:da:ff:85:d6:59:09:1c:bf:5a:24:
8f:75:a3:26:bf:c8:cd:97:50:c5:b4:70:48:1e:74:b5:2f:b3:
6e:45:ab:ac:f2:64:96:00:52:da:02:32:a7:9c:c9:13:0e:db:
75:a4:72:18:27:8d:b0:13:0b:b8:10:63:7a:6c:a1:18:6c:14:
8d:57:e3:43:ae:04:32:c5:cb:a9:28:1b:fb:e5:26:74:42:75:
d9:da:0d:28:6c:2d:cf:e7:f7:4e:da:3d:5b:23:0e:a9:bd:7d:
35:7e:82:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbQDFRRrvacLZdGV9cl15MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZWJkNGY3YWMzZDI0OTIwZGUxYzFmZjExODVkOTUwN2U5
YWQwNzgwHhcNMjQwMTAxMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTAwZWMyYTMyZGQxMGY5MWY3ZDNmMzIwYTRhY2U5MjFkMGJhNGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlD0niHv2JR5+0R672jODM6bdk1mQ
jlRawbN+dQIgdO7rywLC3CgHA0IqSDxYA05iGcs9UqmCJrNn1ewxCLp+/gSfzqxY
5JYiJ2p0E0evgrsKCeB4e4o1k1Sk6/p8h2UEXvWUgWCCkxgdLxQ8PYk7dHollUq3
gKUwn2fV513LXjrXe2bw32EKgLKD1Wi3fRTnwNSUM2eEMTDq1Esc1DKqJOu4wzsq
Cj4HiQvufvAo4KF5kX97XC3QQkygA5+kN8HIbeVplE/DiB8gw8hbBG5WrD9tw2c3
EshedsQlFs0ZjdNnmOSlkcqQwdwPa7tEdp4MnznTcX8taNx9wIIJoSYPUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ4A7Coy3RD5H30/MgpKzpIdC6T3MB8GA1UdIwQY
MBaAFGDr1PesPSSSDeHB/xGF2VB+mtB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgt
ODdkM2IwMjNkOTE5LzEvbmdEc0tqTGRFUGtmZlQ4eUNrck9raDBMcFBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgtODdkM2IwMjNkOTE5
LzEvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbV9BMA0G
CSqGSIb3DQEBCwUAA4IBAQCGr6uxZuuafXfRsWwZ6LQrFJmj2PoPDY17AJMJUFPk
5y62G87gTjBnUOpI1MkRcrJQ++cE80376WMuNWXzHwVqTUSVJU/4BrMBY9LH+sDN
Y2sKRF7iZCmYFkPhyEJ9T+lsYHtGhyjraFuBaM0yGWeWQ8/QgFyq2o7AP2wlV4We
fOHrkRzTNH3PSj/8PQM9gABDh3C5Lchg/Nr/hdZZCRy/WiSPdaMmv8jNl1DFtHBI
HnS1L7NuRaus8mSWAFLaAjKnnMkTDtt1pHIYJ42wEwu4EGN6bKEYbBSNV+NDrgQy
xcupKBv75SZ0QnXZ2g0obC3P5/dO2j1bIw6pvX01foJ5
-----END CERTIFICATE-----
Generated at Sat Jun 8 04:13:42 2024 by rpki-client on console-ams.rpki-client.org