Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/pr9o5qTWF3YuN4aK2p8O3yS6f-w.roa
File: pr9o5qTWF3YuN4aK2p8O3yS6f-w.roa (raw, json)
Hash identifier: ZZnyCruQ3aGtdPVMmmmxg5lmCWYDYwdcx00iGoydAoo=
Subject key identifier: A6:BF:68:E6:A4:D6:17:76:2E:37:86:8A:DA:9F:0E:DF:24:BA:7F:EC
Certificate issuer: /CN=0d44da5c1904095860e868180573ee3c895a7b45
Certificate serial: 018CC5DBF0489C7B9AD42FD2E24D65392694
Authority key identifier: 0D:44:DA:5C:19:04:09:58:60:E8:68:18:05:73:EE:3C:89:5A:7B:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DUTaXBkECVhg6GgYBXPuPIlae0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/pr9o5qTWF3YuN4aK2p8O3yS6f-w.roa
Signing time: Mon 01 Jan 2024 16:29:34 +0000
ROA not before: Mon 01 Jan 2024 16:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202053
IP address blocks: 109.71.55.0/24 maxlen: 24
109.71.54.0/24 maxlen: 24
2a03:3b00:1::/48 maxlen: 48
2a03:3b00:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/DUTaXBkECVhg6GgYBXPuPIlae0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/DUTaXBkECVhg6GgYBXPuPIlae0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/DUTaXBkECVhg6GgYBXPuPIlae0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:f0:48:9c:7b:9a:d4:2f:d2:e2:4d:65:39:26:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d44da5c1904095860e868180573ee3c895a7b45
Validity
Not Before: Jan 1 16:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6bf68e6a4d617762e37868ada9f0edf24ba7fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0f:1a:56:3b:6a:5e:15:9c:fa:c8:3a:5e:d8:
22:b6:af:9c:80:c2:ac:49:cf:8d:15:1a:aa:c9:2c:
9f:1d:22:8b:6d:78:2c:41:5b:c1:bf:ec:14:2b:7d:
d5:a3:5d:ab:27:d0:6b:53:10:ef:11:a4:c6:81:d3:
97:51:45:bd:a6:eb:51:f2:05:b4:d0:5c:05:8a:65:
c1:99:67:5b:08:8e:56:09:ab:6e:8d:89:3f:66:bf:
63:9d:16:94:cc:11:e8:b3:93:57:c3:1c:9a:ee:d7:
60:b3:1a:2b:a6:c1:4e:97:1e:6c:2e:53:e1:22:e9:
f6:f3:c8:6c:87:4c:1f:b6:d1:a0:0d:2d:89:3e:11:
cc:57:b5:f1:5a:d5:f5:1f:51:b5:17:ab:10:79:3a:
83:0d:67:92:ab:8e:23:1a:ba:cf:e0:13:72:27:5a:
43:25:2a:1d:8e:c7:eb:e6:ce:a5:b1:6c:6d:d9:42:
f3:58:ca:4f:d1:1e:71:72:65:40:67:00:8e:96:c6:
18:cf:06:a8:a8:e4:e5:0e:ef:fd:35:9a:3f:3a:75:
e4:27:a9:d2:00:29:03:8e:77:8e:85:55:7e:8b:de:
d4:91:81:74:9e:81:6e:bc:b9:d5:2e:9f:a3:b7:d1:
8f:f1:25:9c:b5:b4:fe:48:3c:fa:51:16:85:49:ae:
6b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:BF:68:E6:A4:D6:17:76:2E:37:86:8A:DA:9F:0E:DF:24:BA:7F:EC
X509v3 Authority Key Identifier:
keyid:0D:44:DA:5C:19:04:09:58:60:E8:68:18:05:73:EE:3C:89:5A:7B:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUTaXBkECVhg6GgYBXPuPIlae0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/pr9o5qTWF3YuN4aK2p8O3yS6f-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/DUTaXBkECVhg6GgYBXPuPIlae0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.54.0/23
IPv6:
2a03:3b00:1::-2a03:3b00:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
69:8b:32:77:77:19:18:cc:67:c1:c8:41:4d:48:b5:64:ef:e4:
e7:9e:3f:7e:5b:a0:b6:2f:ba:f7:40:f8:07:28:fa:78:10:55:
7b:2c:c9:db:0f:9b:e8:35:64:f3:63:82:70:fa:d2:ca:a1:e8:
11:d3:3f:4c:47:86:b2:e8:7d:b9:fe:90:38:93:39:27:e3:8b:
01:55:ee:f5:0b:df:5f:d6:d3:27:b1:bc:34:90:fb:88:90:aa:
38:3a:a8:f7:6b:d7:02:0e:f6:3c:25:4f:61:b4:3d:ba:07:0e:
8d:77:2d:30:8e:9c:73:a7:36:39:f1:7d:09:c6:71:44:3a:39:
d8:9c:48:34:c1:79:d2:0e:91:26:03:b1:45:04:5b:bd:02:49:
27:75:04:4e:90:ff:b1:74:03:47:de:d5:0b:69:bf:71:c2:9b:
b6:bd:3b:d6:51:b2:60:77:85:86:12:3f:4f:59:50:c0:52:f0:
de:f8:c3:c1:f5:08:70:3f:26:83:59:49:00:72:b3:03:7e:1b:
7d:a2:c6:8c:fc:8d:05:d2:9b:8b:b8:20:b1:75:e8:fe:fd:eb:
73:e9:08:45:e6:66:c6:2b:1b:c6:a2:5d:98:c9:85:73:18:5d:
72:a6:03:16:90:6f:04:8c:58:3b:fd:51:ce:9f:77:df:78:3c:
ec:63:21:ca
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzF2/BInHua1C/S4k1lOSaUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDRkYTVjMTkwNDA5NTg2MGU4NjgxODA1NzNlZTNjODk1
YTdiNDUwHhcNMjQwMTAxMTYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmJmNjhlNmE0ZDYxNzc2MmUzNzg2OGFkYTlmMGVkZjI0YmE3ZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArw8aVjtqXhWc+sg6Xtgitq+cgMKs
Sc+NFRqqySyfHSKLbXgsQVvBv+wUK33Vo12rJ9BrUxDvEaTGgdOXUUW9putR8gW0
0FwFimXBmWdbCI5WCatujYk/Zr9jnRaUzBHos5NXwxya7tdgsxorpsFOlx5sLlPh
Iun288hsh0wfttGgDS2JPhHMV7XxWtX1H1G1F6sQeTqDDWeSq44jGrrP4BNyJ1pD
JSodjsfr5s6lsWxt2ULzWMpP0R5xcmVAZwCOlsYYzwaoqOTlDu/9NZo/OnXkJ6nS
ACkDjneOhVV+i97UkYF0noFuvLnVLp+jt9GP8SWctbT+SDz6URaFSa5rZwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFKa/aOak1hd2LjeGitqfDt8kun/sMB8GA1UdIwQY
MBaAFA1E2lwZBAlYYOhoGAVz7jyJWntFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVUYVhCa0VDVmhnNkdnWUJYUHVQSWxhZTBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iY2U1M2QtZDM5ZC00ZTIzLWFhMTct
MjdmYjU4MjJiMzJkLzEvcHI5bzVxVFdGM1l1TjRhSzJwOE8zeVM2Zi13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iY2U1M2QtZDM5ZC00ZTIzLWFhMTctMjdmYjU4MjJiMzJk
LzEvRFVUYVhCa0VDVmhnNkdnWUJYUHVQSWxhZTBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQBbUc2MBoE
AgACMBQwEgMHACoDOwAAAQMHACoDOwAAAjANBgkqhkiG9w0BAQsFAAOCAQEAaYsy
d3cZGMxnwchBTUi1ZO/k554/flugti+690D4Byj6eBBVeyzJ2w+b6DVk82OCcPrS
yqHoEdM/TEeGsuh9uf6QOJM5J+OLAVXu9QvfX9bTJ7G8NJD7iJCqODqo92vXAg72
PCVPYbQ9ugcOjXctMI6cc6c2OfF9CcZxRDo52JxINMF50g6RJgOxRQRbvQJJJ3UE
TpD/sXQDR97VC2m/ccKbtr071lGyYHeFhhI/T1lQwFLw3vjDwfUIcD8mg1lJAHKz
A34bfaLGjPyNBdKbi7ggsXXo/v3rc+kIReZmxisbxqJdmMmFcxhdcqYDFpBvBIxY
O/1Rzp9333g87GMhyg==
-----END CERTIFICATE-----
Generated at Mon May 13 14:33:51 2024 by rpki-client on console-fra.rpki-client.org