Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/PeB9hlYebaMQFBuQtkV2zHnMfvI.roa
File: PeB9hlYebaMQFBuQtkV2zHnMfvI.roa (raw, json)
Hash identifier: hC+ipAsGL4/WV9pwUAhWeIgOuMgeLMjgtgBuEYIWUeY=
Subject key identifier: 3D:E0:7D:86:56:1E:6D:A3:10:14:1B:90:B6:45:76:CC:79:CC:7E:F2
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 0191746F158C445B378FCBE894043BB3F54C
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/PeB9hlYebaMQFBuQtkV2zHnMfvI.roa
Signing time: Wed 21 Aug 2024 10:15:22 +0000
ROA not before: Wed 21 Aug 2024 10:15:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 109.160.32.0/24 maxlen: 24
109.160.33.0/24 maxlen: 24
109.160.34.0/24 maxlen: 24
109.160.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:74:6f:15:8c:44:5b:37:8f:cb:e8:94:04:3b:b3:f5:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Aug 21 10:15:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3de07d86561e6da310141b90b64576cc79cc7ef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1a:90:92:a8:50:1d:cc:66:94:7b:33:69:c2:
b1:2e:0d:6d:3c:ee:50:23:71:30:40:6c:80:e1:c6:
1e:b5:71:30:4c:d1:52:08:83:fa:02:c4:e7:13:67:
5a:93:85:8d:a5:d9:aa:1e:66:54:0a:30:f7:82:60:
f9:9d:36:4a:f5:7d:05:a3:ed:cb:be:b1:45:30:eb:
91:a9:f4:f0:af:7a:2c:c5:87:22:14:05:73:f9:36:
c7:53:58:2e:c4:40:c6:a1:e3:53:18:02:2d:18:08:
99:1a:c0:b3:3e:de:5c:2a:43:c4:8e:af:65:19:ad:
fc:6e:d4:04:76:34:6c:c8:58:40:92:a2:83:08:fa:
af:37:5c:13:da:0a:94:43:8b:d2:52:d8:4c:ca:b4:
73:66:cb:54:16:69:cc:83:f5:4d:79:79:39:cd:10:
87:3f:f9:45:1b:ef:71:2d:1f:da:59:25:9f:c3:9b:
0a:17:29:5b:b2:e6:ba:17:c3:51:f9:07:76:57:e3:
a0:cb:51:46:36:84:02:99:13:11:07:ca:94:9a:b6:
ff:9a:6d:22:98:0d:be:85:10:50:a3:09:b0:51:bf:
26:e2:d1:3f:a4:e7:e4:38:d7:de:68:33:c7:7c:82:
55:76:97:98:3c:1a:45:28:12:d4:e4:b9:45:a6:72:
9a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:E0:7D:86:56:1E:6D:A3:10:14:1B:90:B6:45:76:CC:79:CC:7E:F2
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/PeB9hlYebaMQFBuQtkV2zHnMfvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.32.0-109.160.34.255
109.160.40.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:69:89:6d:fd:cf:00:c2:32:1a:95:c2:f8:69:d1:43:bf:d6:
41:c0:5b:6c:41:c7:1d:e2:1d:d1:15:e0:4c:a0:8a:c3:2e:91:
58:a5:68:d2:ee:f7:17:30:2a:6e:b1:a3:50:d4:fe:c4:79:7e:
16:48:62:cb:b0:d1:a9:c6:51:05:a1:8e:85:2c:fe:50:61:bd:
0a:f8:6d:f4:6a:90:3b:f7:fa:9c:c6:39:fb:d0:f6:16:f8:58:
c4:d3:36:1e:2a:8f:a2:e3:77:2d:24:0b:c7:c8:e7:7c:e6:3d:
42:6f:40:8b:80:a0:8d:44:ff:7e:42:4f:09:f4:9a:27:4f:f1:
95:1f:a3:ef:76:55:4e:73:b4:6a:c8:ff:34:15:96:1a:2a:79:
aa:d5:8c:98:ca:22:47:35:60:26:b1:27:6b:14:04:33:53:49:
59:06:dc:56:0e:93:b6:58:e5:c3:60:db:bf:96:a4:bb:7f:0d:
3d:d3:99:f7:da:12:8f:46:4f:8c:6f:c8:0f:35:f0:b9:13:5c:
aa:f8:52:53:dc:6f:b2:6d:b5:74:94:d4:55:90:ba:f6:6c:e9:
87:e3:22:46:de:d7:b7:54:48:66:5d:b2:4b:06:ab:57:97:31:
89:6c:fb:a6:a5:a5:05:b7:b2:e2:41:b4:a2:8c:46:9d:7d:a7:
ea:06:5e:cb
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZF0bxWMRFs3j8volAQ7s/VMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjQwODIxMTAxNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGUwN2Q4NjU2MWU2ZGEzMTAxNDFiOTBiNjQ1NzZjYzc5Y2M3ZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxqQkqhQHcxmlHszacKxLg1tPO5Q
I3EwQGyA4cYetXEwTNFSCIP6AsTnE2dak4WNpdmqHmZUCjD3gmD5nTZK9X0Fo+3L
vrFFMOuRqfTwr3osxYciFAVz+TbHU1guxEDGoeNTGAItGAiZGsCzPt5cKkPEjq9l
Ga38btQEdjRsyFhAkqKDCPqvN1wT2gqUQ4vSUthMyrRzZstUFmnMg/VNeXk5zRCH
P/lFG+9xLR/aWSWfw5sKFylbsua6F8NR+Qd2V+Ogy1FGNoQCmRMRB8qUmrb/mm0i
mA2+hRBQowmwUb8m4tE/pOfkONfeaDPHfIJVdpeYPBpFKBLU5LlFpnKaUQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFD3gfYZWHm2jEBQbkLZFdsx5zH7yMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvUGVCOWhsWWViYU1RRkJ1UXRrVjJ6SG5NZnZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAVtoCAD
BABtoCIDBABtoCgwDQYJKoZIhvcNAQELBQADggEBAF5piW39zwDCMhqVwvhp0UO/
1kHAW2xBxx3iHdEV4EygisMukVilaNLu9xcwKm6xo1DU/sR5fhZIYsuw0anGUQWh
joUs/lBhvQr4bfRqkDv3+pzGOfvQ9hb4WMTTNh4qj6Ljdy0kC8fI53zmPUJvQIuA
oI1E/35CTwn0midP8ZUfo+92VU5ztGrI/zQVlhoqearVjJjKIkc1YCaxJ2sUBDNT
SVkG3FYOk7ZY5cNg27+WpLt/DT3TmffaEo9GT4xvyA818LkTXKr4UlPcb7JttXSU
1FWQuvZs6YfjIkbe17dUSGZdsksGq1eXMYls+6alpQW3suJBtKKMRp19p+oGXss=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:47:03 2024 by rpki-client on console-ams.rpki-client.org