Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/v9ML0aK_XBcRDl--xluviwZlanw.roa
File: v9ML0aK_XBcRDl--xluviwZlanw.roa (raw, json)
Hash identifier: rgrUBTEQn3NS4UXNoT39lWbiv3iH9CXlm/SqTBrVyh8=
Subject key identifier: BF:D3:0B:D1:A2:BF:5C:17:11:0E:5F:BE:C6:5B:AF:8B:06:65:6A:7C
Certificate issuer: /CN=6bc3e6cb2eb02fcc742baf91ab865c9b20d6484b
Certificate serial: 018FA00E9A8E4BE96BCD898ABF187F68FAA1
Authority key identifier: 6B:C3:E6:CB:2E:B0:2F:CC:74:2B:AF:91:AB:86:5C:9B:20:D6:48:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/v9ML0aK_XBcRDl--xluviwZlanw.roa
Signing time: Wed 22 May 2024 11:27:42 +0000
ROA not before: Wed 22 May 2024 11:27:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215282
IP address blocks: 86.109.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.mft
rsync://rpki.ripe.net/repository/DEFAULT/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a0:0e:9a:8e:4b:e9:6b:cd:89:8a:bf:18:7f:68:fa:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc3e6cb2eb02fcc742baf91ab865c9b20d6484b
Validity
Not Before: May 22 11:27:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfd30bd1a2bf5c17110e5fbec65baf8b06656a7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:dd:9c:f0:0a:c7:02:34:27:e1:a1:42:c4:8f:
f7:f2:4c:a5:64:38:e8:ee:8c:4c:be:11:3c:f1:0e:
9b:8b:3f:f3:04:ed:92:48:b3:1d:db:dc:fd:2b:a0:
c8:60:7f:ed:30:bf:07:33:91:1b:78:c8:df:6b:cd:
c0:b7:4e:88:67:71:f6:16:17:e6:2e:d7:3b:e3:5c:
bb:cc:0a:dc:82:34:d1:17:92:fd:17:94:63:bd:71:
50:1b:d9:91:44:6b:56:68:53:69:67:56:f3:f5:38:
6b:59:1b:b2:dd:31:58:93:56:56:c2:6f:63:9e:17:
46:0e:32:7c:cb:25:30:5e:ec:57:a0:c2:89:55:45:
47:b3:a7:e9:bd:71:df:22:f1:6d:df:77:80:f9:1a:
a4:11:c9:3a:91:ab:aa:52:ea:27:75:0e:b9:fa:9e:
24:75:26:c7:76:9e:89:28:fc:30:8b:fd:65:b0:c9:
41:b0:d6:63:57:60:30:99:27:0f:3f:2d:17:bc:9e:
ef:eb:ff:95:56:3d:a1:3d:46:65:73:8c:73:4c:13:
1f:0f:4c:5e:a1:73:20:d5:ac:4c:42:62:bb:4d:4d:
f6:e6:f4:e3:ef:bb:16:48:66:c0:5d:f9:f1:06:6e:
10:82:93:cc:b2:34:f3:84:2c:42:09:6d:72:f8:be:
30:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:D3:0B:D1:A2:BF:5C:17:11:0E:5F:BE:C6:5B:AF:8B:06:65:6A:7C
X509v3 Authority Key Identifier:
keyid:6B:C3:E6:CB:2E:B0:2F:CC:74:2B:AF:91:AB:86:5C:9B:20:D6:48:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/v9ML0aK_XBcRDl--xluviwZlanw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.109.232.0/24
Signature Algorithm: sha256WithRSAEncryption
86:c2:ab:53:40:be:41:7a:ce:dd:ad:fa:b9:de:24:2d:58:2e:
af:a3:0d:4a:13:b5:a4:41:b8:9a:41:19:3a:66:5d:90:92:59:
69:ad:cb:5f:20:90:6e:a0:19:c1:ca:8e:ee:b8:a5:91:0c:16:
8d:fb:cd:39:f1:79:8b:c8:d7:a2:ea:dc:32:3e:ae:ef:0d:c7:
81:08:b8:0d:8d:81:b7:e5:dd:c9:5c:55:06:4b:7f:24:80:3b:
d8:e9:45:bb:d4:c2:e7:c6:fb:70:5b:09:a2:06:39:92:90:60:
a2:a3:de:c5:bf:02:b7:d3:14:84:6a:a6:f2:81:91:43:ac:87:
01:7c:3e:88:48:9e:41:55:a0:55:af:c1:23:a0:6b:5a:a4:c1:
5f:b6:d9:2b:3b:67:cf:ff:5b:02:da:56:e9:5f:44:1f:25:fe:
67:52:22:81:e2:ee:9a:8a:50:3e:94:01:5f:4e:26:fb:45:30:
1f:23:00:92:5d:37:b0:7e:82:d5:a0:a7:07:ca:92:59:b5:e3:
9f:af:da:d0:92:4d:6e:ff:7b:4f:d8:5d:90:41:08:db:95:83:
2c:ca:ba:7f:5f:bb:4c:38:3d:82:9b:af:13:dd:aa:e5:e5:63:
0d:35:6c:3f:c6:03:9d:11:98:83:ba:d6:2c:08:8c:76:22:59:
fe:14:75:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+gDpqOS+lrzYmKvxh/aPqhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzNlNmNiMmViMDJmY2M3NDJiYWY5MWFiODY1YzliMjBk
NjQ4NGIwHhcNMjQwNTIyMTEyNzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmQzMGJkMWEyYmY1YzE3MTEwZTVmYmVjNjViYWY4YjA2NjU2YTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApN2c8ArHAjQn4aFCxI/38kylZDjo
7oxMvhE88Q6biz/zBO2SSLMd29z9K6DIYH/tML8HM5EbeMjfa83At06IZ3H2Fhfm
Ltc741y7zArcgjTRF5L9F5RjvXFQG9mRRGtWaFNpZ1bz9ThrWRuy3TFYk1ZWwm9j
nhdGDjJ8yyUwXuxXoMKJVUVHs6fpvXHfIvFt33eA+RqkEck6kauqUuondQ65+p4k
dSbHdp6JKPwwi/1lsMlBsNZjV2AwmScPPy0XvJ7v6/+VVj2hPUZlc4xzTBMfD0xe
oXMg1axMQmK7TU325vTj77sWSGbAXfnxBm4QgpPMsjTzhCxCCW1y+L4wAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL/TC9Giv1wXEQ5fvsZbr4sGZWp8MB8GA1UdIwQY
MBaAFGvD5ssusC/MdCuvkauGXJsg1khLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThQbXl5NndMOHgwSzYtUnE0WmNteURXU0VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mNWU0NDAtMTAwZi00OTMzLWFhYmYt
MTEwOThhYTJlYmMzLzEvdjlNTDBhS19YQmNSRGwtLXhsdXZpd1psYW53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mNWU0NDAtMTAwZi00OTMzLWFhYmYtMTEwOThhYTJlYmMz
LzEvYThQbXl5NndMOHgwSzYtUnE0WmNteURXU0VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVm3oMA0G
CSqGSIb3DQEBCwUAA4IBAQCGwqtTQL5Bes7drfq53iQtWC6vow1KE7WkQbiaQRk6
Zl2QkllprctfIJBuoBnByo7uuKWRDBaN+8058XmLyNei6twyPq7vDceBCLgNjYG3
5d3JXFUGS38kgDvY6UW71MLnxvtwWwmiBjmSkGCio97FvwK30xSEaqbygZFDrIcB
fD6ISJ5BVaBVr8EjoGtapMFfttkrO2fP/1sC2lbpX0QfJf5nUiKB4u6ailA+lAFf
Tib7RTAfIwCSXTewfoLVoKcHypJZteOfr9rQkk1u/3tP2F2QQQjblYMsyrp/X7tM
OD2Cm68T3arl5WMNNWw/xgOdEZiDutYsCIx2Iln+FHUM
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:27:24 2024 by rpki-client on console-ams.rpki-client.org