Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/bp5GxGZpppYaJ6SQzeaDxRLLIPc.roa
File: bp5GxGZpppYaJ6SQzeaDxRLLIPc.roa (raw, json)
Hash identifier: EkVABaKQnoszlGnkEZTjXU8PSxMK/ij3vF6Fjoe20xQ=
Subject key identifier: 6E:9E:46:C4:66:69:A6:96:1A:27:A4:90:CD:E6:83:C5:12:CB:20:F7
Certificate issuer: /CN=12ef9e49fecf2509eb6769eee2cdd4a5253b71c5
Certificate serial: 018CC64AA77121CDC891623B527DD039F78E
Authority key identifier: 12:EF:9E:49:FE:CF:25:09:EB:67:69:EE:E2:CD:D4:A5:25:3B:71:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/bp5GxGZpppYaJ6SQzeaDxRLLIPc.roa
Signing time: Mon 01 Jan 2024 18:30:30 +0000
ROA not before: Mon 01 Jan 2024 18:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39396
IP address blocks: 109.121.139.0/24 maxlen: 24
109.121.136.0/24 maxlen: 24
109.121.142.0/24 maxlen: 24
109.121.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 22:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:a7:71:21:cd:c8:91:62:3b:52:7d:d0:39:f7:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12ef9e49fecf2509eb6769eee2cdd4a5253b71c5
Validity
Not Before: Jan 1 18:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e9e46c46669a6961a27a490cde683c512cb20f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2e:d9:f6:9c:4d:00:d2:88:a8:c0:78:38:77:
59:88:31:4f:23:0d:b6:26:bb:68:a0:1d:e4:9f:40:
49:f0:3d:8d:2d:86:39:81:b6:7f:ff:66:20:b3:e6:
13:2a:34:8c:f3:44:c4:19:6a:a7:83:5e:db:1d:6d:
36:bd:06:f6:1b:57:c4:bb:c1:13:c8:54:fe:f2:3b:
ab:6c:c8:61:0d:69:8c:c9:d9:8e:f2:fb:e0:d7:52:
3e:2f:60:56:14:23:1b:9c:72:3b:40:99:1d:99:51:
39:cd:c5:bb:72:37:3c:33:aa:0f:3c:74:13:b2:ff:
b8:ba:bc:03:32:da:71:9e:79:99:7f:21:2c:29:ef:
09:5f:a2:7c:c4:63:87:9b:7b:de:3e:2e:7e:6b:f7:
40:1c:de:96:9d:fd:8d:b4:8a:69:e7:59:b9:5a:e6:
43:19:d5:a9:46:6f:8f:87:fa:af:98:ae:ab:eb:0f:
94:d5:c9:c6:99:2b:0e:88:26:59:10:1c:eb:81:2f:
c3:06:2d:1c:0f:89:f8:28:ed:33:5c:8e:38:5a:79:
01:fd:33:f0:0b:16:c5:6e:6b:db:b8:e8:d9:32:41:
e8:36:bf:64:59:79:70:ee:79:aa:61:e8:37:b6:22:
31:86:02:d2:61:f1:d9:63:f4:a7:4e:d6:72:fa:7a:
12:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:9E:46:C4:66:69:A6:96:1A:27:A4:90:CD:E6:83:C5:12:CB:20:F7
X509v3 Authority Key Identifier:
keyid:12:EF:9E:49:FE:CF:25:09:EB:67:69:EE:E2:CD:D4:A5:25:3B:71:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/bp5GxGZpppYaJ6SQzeaDxRLLIPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.136.0/24
109.121.139.0/24
109.121.142.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:9b:a1:5d:40:77:63:1e:62:9a:b9:1f:b9:69:76:a9:00:5c:
d2:67:1e:f9:90:04:c7:12:6f:80:bc:0b:77:b4:cd:e0:81:a3:
c0:5e:fc:6a:ab:e0:39:56:f4:f9:08:c3:7a:99:21:46:44:cc:
a1:94:76:fc:49:bc:31:8e:ec:1d:db:f6:e4:d9:77:be:2d:dd:
e4:1f:e1:13:76:4c:7c:aa:68:b6:16:99:f2:e4:76:98:78:48:
49:62:b3:2d:6f:47:a0:f8:ca:77:f5:c5:29:1a:39:e9:c3:39:
19:40:2a:06:bb:51:ad:a3:ad:b2:63:eb:55:69:6e:c9:34:2f:
0a:21:52:c9:83:6c:b2:13:7e:3c:8a:7a:4c:45:ea:3c:29:37:
d7:bb:62:1f:9f:46:dd:d1:78:99:52:ae:53:25:dc:73:f2:c3:
94:6f:ec:14:86:b2:09:04:9d:f0:ac:69:c6:07:d4:2d:4a:1e:
0e:5f:bb:ba:d7:a2:c0:c2:21:16:1d:12:cb:c1:10:8c:1d:5b:
c7:76:5a:95:32:f0:1f:6d:98:d4:c2:68:cb:c0:60:b3:27:c5:
8e:f1:0a:a9:b7:a3:0b:59:b0:72:12:de:24:1c:90:3f:ec:ec:
2a:0a:47:78:1a:4f:67:f5:8a:ea:7b:b2:4a:0f:e7:41:2a:9b:
8a:65:42:6f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGSqdxIc3IkWI7Un3QOfeOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZWY5ZTQ5ZmVjZjI1MDllYjY3NjllZWUyY2RkNGE1MjUz
YjcxYzUwHhcNMjQwMTAxMTgzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTllNDZjNDY2NjlhNjk2MWEyN2E0OTBjZGU2ODNjNTEyY2IyMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAji7Z9pxNANKIqMB4OHdZiDFPIw22
JrtooB3kn0BJ8D2NLYY5gbZ//2Ygs+YTKjSM80TEGWqng17bHW02vQb2G1fEu8ET
yFT+8jurbMhhDWmMydmO8vvg11I+L2BWFCMbnHI7QJkdmVE5zcW7cjc8M6oPPHQT
sv+4urwDMtpxnnmZfyEsKe8JX6J8xGOHm3vePi5+a/dAHN6Wnf2NtIpp51m5WuZD
GdWpRm+Ph/qvmK6r6w+U1cnGmSsOiCZZEBzrgS/DBi0cD4n4KO0zXI44WnkB/TPw
CxbFbmvbuOjZMkHoNr9kWXlw7nmqYeg3tiIxhgLSYfHZY/SnTtZy+noSUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG6eRsRmaaaWGiekkM3mg8USyyD3MB8GA1UdIwQY
MBaAFBLvnkn+zyUJ62dp7uLN1KUlO3HFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXUtZVNmN1BKUW5yWjJudTRzM1VwU1U3Y2NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85YzI3YzItZmRiZS00ZTM5LWJhOTIt
MWQ1ZDk0NWEwNWEzLzEvYnA1R3hHWnBwcFlhSjZTUXplYUR4UkxMSVBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS85YzI3YzItZmRiZS00ZTM5LWJhOTItMWQ1ZDk0NWEwNWEz
LzEvRXUtZVNmN1BKUW5yWjJudTRzM1VwU1U3Y2NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbXmIAwQA
bXmLAwQBbXmOMA0GCSqGSIb3DQEBCwUAA4IBAQAam6FdQHdjHmKauR+5aXapAFzS
Zx75kATHEm+AvAt3tM3ggaPAXvxqq+A5VvT5CMN6mSFGRMyhlHb8Sbwxjuwd2/bk
2Xe+Ld3kH+ETdkx8qmi2Fpny5HaYeEhJYrMtb0eg+Mp39cUpGjnpwzkZQCoGu1Gt
o62yY+tVaW7JNC8KIVLJg2yyE348inpMReo8KTfXu2Ifn0bd0XiZUq5TJdxz8sOU
b+wUhrIJBJ3wrGnGB9QtSh4OX7u616LAwiEWHRLLwRCMHVvHdlqVMvAfbZjUwmjL
wGCzJ8WO8Qqpt6MLWbByEt4kHJA/7OwqCkd4Gk9n9Yrqe7JKD+dBKpuKZUJv
-----END CERTIFICATE-----
Generated at Thu May 2 03:01:39 2024 by rpki-client on console-fra.rpki-client.org