Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/R8dP2jYFsSlj0VeH2oNCu6PY_dk.roa
File: R8dP2jYFsSlj0VeH2oNCu6PY_dk.roa (raw, json)
Hash identifier: ezwQHphYWop+Qb0epRN20snhZYkdnFRMni4xSYnQNN0=
Subject key identifier: 47:C7:4F:DA:36:05:B1:29:63:D1:57:87:DA:83:42:BB:A3:D8:FD:D9
Certificate issuer: /CN=54296d23def4c8521c647dc68acb3c123f611d89
Certificate serial: 019053EFAC8C9EB008C80B94267342A6FB8A
Authority key identifier: 54:29:6D:23:DE:F4:C8:52:1C:64:7D:C6:8A:CB:3C:12:3F:61:1D:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VCltI970yFIcZH3Giss8Ej9hHYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/R8dP2jYFsSlj0VeH2oNCu6PY_dk.roa
Signing time: Wed 26 Jun 2024 09:45:34 +0000
ROA not before: Wed 26 Jun 2024 09:45:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24745
IP address blocks: 109.99.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VCltI970yFIcZH3Giss8Ej9hHYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VCltI970yFIcZH3Giss8Ej9hHYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/VCltI970yFIcZH3Giss8Ej9hHYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jul 2024 02:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:53:ef:ac:8c:9e:b0:08:c8:0b:94:26:73:42:a6:fb:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54296d23def4c8521c647dc68acb3c123f611d89
Validity
Not Before: Jun 26 09:45:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47c74fda3605b12963d15787da8342bba3d8fdd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3b:01:a1:34:34:11:a6:cd:67:2f:da:7d:b9:
7f:fe:94:1f:6b:ba:cf:55:d2:ad:07:91:73:4c:b9:
7c:36:b6:52:94:00:fb:54:fb:a7:cb:3e:33:7b:88:
11:0a:81:44:4c:db:8f:c9:58:8f:94:6a:aa:23:ad:
75:ad:f5:83:c4:07:b1:6d:d8:09:ab:3e:3e:9c:fd:
e4:0f:e8:8d:c8:2a:eb:82:9f:0e:7c:c3:c3:be:24:
44:57:f6:65:f6:22:19:ac:1f:aa:f8:b2:8e:7a:64:
85:ff:cb:6c:2a:63:e1:fb:06:f4:d8:1d:7a:ce:4a:
56:c2:38:6a:93:14:c7:c7:81:c8:51:d4:45:fa:09:
9a:d2:9a:f1:60:23:45:3d:04:f7:d7:f6:15:a6:c8:
3e:22:4c:bc:e8:9f:86:51:5e:d9:cb:06:e3:73:b8:
0c:b4:44:d9:0f:28:2a:48:cf:3e:88:9b:c4:ef:9f:
58:a1:0d:e0:96:c7:a9:95:10:9c:de:16:26:5c:20:
c3:07:d1:07:33:07:f5:ed:44:a2:3c:33:a6:27:7d:
c6:94:19:f5:ac:bb:f4:f9:61:23:90:1a:c8:73:e0:
ee:9e:ea:1d:57:93:4a:13:0e:00:64:e0:b5:ac:d1:
7c:fb:56:9a:e4:58:79:92:b7:91:d1:d6:30:52:c1:
ed:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:C7:4F:DA:36:05:B1:29:63:D1:57:87:DA:83:42:BB:A3:D8:FD:D9
X509v3 Authority Key Identifier:
keyid:54:29:6D:23:DE:F4:C8:52:1C:64:7D:C6:8A:CB:3C:12:3F:61:1D:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VCltI970yFIcZH3Giss8Ej9hHYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/R8dP2jYFsSlj0VeH2oNCu6PY_dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VCltI970yFIcZH3Giss8Ej9hHYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.99.158.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:f3:a5:9e:e7:47:b5:6b:5e:69:0e:ac:8a:24:6c:6f:64:d8:
a1:cc:38:13:3a:11:98:48:d2:07:69:8d:4f:e8:b5:65:b6:78:
c4:a0:25:a1:dd:02:0b:64:78:97:f5:95:80:c8:0e:ab:dd:6d:
f1:1e:f5:5a:11:f1:3d:50:45:63:18:2a:4b:42:cd:61:56:83:
41:cb:68:82:57:f8:be:0a:2e:2b:27:10:2a:f0:92:3d:c5:11:
95:9b:0b:81:6e:b4:6b:47:a1:1e:41:64:15:51:82:65:4b:5b:
3d:12:2d:97:21:bb:1c:b6:ae:cf:63:f8:37:e0:76:8c:9d:b8:
f5:ef:33:2b:06:20:2d:0c:bf:dc:86:ef:a8:f4:df:7f:71:bc:
bb:06:2a:4c:3c:83:57:d3:b2:c9:c9:e6:d6:45:c0:64:26:c5:
9b:14:56:d8:42:a1:5c:e5:b9:39:54:4a:1e:2f:94:2a:04:9c:
8c:26:b7:d8:8e:9b:1a:67:59:3c:a2:8d:b4:dc:83:b1:2e:6d:
ca:fe:ed:f6:fc:7e:14:53:83:1f:35:fb:c1:67:a1:d5:48:87:
9d:4c:5e:ab:14:67:d8:9a:9e:e4:57:bc:4a:61:e0:0e:6a:f9:
6f:af:31:f0:31:42:28:e6:6a:2e:ca:37:08:23:d3:94:ac:17:
fb:81:12:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBT76yMnrAIyAuUJnNCpvuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Mjk2ZDIzZGVmNGM4NTIxYzY0N2RjNjhhY2IzYzEyM2Y2
MTFkODkwHhcNMjQwNjI2MDk0NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2M3NGZkYTM2MDViMTI5NjNkMTU3ODdkYTgzNDJiYmEzZDhmZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzsBoTQ0EabNZy/afbl//pQfa7rP
VdKtB5FzTLl8NrZSlAD7VPunyz4ze4gRCoFETNuPyViPlGqqI611rfWDxAexbdgJ
qz4+nP3kD+iNyCrrgp8OfMPDviREV/Zl9iIZrB+q+LKOemSF/8tsKmPh+wb02B16
zkpWwjhqkxTHx4HIUdRF+gma0prxYCNFPQT31/YVpsg+Iky86J+GUV7Zywbjc7gM
tETZDygqSM8+iJvE759YoQ3glseplRCc3hYmXCDDB9EHMwf17USiPDOmJ33GlBn1
rLv0+WEjkBrIc+DunuodV5NKEw4AZOC1rNF8+1aa5Fh5kreR0dYwUsHt6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEfHT9o2BbEpY9FXh9qDQruj2P3ZMB8GA1UdIwQY
MBaAFFQpbSPe9MhSHGR9xorLPBI/YR2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkNsdEk5NzB5RkljWkgzR2lzczhFajloSFlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy81Y2I0NTQtN2JlZS00ZTVkLWIyOTUt
OTQyNDgyZjhkMmVhLzEvUjhkUDJqWUZzU2xqMFZlSDJvTkN1NlBZX2RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy81Y2I0NTQtN2JlZS00ZTVkLWIyOTUtOTQyNDgyZjhkMmVh
LzEvVkNsdEk5NzB5RkljWkgzR2lzczhFajloSFlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWOeMA0G
CSqGSIb3DQEBCwUAA4IBAQCl86We50e1a15pDqyKJGxvZNihzDgTOhGYSNIHaY1P
6LVltnjEoCWh3QILZHiX9ZWAyA6r3W3xHvVaEfE9UEVjGCpLQs1hVoNBy2iCV/i+
Ci4rJxAq8JI9xRGVmwuBbrRrR6EeQWQVUYJlS1s9Ei2XIbsctq7PY/g34HaMnbj1
7zMrBiAtDL/chu+o9N9/cby7BipMPINX07LJyebWRcBkJsWbFFbYQqFc5bk5VEoe
L5QqBJyMJrfYjpsaZ1k8oo203IOxLm3K/u32/H4UU4MfNfvBZ6HVSIedTF6rFGfY
mp7kV7xKYeAOavlvrzHwMUIo5mouyjcII9OUrBf7gRJu
-----END CERTIFICATE-----
Generated at Sat Jul 6 05:49:49 2024 by rpki-client on console-ams.rpki-client.org