Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/95pN0yHcRtmxt18Rl2fgi-EqbyE.roa
File: 95pN0yHcRtmxt18Rl2fgi-EqbyE.roa (raw, json)
Hash identifier: qeWVh+yVSONdHJff9Qk6cELxT7YjB35/aGOijBnNDEg=
Subject key identifier: F7:9A:4D:D3:21:DC:46:D9:B1:B7:5F:11:97:67:E0:8B:E1:2A:6F:21
Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Certificate serial: 018CC5DCDA324D14A6A524448DC33D81BA3D
Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/95pN0yHcRtmxt18Rl2fgi-EqbyE.roa
Signing time: Mon 01 Jan 2024 16:30:34 +0000
ROA not before: Mon 01 Jan 2024 16:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201925
IP address blocks: 109.207.104.0/24 maxlen: 24
109.207.108.0/24 maxlen: 24
109.207.107.0/24 maxlen: 24
109.207.106.0/24 maxlen: 24
194.126.165.0/24 maxlen: 24
194.126.166.0/24 maxlen: 24
194.126.167.0/24 maxlen: 24
217.117.132.0/22 maxlen: 22
185.165.151.0/24 maxlen: 24
2001:67c:2fd0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.mft
rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:da:32:4d:14:a6:a5:24:44:8d:c3:3d:81:ba:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Validity
Not Before: Jan 1 16:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f79a4dd321dc46d9b1b75f119767e08be12a6f21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e5:c5:1b:b9:55:07:b1:ed:9f:51:77:36:8c:
05:87:04:63:c1:e0:52:d5:5e:7a:f7:67:1f:b3:0c:
04:f5:4c:d0:96:10:47:09:8f:4a:cc:87:4c:b4:45:
80:83:59:6f:64:ce:18:7b:31:da:57:c9:28:37:12:
c0:88:16:5b:a1:4c:95:a8:8a:9c:20:a6:8f:42:cf:
f2:67:42:09:dd:71:87:cd:80:b8:99:a9:20:0c:cc:
e2:9a:e9:6f:77:1d:26:c7:08:7c:4c:88:5e:47:be:
b8:d0:07:41:66:6d:ae:64:1c:02:16:a3:d4:fc:4f:
a3:4a:7a:d3:7f:61:a8:21:28:64:2c:ae:48:91:56:
75:31:bb:9f:1c:94:6f:dc:65:f0:fe:a9:f7:48:b3:
c3:16:f6:59:3d:63:7c:0b:41:90:94:6e:f9:ff:36:
7c:09:47:04:bc:c5:d1:00:a2:b0:eb:c0:55:fa:3b:
01:5d:a0:92:40:68:5e:0d:97:9e:1e:d1:bd:8c:ae:
45:a7:ea:86:b2:b8:09:7a:78:69:b2:63:76:8d:23:
b3:80:1e:36:62:d0:93:95:b3:d5:12:6b:74:de:d6:
23:07:00:aa:19:2f:f7:4f:df:ea:b3:ab:0d:11:af:
0b:43:7e:61:15:b2:f7:d0:68:d5:81:29:bd:4f:ff:
83:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:9A:4D:D3:21:DC:46:D9:B1:B7:5F:11:97:67:E0:8B:E1:2A:6F:21
X509v3 Authority Key Identifier:
keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/95pN0yHcRtmxt18Rl2fgi-EqbyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.207.104.0/24
109.207.106.0-109.207.108.255
185.165.151.0/24
194.126.165.0-194.126.167.255
217.117.132.0/22
IPv6:
2001:67c:2fd0::/48
Signature Algorithm: sha256WithRSAEncryption
75:e5:8d:73:97:5f:85:ea:ee:c3:bc:93:82:85:0b:96:3c:4c:
6f:77:27:eb:95:b4:e8:8c:24:bd:98:57:79:b8:93:c3:c9:3c:
9e:05:cb:d7:c5:70:9b:2a:11:80:1e:b1:74:68:8c:ec:5f:df:
e8:57:42:06:ef:19:2a:ed:e1:04:1f:0c:b3:18:72:21:03:85:
e1:0f:ff:23:ab:98:c0:8b:5e:ed:53:59:4a:35:f4:1f:af:8b:
8d:a6:a0:25:3b:aa:45:b0:bb:bd:3c:60:11:3d:ef:41:aa:e9:
b8:0a:3c:16:68:0f:f2:d1:ad:31:d1:47:80:06:1f:93:46:4a:
08:c9:21:5f:d3:48:5c:cf:9f:1d:b8:6f:91:ff:0a:26:22:aa:
fc:6b:64:a8:e8:9d:f7:87:50:93:b3:dd:15:76:d1:69:cc:b8:
46:c6:1c:4d:50:e3:7c:49:3f:29:3d:ca:3b:72:49:6d:fb:1d:
ed:48:4a:a5:d7:a9:1e:e7:df:17:02:5b:00:61:04:ea:40:67:
e5:9a:cc:cb:00:90:c0:48:99:b9:35:0b:6d:8d:ef:81:cb:37:
02:48:03:a7:51:67:93:2d:ec:fe:28:78:01:04:72:1c:b7:61:
67:c9:5f:c7:a4:19:ac:be:93:88:cb:58:1e:12:1a:e3:1b:4b:
30:14:91:16
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzF3NoyTRSmpSREjcM9gbo9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDU2ZjA3YmUxODRjYmE1MmY2ZmRjMDQ5ZTgxMTRkMjYx
NmMzMmEwHhcNMjQwMTAxMTYzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzlhNGRkMzIxZGM0NmQ5YjFiNzVmMTE5NzY3ZTA4YmUxMmE2ZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuXFG7lVB7Htn1F3NowFhwRjweBS
1V5692cfswwE9UzQlhBHCY9KzIdMtEWAg1lvZM4YezHaV8koNxLAiBZboUyVqIqc
IKaPQs/yZ0IJ3XGHzYC4makgDMzimulvdx0mxwh8TIheR7640AdBZm2uZBwCFqPU
/E+jSnrTf2GoIShkLK5IkVZ1MbufHJRv3GXw/qn3SLPDFvZZPWN8C0GQlG75/zZ8
CUcEvMXRAKKw68BV+jsBXaCSQGheDZeeHtG9jK5Fp+qGsrgJenhpsmN2jSOzgB42
YtCTlbPVEmt03tYjBwCqGS/3T9/qs6sNEa8LQ35hFbL30GjVgSm9T/+DiQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFPeaTdMh3EbZsbdfEZdn4IvhKm8hMB8GA1UdIwQY
MBaAFNPVbwe+GEy6Uvb9wEnoEU0mFsMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYt
MWIwNmQxYzcwNGMxLzEvOTVwTjB5SGNSdG14dDE4UmwyZmdpLUVxYnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYtMWIwNmQxYzcwNGMx
LzEvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA0BAIAATAuAwQAbc9oMAwD
BAFtz2oDBABtz2wDBAC5pZcwDAMEAMJ+pQMEA8J+oAMEAtl1hDAPBAIAAjAJAwcA
IAEGfC/QMA0GCSqGSIb3DQEBCwUAA4IBAQB15Y1zl1+F6u7DvJOChQuWPExvdyfr
lbTojCS9mFd5uJPDyTyeBcvXxXCbKhGAHrF0aIzsX9/oV0IG7xkq7eEEHwyzGHIh
A4XhD/8jq5jAi17tU1lKNfQfr4uNpqAlO6pFsLu9PGARPe9Bqum4CjwWaA/y0a0x
0UeABh+TRkoIySFf00hcz58duG+R/womIqr8a2So6J33h1CTs90VdtFpzLhGxhxN
UON8ST8pPco7cklt+x3tSEql16ke598XAlsAYQTqQGflmszLAJDASJm5NQttje+B
yzcCSAOnUWeTLez+KHgBBHIct2FnyV/HpBmsvpOIy1geEhrjG0swFJEW
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:47:33 2024 by rpki-client on console-ams.rpki-client.org