Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/i52U20FEqx8YEwvLjDfFQMqERPs.roa
File: i52U20FEqx8YEwvLjDfFQMqERPs.roa (raw, json)
Hash identifier: 8OGWEyuWv+SxdJsLArzIolV2TxE6+/k4iyfjSnSs8fk=
Subject key identifier: 8B:9D:94:DB:41:44:AB:1F:18:13:0B:CB:8C:37:C5:40:CA:84:44:FB
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018F0A968983226143822B718CB30998BFC8
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/i52U20FEqx8YEwvLjDfFQMqERPs.roa
Signing time: Tue 23 Apr 2024 10:53:08 +0000
ROA not before: Tue 23 Apr 2024 10:53:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199377
IP address blocks: 109.62.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0a:96:89:83:22:61:43:82:2b:71:8c:b3:09:98:bf:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 23 10:53:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b9d94db4144ab1f18130bcb8c37c540ca8444fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c2:54:85:d0:7c:ce:6f:e9:91:ee:9b:2b:98:
54:9a:75:68:65:22:f0:d9:47:6c:c9:91:a8:9c:d7:
cc:5e:24:1f:c4:b0:73:fc:f7:05:1f:b7:f2:d3:2d:
d3:2a:b9:1a:82:3e:ce:73:03:ef:43:fc:62:7b:a6:
c8:8b:5a:4a:ca:12:e4:97:11:f4:3b:66:d2:96:a3:
b1:52:31:ff:b2:8f:49:31:23:71:59:4f:34:0f:18:
15:e7:d7:b5:83:c1:31:53:e8:01:c2:ea:79:22:f3:
12:8d:73:7f:d7:b5:90:3d:fb:4d:94:d9:2c:3c:99:
3b:32:ed:c4:81:72:78:3b:4f:ee:c8:be:be:54:b9:
50:e5:f4:cb:3b:68:89:56:c9:51:55:c9:0f:3b:53:
25:68:f6:31:30:cc:46:fc:d7:37:fb:77:74:95:f5:
18:fb:e6:1d:e2:a2:55:a6:ab:fb:b1:45:c8:23:fc:
44:7c:26:75:e0:6b:8d:84:b7:cc:7a:5c:1c:70:a8:
fe:ef:db:89:07:9b:0a:09:75:7a:7a:15:10:e0:00:
96:75:d4:0d:73:25:08:d1:7e:25:3f:52:40:f7:f6:
51:60:31:f1:07:5a:4c:0a:b2:37:9d:1d:a1:ad:f3:
d5:00:44:89:88:b1:7e:fa:98:4f:c1:da:64:f1:4c:
ad:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:9D:94:DB:41:44:AB:1F:18:13:0B:CB:8C:37:C5:40:CA:84:44:FB
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/i52U20FEqx8YEwvLjDfFQMqERPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.62.255.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:9a:bd:71:93:ac:33:8b:a5:13:3e:68:25:94:e6:81:ed:f3:
36:28:44:a2:ed:6c:f6:e7:c4:2c:13:ac:89:bc:68:14:48:83:
f6:1b:11:67:c6:3a:6c:09:a5:51:b0:e2:5e:fb:d7:0b:b9:8f:
6b:01:ed:f6:aa:43:e5:b4:34:02:5b:d2:94:83:00:d6:87:c0:
48:2a:0d:d2:c9:41:94:f1:26:39:bc:ca:77:b4:74:cc:24:18:
df:f4:10:32:f3:d1:13:16:41:c6:0b:c1:11:5f:d7:b2:77:46:
c0:6c:75:57:fb:ee:6c:12:ea:1f:9c:ab:bd:9f:05:68:3b:c6:
f9:2b:a4:42:43:e9:11:60:86:42:5a:12:20:aa:20:5d:eb:b2:
28:fb:c0:52:1d:d5:0b:2f:90:ef:a7:ab:ce:ed:76:f7:c5:79:
bc:c0:89:89:49:3d:d5:97:fd:49:be:65:2b:22:f2:40:05:f2:
75:d9:79:8b:9d:49:e3:f2:55:65:45:32:84:23:68:7d:44:0b:
fc:59:61:e5:1b:86:66:28:34:a2:cc:e9:08:2c:a0:19:6a:0f:
d9:a7:c7:82:97:93:e1:9f:5d:dc:a9:d2:e1:db:f3:2c:da:60:
ad:fc:e2:95:c6:e6:73:7f:21:3d:98:ef:24:6e:2c:f8:18:f2:
6c:16:ec:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8KlomDImFDgitxjLMJmL/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDIzMTA1MzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjlkOTRkYjQxNDRhYjFmMTgxMzBiY2I4YzM3YzU0MGNhODQ0NGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcJUhdB8zm/pke6bK5hUmnVoZSLw
2UdsyZGonNfMXiQfxLBz/PcFH7fy0y3TKrkagj7OcwPvQ/xie6bIi1pKyhLklxH0
O2bSlqOxUjH/so9JMSNxWU80DxgV59e1g8ExU+gBwup5IvMSjXN/17WQPftNlNks
PJk7Mu3EgXJ4O0/uyL6+VLlQ5fTLO2iJVslRVckPO1MlaPYxMMxG/Nc3+3d0lfUY
++Yd4qJVpqv7sUXII/xEfCZ14GuNhLfMelwccKj+79uJB5sKCXV6ehUQ4ACWddQN
cyUI0X4lP1JA9/ZRYDHxB1pMCrI3nR2hrfPVAESJiLF++phPwdpk8Uyt2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIudlNtBRKsfGBMLy4w3xUDKhET7MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvaTUyVTIwRkVxeDhZRXd2TGpEZkZRTXFFUlBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbT7/MA0G
CSqGSIb3DQEBCwUAA4IBAQALmr1xk6wzi6UTPmgllOaB7fM2KESi7Wz258QsE6yJ
vGgUSIP2GxFnxjpsCaVRsOJe+9cLuY9rAe32qkPltDQCW9KUgwDWh8BIKg3SyUGU
8SY5vMp3tHTMJBjf9BAy89ETFkHGC8ERX9eyd0bAbHVX++5sEuofnKu9nwVoO8b5
K6RCQ+kRYIZCWhIgqiBd67Io+8BSHdULL5Dvp6vO7Xb3xXm8wImJST3Vl/1JvmUr
IvJABfJ12XmLnUnj8lVlRTKEI2h9RAv8WWHlG4ZmKDSizOkILKAZag/Zp8eCl5Ph
n13cqdLh2/Ms2mCt/OKVxuZzfyE9mO8kbiz4GPJsFuzu
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:08:53 2024 by rpki-client on console-ams.rpki-client.org