Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/ufQKk1KwQBRFZafBNF08K_1zCUc.roa
File: ufQKk1KwQBRFZafBNF08K_1zCUc.roa (raw, json)
Hash identifier: CVVNoCD8RpSTzQ2paqkCikAc1fOZMuyywiY6SZF8aIM=
Subject key identifier: B9:F4:0A:93:52:B0:40:14:45:65:A7:C1:34:5D:3C:2B:FD:73:09:47
Certificate issuer: /CN=8c0c7f2ebab7c96111cae687cedd1cd2e9bcd56a
Certificate serial: 018CC79534D1C34005B95162D13CD4324D48
Authority key identifier: 8C:0C:7F:2E:BA:B7:C9:61:11:CA:E6:87:CE:DD:1C:D2:E9:BC:D5:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jAx_Lrq3yWERyuaHzt0c0um81Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/ufQKk1KwQBRFZafBNF08K_1zCUc.roa
Signing time: Tue 02 Jan 2024 00:31:33 +0000
ROA not before: Tue 02 Jan 2024 00:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39039
IP address blocks: 5.134.68.0/22 maxlen: 22
46.31.36.0/22 maxlen: 22
77.95.48.0/21 maxlen: 21
185.170.32.0/22 maxlen: 22
83.243.32.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/jAx_Lrq3yWERyuaHzt0c0um81Wo.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/jAx_Lrq3yWERyuaHzt0c0um81Wo.mft
rsync://rpki.ripe.net/repository/DEFAULT/jAx_Lrq3yWERyuaHzt0c0um81Wo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:34:d1:c3:40:05:b9:51:62:d1:3c:d4:32:4d:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c0c7f2ebab7c96111cae687cedd1cd2e9bcd56a
Validity
Not Before: Jan 2 00:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9f40a9352b040144565a7c1345d3c2bfd730947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:13:8b:a2:1b:61:50:ab:88:16:f5:40:80:a1:
54:9e:b4:36:2b:41:3a:00:ad:c3:85:29:f0:09:ce:
31:6f:d8:4f:dc:f5:94:f9:df:1e:bb:f3:71:ab:c5:
b0:67:90:ac:80:c4:93:2b:a8:69:be:3e:c2:55:d7:
32:c2:94:1f:b9:2f:a6:11:66:92:b3:75:e8:30:d1:
8a:62:b8:93:d9:14:8e:d9:c0:3c:8f:ba:c8:b9:17:
7a:ad:aa:c3:8a:42:5e:cc:28:66:63:a9:21:3e:85:
d7:63:83:d7:a8:cd:0b:ad:a7:69:d6:fd:5f:c3:e0:
f0:e2:75:91:9e:97:2e:36:fc:fc:b1:52:bd:f8:c3:
03:55:29:18:f7:dd:d7:80:df:fb:94:77:8f:f8:0e:
ba:62:70:4e:54:64:ed:f3:3d:40:f8:bb:65:1e:45:
b4:44:eb:31:80:21:38:c5:ff:35:4b:97:74:74:d9:
54:17:2c:99:47:54:17:3b:6d:02:77:25:c4:2d:fd:
17:e8:25:c3:0c:54:b2:b6:3f:10:ce:cb:e4:a8:61:
1c:22:54:03:bf:60:7e:ab:e2:64:43:aa:fc:9e:d7:
40:b8:e3:5b:87:7a:32:7c:17:f1:99:1d:8f:92:6c:
82:81:45:4d:83:6e:2a:22:58:ce:fc:ff:5e:9c:98:
c3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:F4:0A:93:52:B0:40:14:45:65:A7:C1:34:5D:3C:2B:FD:73:09:47
X509v3 Authority Key Identifier:
keyid:8C:0C:7F:2E:BA:B7:C9:61:11:CA:E6:87:CE:DD:1C:D2:E9:BC:D5:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jAx_Lrq3yWERyuaHzt0c0um81Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/ufQKk1KwQBRFZafBNF08K_1zCUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/jAx_Lrq3yWERyuaHzt0c0um81Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.68.0/22
46.31.36.0/22
77.95.48.0/21
83.243.32.0/21
185.170.32.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:4d:81:b8:ea:28:6f:ae:8c:e7:21:65:59:91:90:65:3a:8d:
d5:53:0c:12:9c:7e:98:53:f7:ab:5d:19:69:f4:09:09:e3:ff:
24:65:5a:8c:d1:6d:60:43:42:47:6b:9e:c2:de:f1:5f:12:de:
24:1a:27:45:91:11:16:0f:65:bd:d1:a3:03:c1:e5:51:1f:b1:
ee:9c:98:27:5b:fe:b2:2a:73:4f:e3:5e:e7:98:b2:1d:a3:45:
ec:3c:3a:e8:de:3d:54:9d:2f:79:31:d0:af:cf:50:dd:20:12:
a2:8f:dd:ca:5c:43:93:54:64:ac:3d:fe:80:fd:2d:51:82:2e:
87:55:9e:6f:9d:f4:c3:2e:79:21:ff:0b:06:92:bd:5f:2e:07:
b2:38:90:3b:ce:bc:81:bd:8d:d0:46:3d:be:ae:ea:e2:ce:ac:
dd:d1:15:df:39:26:ad:3a:73:46:c9:37:68:87:cf:f4:2b:d0:
34:42:ed:b6:a3:1f:19:58:b9:57:c8:7b:83:ea:0c:c3:95:29:
e9:9c:7a:8b:f3:a8:8a:5b:b1:38:c6:4b:8e:cf:a9:4e:20:5c:
e2:e3:bc:ae:28:97:19:73:6b:9b:48:76:35:aa:46:fa:ae:8c:
ce:e2:26:0f:7c:d6:26:38:3e:cb:1a:5a:7d:47:84:15:6e:50:
d3:f6:66:82
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzHlTTRw0AFuVFi0TzUMk1IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMGM3ZjJlYmFiN2M5NjExMWNhZTY4N2NlZGQxY2QyZTli
Y2Q1NmEwHhcNMjQwMTAyMDAzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWY0MGE5MzUyYjA0MDE0NDU2NWE3YzEzNDVkM2MyYmZkNzMwOTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8BOLohthUKuIFvVAgKFUnrQ2K0E6
AK3DhSnwCc4xb9hP3PWU+d8eu/Nxq8WwZ5CsgMSTK6hpvj7CVdcywpQfuS+mEWaS
s3XoMNGKYriT2RSO2cA8j7rIuRd6rarDikJezChmY6khPoXXY4PXqM0Lradp1v1f
w+Dw4nWRnpcuNvz8sVK9+MMDVSkY993XgN/7lHeP+A66YnBOVGTt8z1A+LtlHkW0
ROsxgCE4xf81S5d0dNlUFyyZR1QXO20CdyXELf0X6CXDDFSytj8QzsvkqGEcIlQD
v2B+q+JkQ6r8ntdAuONbh3oyfBfxmR2PkmyCgUVNg24qIljO/P9enJjDwQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLn0CpNSsEAURWWnwTRdPCv9cwlHMB8GA1UdIwQY
MBaAFIwMfy66t8lhEcrmh87dHNLpvNVqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakF4X0xycTN5V0VSeXVhSHp0MGMwdW04MVdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9jNzYzODMtNTkxYy00Y2RlLWIyY2Yt
MjUxZDc0ZWQ3NzU0LzEvdWZRS2sxS3dRQlJGWmFmQk5GMDhLXzF6Q1VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9jNzYzODMtNTkxYy00Y2RlLWIyY2YtMjUxZDc0ZWQ3NzU0
LzEvakF4X0xycTN5V0VSeXVhSHp0MGMwdW04MVdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBYZEAwQC
Lh8kAwQDTV8wAwQDU/MgAwQCuaogMA0GCSqGSIb3DQEBCwUAA4IBAQC3TYG46ihv
roznIWVZkZBlOo3VUwwSnH6YU/erXRlp9AkJ4/8kZVqM0W1gQ0JHa57C3vFfEt4k
GidFkREWD2W90aMDweVRH7HunJgnW/6yKnNP417nmLIdo0XsPDro3j1UnS95MdCv
z1DdIBKij93KXEOTVGSsPf6A/S1Rgi6HVZ5vnfTDLnkh/wsGkr1fLgeyOJA7zryB
vY3QRj2+rurizqzd0RXfOSatOnNGyTdoh8/0K9A0Qu22ox8ZWLlXyHuD6gzDlSnp
nHqL86iKW7E4xkuOz6lOIFzi47yuKJcZc2ubSHY1qkb6rozO4iYPfNYmOD7LGlp9
R4QVblDT9maC
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:41:53 2024 by rpki-client on console-fra.rpki-client.org