Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ea27f3-db74-4963-a18c-035281289bb0/1/uPCnUu5exW5Hw22pVmnM2Yvww2M.roa
File: uPCnUu5exW5Hw22pVmnM2Yvww2M.roa (raw, json)
Hash identifier: gLam/T1B99Ir5g7kXXYc817xxCtveLhvCEknOvn+/lI=
Subject key identifier: B8:F0:A7:52:EE:5E:C5:6E:47:C3:6D:A9:56:69:CC:D9:8B:F0:C3:63
Certificate issuer: /CN=597487472d37cbd726181f9f3a20386f039b3ba8
Certificate serial: 018CC9BC94A953B42F03E34BE726BA074A1F
Authority key identifier: 59:74:87:47:2D:37:CB:D7:26:18:1F:9F:3A:20:38:6F:03:9B:3B:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXSHRy03y9cmGB-fOiA4bwObO6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/ea27f3-db74-4963-a18c-035281289bb0/1/uPCnUu5exW5Hw22pVmnM2Yvww2M.roa
Signing time: Tue 02 Jan 2024 10:33:48 +0000
ROA not before: Tue 02 Jan 2024 10:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41998
IP address blocks: 194.76.4.0/24 maxlen: 24
194.76.3.0/24 maxlen: 24
194.76.2.0/24 maxlen: 24
194.76.7.0/24 maxlen: 24
194.76.6.0/24 maxlen: 24
194.76.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/ea27f3-db74-4963-a18c-035281289bb0/1/WXSHRy03y9cmGB-fOiA4bwObO6g.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/ea27f3-db74-4963-a18c-035281289bb0/1/WXSHRy03y9cmGB-fOiA4bwObO6g.mft
rsync://rpki.ripe.net/repository/DEFAULT/WXSHRy03y9cmGB-fOiA4bwObO6g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:94:a9:53:b4:2f:03:e3:4b:e7:26:ba:07:4a:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=597487472d37cbd726181f9f3a20386f039b3ba8
Validity
Not Before: Jan 2 10:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8f0a752ee5ec56e47c36da95669ccd98bf0c363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a7:e7:c3:1f:40:08:0e:4a:ee:91:ad:4b:4d:
c0:cf:e1:8e:5e:c2:51:2d:24:5e:aa:a0:d5:77:c1:
38:83:32:c5:20:0d:c5:12:6a:79:78:78:c7:e3:f3:
82:8a:91:b9:0a:c4:4a:dd:1d:1c:04:38:88:37:df:
d0:d8:90:1a:80:d6:c2:85:54:9e:05:a8:20:a3:06:
cd:4b:b5:bf:f7:b5:0c:c9:db:d7:01:fb:8f:6f:67:
b5:0c:c5:ab:48:a3:6a:f2:08:6a:e5:0a:2b:a3:4d:
87:8b:9d:61:f4:2b:91:be:77:ef:d4:a8:49:90:cc:
a8:b1:89:34:c2:60:2e:4e:cf:b1:f4:74:8f:f2:d9:
c0:79:53:9b:8a:48:dd:6a:83:47:9f:e8:fa:76:f1:
8d:51:48:85:f8:54:3d:0e:60:f7:74:6d:70:c3:99:
4a:a9:f1:30:9d:7e:eb:9f:43:94:4c:af:7d:ed:2e:
7c:9b:c4:1c:f0:72:f7:2d:95:2c:7f:38:ef:dc:c9:
7e:a1:78:78:65:29:e1:d2:53:43:3d:e7:5a:8c:2e:
d6:47:83:f9:3a:8f:a7:6a:52:2f:2d:b6:82:59:12:
4a:24:ff:16:c8:6e:d4:3b:a2:4d:7f:37:21:e5:a4:
e0:33:20:a5:5d:41:48:68:fb:80:f3:39:2f:f7:2f:
3d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:F0:A7:52:EE:5E:C5:6E:47:C3:6D:A9:56:69:CC:D9:8B:F0:C3:63
X509v3 Authority Key Identifier:
keyid:59:74:87:47:2D:37:CB:D7:26:18:1F:9F:3A:20:38:6F:03:9B:3B:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXSHRy03y9cmGB-fOiA4bwObO6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ea27f3-db74-4963-a18c-035281289bb0/1/uPCnUu5exW5Hw22pVmnM2Yvww2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ea27f3-db74-4963-a18c-035281289bb0/1/WXSHRy03y9cmGB-fOiA4bwObO6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.2.0-194.76.7.255
Signature Algorithm: sha256WithRSAEncryption
76:fc:2c:c6:7b:a7:de:4e:78:0a:69:cb:79:5c:4f:ce:ef:88:
9f:e1:9c:b2:23:f7:e9:2e:3c:61:cd:85:97:cc:b8:28:a5:5b:
81:ac:3b:f0:9f:9a:9e:43:56:77:0d:8d:3c:24:42:56:22:84:
66:64:43:49:42:19:dd:64:06:2a:7e:a5:7b:7a:99:6a:29:b9:
20:53:5d:ca:0c:e3:fc:d8:0f:45:4e:cc:d7:9b:d1:a9:71:b1:
e8:59:e9:c5:5c:2d:04:30:a8:aa:d7:0e:cf:19:5a:46:44:85:
0d:14:0d:04:74:45:10:4f:6f:e7:f9:03:9e:9e:50:6b:17:1b:
ce:26:01:fb:48:07:7a:dd:5d:79:5b:40:4d:e9:d6:98:c7:fd:
b9:73:6b:e6:3e:83:7e:3d:ab:33:b6:c1:d8:00:db:77:22:91:
ae:aa:2f:aa:76:37:88:4e:a0:8a:44:5f:e2:22:10:00:41:55:
fd:80:a2:d3:54:5b:3a:37:c3:63:c9:0c:b8:bc:6e:46:11:03:
87:73:17:02:ea:54:ef:0d:b7:16:81:8c:ee:1f:59:9b:f7:5f:
0b:f5:b7:42:d3:75:34:12:8f:9e:7f:d6:9d:95:05:67:cd:36:
01:d6:44:3a:ec:62:18:4d:45:88:0f:95:df:fa:55:d0:22:aa:
95:2e:1b:c2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzJvJSpU7QvA+NL5ya6B0ofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NzQ4NzQ3MmQzN2NiZDcyNjE4MWY5ZjNhMjAzODZmMDM5
YjNiYTgwHhcNMjQwMTAyMTAzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGYwYTc1MmVlNWVjNTZlNDdjMzZkYTk1NjY5Y2NkOThiZjBjMzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKfnwx9ACA5K7pGtS03Az+GOXsJR
LSReqqDVd8E4gzLFIA3FEmp5eHjH4/OCipG5CsRK3R0cBDiIN9/Q2JAagNbChVSe
BaggowbNS7W/97UMydvXAfuPb2e1DMWrSKNq8ghq5Qoro02Hi51h9CuRvnfv1KhJ
kMyosYk0wmAuTs+x9HSP8tnAeVObikjdaoNHn+j6dvGNUUiF+FQ9DmD3dG1ww5lK
qfEwnX7rn0OUTK997S58m8Qc8HL3LZUsfzjv3Ml+oXh4ZSnh0lNDPedajC7WR4P5
Oo+nalIvLbaCWRJKJP8WyG7UO6JNfzch5aTgMyClXUFIaPuA8zkv9y899QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLjwp1LuXsVuR8NtqVZpzNmL8MNjMB8GA1UdIwQY
MBaAFFl0h0ctN8vXJhgfnzogOG8DmzuoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hTSFJ5MDN5OWNtR0ItZk9pQTRid09iTzZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9lYTI3ZjMtZGI3NC00OTYzLWExOGMt
MDM1MjgxMjg5YmIwLzEvdVBDblV1NWV4VzVIdzIycFZtbk0yWXZ3dzJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9lYTI3ZjMtZGI3NC00OTYzLWExOGMtMDM1MjgxMjg5YmIw
LzEvV1hTSFJ5MDN5OWNtR0ItZk9pQTRid09iTzZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHCTAID
BAPCTAAwDQYJKoZIhvcNAQELBQADggEBAHb8LMZ7p95OeAppy3lcT87viJ/hnLIj
9+kuPGHNhZfMuCilW4GsO/Cfmp5DVncNjTwkQlYihGZkQ0lCGd1kBip+pXt6mWop
uSBTXcoM4/zYD0VOzNeb0alxsehZ6cVcLQQwqKrXDs8ZWkZEhQ0UDQR0RRBPb+f5
A56eUGsXG84mAftIB3rdXXlbQE3p1pjH/blza+Y+g349qzO2wdgA23cika6qL6p2
N4hOoIpEX+IiEABBVf2AotNUWzo3w2PJDLi8bkYRA4dzFwLqVO8NtxaBjO4fWZv3
Xwv1t0LTdTQSj55/1p2VBWfNNgHWRDrsYhhNRYgPld/6VdAiqpUuG8I=
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:21:15 2024 by rpki-client on console-ams.rpki-client.org