Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/uqRfirZTIXb7xxOCDrTrMPCf2jA.roa
File: uqRfirZTIXb7xxOCDrTrMPCf2jA.roa (raw, json)
Hash identifier: LEO4nS7gNsg/JyumRdK4qUBOlJE1pYTDb0uC9m2NrMc=
Subject key identifier: BA:A4:5F:8A:B6:53:21:76:FB:C7:13:82:0E:B4:EB:30:F0:9F:DA:30
Certificate issuer: /CN=85370cc5d260f3e2aeff5dd8f8f4a415a2345a81
Certificate serial: 018CC9BBED577A360691474F7DB20D7C9A84
Authority key identifier: 85:37:0C:C5:D2:60:F3:E2:AE:FF:5D:D8:F8:F4:A4:15:A2:34:5A:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/uqRfirZTIXb7xxOCDrTrMPCf2jA.roa
Signing time: Tue 02 Jan 2024 10:33:05 +0000
ROA not before: Tue 02 Jan 2024 10:33:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34702
IP address blocks: 80.79.112.0/20 maxlen: 20
185.246.184.0/22 maxlen: 22
46.22.208.0/20 maxlen: 20
2a01:97a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.mft
rsync://rpki.ripe.net/repository/DEFAULT/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:ed:57:7a:36:06:91:47:4f:7d:b2:0d:7c:9a:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85370cc5d260f3e2aeff5dd8f8f4a415a2345a81
Validity
Not Before: Jan 2 10:33:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=baa45f8ab6532176fbc713820eb4eb30f09fda30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:17:01:8e:54:d8:bd:9a:34:c7:97:57:a5:39:
61:41:dd:20:e8:5a:77:ba:9d:bd:ed:a2:d4:1b:91:
79:e9:38:47:bc:34:1d:96:dc:4e:dd:5c:19:5e:0a:
41:54:c9:04:42:cc:02:d5:66:05:be:5c:75:41:6a:
e7:3b:3b:c8:e1:87:92:fc:71:07:47:0b:45:46:51:
9f:b7:db:93:1c:a6:58:fa:35:1f:ab:f5:65:8f:e1:
17:2d:24:b2:41:35:31:21:4c:57:b8:25:1f:7e:20:
d8:53:dd:ca:b0:9b:e7:09:0b:e4:0e:70:bb:01:f5:
6c:fd:cf:50:ad:88:62:76:60:6c:a4:18:44:0a:bf:
fb:c5:a1:ee:be:5c:b0:ba:07:9e:73:1d:b0:9a:d7:
2d:f4:26:5a:d6:79:7a:54:92:43:55:ca:d8:5e:c6:
01:4d:36:6b:71:12:a3:0a:b9:63:8b:28:e4:74:92:
29:13:3e:ef:94:3d:8f:1b:fc:2b:cf:0e:53:e3:39:
7b:86:25:cd:ca:09:48:70:59:6b:65:aa:67:4d:ea:
e3:c7:1e:d8:7c:7b:d3:d7:6e:4e:28:fd:3c:cd:66:
d2:4c:eb:12:81:1a:ef:84:84:df:22:8a:e6:88:4e:
c2:0c:77:c2:12:a1:93:db:8e:93:b1:91:50:b8:9d:
05:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:A4:5F:8A:B6:53:21:76:FB:C7:13:82:0E:B4:EB:30:F0:9F:DA:30
X509v3 Authority Key Identifier:
keyid:85:37:0C:C5:D2:60:F3:E2:AE:FF:5D:D8:F8:F4:A4:15:A2:34:5A:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/uqRfirZTIXb7xxOCDrTrMPCf2jA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.208.0/20
80.79.112.0/20
185.246.184.0/22
IPv6:
2a01:97a0::/32
Signature Algorithm: sha256WithRSAEncryption
ba:6d:13:2e:1b:2d:72:93:fa:85:1f:9e:aa:dc:21:57:df:d8:
3d:8a:d2:17:57:48:89:af:9d:40:59:aa:5a:61:d3:e4:ef:29:
38:cb:12:4e:a1:94:33:3c:cb:91:67:20:77:68:5d:79:d6:cf:
e5:c3:d9:81:1d:96:14:2c:c0:2a:3e:5d:47:0d:ab:95:d1:a6:
a2:fb:11:a7:0d:c1:8f:1d:56:09:ad:88:70:1c:17:9d:c8:b6:
7e:37:b5:f6:57:65:06:f4:27:04:de:ae:d0:d5:77:3f:a0:16:
71:5d:79:1d:3b:70:e2:ac:0b:f0:c6:e7:b9:45:eb:0e:53:24:
24:8c:a9:5d:af:0a:6e:05:af:d2:e3:be:fb:e1:ab:7a:ea:ed:
5a:82:96:de:fe:9a:ab:4e:07:9a:82:de:e3:62:ee:2e:35:ca:
50:9c:18:67:46:7e:5c:78:27:39:71:a4:28:57:e7:bc:67:53:
dd:ea:05:0f:d0:41:ba:1d:76:a5:15:dc:b7:ac:e9:63:0e:fe:
6b:49:14:85:5a:16:57:b7:10:f3:30:25:e1:ff:c1:12:6e:10:
90:5e:64:de:c5:e6:14:9f:52:36:ce:ed:52:23:a6:8a:19:07:
a1:7d:15:07:87:8c:05:5b:02:eb:d2:58:d5:43:86:4a:fd:7f:
13:23:b7:39
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzJu+1XejYGkUdPfbINfJqEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzcwY2M1ZDI2MGYzZTJhZWZmNWRkOGY4ZjRhNDE1YTIz
NDVhODEwHhcNMjQwMTAyMTAzMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWE0NWY4YWI2NTMyMTc2ZmJjNzEzODIwZWI0ZWIzMGYwOWZkYTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBcBjlTYvZo0x5dXpTlhQd0g6Fp3
up297aLUG5F56ThHvDQdltxO3VwZXgpBVMkEQswC1WYFvlx1QWrnOzvI4YeS/HEH
RwtFRlGft9uTHKZY+jUfq/Vlj+EXLSSyQTUxIUxXuCUffiDYU93KsJvnCQvkDnC7
AfVs/c9QrYhidmBspBhECr/7xaHuvlywugeecx2wmtct9CZa1nl6VJJDVcrYXsYB
TTZrcRKjCrljiyjkdJIpEz7vlD2PG/wrzw5T4zl7hiXNyglIcFlrZapnTerjxx7Y
fHvT125OKP08zWbSTOsSgRrvhITfIormiE7CDHfCEqGT246TsZFQuJ0FOQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLqkX4q2UyF2+8cTgg606zDwn9owMB8GA1UdIwQY
MBaAFIU3DMXSYPPirv9d2Pj0pBWiNFqBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRjTXhkSmc4LUt1XzEzWS1QU2tGYUkwV29FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80ZjcyNDYtY2U4Zi00NGY4LWE4MzEt
YWU2MGJlYTA2YTljLzEvdXFSZmlyWlRJWGI3eHhPQ0RyVHJNUENmMmpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80ZjcyNDYtY2U4Zi00NGY4LWE4MzEtYWU2MGJlYTA2YTlj
LzEvaFRjTXhkSmc4LUt1XzEzWS1QU2tGYUkwV29FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQELhbQAwQE
UE9wAwQCufa4MA0EAgACMAcDBQAqAZegMA0GCSqGSIb3DQEBCwUAA4IBAQC6bRMu
Gy1yk/qFH56q3CFX39g9itIXV0iJr51AWapaYdPk7yk4yxJOoZQzPMuRZyB3aF15
1s/lw9mBHZYULMAqPl1HDauV0aai+xGnDcGPHVYJrYhwHBedyLZ+N7X2V2UG9CcE
3q7Q1Xc/oBZxXXkdO3DirAvwxue5ResOUyQkjKldrwpuBa/S47774at66u1agpbe
/pqrTgeagt7jYu4uNcpQnBhnRn5ceCc5caQoV+e8Z1Pd6gUP0EG6HXalFdy3rOlj
Dv5rSRSFWhZXtxDzMCXh/8ESbhCQXmTexeYUn1I2zu1SI6aKGQehfRUHh4wFWwLr
0ljVQ4ZK/X8TI7c5
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:11:21 2024 by rpki-client on console-ams.rpki-client.org