Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/UrHAYdhmHUKdSn-0ZMqS6aop0UI.roa
File: UrHAYdhmHUKdSn-0ZMqS6aop0UI.roa (raw, json)
Hash identifier: AdTTGoHNWcnh2+X3qdQFtyl/btsVsPR8WSSycArUQ2g=
Subject key identifier: 52:B1:C0:61:D8:66:1D:42:9D:4A:7F:B4:64:CA:92:E9:AA:29:D1:42
Certificate issuer: /CN=66feef09c450990af34779ce701be6cd54b3d924
Certificate serial: 018D78D70ADF14983BF003187A1E30C5A8F1
Authority key identifier: 66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/UrHAYdhmHUKdSn-0ZMqS6aop0UI.roa
Signing time: Mon 05 Feb 2024 10:36:15 +0000
ROA not before: Mon 05 Feb 2024 10:36:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35179
IP address blocks: 79.110.192.0/20 maxlen: 24
83.168.72.0/21 maxlen: 24
83.168.100.0/22 maxlen: 24
83.168.108.0/23 maxlen: 23
185.49.29.0/24 maxlen: 24
185.49.30.0/23 maxlen: 23
193.239.56.0/22 maxlen: 24
2a01:96e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:78:d7:0a:df:14:98:3b:f0:03:18:7a:1e:30:c5:a8:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66feef09c450990af34779ce701be6cd54b3d924
Validity
Not Before: Feb 5 10:36:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52b1c061d8661d429d4a7fb464ca92e9aa29d142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:bf:46:d6:da:56:00:ba:75:39:56:7a:c4:4a:
95:1c:dd:78:07:84:ff:c6:03:db:07:de:ab:4d:3e:
27:64:0a:7f:bc:e9:38:60:66:92:71:bf:8a:93:a6:
b6:88:f1:89:3c:a4:48:fe:b6:c8:1b:80:37:76:13:
04:e4:eb:49:b9:47:64:39:51:ff:c5:4c:15:e6:ee:
fb:a0:7e:5e:d1:03:c2:c9:b7:33:db:b8:b4:29:6b:
ff:d6:bd:39:19:ac:05:f3:1a:99:95:a8:e3:55:18:
a0:7e:2e:4d:0e:c1:0d:5d:e0:1a:75:d8:47:7a:06:
81:ce:79:4a:96:44:8c:1f:02:7c:0b:60:f6:c1:a8:
59:3e:6d:38:d0:43:74:e3:4f:4b:2d:b9:58:a3:3f:
be:5d:43:ba:70:58:99:e3:3d:12:3b:5f:50:e2:7a:
06:f9:e3:30:9d:4a:36:b1:3e:f1:f5:a0:d5:54:05:
22:52:73:49:ef:54:7b:bb:04:b7:ce:14:3c:2b:66:
da:9c:42:2e:db:02:6b:8c:45:52:5d:ef:0b:40:bd:
a5:91:ef:1d:25:2f:5f:8a:43:d8:bf:c3:6e:75:7e:
5f:ca:d4:68:ce:89:02:bb:7e:3e:88:a5:20:1f:e9:
c5:b9:8f:9c:d2:1c:2c:36:cc:c1:16:50:f1:3a:e1:
a1:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B1:C0:61:D8:66:1D:42:9D:4A:7F:B4:64:CA:92:E9:AA:29:D1:42
X509v3 Authority Key Identifier:
keyid:66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/UrHAYdhmHUKdSn-0ZMqS6aop0UI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.192.0/20
83.168.72.0/21
83.168.100.0/22
83.168.108.0/23
185.49.29.0-185.49.31.255
193.239.56.0/22
IPv6:
2a01:96e0::/32
Signature Algorithm: sha256WithRSAEncryption
2b:9e:d3:cd:cb:c0:24:4a:21:9b:cb:40:2d:f4:57:b0:ef:0f:
ca:e5:fb:f9:a7:b7:8c:76:1c:89:33:d4:83:c0:cc:9c:d4:1d:
11:ad:a0:6f:d3:fc:66:cf:7e:72:d7:df:cf:52:d9:01:05:7a:
c2:33:fa:13:4e:b7:61:7c:1e:84:92:f3:50:fd:0f:41:d3:1a:
ec:7a:2e:ef:5c:53:cb:23:cd:0b:eb:1d:49:59:c5:48:d0:17:
07:7e:19:4f:89:da:f6:b1:b3:9e:5c:bc:5e:41:fb:c5:92:06:
4e:63:9d:4a:43:44:e4:38:61:ed:6f:43:41:8b:6e:6e:07:fc:
cc:5d:32:21:26:05:a5:f4:17:cb:0c:b3:85:80:f1:d9:c3:7d:
af:6c:51:6b:f9:37:89:a0:66:5c:ae:61:3c:5a:38:64:d4:9e:
0d:1d:db:a4:4b:cb:c6:24:6a:36:a3:b5:25:0b:c1:c5:53:43:
22:a3:0d:40:b2:04:9e:22:1f:38:21:37:5a:0f:13:61:a1:35:
0e:e9:15:0c:45:c2:85:4d:58:b8:34:70:ed:8c:ab:6f:ba:ff:
0e:95:9e:4a:92:d6:71:1d:ca:f3:87:55:1f:b8:e8:a5:6f:c3:
bd:79:f6:55:b6:44:7d:f3:75:e6:a0:59:96:7c:1f:cf:97:fc:
2b:6c:d1:f8
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAY141wrfFJg78AMYeh4wxajxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmVlZjA5YzQ1MDk5MGFmMzQ3NzljZTcwMWJlNmNkNTRi
M2Q5MjQwHhcNMjQwMjA1MTAzNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmIxYzA2MWQ4NjYxZDQyOWQ0YTdmYjQ2NGNhOTJlOWFhMjlkMTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhr9G1tpWALp1OVZ6xEqVHN14B4T/
xgPbB96rTT4nZAp/vOk4YGaScb+Kk6a2iPGJPKRI/rbIG4A3dhME5OtJuUdkOVH/
xUwV5u77oH5e0QPCybcz27i0KWv/1r05GawF8xqZlajjVRigfi5NDsENXeAaddhH
egaBznlKlkSMHwJ8C2D2wahZPm040EN0409LLblYoz++XUO6cFiZ4z0SO19Q4noG
+eMwnUo2sT7x9aDVVAUiUnNJ71R7uwS3zhQ8K2banEIu2wJrjEVSXe8LQL2lke8d
JS9fikPYv8NudX5fytRozokCu34+iKUgH+nFuY+c0hwsNszBFlDxOuGhgQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFFKxwGHYZh1CnUp/tGTKkumqKdFCMB8GA1UdIwQY
MBaAFGb+7wnEUJkK80d5znAb5s1Us9kkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYt
ODI0NTFmMzNmNGNhLzEvVXJIQVlkaG1IVUtkU24tMFpNcVM2YW9wMFVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYtODI0NTFmMzNmNGNh
LzEvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQET27AAwQD
U6hIAwQCU6hkAwQBU6hsMAwDBAC5MR0DBAW5MQADBALB7zgwDQQCAAIwBwMFACoB
luAwDQYJKoZIhvcNAQELBQADggEBACue083LwCRKIZvLQC30V7DvD8rl+/mnt4x2
HIkz1IPAzJzUHRGtoG/T/GbPfnLX389S2QEFesIz+hNOt2F8HoSS81D9D0HTGux6
Lu9cU8sjzQvrHUlZxUjQFwd+GU+J2vaxs55cvF5B+8WSBk5jnUpDROQ4Ye1vQ0GL
bm4H/MxdMiEmBaX0F8sMs4WA8dnDfa9sUWv5N4mgZlyuYTxaOGTUng0d26RLy8Yk
ajajtSULwcVTQyKjDUCyBJ4iHzghN1oPE2GhNQ7pFQxFwoVNWLg0cO2Mq2+6/w6V
nkqS1nEdyvOHVR+46KVvw7159lW2RH3zdeagWZZ8H8+X/Cts0fg=
-----END CERTIFICATE-----
Generated at Wed Jun 26 12:50:32 2024 by rpki-client on console-ams.rpki-client.org