Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/e8f452-be70-4176-9da0-e689bf57dd27/1/uNzV_W8u3DPYsIaOGq6PU1w-VUg.roa
File: uNzV_W8u3DPYsIaOGq6PU1w-VUg.roa (raw, json)
Hash identifier: K49H9Kd0ltOLycuI9ENBI+1OWWRGdPkA7EYFHWJ0mLQ=
Subject key identifier: B8:DC:D5:FD:6F:2E:DC:33:D8:B0:86:8E:1A:AE:8F:53:5C:3E:55:48
Certificate issuer: /CN=d0041ff7980379b798049256868dff39819c2604
Certificate serial: 018CC64B6AE4C36137FA7E6F1A1E88ACA0C9
Authority key identifier: D0:04:1F:F7:98:03:79:B7:98:04:92:56:86:8D:FF:39:81:9C:26:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0AQf95gDebeYBJJWho3_OYGcJgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/e8f452-be70-4176-9da0-e689bf57dd27/1/uNzV_W8u3DPYsIaOGq6PU1w-VUg.roa
Signing time: Mon 01 Jan 2024 18:31:20 +0000
ROA not before: Mon 01 Jan 2024 18:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35804
IP address blocks: 213.111.128.0/18 maxlen: 18
213.111.128.0/19 maxlen: 19
194.79.62.0/24 maxlen: 24
194.79.60.0/24 maxlen: 24
194.79.60.0/22 maxlen: 22
194.79.63.0/24 maxlen: 24
194.79.61.0/24 maxlen: 24
2a00:ede0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/e8f452-be70-4176-9da0-e689bf57dd27/1/0AQf95gDebeYBJJWho3_OYGcJgQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/e8f452-be70-4176-9da0-e689bf57dd27/1/0AQf95gDebeYBJJWho3_OYGcJgQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/0AQf95gDebeYBJJWho3_OYGcJgQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:03:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:6a:e4:c3:61:37:fa:7e:6f:1a:1e:88:ac:a0:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0041ff7980379b798049256868dff39819c2604
Validity
Not Before: Jan 1 18:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8dcd5fd6f2edc33d8b0868e1aae8f535c3e5548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:88:6d:39:01:ce:96:99:57:33:57:65:2d:ef:
81:42:3b:fd:82:65:96:80:ab:3d:13:67:00:38:d5:
f0:63:44:bc:da:a5:6a:f1:3d:fd:b7:77:5e:1f:25:
eb:fd:28:d9:46:2f:ba:7e:34:f1:30:d7:6b:b0:f5:
10:5e:0c:77:f6:b3:75:e0:af:7a:dc:cf:6e:e1:e7:
bc:45:9e:de:4d:6c:16:eb:5d:30:de:3b:4a:50:e9:
96:ea:61:90:89:42:12:9d:50:db:7f:96:64:c0:8f:
1a:14:54:90:78:68:a6:95:7d:6b:5e:38:79:b0:df:
99:43:83:c5:87:40:be:38:3f:45:04:7c:14:d0:7f:
81:95:6a:2a:a8:b5:6a:9f:b4:8a:68:d2:ff:b3:37:
6c:88:3a:ab:39:5d:9f:1d:9c:e0:ca:e6:13:4f:07:
62:4b:0e:a4:2f:f0:db:5b:71:c8:b6:b3:26:74:f1:
d1:1f:66:13:20:96:73:51:b0:cd:a8:5f:20:56:61:
48:67:37:b0:01:02:3f:af:1f:04:7e:db:8c:ae:e5:
6c:15:f8:0f:90:b7:c9:8e:ab:62:af:f4:2b:8e:0c:
d6:c5:be:09:d3:73:a2:75:77:b8:51:85:de:68:5f:
9f:0a:79:a2:8a:e6:09:66:13:8d:5a:bc:5c:02:7b:
5b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:DC:D5:FD:6F:2E:DC:33:D8:B0:86:8E:1A:AE:8F:53:5C:3E:55:48
X509v3 Authority Key Identifier:
keyid:D0:04:1F:F7:98:03:79:B7:98:04:92:56:86:8D:FF:39:81:9C:26:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AQf95gDebeYBJJWho3_OYGcJgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/e8f452-be70-4176-9da0-e689bf57dd27/1/uNzV_W8u3DPYsIaOGq6PU1w-VUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/e8f452-be70-4176-9da0-e689bf57dd27/1/0AQf95gDebeYBJJWho3_OYGcJgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.79.60.0/22
213.111.128.0/18
IPv6:
2a00:ede0::/32
Signature Algorithm: sha256WithRSAEncryption
48:8d:c8:80:f5:aa:98:ea:56:66:25:24:4a:8a:d5:e4:77:2c:
f1:73:ef:7a:09:03:de:f5:72:31:ed:61:da:87:ce:c2:5a:84:
cd:ca:c8:17:29:de:de:fc:79:1c:98:2b:02:49:84:3c:bc:3e:
05:f2:95:80:d6:3f:f6:21:67:02:d9:9f:da:6b:5c:5a:5f:c4:
95:b2:0a:41:d1:56:ea:26:91:de:64:06:ae:ef:77:b2:af:d6:
88:af:13:ea:fd:50:47:54:27:c2:e8:7c:46:52:03:73:73:4f:
c7:78:d7:6d:43:90:98:0b:c9:a5:c5:d1:85:9a:59:19:63:9e:
42:8d:c9:28:be:ca:d3:54:f6:3d:3a:75:dc:58:5d:89:3f:36:
fc:fd:e0:72:f8:34:8f:db:76:d0:a5:1a:b0:21:1b:29:72:b8:
e3:40:9c:14:04:c8:ac:00:6f:19:99:c1:86:5d:91:84:9f:57:
2e:e3:b2:c2:5c:65:6a:2f:85:c5:06:a2:81:a0:7c:af:c9:72:
ee:af:7b:a0:ee:6a:58:8b:7f:eb:19:ed:13:76:78:b9:31:a9:
56:2c:0b:fe:b8:3a:d1:5b:3f:18:3e:da:20:66:91:ec:82:bf:
8c:34:2c:9f:6e:0b:42:19:60:03:92:34:1e:03:eb:e7:5f:b9:
87:29:9e:85
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGS2rkw2E3+n5vGh6IrKDJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMDQxZmY3OTgwMzc5Yjc5ODA0OTI1Njg2OGRmZjM5ODE5
YzI2MDQwHhcNMjQwMTAxMTgzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGRjZDVmZDZmMmVkYzMzZDhiMDg2OGUxYWFlOGY1MzVjM2U1NTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4htOQHOlplXM1dlLe+BQjv9gmWW
gKs9E2cAONXwY0S82qVq8T39t3deHyXr/SjZRi+6fjTxMNdrsPUQXgx39rN14K96
3M9u4ee8RZ7eTWwW610w3jtKUOmW6mGQiUISnVDbf5ZkwI8aFFSQeGimlX1rXjh5
sN+ZQ4PFh0C+OD9FBHwU0H+BlWoqqLVqn7SKaNL/szdsiDqrOV2fHZzgyuYTTwdi
Sw6kL/DbW3HItrMmdPHRH2YTIJZzUbDNqF8gVmFIZzewAQI/rx8EftuMruVsFfgP
kLfJjqtir/QrjgzWxb4J03OidXe4UYXeaF+fCnmiiuYJZhONWrxcAntbswIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLjc1f1vLtwz2LCGjhquj1NcPlVIMB8GA1UdIwQY
MBaAFNAEH/eYA3m3mASSVoaN/zmBnCYEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFRZjk1Z0RlYmVZQkpKV2hvM19PWUdjSmdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9lOGY0NTItYmU3MC00MTc2LTlkYTAt
ZTY4OWJmNTdkZDI3LzEvdU56Vl9XOHUzRFBZc0lhT0dxNlBVMXctVlVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9lOGY0NTItYmU3MC00MTc2LTlkYTAtZTY4OWJmNTdkZDI3
LzEvMEFRZjk1Z0RlYmVZQkpKV2hvM19PWUdjSmdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCwk88AwQG
1W+AMA0EAgACMAcDBQAqAO3gMA0GCSqGSIb3DQEBCwUAA4IBAQBIjciA9aqY6lZm
JSRKitXkdyzxc+96CQPe9XIx7WHah87CWoTNysgXKd7e/HkcmCsCSYQ8vD4F8pWA
1j/2IWcC2Z/aa1xaX8SVsgpB0VbqJpHeZAau73eyr9aIrxPq/VBHVCfC6HxGUgNz
c0/HeNdtQ5CYC8mlxdGFmlkZY55CjckovsrTVPY9OnXcWF2JPzb8/eBy+DSP23bQ
pRqwIRspcrjjQJwUBMisAG8ZmcGGXZGEn1cu47LCXGVqL4XFBqKBoHyvyXLur3ug
7mpYi3/rGe0Tdni5MalWLAv+uDrRWz8YPtogZpHsgr+MNCyfbgtCGWADkjQeA+vn
X7mHKZ6F
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:46:58 2024 by rpki-client on console-ams.rpki-client.org