Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/985be9-9781-4fda-b7f3-0df07a908fbf/1/uYOMtSA-0ZVyzDuIHfDemlembZk.roa
File: uYOMtSA-0ZVyzDuIHfDemlembZk.roa (raw, json)
Hash identifier: otAbd0YTdBCJXFv9VgYbH9JvTpFtFh1xaxZ6ZR6kuKg=
Subject key identifier: B9:83:8C:B5:20:3E:D1:95:72:CC:3B:88:1D:F0:DE:9A:57:A6:6D:99
Certificate issuer: /CN=a76b7b9f7fd66943927c60dcf1212ddc07df0523
Certificate serial: 018DA6C36DBD8D938898055F14F150C1F8F5
Authority key identifier: A7:6B:7B:9F:7F:D6:69:43:92:7C:60:DC:F1:21:2D:DC:07:DF:05:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p2t7n3_WaUOSfGDc8SEt3AffBSM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/985be9-9781-4fda-b7f3-0df07a908fbf/1/uYOMtSA-0ZVyzDuIHfDemlembZk.roa
Signing time: Wed 14 Feb 2024 08:37:21 +0000
ROA not before: Wed 14 Feb 2024 08:37:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59441
IP address blocks: 193.162.129.0/24 maxlen: 24
2a11:1dc0::/29 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/985be9-9781-4fda-b7f3-0df07a908fbf/1/p2t7n3_WaUOSfGDc8SEt3AffBSM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/985be9-9781-4fda-b7f3-0df07a908fbf/1/p2t7n3_WaUOSfGDc8SEt3AffBSM.mft
rsync://rpki.ripe.net/repository/DEFAULT/p2t7n3_WaUOSfGDc8SEt3AffBSM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a6:c3:6d:bd:8d:93:88:98:05:5f:14:f1:50:c1:f8:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a76b7b9f7fd66943927c60dcf1212ddc07df0523
Validity
Not Before: Feb 14 08:37:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9838cb5203ed19572cc3b881df0de9a57a66d99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d2:47:b8:83:ee:52:81:c6:a7:9a:b1:ef:0d:
1c:4a:e5:d9:fa:39:02:79:fc:68:2a:b7:9c:57:e7:
55:a1:47:5b:10:d5:6d:97:b0:9f:dc:67:77:3c:71:
8b:02:f8:8d:93:89:ac:c7:c6:53:b0:22:60:57:c4:
27:ac:55:ea:5f:13:70:9c:9d:03:bc:9b:9d:9e:cc:
6c:ef:31:90:18:36:9a:e8:3c:b8:a0:85:3b:75:48:
01:9c:3f:44:07:6d:9a:38:27:20:03:fd:ef:fb:9f:
dd:a4:41:ab:38:bc:e5:13:e7:55:18:66:23:4f:da:
14:8e:a9:5d:d6:fc:81:70:4c:b4:0b:c9:c8:7b:3b:
1d:70:b0:35:15:cc:0a:5f:79:f2:af:cd:57:22:56:
8a:b4:f9:fd:42:1a:5a:3d:79:e2:16:0b:dc:b6:3d:
c1:54:47:66:bb:44:87:be:6f:87:39:ad:d7:f7:26:
42:b8:74:76:7a:05:a0:c0:10:35:70:3d:17:e2:fa:
62:3f:11:1b:ed:a6:18:b5:85:42:a2:58:89:55:20:
99:62:21:6f:2a:9d:a3:b0:3d:4c:27:d7:8e:19:39:
e5:f8:5e:2e:12:3d:4b:62:d9:3d:81:a2:a2:9f:03:
19:29:90:5c:5e:53:6d:64:49:51:41:a0:0a:d3:72:
f6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:83:8C:B5:20:3E:D1:95:72:CC:3B:88:1D:F0:DE:9A:57:A6:6D:99
X509v3 Authority Key Identifier:
keyid:A7:6B:7B:9F:7F:D6:69:43:92:7C:60:DC:F1:21:2D:DC:07:DF:05:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2t7n3_WaUOSfGDc8SEt3AffBSM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/985be9-9781-4fda-b7f3-0df07a908fbf/1/uYOMtSA-0ZVyzDuIHfDemlembZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/985be9-9781-4fda-b7f3-0df07a908fbf/1/p2t7n3_WaUOSfGDc8SEt3AffBSM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.162.129.0/24
IPv6:
2a11:1dc0::/29
Signature Algorithm: sha256WithRSAEncryption
64:d7:c2:ac:64:15:a0:04:35:a6:8c:b3:37:2b:e6:da:10:0c:
33:63:17:0f:3f:18:d5:03:4a:b0:1c:4c:af:27:70:24:40:fa:
a9:c2:98:ea:28:7d:5d:9f:48:aa:6c:6b:63:4e:de:2f:59:68:
fc:c5:ac:67:d2:9a:d2:d4:15:17:2a:42:7e:61:f2:bf:c6:be:
58:87:87:ba:08:02:d1:42:9e:2a:aa:21:c0:f3:6c:df:fa:0d:
b6:10:c7:a0:10:4d:89:3b:9f:b8:7a:c3:36:85:b0:2c:70:f4:
f6:62:53:19:de:f6:c8:ff:f6:01:65:0d:7d:0a:55:e5:25:7b:
e5:fc:a7:3a:89:e5:28:2a:31:5e:c8:71:b4:03:9b:ab:ec:06:
a8:28:c5:7b:82:99:82:2f:55:5d:fe:1e:09:9f:dc:e5:38:78:
b3:6a:e9:36:68:96:45:0b:55:d0:c4:5a:e4:69:c8:46:29:a0:
95:d7:e7:ac:3f:41:38:00:04:16:87:5e:96:87:27:94:ee:b3:
20:a4:33:3c:da:8d:0c:09:8f:91:55:c1:be:32:c1:ab:55:de:
44:3a:58:41:0e:d8:2a:0a:36:66:f8:c0:91:eb:d5:6c:e8:83:
61:0a:1e:a7:b7:7d:03:10:07:7c:0a:58:ab:16:d4:b8:0d:fb:
72:24:4c:58
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY2mw229jZOImAVfFPFQwfj1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NmI3YjlmN2ZkNjY5NDM5MjdjNjBkY2YxMjEyZGRjMDdk
ZjA1MjMwHhcNMjQwMjE0MDgzNzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTgzOGNiNTIwM2VkMTk1NzJjYzNiODgxZGYwZGU5YTU3YTY2ZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9JHuIPuUoHGp5qx7w0cSuXZ+jkC
efxoKrecV+dVoUdbENVtl7Cf3Gd3PHGLAviNk4msx8ZTsCJgV8QnrFXqXxNwnJ0D
vJudnsxs7zGQGDaa6Dy4oIU7dUgBnD9EB22aOCcgA/3v+5/dpEGrOLzlE+dVGGYj
T9oUjqld1vyBcEy0C8nIezsdcLA1FcwKX3nyr81XIlaKtPn9QhpaPXniFgvctj3B
VEdmu0SHvm+HOa3X9yZCuHR2egWgwBA1cD0X4vpiPxEb7aYYtYVColiJVSCZYiFv
Kp2jsD1MJ9eOGTnl+F4uEj1LYtk9gaKinwMZKZBcXlNtZElRQaAK03L2OQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLmDjLUgPtGVcsw7iB3w3ppXpm2ZMB8GA1UdIwQY
MBaAFKdre59/1mlDknxg3PEhLdwH3wUjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJ0N24zX1dhVU9TZkdEYzhTRXQzQWZmQlNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85ODViZTktOTc4MS00ZmRhLWI3ZjMt
MGRmMDdhOTA4ZmJmLzEvdVlPTXRTQS0wWlZ5ekR1SUhmRGVtbGVtYlprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85ODViZTktOTc4MS00ZmRhLWI3ZjMtMGRmMDdhOTA4ZmJm
LzEvcDJ0N24zX1dhVU9TZkdEYzhTRXQzQWZmQlNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwaKBMA0E
AgACMAcDBQMqER3AMA0GCSqGSIb3DQEBCwUAA4IBAQBk18KsZBWgBDWmjLM3K+ba
EAwzYxcPPxjVA0qwHEyvJ3AkQPqpwpjqKH1dn0iqbGtjTt4vWWj8xaxn0prS1BUX
KkJ+YfK/xr5Yh4e6CALRQp4qqiHA82zf+g22EMegEE2JO5+4esM2hbAscPT2YlMZ
3vbI//YBZQ19ClXlJXvl/Kc6ieUoKjFeyHG0A5ur7AaoKMV7gpmCL1Vd/h4Jn9zl
OHizauk2aJZFC1XQxFrkachGKaCV1+esP0E4AAQWh16WhyeU7rMgpDM82o0MCY+R
VcG+MsGrVd5EOlhBDtgqCjZm+MCR69Vs6INhCh6nt30DEAd8ClirFtS4DftyJExY
-----END CERTIFICATE-----
Generated at Mon Jun 24 08:59:15 2024 by rpki-client on console-ams.rpki-client.org