Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/UUVrIc5Vgx6TFGftdbroQlyw5GY.roa
File: UUVrIc5Vgx6TFGftdbroQlyw5GY.roa (raw, json)
Hash identifier: oL8a6m5WXuJqxJMWnsUj+RjetU8aBSTIRzOKQR/BTSE=
Subject key identifier: 51:45:6B:21:CE:55:83:1E:93:14:67:ED:75:BA:E8:42:5C:B0:E4:66
Certificate issuer: /CN=5aedcb334d39e797817e2eb47703c018b4dc49d5
Certificate serial: 018FF8EFF9DB516488DC5CAE26F7E3BF8275
Authority key identifier: 5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/UUVrIc5Vgx6TFGftdbroQlyw5GY.roa
Signing time: Sat 08 Jun 2024 17:40:27 +0000
ROA not before: Sat 08 Jun 2024 17:40:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39767
IP address blocks: 78.158.72.0/21 maxlen: 21
78.158.80.0/20 maxlen: 21
185.90.140.0/22 maxlen: 22
194.88.12.0/23 maxlen: 23
2a05:e200::/29 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/Wu3LM00555eBfi60dwPAGLTcSdU.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/Wu3LM00555eBfi60dwPAGLTcSdU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 15:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f8:ef:f9:db:51:64:88:dc:5c:ae:26:f7:e3:bf:82:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5aedcb334d39e797817e2eb47703c018b4dc49d5
Validity
Not Before: Jun 8 17:40:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51456b21ce55831e931467ed75bae8425cb0e466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d6:f9:fc:d4:e4:0a:96:c9:52:8e:9f:04:dd:
28:f7:9e:03:9c:98:3f:2d:d2:4b:7f:19:c4:72:7b:
b2:d9:0d:36:90:25:8c:f9:f8:aa:72:d3:b5:07:f4:
7c:f1:66:cb:9c:3d:3f:85:8f:cc:86:7f:2b:af:b6:
86:e7:fd:6b:7a:f5:e7:94:6a:b3:1a:f8:27:c7:00:
64:71:a0:d1:f4:92:4d:f9:12:01:73:05:ad:51:34:
3e:c0:12:5a:2f:24:15:b9:4a:1a:3e:cc:b7:1d:72:
6a:97:b8:f0:53:25:9d:cf:35:66:e5:50:60:80:2e:
e0:54:1a:5d:ee:c1:24:85:b2:5c:e5:33:a6:fc:e4:
5e:22:a5:ee:a5:f5:02:0f:aa:3b:a4:1f:bf:aa:26:
0a:c9:4e:e0:65:ba:b6:a1:0c:9d:8d:3e:a9:61:5d:
fc:03:86:8a:a3:9a:ff:f4:a9:79:ff:8f:d7:b7:a4:
0a:85:6f:2f:34:19:f9:f2:bc:6e:64:6c:18:02:94:
a2:06:f9:68:f5:34:c3:64:19:e0:04:75:ab:4f:f1:
0b:eb:a8:d8:10:fe:3e:21:ca:1a:8e:92:be:3a:6b:
42:c8:9f:f1:35:7b:8a:b3:00:24:7a:34:bf:0b:77:
6f:99:de:98:1d:1d:62:90:a5:1d:e7:25:32:7f:de:
28:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:45:6B:21:CE:55:83:1E:93:14:67:ED:75:BA:E8:42:5C:B0:E4:66
X509v3 Authority Key Identifier:
keyid:5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/UUVrIc5Vgx6TFGftdbroQlyw5GY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/Wu3LM00555eBfi60dwPAGLTcSdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.158.72.0-78.158.95.255
185.90.140.0/22
194.88.12.0/23
IPv6:
2a05:e200::/29
Signature Algorithm: sha256WithRSAEncryption
34:ad:c8:46:3a:0a:b7:2a:9c:6d:cc:bf:ac:b8:bf:df:d2:fe:
de:2b:60:86:c5:3a:17:b4:5f:a6:dd:36:b8:5b:f2:ee:79:e4:
de:07:6f:35:c6:1c:8c:8c:0d:74:33:75:be:e8:16:6f:8d:14:
5a:1e:70:7c:4b:82:04:38:13:d8:fa:4f:3d:f5:bc:e5:7d:a2:
c9:c6:77:28:c3:2d:8c:e0:b7:2c:2b:cb:f7:0b:0d:33:65:5c:
63:6b:86:7e:65:3f:79:03:81:a4:7f:b4:89:27:80:7b:64:d8:
1d:1f:1c:08:c5:e3:d4:7e:b3:91:d0:10:3b:16:7c:b9:4c:51:
32:ba:4e:98:e6:dd:37:31:de:da:64:62:87:92:89:52:7e:d0:
81:50:42:d2:e9:bd:e9:0b:94:b3:e3:95:34:98:1c:ff:00:c2:
ec:9a:2c:34:22:19:c8:c2:86:9d:15:c8:73:16:d2:a4:5f:07:
9e:68:17:e3:5e:b7:6d:64:0f:b7:17:ee:71:71:03:fc:ea:b7:
1f:18:6f:6e:21:4d:62:95:bc:dd:de:99:78:00:25:75:f6:dc:
e5:68:34:cb:97:b7:4e:d2:0e:c5:40:14:dd:79:ed:28:56:7b:
d5:64:ab:35:1d:88:d9:29:ec:01:80:46:6a:7c:e7:82:2d:b6:
53:6c:dd:11
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAY/47/nbUWSI3FyuJvfjv4J1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZWRjYjMzNGQzOWU3OTc4MTdlMmViNDc3MDNjMDE4YjRk
YzQ5ZDUwHhcNMjQwNjA4MTc0MDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTQ1NmIyMWNlNTU4MzFlOTMxNDY3ZWQ3NWJhZTg0MjVjYjBlNDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29b5/NTkCpbJUo6fBN0o954DnJg/
LdJLfxnEcnuy2Q02kCWM+fiqctO1B/R88WbLnD0/hY/Mhn8rr7aG5/1revXnlGqz
GvgnxwBkcaDR9JJN+RIBcwWtUTQ+wBJaLyQVuUoaPsy3HXJql7jwUyWdzzVm5VBg
gC7gVBpd7sEkhbJc5TOm/OReIqXupfUCD6o7pB+/qiYKyU7gZbq2oQydjT6pYV38
A4aKo5r/9Kl5/4/Xt6QKhW8vNBn58rxuZGwYApSiBvlo9TTDZBngBHWrT/EL66jY
EP4+IcoajpK+OmtCyJ/xNXuKswAkejS/C3dvmd6YHR1ikKUd5yUyf94oTQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFFFFayHOVYMekxRn7XW66EJcsORmMB8GA1UdIwQY
MBaAFFrtyzNNOeeXgX4utHcDwBi03EnVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEt
ZTBhZWUxYmJmOWUzLzEvVVVWckljNVZneDZURkdmdGRicm9RbHl3NUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEtZTBhZWUxYmJmOWUz
LzEvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBANOnkgD
BAVOnkADBAK5WowDBAHCWAwwDQQCAAIwBwMFAyoF4gAwDQYJKoZIhvcNAQELBQAD
ggEBADStyEY6CrcqnG3Mv6y4v9/S/t4rYIbFOhe0X6bdNrhb8u555N4HbzXGHIyM
DXQzdb7oFm+NFFoecHxLggQ4E9j6Tz31vOV9osnGdyjDLYzgtywry/cLDTNlXGNr
hn5lP3kDgaR/tIkngHtk2B0fHAjF49R+s5HQEDsWfLlMUTK6Tpjm3Tcx3tpkYoeS
iVJ+0IFQQtLpvekLlLPjlTSYHP8AwuyaLDQiGcjChp0VyHMW0qRfB55oF+Net21k
D7cX7nFxA/zqtx8Yb24hTWKVvN3emXgAJXX23OVoNMuXt07SDsVAFN157ShWe9Vk
qzUdiNkp7AGARmp854IttlNs3RE=
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:54:44 2024 by rpki-client on console-fra.rpki-client.org