Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/uWpIzcZNafbMnW5IQ0fHq8Vupjs.roa
File: uWpIzcZNafbMnW5IQ0fHq8Vupjs.roa (raw, json)
Hash identifier: /1a4+iu0yHRItHGBGjSSvvWZP3HIpIgg2FK6VcUAMgI=
Subject key identifier: B9:6A:48:CD:C6:4D:69:F6:CC:9D:6E:48:43:47:C7:AB:C5:6E:A6:3B
Certificate issuer: /CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Certificate serial: 018CC9BC8FD045294E2F28EA195F3CAB9A62
Authority key identifier: 4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/uWpIzcZNafbMnW5IQ0fHq8Vupjs.roa
Signing time: Tue 02 Jan 2024 10:33:47 +0000
ROA not before: Tue 02 Jan 2024 10:33:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40934
IP address blocks: 83.231.212.0/24 maxlen: 24
212.119.11.0/24 maxlen: 24
83.231.145.0/24 maxlen: 24
83.231.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.mft
rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:8f:d0:45:29:4e:2f:28:ea:19:5f:3c:ab:9a:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Validity
Not Before: Jan 2 10:33:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b96a48cdc64d69f6cc9d6e484347c7abc56ea63b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:72:2b:8a:bf:55:96:ce:d1:8e:8a:b0:6e:75:
4b:31:c2:a9:4e:79:ba:5c:a3:4a:b3:44:30:10:0a:
18:4a:64:c1:0b:69:0a:16:67:a7:da:db:e3:df:1d:
25:ff:ef:26:17:d2:42:73:f3:83:20:80:2b:82:b6:
75:56:84:98:9b:08:b7:61:a6:08:b4:c3:d2:e3:8b:
43:df:86:68:ca:63:96:2f:a9:01:97:cc:b7:87:05:
4d:00:fc:e6:81:ec:69:7c:b1:37:27:91:43:79:9c:
09:1f:01:28:93:03:0d:09:b4:26:a6:64:d8:8c:50:
56:f8:57:ed:1f:3e:5b:82:ad:57:ea:a5:14:8c:7a:
7f:63:2c:15:10:24:c1:74:e1:38:19:31:64:00:3c:
87:91:71:ea:85:b4:dc:f0:27:23:42:74:92:27:f4:
88:53:8f:a4:6c:6c:78:99:ea:2e:6f:41:46:c7:28:
7b:9a:1a:e6:b5:ec:d6:0e:c3:cf:db:35:0b:63:37:
39:c7:96:94:22:36:20:cf:8d:00:ed:63:e7:8f:62:
37:8f:d0:3d:82:b4:e6:e2:eb:48:ee:7a:80:da:f7:
3f:b7:ea:1c:5d:09:af:c5:01:ce:49:66:3b:f3:08:
9f:42:9e:24:37:1f:6d:2a:bd:16:28:78:c4:4f:16:
a8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:6A:48:CD:C6:4D:69:F6:CC:9D:6E:48:43:47:C7:AB:C5:6E:A6:3B
X509v3 Authority Key Identifier:
keyid:4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/uWpIzcZNafbMnW5IQ0fHq8Vupjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.231.145.0/24
83.231.169.0/24
83.231.212.0/24
212.119.11.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:98:ac:d0:83:f7:99:50:c2:ce:d8:14:96:ad:1d:dc:59:7d:
19:58:a7:d0:6e:f4:7a:1c:cd:bf:f0:31:88:ac:56:cf:83:8b:
90:af:cb:bb:07:f3:1c:e0:ad:ce:e4:73:1e:5e:b2:be:a0:b1:
75:9e:b3:73:3e:16:c8:ba:7e:8a:9f:05:f6:7b:2d:0f:cf:28:
09:97:82:5b:28:49:33:d9:f5:d4:c8:58:63:6c:93:5f:1a:cf:
3d:5b:a0:7d:23:8b:dc:79:e5:db:0e:09:ac:a6:f0:ab:7c:66:
e2:28:55:09:92:b9:4b:76:e8:d6:84:99:d7:48:d3:42:f1:cc:
61:8c:b8:1d:70:1d:03:94:07:f2:0f:93:71:31:d0:83:0f:70:
32:21:50:26:82:1d:83:55:1e:2e:df:0c:90:bd:9c:08:f0:f9:
23:68:ae:7f:c9:9d:2c:6b:41:3e:95:e9:92:6b:ab:1f:52:e5:
72:b2:53:cd:07:22:9e:f6:17:cd:3d:a0:de:2f:b2:8f:44:57:
ff:80:10:00:0c:3e:5a:b1:47:95:51:a6:f5:a4:15:e5:9b:53:
46:6b:4b:4a:ee:00:12:7c:ea:4d:b6:ff:09:c0:35:fd:10:86:
b6:17:1b:21:9d:1d:1d:f1:76:99:88:8d:80:b5:43:7e:ff:fb:
6f:6b:f5:f2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJvI/QRSlOLyjqGV88q5piMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWEyOTIxZmJlYjhhNDQ4ZTdhZTFlYzVhMTFiOGFiODk4
ZDIyZmQwHhcNMjQwMTAyMTAzMzQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTZhNDhjZGM2NGQ2OWY2Y2M5ZDZlNDg0MzQ3YzdhYmM1NmVhNjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nIrir9Vls7RjoqwbnVLMcKpTnm6
XKNKs0QwEAoYSmTBC2kKFmen2tvj3x0l/+8mF9JCc/ODIIArgrZ1VoSYmwi3YaYI
tMPS44tD34ZoymOWL6kBl8y3hwVNAPzmgexpfLE3J5FDeZwJHwEokwMNCbQmpmTY
jFBW+FftHz5bgq1X6qUUjHp/YywVECTBdOE4GTFkADyHkXHqhbTc8CcjQnSSJ/SI
U4+kbGx4meoub0FGxyh7mhrmtezWDsPP2zULYzc5x5aUIjYgz40A7WPnj2I3j9A9
grTm4utI7nqA2vc/t+ocXQmvxQHOSWY78wifQp4kNx9tKr0WKHjETxaoMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLlqSM3GTWn2zJ1uSENHx6vFbqY7MB8GA1UdIwQY
MBaAFE1aKSH764pEjnrh7FoRuKuJjSL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUt
NzgwYTI1Y2QwZGQ5LzEvdVdwSXpjWk5hZmJNblc1SVEwZkhxOFZ1cGpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUtNzgwYTI1Y2QwZGQ5
LzEvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAU+eRAwQA
U+epAwQAU+fUAwQA1HcLMA0GCSqGSIb3DQEBCwUAA4IBAQB6mKzQg/eZUMLO2BSW
rR3cWX0ZWKfQbvR6HM2/8DGIrFbPg4uQr8u7B/Mc4K3O5HMeXrK+oLF1nrNzPhbI
un6KnwX2ey0PzygJl4JbKEkz2fXUyFhjbJNfGs89W6B9I4vceeXbDgmspvCrfGbi
KFUJkrlLdujWhJnXSNNC8cxhjLgdcB0DlAfyD5NxMdCDD3AyIVAmgh2DVR4u3wyQ
vZwI8PkjaK5/yZ0sa0E+lemSa6sfUuVyslPNByKe9hfNPaDeL7KPRFf/gBAADD5a
sUeVUab1pBXlm1NGa0tK7gASfOpNtv8JwDX9EIa2FxshnR0d8XaZiI2AtUN+//tv
a/Xy
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:32:59 2024 by rpki-client on console-fra.rpki-client.org