Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/UHjKwXh3iAco30LbzcIRSMKap2s.roa
File: UHjKwXh3iAco30LbzcIRSMKap2s.roa (raw, json)
Hash identifier: XoeSupmMmlkPO7N8pf/JYVf/IZDK/cocNpsMYTZ/qbo=
Subject key identifier: 50:78:CA:C1:78:77:88:07:28:DF:42:DB:CD:C2:11:48:C2:9A:A7:6B
Certificate issuer: /CN=2b237c5affe93543ae2fe6e1ffed182396eb9bb3
Certificate serial: 01900215CA300D9CA6B1B236F9F295CD3C4A
Authority key identifier: 2B:23:7C:5A:FF:E9:35:43:AE:2F:E6:E1:FF:ED:18:23:96:EB:9B:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KyN8Wv_pNUOuL-bh_-0YI5brm7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/UHjKwXh3iAco30LbzcIRSMKap2s.roa
Signing time: Mon 10 Jun 2024 12:18:20 +0000
ROA not before: Mon 10 Jun 2024 12:18:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.107.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/KyN8Wv_pNUOuL-bh_-0YI5brm7M.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/KyN8Wv_pNUOuL-bh_-0YI5brm7M.mft
rsync://rpki.ripe.net/repository/DEFAULT/KyN8Wv_pNUOuL-bh_-0YI5brm7M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Sep 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:02:15:ca:30:0d:9c:a6:b1:b2:36:f9:f2:95:cd:3c:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b237c5affe93543ae2fe6e1ffed182396eb9bb3
Validity
Not Before: Jun 10 12:18:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5078cac17877880728df42dbcdc21148c29aa76b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:44:b2:42:1d:c3:54:71:dc:53:c1:6e:92:24:
c4:80:cc:ef:9d:0b:c9:e9:c3:e6:11:8c:7a:e5:0b:
28:85:fd:c0:c6:1d:a7:6c:60:58:d5:fb:55:64:da:
e7:75:77:89:07:11:8f:ee:93:c1:32:f8:bf:d9:5f:
6b:7e:92:f6:08:10:be:c0:3d:7f:7e:5a:79:7a:29:
49:af:8b:75:9e:35:b8:aa:2e:53:3e:0d:e2:64:33:
8b:6f:bc:ab:39:fb:93:54:ad:31:e9:18:b1:43:a0:
41:c4:4b:b1:37:3e:5a:85:db:f7:8a:94:c0:e7:3f:
e4:65:e4:5d:95:9e:bb:48:72:48:62:fd:40:1f:4d:
9a:8b:b9:77:16:d3:18:14:0c:ce:39:08:a7:0a:63:
4c:96:16:c1:95:2d:85:ad:97:19:a2:3e:5f:d0:5e:
6c:2c:86:65:c3:f8:9d:48:72:8d:7d:49:82:a0:3b:
75:02:10:2a:76:19:af:0e:f3:ca:99:9c:4c:94:e2:
64:c0:4e:85:75:3e:58:88:e4:57:2f:f0:e9:64:73:
12:8e:b5:5a:cb:38:c5:11:c2:ff:21:20:38:2a:81:
b5:3a:22:83:55:8c:c3:0f:49:2c:1b:5d:00:35:f8:
a8:bc:1b:4e:92:f2:fd:00:86:bb:71:3e:33:67:7a:
ff:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:78:CA:C1:78:77:88:07:28:DF:42:DB:CD:C2:11:48:C2:9A:A7:6B
X509v3 Authority Key Identifier:
keyid:2B:23:7C:5A:FF:E9:35:43:AE:2F:E6:E1:FF:ED:18:23:96:EB:9B:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KyN8Wv_pNUOuL-bh_-0YI5brm7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/UHjKwXh3iAco30LbzcIRSMKap2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/KyN8Wv_pNUOuL-bh_-0YI5brm7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.196.0/24
Signature Algorithm: sha256WithRSAEncryption
24:b1:a4:ad:e8:75:84:fb:08:aa:51:a7:a9:70:b5:1e:c6:61:
e5:85:eb:f1:0e:55:d1:43:2e:dc:58:23:fb:c0:0b:9d:4b:10:
73:15:46:69:8f:94:4e:d0:23:dd:a1:00:b3:c3:ff:00:45:29:
2c:01:a1:b5:f6:99:a1:04:29:ce:56:fd:9a:78:6b:92:44:ad:
68:bc:77:4e:9b:53:0c:b0:bd:a5:e7:9a:85:af:fc:8e:19:e9:
63:58:36:47:3e:80:8c:29:62:6a:08:9a:41:53:90:64:86:c0:
66:c0:4c:0d:f6:8f:7b:78:a8:35:d3:cf:1f:a4:57:46:e0:48:
68:19:d2:72:c6:65:1c:f2:7c:da:b3:e4:e1:5f:91:3c:48:08:
be:0d:c3:db:d0:e3:a1:22:8a:b2:e9:64:0a:3d:52:7d:b7:a6:
05:09:30:e0:ae:9c:99:b1:2d:34:38:82:f8:29:8e:e3:35:9a:
67:76:59:d9:69:1b:d3:dd:dc:41:b5:ad:46:a5:e7:c3:fc:e1:
82:2e:ef:c8:96:e0:38:7e:3a:85:4d:c1:ff:65:fe:4d:9f:27:
34:b6:28:f4:45:62:50:ea:7f:71:70:63:9f:67:4b:b3:b3:cc:
4f:50:3f:e6:2c:f0:44:4f:70:03:da:94:f8:1e:ea:c0:8c:41:
84:f8:07:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZACFcowDZymsbI2+fKVzTxKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMjM3YzVhZmZlOTM1NDNhZTJmZTZlMWZmZWQxODIzOTZl
YjliYjMwHhcNMjQwNjEwMTIxODIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDc4Y2FjMTc4Nzc4ODA3MjhkZjQyZGJjZGMyMTE0OGMyOWFhNzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskSyQh3DVHHcU8FukiTEgMzvnQvJ
6cPmEYx65Qsohf3Axh2nbGBY1ftVZNrndXeJBxGP7pPBMvi/2V9rfpL2CBC+wD1/
flp5eilJr4t1njW4qi5TPg3iZDOLb7yrOfuTVK0x6RixQ6BBxEuxNz5ahdv3ipTA
5z/kZeRdlZ67SHJIYv1AH02ai7l3FtMYFAzOOQinCmNMlhbBlS2FrZcZoj5f0F5s
LIZlw/idSHKNfUmCoDt1AhAqdhmvDvPKmZxMlOJkwE6FdT5YiORXL/DpZHMSjrVa
yzjFEcL/ISA4KoG1OiKDVYzDD0ksG10ANfiovBtOkvL9AIa7cT4zZ3r/AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFB4ysF4d4gHKN9C283CEUjCmqdrMB8GA1UdIwQY
MBaAFCsjfFr/6TVDri/m4f/tGCOW65uzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3lOOFd2X3BOVU91TC1iaF8tMFlJNWJybTdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi82NGEwNTMtMjZmZi00OGE2LWFlZGEt
MTQ3MDJhNGQyNjYwLzEvVUhqS3dYaDNpQWNvMzBMYnpjSVJTTUthcDJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi82NGEwNTMtMjZmZi00OGE2LWFlZGEtMTQ3MDJhNGQyNjYw
LzEvS3lOOFd2X3BOVU91TC1iaF8tMFlJNWJybTdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWvEMA0G
CSqGSIb3DQEBCwUAA4IBAQAksaSt6HWE+wiqUaepcLUexmHlhevxDlXRQy7cWCP7
wAudSxBzFUZpj5RO0CPdoQCzw/8ARSksAaG19pmhBCnOVv2aeGuSRK1ovHdOm1MM
sL2l55qFr/yOGeljWDZHPoCMKWJqCJpBU5BkhsBmwEwN9o97eKg1088fpFdG4Eho
GdJyxmUc8nzas+ThX5E8SAi+DcPb0OOhIoqy6WQKPVJ9t6YFCTDgrpyZsS00OIL4
KY7jNZpndlnZaRvT3dxBta1GpefD/OGCLu/IluA4fjqFTcH/Zf5Nnyc0tij0RWJQ
6n9xcGOfZ0uzs8xPUD/mLPBET3AD2pT4HurAjEGE+Ad5
-----END CERTIFICATE-----
Generated at Sat Sep 7 20:57:05 2024 by rpki-client on console-ams.rpki-client.org