Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/ec3092-1149-48d9-b2ff-d27aecc2b744/1/UlV4uF_SwoY2Ef5D8DQutQ8FOK0.roa
File: UlV4uF_SwoY2Ef5D8DQutQ8FOK0.roa (raw, json)
Hash identifier: mmrPzKRhsqtJRVMpOr9DbtTqsMMmC0MVEbs8hOTL4Wk=
Subject key identifier: 52:55:78:B8:5F:D2:C2:86:36:11:FE:43:F0:34:2E:B5:0F:05:38:AD
Certificate issuer: /CN=7df0c231b802ec575adaf6518c1c0ae13f3f1bc1
Certificate serial: 018CC94D221E059FC6253BFEB4A1B1890F83
Authority key identifier: 7D:F0:C2:31:B8:02:EC:57:5A:DA:F6:51:8C:1C:0A:E1:3F:3F:1B:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffDCMbgC7Fda2vZRjBwK4T8_G8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/ec3092-1149-48d9-b2ff-d27aecc2b744/1/UlV4uF_SwoY2Ef5D8DQutQ8FOK0.roa
Signing time: Tue 02 Jan 2024 08:32:04 +0000
ROA not before: Tue 02 Jan 2024 08:32:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50628
IP address blocks: 185.173.68.0/22 maxlen: 22
178.208.0.0/19 maxlen: 19
185.194.156.0/22 maxlen: 22
2a04:3d80::/29 maxlen: 29
2a0b:3b00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/ec3092-1149-48d9-b2ff-d27aecc2b744/1/ffDCMbgC7Fda2vZRjBwK4T8_G8E.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/ec3092-1149-48d9-b2ff-d27aecc2b744/1/ffDCMbgC7Fda2vZRjBwK4T8_G8E.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffDCMbgC7Fda2vZRjBwK4T8_G8E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:22:1e:05:9f:c6:25:3b:fe:b4:a1:b1:89:0f:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df0c231b802ec575adaf6518c1c0ae13f3f1bc1
Validity
Not Before: Jan 2 08:32:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=525578b85fd2c2863611fe43f0342eb50f0538ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:44:80:3f:eb:7a:8a:db:75:39:7b:08:5a:85:
cf:01:ce:11:36:85:6b:af:5b:8e:d5:b5:18:13:72:
9a:6e:4c:97:c0:c8:b3:e2:bd:4c:91:3d:8c:e9:96:
2b:f7:07:57:6b:a1:a4:1a:d6:b2:cb:57:ae:24:38:
17:27:1e:32:f9:1d:c8:4e:30:93:b7:4a:de:a0:6b:
e5:0c:d9:e3:9c:e6:4a:1a:4f:64:33:e8:a6:19:76:
a2:b7:d7:09:e9:98:12:0c:38:40:26:f1:13:3c:87:
a9:22:5a:b0:90:1c:01:62:30:4b:ce:2e:28:73:5f:
fc:ee:2d:1d:e2:a0:af:70:21:2d:7a:ac:72:1a:d7:
a6:c3:14:82:87:99:47:fc:f1:03:81:df:17:a8:ce:
e2:87:6b:45:b8:dd:55:eb:ed:b0:9f:76:92:90:59:
e3:52:a9:2e:76:bf:4b:dd:0c:00:5e:78:4c:2e:f3:
2a:d4:ab:f6:18:f5:85:58:be:08:0b:a2:87:04:80:
ef:33:88:ef:a4:b5:80:e1:c5:4e:30:70:55:3d:de:
ad:64:8c:7f:06:a8:ea:07:3f:8c:94:cf:87:86:fe:
23:fa:ad:8b:49:6e:ab:a9:17:4d:c0:13:37:1f:55:
ca:ff:78:11:16:fe:50:40:d5:7d:08:d9:19:9a:28:
db:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:55:78:B8:5F:D2:C2:86:36:11:FE:43:F0:34:2E:B5:0F:05:38:AD
X509v3 Authority Key Identifier:
keyid:7D:F0:C2:31:B8:02:EC:57:5A:DA:F6:51:8C:1C:0A:E1:3F:3F:1B:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffDCMbgC7Fda2vZRjBwK4T8_G8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ec3092-1149-48d9-b2ff-d27aecc2b744/1/UlV4uF_SwoY2Ef5D8DQutQ8FOK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ec3092-1149-48d9-b2ff-d27aecc2b744/1/ffDCMbgC7Fda2vZRjBwK4T8_G8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.208.0.0/19
185.173.68.0/22
185.194.156.0/22
IPv6:
2a04:3d80::/29
2a0b:3b00::/29
Signature Algorithm: sha256WithRSAEncryption
66:b4:8f:94:3e:d5:85:95:c5:62:4c:5e:b6:d1:39:c5:59:83:
74:e4:b7:96:bd:08:17:34:37:d4:44:09:8f:19:7c:fd:5b:bc:
58:fe:52:6e:c7:03:86:d7:6e:7d:3f:4c:2e:e5:aa:c2:1b:3d:
2f:31:74:7c:9d:da:0f:9b:45:31:5c:48:a1:ef:05:59:9a:59:
72:de:44:f0:bc:cf:15:ae:53:35:31:36:66:ac:e1:2a:93:75:
14:a3:cf:de:31:dd:a2:a2:64:cf:4c:bc:6e:00:9e:d2:13:4f:
47:f4:d5:6a:8e:7d:12:a8:cf:38:02:a0:6b:d2:7e:ef:9c:88:
c4:15:2e:bd:6e:8e:2e:40:d6:20:81:30:26:9a:5c:fa:fc:05:
47:e3:72:81:c6:f2:5a:94:6e:1c:e1:70:6b:c3:2a:da:ad:9f:
19:53:8b:78:5f:01:dd:41:02:59:1d:cb:32:b7:1e:f8:3e:af:
01:c1:7d:21:ed:ec:86:f0:8a:a6:42:49:b1:48:f7:5c:9a:78:
a7:a2:29:85:85:ff:a6:b3:63:4e:dd:bc:d1:8c:c2:8f:0e:78:
82:21:91:19:fa:84:2c:8a:3e:1e:96:5e:59:4e:6d:b2:c7:1f:
4f:91:2d:c3:85:48:0f:86:56:24:c6:a1:01:3b:3e:18:81:0f:
a2:b5:56:4a
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzJTSIeBZ/GJTv+tKGxiQ+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjBjMjMxYjgwMmVjNTc1YWRhZjY1MThjMWMwYWUxM2Yz
ZjFiYzEwHhcNMjQwMTAyMDgzMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjU1NzhiODVmZDJjMjg2MzYxMWZlNDNmMDM0MmViNTBmMDUzOGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkSAP+t6itt1OXsIWoXPAc4RNoVr
r1uO1bUYE3KabkyXwMiz4r1MkT2M6ZYr9wdXa6GkGtayy1euJDgXJx4y+R3ITjCT
t0reoGvlDNnjnOZKGk9kM+imGXait9cJ6ZgSDDhAJvETPIepIlqwkBwBYjBLzi4o
c1/87i0d4qCvcCEteqxyGtemwxSCh5lH/PEDgd8XqM7ih2tFuN1V6+2wn3aSkFnj
Uqkudr9L3QwAXnhMLvMq1Kv2GPWFWL4IC6KHBIDvM4jvpLWA4cVOMHBVPd6tZIx/
BqjqBz+MlM+Hhv4j+q2LSW6rqRdNwBM3H1XK/3gRFv5QQNV9CNkZmijbRQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFFJVeLhf0sKGNhH+Q/A0LrUPBTitMB8GA1UdIwQY
MBaAFH3wwjG4AuxXWtr2UYwcCuE/PxvBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZEQ01iZ0M3RmRhMnZaUmpCd0s0VDhfRzhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9lYzMwOTItMTE0OS00OGQ5LWIyZmYt
ZDI3YWVjYzJiNzQ0LzEvVWxWNHVGX1N3b1kyRWY1RDhEUXV0UThGT0swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9lYzMwOTItMTE0OS00OGQ5LWIyZmYtZDI3YWVjYzJiNzQ0
LzEvZmZEQ01iZ0M3RmRhMnZaUmpCd0s0VDhfRzhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQFstAAAwQC
ua1EAwQCucKcMBQEAgACMA4DBQMqBD2AAwUDKgs7ADANBgkqhkiG9w0BAQsFAAOC
AQEAZrSPlD7VhZXFYkxettE5xVmDdOS3lr0IFzQ31EQJjxl8/Vu8WP5SbscDhtdu
fT9MLuWqwhs9LzF0fJ3aD5tFMVxIoe8FWZpZct5E8LzPFa5TNTE2ZqzhKpN1FKPP
3jHdoqJkz0y8bgCe0hNPR/TVao59EqjPOAKga9J+75yIxBUuvW6OLkDWIIEwJppc
+vwFR+NygcbyWpRuHOFwa8Mq2q2fGVOLeF8B3UECWR3LMrce+D6vAcF9Ie3shvCK
pkJJsUj3XJp4p6IphYX/prNjTt280YzCjw54giGRGfqELIo+HpZeWU5tsscfT5Et
w4VID4ZWJMahATs+GIEPorVWSg==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:43:56 2024 by rpki-client on console-fra.rpki-client.org