Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/UvcNKE3leJiqjaGiga55RuT1OjA.roa
File: UvcNKE3leJiqjaGiga55RuT1OjA.roa (raw, json)
Hash identifier: jFkqcxWANobIROhaoG/+ZvCs0Uxx9I00Pfca67KiD2k=
Subject key identifier: 52:F7:0D:28:4D:E5:78:98:AA:8D:A1:A2:81:AE:79:46:E4:F5:3A:30
Certificate issuer: /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial: 01925C9E437DA6B3B7A4A183BD4C27AA30D1
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/UvcNKE3leJiqjaGiga55RuT1OjA.roa
Signing time: Sat 05 Oct 2024 12:18:48 +0000
ROA not before: Sat 05 Oct 2024 12:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57152
IP address blocks: 104.247.170.0/24 maxlen: 24
104.247.171.0/24 maxlen: 24
104.247.172.0/24 maxlen: 24
104.247.174.0/24 maxlen: 24
104.247.175.0/24 maxlen: 24
104.247.176.0/24 maxlen: 24
104.247.177.0/24 maxlen: 24
104.247.178.0/24 maxlen: 24
104.247.179.0/24 maxlen: 24
104.247.180.0/24 maxlen: 24
104.247.181.0/24 maxlen: 24
104.247.182.0/24 maxlen: 24
104.247.184.0/24 maxlen: 24
104.247.185.0/24 maxlen: 24
104.247.186.0/24 maxlen: 24
104.247.187.0/24 maxlen: 24
104.247.188.0/24 maxlen: 24
104.247.189.0/24 maxlen: 24
104.247.190.0/24 maxlen: 24
185.73.128.0/22 maxlen: 24
185.137.215.0/24 maxlen: 24
2a03:a5a0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.mft
rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:5c:9e:43:7d:a6:b3:b7:a4:a1:83:bd:4c:27:aa:30:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Validity
Not Before: Oct 5 12:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52f70d284de57898aa8da1a281ae7946e4f53a30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ef:74:8d:33:97:45:20:a7:df:13:6a:c3:6d:
84:b9:9b:80:e7:ec:cc:38:9b:ef:8e:59:8b:13:77:
a3:a5:6b:17:93:94:f0:9d:99:8d:d2:2b:6a:44:4f:
fe:2c:05:2a:ad:5e:7f:33:ea:df:f5:fc:34:04:2e:
25:2a:43:a1:c4:66:4f:19:dd:db:fb:24:7e:1b:bc:
f8:d9:19:6d:18:99:22:34:7c:75:f8:22:36:9c:be:
f8:9e:3a:0e:d8:39:1b:79:88:01:09:c0:1c:00:7f:
b1:b8:4c:c5:36:db:58:ef:62:1e:73:b5:06:c5:6e:
9c:55:4b:45:0c:76:f6:25:d7:7d:db:69:cc:d6:ed:
30:29:aa:72:e3:54:ad:08:3a:ff:8e:22:9a:a9:67:
51:03:63:a5:a1:2d:32:45:67:ea:0b:6b:0e:6e:34:
d5:74:ed:60:c8:d9:e5:61:8e:22:79:59:82:c8:ba:
ba:72:50:8e:52:35:77:1c:f6:dd:cc:ca:13:11:cb:
62:1b:88:71:94:47:52:d3:94:15:7f:7b:7e:fa:6a:
de:ba:3e:6a:d8:94:59:d7:21:f6:1f:90:d5:e6:21:
63:ec:91:b6:6a:7e:3e:f3:a8:c7:81:e8:13:f6:98:
b7:57:ea:1f:a6:f2:6f:25:50:71:fb:64:b0:df:be:
46:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:F7:0D:28:4D:E5:78:98:AA:8D:A1:A2:81:AE:79:46:E4:F5:3A:30
X509v3 Authority Key Identifier:
keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/UvcNKE3leJiqjaGiga55RuT1OjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.247.170.0-104.247.172.255
104.247.174.0-104.247.182.255
104.247.184.0-104.247.190.255
185.73.128.0/22
185.137.215.0/24
IPv6:
2a03:a5a0::/32
Signature Algorithm: sha256WithRSAEncryption
6d:e7:f5:5c:56:5d:5c:cc:9d:16:cf:d3:b0:0f:bf:07:8a:46:
30:3b:32:c0:3c:b1:31:72:81:00:22:bd:20:00:78:18:83:95:
43:e8:87:5d:26:e9:e4:0b:98:42:fa:37:65:19:44:43:63:bc:
89:db:a6:60:52:99:74:e7:02:4a:89:bd:a4:5e:fe:6c:54:36:
49:b0:77:cc:0f:2d:7f:2d:f1:15:11:ac:e8:83:74:0b:78:c5:
41:ee:cb:89:a2:ab:e0:c5:fb:45:e7:51:67:9d:1a:5d:ad:15:
09:65:36:c1:3a:7e:e1:57:af:73:85:b4:ef:1a:cb:95:72:41:
5e:11:8a:cd:92:51:7d:45:4a:f3:f1:70:69:e5:27:fe:74:b1:
27:81:80:f8:3a:d4:a4:9a:0c:9d:c6:f7:25:62:fc:5d:15:59:
17:9c:2b:52:79:0c:53:30:f2:45:1f:b2:a7:e6:d1:50:e1:66:
b1:37:f4:35:54:a4:2e:4a:b3:35:83:55:81:5c:11:7a:78:ed:
fd:2e:16:87:50:c5:d7:cd:99:f9:42:da:a3:c1:ea:4c:f3:dc:
f1:a1:7e:e8:37:d5:56:68:44:f3:0e:af:2e:25:6b:84:00:d6:
c3:5a:07:90:ba:97:f3:87:b6:fe:72:c3:21:7b:b4:eb:30:e0:
34:bb:11:16
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZJcnkN9prO3pKGDvUwnqjDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYTAyYjE5N2RiYWY3ZGViNzRlMGEyN2Q5ZDRlY2QzZmFl
MWU4ZWQwHhcNMjQxMDA1MTIxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmY3MGQyODRkZTU3ODk4YWE4ZGExYTI4MWFlNzk0NmU0ZjUzYTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxO90jTOXRSCn3xNqw22EuZuA5+zM
OJvvjlmLE3ejpWsXk5TwnZmN0itqRE/+LAUqrV5/M+rf9fw0BC4lKkOhxGZPGd3b
+yR+G7z42RltGJkiNHx1+CI2nL74njoO2DkbeYgBCcAcAH+xuEzFNttY72Iec7UG
xW6cVUtFDHb2Jdd922nM1u0wKapy41StCDr/jiKaqWdRA2OloS0yRWfqC2sObjTV
dO1gyNnlYY4ieVmCyLq6clCOUjV3HPbdzMoTEctiG4hxlEdS05QVf3t++mreuj5q
2JRZ1yH2H5DV5iFj7JG2an4+86jHgegT9pi3V+ofpvJvJVBx+2Sw375GawIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFFL3DShN5XiYqo2hooGueUbk9TowMB8GA1UdIwQY
MBaAFO6gKxl9uvfet04KJ9nU7NP64ejtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMt
YmJjY2FiOTEzYjVkLzEvVXZjTktFM2xlSmlxamFHaWdhNTVSdVQxT2pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMtYmJjY2FiOTEzYjVk
LzEvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2MAwDBAFo96oD
BABo96wwDAMEAWj3rgMEAGj3tjAMAwQDaPe4AwQAaPe+AwQCuUmAAwQAuYnXMA0E
AgACMAcDBQAqA6WgMA0GCSqGSIb3DQEBCwUAA4IBAQBt5/VcVl1czJ0Wz9OwD78H
ikYwOzLAPLExcoEAIr0gAHgYg5VD6IddJunkC5hC+jdlGURDY7yJ26ZgUpl05wJK
ib2kXv5sVDZJsHfMDy1/LfEVEazog3QLeMVB7suJoqvgxftF51FnnRpdrRUJZTbB
On7hV69zhbTvGsuVckFeEYrNklF9RUrz8XBp5Sf+dLEngYD4OtSkmgydxvclYvxd
FVkXnCtSeQxTMPJFH7Kn5tFQ4WaxN/Q1VKQuSrM1g1WBXBF6eO39LhaHUMXXzZn5
QtqjwepM89zxoX7oN9VWaETzDq8uJWuEANbDWgeQupfzh7b+csMhe7TrMOA0uxEW
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:31:50 2024 by rpki-client on console-ams.rpki-client.org