Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/UJxef-S8Fpg-5D8GtpQQSoTRT6E.roa
File: UJxef-S8Fpg-5D8GtpQQSoTRT6E.roa (raw, json)
Hash identifier: 0hlDIZdvA5SBjHVNDLkcH9lG34afs0m2j3fQux/p4AE=
Subject key identifier: 50:9C:5E:7F:E4:BC:16:98:3E:E4:3F:06:B6:94:10:4A:84:D1:4F:A1
Certificate issuer: /CN=8a1ce1d135bf2cf8e8c13f33ec11c8523703dc75
Certificate serial: 018CC3B700AAA8EF37802EBDF2F42C46649A
Authority key identifier: 8A:1C:E1:D1:35:BF:2C:F8:E8:C1:3F:33:EC:11:C8:52:37:03:DC:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/UJxef-S8Fpg-5D8GtpQQSoTRT6E.roa
Signing time: Mon 01 Jan 2024 06:29:59 +0000
ROA not before: Mon 01 Jan 2024 06:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205138
IP address blocks: 2a0c:7cc5:3::/48 maxlen: 48
2a0c:7cc5::/48 maxlen: 48
2a0c:7cc5:1::/48 maxlen: 48
2a0c:7cc5:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/ihzh0TW_LPjowT8z7BHIUjcD3HU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/ihzh0TW_LPjowT8z7BHIUjcD3HU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:00:aa:a8:ef:37:80:2e:bd:f2:f4:2c:46:64:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a1ce1d135bf2cf8e8c13f33ec11c8523703dc75
Validity
Not Before: Jan 1 06:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=509c5e7fe4bc16983ee43f06b694104a84d14fa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a5:31:97:8f:bf:3c:5d:dc:09:73:fc:3e:c5:
d4:bd:9c:5a:e0:0c:b0:66:76:83:8f:69:68:1a:53:
c3:4c:2c:2a:6e:25:3c:b2:05:49:84:e9:91:71:2f:
43:ea:bb:0f:72:b0:78:22:08:dd:ae:9f:70:49:ca:
72:be:d8:73:49:d2:12:9d:8a:72:bc:62:ab:40:f3:
eb:92:40:cf:ca:d4:19:51:d8:e8:a4:fa:af:b6:35:
d5:03:43:e2:11:3e:29:88:ae:3b:51:4d:79:36:55:
9f:89:0a:70:21:86:29:91:85:d4:70:5b:fa:f2:d9:
d7:e7:7b:98:69:ac:57:91:70:98:53:1d:6e:5f:b1:
cc:14:96:70:fd:fd:f5:ed:16:a3:f0:51:71:88:c5:
5d:fe:7a:90:5e:6c:71:74:e0:ac:84:a5:81:9e:2a:
50:2a:be:c9:86:8c:46:1d:90:f4:70:9e:cf:6e:9b:
3d:ae:53:26:96:8a:4d:2b:8e:27:94:20:04:ef:ba:
1b:8a:9f:e2:29:a5:6d:43:81:e9:40:91:0b:19:4a:
05:7b:b2:4f:4e:17:7a:b4:51:b3:3f:25:14:f8:e0:
88:55:3c:12:45:67:71:a1:f4:5d:26:24:ad:7d:3b:
f8:5e:4b:e4:08:2d:eb:22:92:e9:78:c4:d8:19:e5:
c0:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:9C:5E:7F:E4:BC:16:98:3E:E4:3F:06:B6:94:10:4A:84:D1:4F:A1
X509v3 Authority Key Identifier:
keyid:8A:1C:E1:D1:35:BF:2C:F8:E8:C1:3F:33:EC:11:C8:52:37:03:DC:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/UJxef-S8Fpg-5D8GtpQQSoTRT6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/ihzh0TW_LPjowT8z7BHIUjcD3HU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7cc5::/46
Signature Algorithm: sha256WithRSAEncryption
60:0a:60:3e:31:c7:89:39:71:2a:8b:5d:d6:e1:f5:3b:f8:9c:
0b:0c:cb:8c:d2:20:00:61:c6:42:5c:18:d6:c2:f3:31:72:9e:
cb:b8:46:88:73:02:84:5a:2e:f2:c1:e6:c3:47:44:b4:b8:b0:
d9:b1:cd:49:4f:d3:2d:88:25:b9:51:08:0a:0b:85:db:e4:b4:
08:28:16:d2:19:15:b6:ad:e8:a8:d2:ce:bd:04:73:a3:e6:6f:
fb:2c:d4:c7:aa:6b:79:c8:1a:55:63:da:88:7c:e2:c2:1f:22:
6d:ad:0c:a8:ad:3d:7d:fe:46:aa:8d:8e:b1:f5:91:21:e7:33:
93:66:93:f1:dd:34:c5:23:70:d4:d9:33:db:fe:37:ea:58:64:
b0:69:04:c4:dd:96:67:ce:a2:d1:61:36:c5:c8:a3:86:86:3c:
fb:2a:0f:63:9d:b5:0e:19:3e:bd:2a:69:07:7c:b2:5f:e6:78:
6d:e4:c1:05:c6:4d:e0:2f:19:22:45:f9:c5:6a:bb:91:75:24:
60:01:17:01:a7:ad:40:06:6f:24:53:41:a7:e0:2d:86:23:71:
0e:62:ee:8c:29:5d:c2:dc:a1:38:c7:91:24:3e:2b:ed:37:09:
6e:61:49:7e:86:bd:35:58:29:3b:15:1c:0f:f2:dc:5d:f2:e2:
85:04:9a:05
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDtwCqqO83gC698vQsRmSaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMWNlMWQxMzViZjJjZjhlOGMxM2YzM2VjMTFjODUyMzcw
M2RjNzUwHhcNMjQwMTAxMDYyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDljNWU3ZmU0YmMxNjk4M2VlNDNmMDZiNjk0MTA0YTg0ZDE0ZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaUxl4+/PF3cCXP8PsXUvZxa4Ayw
ZnaDj2loGlPDTCwqbiU8sgVJhOmRcS9D6rsPcrB4Igjdrp9wScpyvthzSdISnYpy
vGKrQPPrkkDPytQZUdjopPqvtjXVA0PiET4piK47UU15NlWfiQpwIYYpkYXUcFv6
8tnX53uYaaxXkXCYUx1uX7HMFJZw/f317Raj8FFxiMVd/nqQXmxxdOCshKWBnipQ
Kr7JhoxGHZD0cJ7Pbps9rlMmlopNK44nlCAE77obip/iKaVtQ4HpQJELGUoFe7JP
Thd6tFGzPyUU+OCIVTwSRWdxofRdJiStfTv4XkvkCC3rIpLpeMTYGeXA3wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFCcXn/kvBaYPuQ/BraUEEqE0U+hMB8GA1UdIwQY
MBaAFIoc4dE1vyz46ME/M+wRyFI3A9x1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWh6aDBUV19MUGpvd1Q4ejdCSElVamNEM0hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kYWY5NjAtZDA2MC00OWZjLWFmNDIt
ZGVlMjkyZWE4N2EzLzEvVUp4ZWYtUzhGcGctNUQ4R3RwUVFTb1RSVDZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kYWY5NjAtZDA2MC00OWZjLWFmNDItZGVlMjkyZWE4N2Ez
LzEvaWh6aDBUV19MUGpvd1Q4ejdCSElVamNEM0hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKgx8xQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBgCmA+MceJOXEqi13W4fU7+JwLDMuM0iAAYcZC
XBjWwvMxcp7LuEaIcwKEWi7ywebDR0S0uLDZsc1JT9MtiCW5UQgKC4Xb5LQIKBbS
GRW2reio0s69BHOj5m/7LNTHqmt5yBpVY9qIfOLCHyJtrQyorT19/kaqjY6x9ZEh
5zOTZpPx3TTFI3DU2TPb/jfqWGSwaQTE3ZZnzqLRYTbFyKOGhjz7Kg9jnbUOGT69
KmkHfLJf5nht5MEFxk3gLxkiRfnFaruRdSRgARcBp61ABm8kU0Gn4C2GI3EOYu6M
KV3C3KE4x5EkPivtNwluYUl+hr01WCk7FRwP8txd8uKFBJoF
-----END CERTIFICATE-----
Generated at Tue May 21 07:25:53 2024 by rpki-client on console-ams.rpki-client.org