Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/7e4f08-6730-4051-9792-494f4c4da426/1/UOaogj34cmZGe8Y0_eCCF00NfBQ.roa
File: UOaogj34cmZGe8Y0_eCCF00NfBQ.roa (raw, json)
Hash identifier: g6xRVJRa2Cc/f3C1Krl5SKQG40ohwUHFnEz8v4ULSbA=
Subject key identifier: 50:E6:A8:82:3D:F8:72:66:46:7B:C6:34:FD:E0:82:17:4D:0D:7C:14
Certificate issuer: /CN=1d0672c99f87f05cd83f0b627d31871fe80be01f
Certificate serial: 018CC6B916D401D650B7282E5FEEA16FFB8B
Authority key identifier: 1D:06:72:C9:9F:87:F0:5C:D8:3F:0B:62:7D:31:87:1F:E8:0B:E0:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQZyyZ-H8FzYPwtifTGHH-gL4B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/7e4f08-6730-4051-9792-494f4c4da426/1/UOaogj34cmZGe8Y0_eCCF00NfBQ.roa
Signing time: Mon 01 Jan 2024 20:31:07 +0000
ROA not before: Mon 01 Jan 2024 20:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28919
IP address blocks: 94.24.56.0/21 maxlen: 24
185.164.112.0/22 maxlen: 24
89.41.128.0/21 maxlen: 24
77.223.0.0/22 maxlen: 24
86.111.56.0/22 maxlen: 24
185.66.48.0/22 maxlen: 24
80.93.32.0/20 maxlen: 24
213.182.224.0/19 maxlen: 24
185.163.144.0/22 maxlen: 24
2a03:c680::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/7e4f08-6730-4051-9792-494f4c4da426/1/HQZyyZ-H8FzYPwtifTGHH-gL4B8.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/7e4f08-6730-4051-9792-494f4c4da426/1/HQZyyZ-H8FzYPwtifTGHH-gL4B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/HQZyyZ-H8FzYPwtifTGHH-gL4B8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:16:d4:01:d6:50:b7:28:2e:5f:ee:a1:6f:fb:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d0672c99f87f05cd83f0b627d31871fe80be01f
Validity
Not Before: Jan 1 20:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50e6a8823df87266467bc634fde082174d0d7c14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:11:b6:9a:6d:d4:7a:e9:86:47:73:3b:9c:81:
5c:b4:2f:05:93:e5:c5:e1:2f:4a:03:3b:a2:89:38:
2c:54:4b:09:16:e5:f6:e8:35:ae:05:43:5c:e4:91:
fd:a3:fa:a2:5d:04:87:d1:fd:d3:41:77:2c:4c:ae:
b7:89:b5:b6:18:a8:38:cb:08:40:e9:6c:f2:34:9c:
67:c0:98:e3:1f:32:dd:8f:c1:f5:e0:d1:bf:a0:d7:
86:9d:88:43:58:eb:99:37:f2:05:93:b6:98:55:de:
f3:66:71:b8:08:8d:b1:1d:14:05:2f:f4:1b:07:d5:
8b:83:d8:b0:4f:d2:52:08:39:d7:5d:77:8f:b5:bb:
76:2e:55:ce:82:5f:f4:56:53:a3:87:19:12:0a:d7:
42:f4:a1:06:0d:9a:26:e3:72:30:be:92:3c:8b:2c:
b4:f0:03:c3:5e:30:39:63:a9:15:9f:31:87:84:91:
41:98:c6:ef:ae:c3:6a:86:22:c8:1e:4f:bb:98:e5:
08:08:69:3c:f3:4c:62:36:43:f6:0b:d4:b9:fb:60:
8c:8e:56:db:65:b8:0d:a7:ca:3a:8e:f0:d9:fa:83:
a8:57:f9:5b:bb:c4:bf:f2:22:24:ea:10:4e:da:fe:
8b:30:8f:c2:0c:0e:c7:52:75:ce:55:de:5c:80:e4:
55:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:E6:A8:82:3D:F8:72:66:46:7B:C6:34:FD:E0:82:17:4D:0D:7C:14
X509v3 Authority Key Identifier:
keyid:1D:06:72:C9:9F:87:F0:5C:D8:3F:0B:62:7D:31:87:1F:E8:0B:E0:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQZyyZ-H8FzYPwtifTGHH-gL4B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/7e4f08-6730-4051-9792-494f4c4da426/1/UOaogj34cmZGe8Y0_eCCF00NfBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/7e4f08-6730-4051-9792-494f4c4da426/1/HQZyyZ-H8FzYPwtifTGHH-gL4B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.0.0/22
80.93.32.0/20
86.111.56.0/22
89.41.128.0/21
94.24.56.0/21
185.66.48.0/22
185.163.144.0/22
185.164.112.0/22
213.182.224.0/19
IPv6:
2a03:c680::/29
Signature Algorithm: sha256WithRSAEncryption
90:d9:ca:ca:4c:a9:7b:ea:d6:48:2a:3c:4c:f7:77:3f:f0:c7:
c8:ea:8e:9e:1f:bc:34:3c:4b:a2:bc:a8:03:13:ac:37:10:ce:
af:31:3f:67:48:3f:f8:e5:79:fa:6d:0f:a1:01:52:85:7b:f7:
c9:59:0c:07:ab:fa:50:a7:66:fd:b2:f0:84:ba:91:28:a6:07:
00:4e:a0:28:be:b1:88:33:83:9b:f4:0b:27:9e:67:d6:e5:c9:
01:af:0a:49:89:78:32:cd:ac:93:0e:46:fb:80:8a:97:9e:2b:
f6:b4:d5:2c:29:30:95:b8:5c:e8:f2:c9:af:be:38:a4:1c:e2:
c6:70:73:a4:81:13:f8:15:3a:7f:4c:a3:b2:98:31:fa:9d:80:
64:79:bf:f5:8f:3c:e6:fb:55:cc:4a:7b:88:37:85:31:6e:25:
fc:f5:5c:d4:a7:3a:67:b6:0e:f4:13:8a:ae:4e:81:da:96:34:
52:c1:db:5c:45:34:0c:d2:81:66:b9:1c:34:33:b7:33:ed:88:
bb:ca:5e:f8:e7:28:c7:01:ff:70:b6:d2:b2:ad:67:c8:ab:de:
47:ef:75:5e:2a:35:2d:14:8a:4a:6d:aa:8d:41:ec:63:48:1f:
06:53:0d:45:89:87:89:60:94:d5:0d:9a:03:12:a8:4a:d2:04:
0b:4a:8e:d0
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzGuRbUAdZQtyguX+6hb/uLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDY3MmM5OWY4N2YwNWNkODNmMGI2MjdkMzE4NzFmZTgw
YmUwMWYwHhcNMjQwMTAxMjAzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGU2YTg4MjNkZjg3MjY2NDY3YmM2MzRmZGUwODIxNzRkMGQ3YzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBG2mm3UeumGR3M7nIFctC8Fk+XF
4S9KAzuiiTgsVEsJFuX26DWuBUNc5JH9o/qiXQSH0f3TQXcsTK63ibW2GKg4ywhA
6WzyNJxnwJjjHzLdj8H14NG/oNeGnYhDWOuZN/IFk7aYVd7zZnG4CI2xHRQFL/Qb
B9WLg9iwT9JSCDnXXXePtbt2LlXOgl/0VlOjhxkSCtdC9KEGDZom43IwvpI8iyy0
8APDXjA5Y6kVnzGHhJFBmMbvrsNqhiLIHk+7mOUICGk880xiNkP2C9S5+2CMjlbb
ZbgNp8o6jvDZ+oOoV/lbu8S/8iIk6hBO2v6LMI/CDA7HUnXOVd5cgORVdwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFFDmqII9+HJmRnvGNP3gghdNDXwUMB8GA1UdIwQY
MBaAFB0Gcsmfh/Bc2D8LYn0xhx/oC+AfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFaeXlaLUg4RnpZUHd0aWZUR0hILWdMNEI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83ZTRmMDgtNjczMC00MDUxLTk3OTIt
NDk0ZjRjNGRhNDI2LzEvVU9hb2dqMzRjbVpHZThZMF9lQ0NGMDBOZkJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83ZTRmMDgtNjczMC00MDUxLTk3OTItNDk0ZjRjNGRhNDI2
LzEvSFFaeXlaLUg4RnpZUHd0aWZUR0hILWdMNEI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCTd8AAwQE
UF0gAwQCVm84AwQDWSmAAwQDXhg4AwQCuUIwAwQCuaOQAwQCuaRwAwQF1bbgMA0E
AgACMAcDBQMqA8aAMA0GCSqGSIb3DQEBCwUAA4IBAQCQ2crKTKl76tZIKjxM93c/
8MfI6o6eH7w0PEuivKgDE6w3EM6vMT9nSD/45Xn6bQ+hAVKFe/fJWQwHq/pQp2b9
svCEupEopgcATqAovrGIM4Ob9AsnnmfW5ckBrwpJiXgyzayTDkb7gIqXniv2tNUs
KTCVuFzo8smvvjikHOLGcHOkgRP4FTp/TKOymDH6nYBkeb/1jzzm+1XMSnuIN4Ux
biX89VzUpzpntg70E4quToHaljRSwdtcRTQM0oFmuRw0M7cz7Yi7yl745yjHAf9w
ttKyrWfIq95H73VeKjUtFIpKbaqNQexjSB8GUw1FiYeJYJTVDZoDEqhK0gQLSo7Q
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:04:17 2024 by rpki-client on console-fra.rpki-client.org