Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/ba3fa1-f9d0-4097-bdc9-d717e4dfcb3d/1/u7iZXH-Yr92iAfxx6xWzjRRclGc.roa
File: u7iZXH-Yr92iAfxx6xWzjRRclGc.roa (raw, json)
Hash identifier: aYm0WXgTQWfrW2t8r5ADVWeOw2eXdDusICdit5VBJDg=
Subject key identifier: BB:B8:99:5C:7F:98:AF:DD:A2:01:FC:71:EB:15:B3:8D:14:5C:94:67
Certificate issuer: /CN=501c1057bcb9d1e0d15748b7f32c59f8c7b72a4e
Certificate serial: 018F309AE3AF2C128906041DD24F78409FA8
Authority key identifier: 50:1C:10:57:BC:B9:D1:E0:D1:57:48:B7:F3:2C:59:F8:C7:B7:2A:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UBwQV7y50eDRV0i38yxZ-Me3Kk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/ba3fa1-f9d0-4097-bdc9-d717e4dfcb3d/1/u7iZXH-Yr92iAfxx6xWzjRRclGc.roa
Signing time: Tue 30 Apr 2024 20:03:28 +0000
ROA not before: Tue 30 Apr 2024 20:03:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209528
IP address blocks: 45.135.64.0/22 maxlen: 24
185.162.136.0/22 maxlen: 24
2a09:2bc0::/32 maxlen: 32
2a0e:8940::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/ba3fa1-f9d0-4097-bdc9-d717e4dfcb3d/1/UBwQV7y50eDRV0i38yxZ-Me3Kk4.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/ba3fa1-f9d0-4097-bdc9-d717e4dfcb3d/1/UBwQV7y50eDRV0i38yxZ-Me3Kk4.mft
rsync://rpki.ripe.net/repository/DEFAULT/UBwQV7y50eDRV0i38yxZ-Me3Kk4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 17:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:30:9a:e3:af:2c:12:89:06:04:1d:d2:4f:78:40:9f:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=501c1057bcb9d1e0d15748b7f32c59f8c7b72a4e
Validity
Not Before: Apr 30 20:03:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbb8995c7f98afdda201fc71eb15b38d145c9467
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:00:d7:82:2d:71:3c:a7:f1:1c:6f:88:62:52:
1a:14:ab:99:a0:cd:09:e8:02:f8:bb:c1:82:54:56:
22:b0:5f:97:d3:4a:cb:d0:b8:1c:16:5a:71:53:ce:
4b:2b:7b:f4:27:0e:e6:9e:13:d7:3e:15:e4:63:de:
dd:db:45:b7:88:13:51:2b:4b:90:1f:65:a4:0a:ba:
e6:00:3c:1b:84:ff:34:9c:8f:39:55:79:ae:38:8f:
02:6c:3f:0d:d2:3f:14:85:ec:fa:f8:15:55:b2:6c:
81:f6:9c:f2:fd:28:fd:9c:bd:93:63:f5:3f:67:84:
34:76:34:e3:b3:0a:99:a8:e8:f4:3f:c4:0f:92:bd:
5f:29:7a:86:e5:d6:cd:66:22:0f:e5:59:1c:6c:6b:
0e:6b:05:02:47:91:7e:88:8f:8f:a8:8c:90:db:18:
8e:8c:50:fb:ae:d4:e3:09:8f:b6:a1:16:f2:b4:ab:
ed:db:bc:6b:97:e7:52:31:90:e4:2a:c1:0a:99:92:
01:fc:b5:9a:33:0a:3b:73:68:f9:fb:d4:e3:0d:a8:
c8:49:2e:75:a7:18:c1:74:7b:32:e5:59:f1:c2:3c:
4f:9f:e1:7a:98:1b:8c:de:85:7a:5e:a3:56:80:ba:
e8:ea:9b:0c:7a:8a:e5:07:cd:e8:8e:07:91:c9:f4:
f3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B8:99:5C:7F:98:AF:DD:A2:01:FC:71:EB:15:B3:8D:14:5C:94:67
X509v3 Authority Key Identifier:
keyid:50:1C:10:57:BC:B9:D1:E0:D1:57:48:B7:F3:2C:59:F8:C7:B7:2A:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UBwQV7y50eDRV0i38yxZ-Me3Kk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/ba3fa1-f9d0-4097-bdc9-d717e4dfcb3d/1/u7iZXH-Yr92iAfxx6xWzjRRclGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/ba3fa1-f9d0-4097-bdc9-d717e4dfcb3d/1/UBwQV7y50eDRV0i38yxZ-Me3Kk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.64.0/22
185.162.136.0/22
IPv6:
2a09:2bc0::/32
2a0e:8940::/29
Signature Algorithm: sha256WithRSAEncryption
99:25:65:5e:ab:c4:f7:eb:a0:25:5a:32:13:78:68:6b:39:f4:
7d:28:45:70:ae:de:8f:ea:f5:7b:14:c4:ac:ac:5e:79:59:4a:
93:18:2a:e6:38:a2:e2:f6:93:d7:d3:26:47:1e:cc:3f:bc:4e:
0c:d4:e6:41:1b:2f:14:84:ff:e0:85:df:b8:4b:75:fb:57:87:
d9:d5:74:bb:f8:26:99:c2:44:d2:54:94:e7:10:19:9f:fe:aa:
06:0e:2e:67:bd:36:d6:95:84:51:b4:5b:7c:a4:2b:23:23:49:
6b:83:af:dc:36:cd:ca:f1:bb:d7:95:01:9f:b2:40:10:e0:36:
42:b7:85:a1:01:67:40:f1:16:73:f6:fd:74:4b:76:5b:6c:f5:
9e:92:b4:69:66:ca:26:7b:7b:07:9e:82:aa:fe:77:bc:62:7c:
90:b5:66:9c:74:d8:33:f4:3d:18:ff:b4:8f:ff:14:9c:14:1d:
ae:d3:a5:48:47:96:95:32:68:59:d8:e5:fc:c5:fe:8e:bb:44:
8a:0b:bc:62:c3:76:65:c5:f2:c4:e2:99:ef:ed:61:b5:b2:0a:
88:0f:11:da:1f:13:f2:2a:03:85:b9:0f:04:75:ee:87:f3:47:
c2:fc:51:9b:71:75:71:6b:61:bf:ad:09:8a:1a:6b:e0:c3:40:
08:f0:38:a7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY8wmuOvLBKJBgQd0k94QJ+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMWMxMDU3YmNiOWQxZTBkMTU3NDhiN2YzMmM1OWY4Yzdi
NzJhNGUwHhcNMjQwNDMwMjAwMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmI4OTk1YzdmOThhZmRkYTIwMWZjNzFlYjE1YjM4ZDE0NWM5NDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+QDXgi1xPKfxHG+IYlIaFKuZoM0J
6AL4u8GCVFYisF+X00rL0LgcFlpxU85LK3v0Jw7mnhPXPhXkY97d20W3iBNRK0uQ
H2WkCrrmADwbhP80nI85VXmuOI8CbD8N0j8Uhez6+BVVsmyB9pzy/Sj9nL2TY/U/
Z4Q0djTjswqZqOj0P8QPkr1fKXqG5dbNZiIP5VkcbGsOawUCR5F+iI+PqIyQ2xiO
jFD7rtTjCY+2oRbytKvt27xrl+dSMZDkKsEKmZIB/LWaMwo7c2j5+9TjDajISS51
pxjBdHsy5VnxwjxPn+F6mBuM3oV6XqNWgLro6psMeorlB83ojgeRyfTzgQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLu4mVx/mK/dogH8cesVs40UXJRnMB8GA1UdIwQY
MBaAFFAcEFe8udHg0VdIt/MsWfjHtypOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUJ3UVY3eTUwZURSVjBpMzh5eFotTWUzS2s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iYTNmYTEtZjlkMC00MDk3LWJkYzkt
ZDcxN2U0ZGZjYjNkLzEvdTdpWlhILVlyOTJpQWZ4eDZ4V3pqUlJjbEdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iYTNmYTEtZjlkMC00MDk3LWJkYzktZDcxN2U0ZGZjYjNk
LzEvVUJ3UVY3eTUwZURSVjBpMzh5eFotTWUzS2s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLYdAAwQC
uaKIMBQEAgACMA4DBQAqCSvAAwUDKg6JQDANBgkqhkiG9w0BAQsFAAOCAQEAmSVl
XqvE9+ugJVoyE3hoazn0fShFcK7ej+r1exTErKxeeVlKkxgq5jii4vaT19MmRx7M
P7xODNTmQRsvFIT/4IXfuEt1+1eH2dV0u/gmmcJE0lSU5xAZn/6qBg4uZ7021pWE
UbRbfKQrIyNJa4Ov3DbNyvG715UBn7JAEOA2QreFoQFnQPEWc/b9dEt2W2z1npK0
aWbKJnt7B56Cqv53vGJ8kLVmnHTYM/Q9GP+0j/8UnBQdrtOlSEeWlTJoWdjl/MX+
jrtEigu8YsN2ZcXyxOKZ7+1htbIKiA8R2h8T8ioDhbkPBHXuh/NHwvxRm3F1cWth
v60Jihpr4MNACPA4pw==
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:51:49 2024 by rpki-client on console-fra.rpki-client.org