Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/0a2e01-9aa6-48c9-b79a-a4d359d91251/1/uWQHZdbU8kcrekC6UE1Qa86q-A8.roa
File: uWQHZdbU8kcrekC6UE1Qa86q-A8.roa (raw, json)
Hash identifier: X6oXCp+Qid2hDAsbBTRiEnZgZmX5wSgzPwGR6jN7bWM=
Subject key identifier: B9:64:07:65:D6:D4:F2:47:2B:7A:40:BA:50:4D:50:6B:CE:AA:F8:0F
Certificate issuer: /CN=cecd391c660c3e57c53b87c0b52ec0d2f2f42775
Certificate serial: 018D3FFF9790A799E728CB0847C0A22F8AA3
Authority key identifier: CE:CD:39:1C:66:0C:3E:57:C5:3B:87:C0:B5:2E:C0:D2:F2:F4:27:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zs05HGYMPlfFO4fAtS7A0vL0J3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/0a2e01-9aa6-48c9-b79a-a4d359d91251/1/uWQHZdbU8kcrekC6UE1Qa86q-A8.roa
Signing time: Thu 25 Jan 2024 09:42:11 +0000
ROA not before: Thu 25 Jan 2024 09:42:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31400
IP address blocks: 193.107.120.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/0a2e01-9aa6-48c9-b79a-a4d359d91251/1/zs05HGYMPlfFO4fAtS7A0vL0J3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/0a2e01-9aa6-48c9-b79a-a4d359d91251/1/zs05HGYMPlfFO4fAtS7A0vL0J3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/zs05HGYMPlfFO4fAtS7A0vL0J3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3f:ff:97:90:a7:99:e7:28:cb:08:47:c0:a2:2f:8a:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cecd391c660c3e57c53b87c0b52ec0d2f2f42775
Validity
Not Before: Jan 25 09:42:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9640765d6d4f2472b7a40ba504d506bceaaf80f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ad:c2:67:40:46:f5:dd:3d:99:b0:fd:af:db:
71:1b:8c:cb:ea:80:9b:56:5c:73:9c:b3:4d:78:f0:
25:f2:89:47:0a:30:55:ae:36:0a:3a:e1:35:9c:cb:
6e:96:b4:82:e3:be:77:80:8d:7d:71:e9:27:b5:e2:
4c:ba:8c:4f:56:e4:84:56:a8:a7:a5:36:8c:76:25:
ca:38:61:65:79:6e:a8:94:2d:6e:c3:e5:f1:59:18:
a1:6c:2b:a9:93:0e:e7:7a:05:16:d0:ed:06:c2:c3:
b7:f4:d5:99:78:fa:fe:72:b3:c5:d3:82:c9:27:8c:
dd:4a:69:8b:6c:c6:85:23:64:fb:7a:2d:cd:fb:4d:
11:e2:1a:96:e2:bd:58:a7:14:55:14:5c:fa:73:40:
a4:a6:40:a4:92:53:86:a2:75:de:14:f4:a9:ed:36:
73:0e:94:56:04:18:0e:5e:be:05:ec:f0:8e:e8:52:
8d:d4:7c:89:be:0a:b6:c2:46:f0:08:8a:81:83:69:
a7:ba:40:2a:1c:13:53:7b:e5:ed:6b:4e:19:2d:aa:
d5:1b:32:ba:97:0a:32:60:44:67:40:5e:e4:1a:49:
4e:d4:94:e2:15:82:9c:de:b0:50:d8:df:ab:d9:4f:
16:59:1d:84:09:75:49:aa:ad:6c:a6:f5:f5:44:e5:
f5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:64:07:65:D6:D4:F2:47:2B:7A:40:BA:50:4D:50:6B:CE:AA:F8:0F
X509v3 Authority Key Identifier:
keyid:CE:CD:39:1C:66:0C:3E:57:C5:3B:87:C0:B5:2E:C0:D2:F2:F4:27:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zs05HGYMPlfFO4fAtS7A0vL0J3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/0a2e01-9aa6-48c9-b79a-a4d359d91251/1/uWQHZdbU8kcrekC6UE1Qa86q-A8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/0a2e01-9aa6-48c9-b79a-a4d359d91251/1/zs05HGYMPlfFO4fAtS7A0vL0J3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.107.120.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:7c:35:ba:ec:81:41:7f:9e:2d:17:75:91:fb:28:6e:8f:59:
8b:19:81:69:f6:09:e2:30:d1:f7:4e:3c:9e:d3:01:b2:36:4f:
f6:12:35:b7:f9:94:71:b2:1c:62:70:33:5d:b9:21:63:45:35:
54:08:6c:d7:8a:0d:8c:e8:12:74:e9:c5:a1:67:e1:be:0e:6e:
0d:e2:80:06:3b:c6:8e:a1:b3:c6:45:00:bf:2d:cb:0a:69:08:
f0:45:f5:b2:b9:d8:44:03:b2:e7:81:bb:da:4e:c5:39:2e:c7:
07:18:85:5a:14:5c:d0:5e:b2:35:5f:00:98:be:9f:b8:43:54:
02:e5:8b:00:87:c2:7d:cf:96:3f:97:9d:8f:16:5d:5e:1f:f2:
17:1a:f8:a8:4d:90:a4:46:4f:63:c6:ad:fd:41:ee:fa:a4:8a:
28:f0:ee:9c:70:96:ad:34:c1:9c:3c:9b:40:82:cf:ad:83:e1:
cd:8f:9a:a6:68:fe:3c:ca:c5:de:2c:84:30:e5:c3:54:12:de:
01:a1:87:d6:97:42:6b:ef:ca:5a:a6:44:60:41:65:e1:d1:97:
49:25:9b:f1:a9:22:d3:39:d9:08:30:4f:56:d3:6f:3b:ed:23:
74:e4:e6:01:70:d7:ba:6f:1c:fd:d2:bc:aa:e0:e7:99:6b:3d:
cc:e6:c2:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0//5eQp5nnKMsIR8CiL4qjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlY2QzOTFjNjYwYzNlNTdjNTNiODdjMGI1MmVjMGQyZjJm
NDI3NzUwHhcNMjQwMTI1MDk0MjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTY0MDc2NWQ2ZDRmMjQ3MmI3YTQwYmE1MDRkNTA2YmNlYWFmODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAma3CZ0BG9d09mbD9r9txG4zL6oCb
VlxznLNNePAl8olHCjBVrjYKOuE1nMtulrSC4753gI19ceknteJMuoxPVuSEVqin
pTaMdiXKOGFleW6olC1uw+XxWRihbCupkw7negUW0O0GwsO39NWZePr+crPF04LJ
J4zdSmmLbMaFI2T7ei3N+00R4hqW4r1YpxRVFFz6c0CkpkCkklOGonXeFPSp7TZz
DpRWBBgOXr4F7PCO6FKN1HyJvgq2wkbwCIqBg2mnukAqHBNTe+Xta04ZLarVGzK6
lwoyYERnQF7kGklO1JTiFYKc3rBQ2N+r2U8WWR2ECXVJqq1spvX1ROX1ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLlkB2XW1PJHK3pAulBNUGvOqvgPMB8GA1UdIwQY
MBaAFM7NORxmDD5XxTuHwLUuwNLy9Cd1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenMwNUhHWU1QbGZGTzRmQXRTN0EwdkwwSjNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8wYTJlMDEtOWFhNi00OGM5LWI3OWEt
YTRkMzU5ZDkxMjUxLzEvdVdRSFpkYlU4a2NyZWtDNlVFMVFhODZxLUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8wYTJlMDEtOWFhNi00OGM5LWI3OWEtYTRkMzU5ZDkxMjUx
LzEvenMwNUhHWU1QbGZGTzRmQXRTN0EwdkwwSjNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwWt4MA0G
CSqGSIb3DQEBCwUAA4IBAQCdfDW67IFBf54tF3WR+yhuj1mLGYFp9gniMNH3Tjye
0wGyNk/2EjW3+ZRxshxicDNduSFjRTVUCGzXig2M6BJ06cWhZ+G+Dm4N4oAGO8aO
obPGRQC/LcsKaQjwRfWyudhEA7LngbvaTsU5LscHGIVaFFzQXrI1XwCYvp+4Q1QC
5YsAh8J9z5Y/l52PFl1eH/IXGvioTZCkRk9jxq39Qe76pIoo8O6ccJatNMGcPJtA
gs+tg+HNj5qmaP48ysXeLIQw5cNUEt4BoYfWl0Jr78papkRgQWXh0ZdJJZvxqSLT
OdkIME9W02877SN05OYBcNe6bxz90ryq4OeZaz3M5sK9
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:01:07 2024 by rpki-client on console-ams.rpki-client.org