Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/eed9ce-aef9-4fc9-8a4a-c442a18f1efc/1/UCC0Oks2onBa0Korrd25uzudcc0.roa
File: UCC0Oks2onBa0Korrd25uzudcc0.roa (raw, json)
Hash identifier: yBpwLqs08/NpBpmpmKSrBPC4QBymGAVzEp4zDoL02CE=
Subject key identifier: 50:20:B4:3A:4B:36:A2:70:5A:D0:AA:2B:AD:DD:B9:BB:3B:9D:71:CD
Certificate issuer: /CN=397245d0492eede59b045b5be1fd4eb9161bc417
Certificate serial: 018CC26D576E252BB220A8ABB56B75219AA5
Authority key identifier: 39:72:45:D0:49:2E:ED:E5:9B:04:5B:5B:E1:FD:4E:B9:16:1B:C4:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXJF0Eku7eWbBFtb4f1OuRYbxBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/eed9ce-aef9-4fc9-8a4a-c442a18f1efc/1/UCC0Oks2onBa0Korrd25uzudcc0.roa
Signing time: Mon 01 Jan 2024 00:29:54 +0000
ROA not before: Mon 01 Jan 2024 00:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133861
IP address blocks: 193.134.209.0/24 maxlen: 24
193.134.211.0/24 maxlen: 24
193.134.208.0/24 maxlen: 24
193.134.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/eed9ce-aef9-4fc9-8a4a-c442a18f1efc/1/OXJF0Eku7eWbBFtb4f1OuRYbxBc.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/eed9ce-aef9-4fc9-8a4a-c442a18f1efc/1/OXJF0Eku7eWbBFtb4f1OuRYbxBc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OXJF0Eku7eWbBFtb4f1OuRYbxBc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 15 May 2024 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:57:6e:25:2b:b2:20:a8:ab:b5:6b:75:21:9a:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=397245d0492eede59b045b5be1fd4eb9161bc417
Validity
Not Before: Jan 1 00:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5020b43a4b36a2705ad0aa2badddb9bb3b9d71cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f9:f5:e6:b2:95:0b:13:ac:b9:2f:02:d7:a3:
32:6e:f1:83:d9:d7:61:6d:05:99:d1:78:44:b0:49:
c6:e4:41:14:2f:14:0f:97:21:61:8b:e9:98:ae:ed:
a1:04:b3:86:ac:de:2a:62:54:50:9a:0a:c0:57:1c:
48:2d:c8:d7:34:dc:2e:c3:c9:23:ea:73:ff:e2:4d:
5e:92:bd:61:1d:4b:1a:72:90:57:c2:06:7e:92:9e:
5a:9b:84:d2:6a:2a:2e:14:8d:32:83:a7:33:0b:ab:
f7:83:95:90:d5:cd:c8:bb:58:a1:64:e0:b9:db:f9:
e7:fa:97:55:cf:8a:c3:54:b2:46:64:9b:f3:ae:f2:
62:b9:00:95:7d:e7:b7:7d:65:73:69:6b:a8:1a:10:
9f:8c:73:74:a8:50:10:db:5b:b3:bf:b8:3a:16:64:
11:c3:2e:c0:8d:c1:70:7f:f3:e3:9c:19:57:38:0f:
1a:8e:27:a9:61:2f:e3:c4:6c:12:f0:bd:a7:3e:9c:
73:cf:c5:5b:5e:f3:b0:21:29:9f:5c:1d:69:eb:db:
d4:e5:04:b9:29:0c:fc:1f:01:d2:31:13:66:c1:83:
9b:9f:21:53:4b:da:06:1b:d7:db:a5:ec:60:87:34:
fd:60:7c:fb:50:4b:d9:6d:6b:c1:ed:ad:5e:d5:c5:
5a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:20:B4:3A:4B:36:A2:70:5A:D0:AA:2B:AD:DD:B9:BB:3B:9D:71:CD
X509v3 Authority Key Identifier:
keyid:39:72:45:D0:49:2E:ED:E5:9B:04:5B:5B:E1:FD:4E:B9:16:1B:C4:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXJF0Eku7eWbBFtb4f1OuRYbxBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/eed9ce-aef9-4fc9-8a4a-c442a18f1efc/1/UCC0Oks2onBa0Korrd25uzudcc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/eed9ce-aef9-4fc9-8a4a-c442a18f1efc/1/OXJF0Eku7eWbBFtb4f1OuRYbxBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.134.208.0/22
Signature Algorithm: sha256WithRSAEncryption
52:86:7f:89:08:55:c8:46:8b:b0:8a:ed:be:5e:77:40:39:35:
f3:81:57:aa:d4:c5:1e:e6:8b:85:58:68:f4:17:7d:98:a3:fa:
7b:3e:dc:0d:64:4a:99:55:11:3b:97:5d:9d:a7:90:fe:5c:cc:
73:25:2f:87:06:a5:ea:bf:c8:06:9c:33:13:d1:55:00:1a:e6:
37:76:f5:d9:1a:75:1a:bf:a1:d2:31:48:69:bc:4f:04:60:51:
e7:2e:b6:ca:2b:d2:b2:2f:af:22:8a:05:f4:a6:4d:f5:5d:15:
50:db:43:8b:4c:27:83:44:b9:6c:62:d4:0a:e3:bd:74:63:73:
a4:00:7c:f6:fc:9f:60:b1:fd:c2:91:7b:9b:b9:d7:e2:25:c4:
04:a1:12:83:86:66:5a:22:94:19:fc:3c:5a:43:55:0b:a9:46:
ff:d0:fb:71:14:e2:fd:a0:30:17:98:a0:12:59:bf:68:00:67:
28:09:89:10:b3:96:3a:d5:63:6f:f4:8a:8c:38:61:e2:fa:7e:
ac:fa:ee:4b:70:5c:54:f8:96:be:6e:42:17:24:e8:cf:aa:08:
d2:1b:5c:da:47:f8:63:a7:40:ea:c1:3f:ad:b5:d9:d1:67:4e:
b8:36:98:e1:8e:57:3f:4d:51:86:67:05:2c:24:31:18:90:8f:
78:f8:9b:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbVduJSuyIKirtWt1IZqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzI0NWQwNDkyZWVkZTU5YjA0NWI1YmUxZmQ0ZWI5MTYx
YmM0MTcwHhcNMjQwMTAxMDAyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDIwYjQzYTRiMzZhMjcwNWFkMGFhMmJhZGRkYjliYjNiOWQ3MWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/n15rKVCxOsuS8C16MybvGD2ddh
bQWZ0XhEsEnG5EEULxQPlyFhi+mYru2hBLOGrN4qYlRQmgrAVxxILcjXNNwuw8kj
6nP/4k1ekr1hHUsacpBXwgZ+kp5am4TSaiouFI0yg6czC6v3g5WQ1c3Iu1ihZOC5
2/nn+pdVz4rDVLJGZJvzrvJiuQCVfee3fWVzaWuoGhCfjHN0qFAQ21uzv7g6FmQR
wy7AjcFwf/PjnBlXOA8ajiepYS/jxGwS8L2nPpxzz8VbXvOwISmfXB1p69vU5QS5
KQz8HwHSMRNmwYObnyFTS9oGG9fbpexghzT9YHz7UEvZbWvB7a1e1cVaTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFAgtDpLNqJwWtCqK63dubs7nXHNMB8GA1UdIwQY
MBaAFDlyRdBJLu3lmwRbW+H9TrkWG8QXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hKRjBFa3U3ZVdiQkZ0YjRmMU91UllieEJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9lZWQ5Y2UtYWVmOS00ZmM5LThhNGEt
YzQ0MmExOGYxZWZjLzEvVUNDME9rczJvbkJhMEtvcnJkMjV1enVkY2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9lZWQ5Y2UtYWVmOS00ZmM5LThhNGEtYzQ0MmExOGYxZWZj
LzEvT1hKRjBFa3U3ZVdiQkZ0YjRmMU91UllieEJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwYbQMA0G
CSqGSIb3DQEBCwUAA4IBAQBShn+JCFXIRouwiu2+XndAOTXzgVeq1MUe5ouFWGj0
F32Yo/p7PtwNZEqZVRE7l12dp5D+XMxzJS+HBqXqv8gGnDMT0VUAGuY3dvXZGnUa
v6HSMUhpvE8EYFHnLrbKK9KyL68iigX0pk31XRVQ20OLTCeDRLlsYtQK4710Y3Ok
AHz2/J9gsf3CkXubudfiJcQEoRKDhmZaIpQZ/DxaQ1ULqUb/0PtxFOL9oDAXmKAS
Wb9oAGcoCYkQs5Y61WNv9IqMOGHi+n6s+u5LcFxU+Ja+bkIXJOjPqgjSG1zaR/hj
p0DqwT+ttdnRZ064Npjhjlc/TVGGZwUsJDEYkI94+Jvq
-----END CERTIFICATE-----
Generated at Tue May 14 14:30:24 2024 by rpki-client on console-fra.rpki-client.org