Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/uo33aWILmSmWtTPOEuPWVQeZUDo.roa
File: uo33aWILmSmWtTPOEuPWVQeZUDo.roa (raw, json)
Hash identifier: n93MR9+QnqegFDhP35unlmqXbRGAW9WHiGxHXoNjWCQ=
Subject key identifier: BA:8D:F7:69:62:0B:99:29:96:B5:33:CE:12:E3:D6:55:07:99:50:3A
Certificate issuer: /CN=9ba94bc14937bb0b3632374355a446724104a981
Certificate serial: 018E7A181F969FD46CD3B7700824688469F2
Authority key identifier: 9B:A9:4B:C1:49:37:BB:0B:36:32:37:43:55:A4:46:72:41:04:A9:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/uo33aWILmSmWtTPOEuPWVQeZUDo.roa
Signing time: Tue 26 Mar 2024 09:29:45 +0000
ROA not before: Tue 26 Mar 2024 09:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31480
IP address blocks: 91.196.32.0/22 maxlen: 22
185.59.136.0/24 maxlen: 24
193.151.108.0/22 maxlen: 22
193.151.108.0/24 maxlen: 24
193.151.110.0/24 maxlen: 24
2a0c:1d80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/m6lLwUk3uws2MjdDVaRGckEEqYE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/m6lLwUk3uws2MjdDVaRGckEEqYE.mft
rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7a:18:1f:96:9f:d4:6c:d3:b7:70:08:24:68:84:69:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ba94bc14937bb0b3632374355a446724104a981
Validity
Not Before: Mar 26 09:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba8df769620b992996b533ce12e3d6550799503a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:72:4d:63:bb:3b:c7:68:48:77:2d:72:58:d0:
97:72:ab:dc:a8:29:21:8b:5a:98:95:62:93:03:d3:
92:b5:6f:e1:8c:a9:14:c1:42:33:97:92:05:c9:df:
9c:f2:3e:d6:0d:b4:16:59:73:7d:fd:47:94:eb:4b:
8a:70:25:ae:9e:38:3a:f1:47:70:8d:b3:f4:65:ab:
c8:b2:93:d1:74:ff:53:ae:4a:18:cc:a2:64:c1:d4:
a3:57:d9:41:65:50:90:eb:dc:48:a4:aa:e2:31:77:
0a:8f:02:46:55:3f:b8:65:4f:d2:6e:06:9d:02:8e:
a0:97:50:e2:bd:c9:d7:c3:f4:f2:5a:61:ee:cf:ac:
4b:6f:5d:4c:48:fc:4e:b7:7e:01:89:e2:0c:53:61:
68:36:5f:24:27:ca:48:8f:de:6a:ae:1d:fb:46:b5:
93:9e:9b:cc:48:ac:a9:b3:39:1c:4f:76:ba:00:9a:
6a:a4:2d:bc:8b:f4:40:cd:b3:83:ea:a1:de:51:a9:
93:3e:be:9e:ee:93:6d:63:1e:1d:b0:fc:ef:dc:21:
a0:c0:2f:82:50:fb:96:95:e3:54:bf:b0:5e:d4:a0:
a6:e0:19:85:0b:f4:9d:ad:2d:92:24:24:c8:4e:ac:
95:69:3a:b9:42:b0:e8:f8:14:a6:c0:d5:24:2e:02:
4f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:8D:F7:69:62:0B:99:29:96:B5:33:CE:12:E3:D6:55:07:99:50:3A
X509v3 Authority Key Identifier:
keyid:9B:A9:4B:C1:49:37:BB:0B:36:32:37:43:55:A4:46:72:41:04:A9:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/uo33aWILmSmWtTPOEuPWVQeZUDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/m6lLwUk3uws2MjdDVaRGckEEqYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.32.0/22
185.59.136.0/24
193.151.108.0/22
IPv6:
2a0c:1d80::/29
Signature Algorithm: sha256WithRSAEncryption
00:d1:7f:01:d3:f6:de:57:16:95:0a:24:cc:77:67:32:c6:aa:
53:31:bd:86:d6:85:84:40:c1:b4:c8:54:13:33:39:74:7a:52:
52:f9:21:82:c3:e5:4b:15:82:53:80:87:2a:89:1e:6d:86:6b:
20:58:95:b6:59:53:48:81:53:da:d7:6e:d7:38:f1:96:3a:9f:
77:1e:05:b8:ed:88:ce:32:f2:58:8c:6c:9b:fe:37:1e:ff:ae:
73:a0:87:78:12:ad:1f:34:25:d0:e8:35:71:b0:18:71:55:48:
f4:16:e4:d6:9f:7d:99:16:a6:b8:06:cd:78:51:da:7f:4d:55:
a5:ad:45:9c:df:93:4f:22:11:71:55:c2:6f:49:e4:6d:49:d3:
d4:fa:f9:7a:11:9e:dd:47:b2:6b:88:0e:8a:d3:74:fd:53:a8:
6c:57:1b:c8:bd:c0:74:e3:ad:13:52:a1:f0:3d:d4:65:f8:7a:
a9:88:d1:28:d3:d2:ef:d7:a2:e3:ea:6f:3c:6f:1a:fd:55:b5:
81:e9:29:45:78:46:25:e5:66:f5:f1:f9:75:17:9f:e6:a7:a5:
f6:76:f8:74:e8:ff:7a:6b:6b:48:fa:73:7e:4f:05:7b:b6:33:
cc:ec:04:e0:b7:00:fa:2d:f3:0b:5f:cd:b3:49:21:d5:8a:14:
04:bc:f5:d0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY56GB+Wn9Rs07dwCCRohGnyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYTk0YmMxNDkzN2JiMGIzNjMyMzc0MzU1YTQ0NjcyNDEw
NGE5ODEwHhcNMjQwMzI2MDkyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYThkZjc2OTYyMGI5OTI5OTZiNTMzY2UxMmUzZDY1NTA3OTk1MDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3JNY7s7x2hIdy1yWNCXcqvcqCkh
i1qYlWKTA9OStW/hjKkUwUIzl5IFyd+c8j7WDbQWWXN9/UeU60uKcCWunjg68Udw
jbP0ZavIspPRdP9TrkoYzKJkwdSjV9lBZVCQ69xIpKriMXcKjwJGVT+4ZU/Sbgad
Ao6gl1DivcnXw/TyWmHuz6xLb11MSPxOt34BieIMU2FoNl8kJ8pIj95qrh37RrWT
npvMSKypszkcT3a6AJpqpC28i/RAzbOD6qHeUamTPr6e7pNtYx4dsPzv3CGgwC+C
UPuWleNUv7Be1KCm4BmFC/SdrS2SJCTITqyVaTq5QrDo+BSmwNUkLgJPjwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLqN92liC5kplrUzzhLj1lUHmVA6MB8GA1UdIwQY
MBaAFJupS8FJN7sLNjI3Q1WkRnJBBKmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTZsTHdVazN1d3MyTWpkRFZhUkdja0VFcVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9jYzc4NDMtZDEzNi00ZmZiLThiOTkt
ODM2YzMxMmFjOGMyLzEvdW8zM2FXSUxtU21XdFRQT0V1UFdWUWVaVURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9jYzc4NDMtZDEzNi00ZmZiLThiOTktODM2YzMxMmFjOGMy
LzEvbTZsTHdVazN1d3MyTWpkRFZhUkdja0VFcVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCW8QgAwQA
uTuIAwQCwZdsMA0EAgACMAcDBQMqDB2AMA0GCSqGSIb3DQEBCwUAA4IBAQAA0X8B
0/beVxaVCiTMd2cyxqpTMb2G1oWEQMG0yFQTMzl0elJS+SGCw+VLFYJTgIcqiR5t
hmsgWJW2WVNIgVPa127XOPGWOp93HgW47YjOMvJYjGyb/jce/65zoId4Eq0fNCXQ
6DVxsBhxVUj0FuTWn32ZFqa4Bs14Udp/TVWlrUWc35NPIhFxVcJvSeRtSdPU+vl6
EZ7dR7JriA6K03T9U6hsVxvIvcB0460TUqHwPdRl+HqpiNEo09Lv16Lj6m88bxr9
VbWB6SlFeEYl5Wb18fl1F5/mp6X2dvh06P96a2tI+nN+TwV7tjPM7ATgtwD6LfML
X82zSSHVihQEvPXQ
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:00:37 2024 by rpki-client on console-ams.rpki-client.org