Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/b30b57-e7e9-4b2f-99b6-90f97f746676/1/uyTZ2uVj9mcPOWGSKs0K9nLAblI.roa
File: uyTZ2uVj9mcPOWGSKs0K9nLAblI.roa (raw, json)
Hash identifier: 5fXDCIA6mBRWMCklOHgslXiSKsn6OU6gnmz0ylN8KWs=
Subject key identifier: BB:24:D9:DA:E5:63:F6:67:0F:39:61:92:2A:CD:0A:F6:72:C0:6E:52
Certificate issuer: /CN=91c2c2912e10581587052a5ca770910b26174f14
Certificate serial: 018CC7272A71D2723106F60B7FA29154D93A
Authority key identifier: 91:C2:C2:91:2E:10:58:15:87:05:2A:5C:A7:70:91:0B:26:17:4F:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kcLCkS4QWBWHBSpcp3CRCyYXTxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/b30b57-e7e9-4b2f-99b6-90f97f746676/1/uyTZ2uVj9mcPOWGSKs0K9nLAblI.roa
Signing time: Mon 01 Jan 2024 22:31:21 +0000
ROA not before: Mon 01 Jan 2024 22:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56577
IP address blocks: 31.41.40.0/21 maxlen: 21
185.68.92.0/22 maxlen: 22
2a05:1700:2::/48 maxlen: 48
2a05:1700::/48 maxlen: 48
2a05:1700:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/b30b57-e7e9-4b2f-99b6-90f97f746676/1/kcLCkS4QWBWHBSpcp3CRCyYXTxQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/b30b57-e7e9-4b2f-99b6-90f97f746676/1/kcLCkS4QWBWHBSpcp3CRCyYXTxQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kcLCkS4QWBWHBSpcp3CRCyYXTxQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:2a:71:d2:72:31:06:f6:0b:7f:a2:91:54:d9:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91c2c2912e10581587052a5ca770910b26174f14
Validity
Not Before: Jan 1 22:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb24d9dae563f6670f3961922acd0af672c06e52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2d:9c:af:5b:4f:b6:52:aa:64:03:3f:54:2c:
39:54:c3:d9:1b:6a:c4:da:a2:17:88:d7:24:28:76:
ce:d8:3e:71:62:50:db:0c:98:72:42:8f:69:c0:7b:
e9:a2:fb:fe:2b:cb:e7:2f:11:81:ca:c1:f2:aa:f6:
05:c3:30:42:00:82:34:71:3e:72:da:31:07:0b:29:
d6:ee:70:4f:83:66:b9:94:4f:62:fd:01:33:10:82:
11:62:23:85:c5:20:0a:de:f5:64:f1:51:df:9a:cf:
9c:cd:c2:a7:db:de:73:4c:30:c1:7e:6b:ff:c3:85:
c7:c2:33:bc:76:fe:c4:a4:a3:c7:19:c1:9f:c5:a7:
24:45:32:05:a0:24:db:55:23:66:8c:c1:62:5b:f3:
03:c0:7c:f3:58:89:43:68:fc:4c:bc:b8:c0:ae:a9:
01:5f:c7:85:a1:fa:cc:36:6f:05:11:22:4d:fb:50:
15:fc:be:53:8d:05:56:42:cf:91:f8:a5:cb:8e:00:
78:d1:1e:08:d1:a4:78:d4:ad:c5:e9:1c:96:82:f6:
cb:6f:10:c7:a3:b9:d9:40:67:17:49:5a:f9:9c:61:
92:4a:28:c7:7d:b3:02:19:b4:2c:da:d2:0f:a3:f0:
50:13:cb:36:2e:fc:03:c8:55:e8:90:ea:ac:e1:29:
55:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:24:D9:DA:E5:63:F6:67:0F:39:61:92:2A:CD:0A:F6:72:C0:6E:52
X509v3 Authority Key Identifier:
keyid:91:C2:C2:91:2E:10:58:15:87:05:2A:5C:A7:70:91:0B:26:17:4F:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcLCkS4QWBWHBSpcp3CRCyYXTxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b30b57-e7e9-4b2f-99b6-90f97f746676/1/uyTZ2uVj9mcPOWGSKs0K9nLAblI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b30b57-e7e9-4b2f-99b6-90f97f746676/1/kcLCkS4QWBWHBSpcp3CRCyYXTxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.40.0/21
185.68.92.0/22
IPv6:
2a05:1700::/48
2a05:1700:2::/47
Signature Algorithm: sha256WithRSAEncryption
09:cd:37:0c:34:a0:0a:6d:b2:3d:e1:d3:a7:ac:ae:5c:fa:4b:
c8:e0:93:9c:92:27:81:b6:59:82:61:21:5c:73:85:4e:13:0a:
7d:0f:d4:64:e0:1f:28:c1:a1:69:34:51:62:e1:a6:a2:4f:38:
64:60:33:2f:7a:1b:a9:ef:0e:b7:c4:4c:08:0b:8f:5c:f5:27:
89:c0:f1:9f:40:1d:ef:01:90:3b:9d:07:eb:49:85:8c:9f:71:
3f:7f:dc:4a:24:4e:2c:06:2f:c7:90:06:ff:92:db:dc:b1:f0:
b4:c6:e0:91:73:0c:ea:f9:f6:df:99:2d:2e:48:af:88:7d:c7:
1c:dc:10:53:7b:61:2d:f9:a1:72:fe:3b:cd:1e:d0:49:45:57:
85:b7:74:d3:55:35:66:b3:b3:65:b1:fb:f0:b7:5f:d1:54:8c:
33:a1:8a:f3:f5:82:6a:43:24:64:8b:95:6f:5a:ca:e7:6f:c8:
42:24:71:8a:41:18:43:63:d6:b4:e1:06:2a:1a:bc:25:8b:b7:
f8:ef:64:68:e3:d0:29:f3:f8:ad:76:5b:3c:07:6c:5e:2e:32:
ea:a2:bc:67:ce:51:dd:96:0f:7b:59:7c:7e:8f:d2:42:0f:03:
6c:7c:5b:2e:37:cc:10:84:93:43:a7:17:b2:c4:ee:a4:aa:ce:
39:2c:b2:af
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzHJypx0nIxBvYLf6KRVNk6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzJjMjkxMmUxMDU4MTU4NzA1MmE1Y2E3NzA5MTBiMjYx
NzRmMTQwHhcNMjQwMTAxMjIzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjI0ZDlkYWU1NjNmNjY3MGYzOTYxOTIyYWNkMGFmNjcyYzA2ZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAji2cr1tPtlKqZAM/VCw5VMPZG2rE
2qIXiNckKHbO2D5xYlDbDJhyQo9pwHvpovv+K8vnLxGBysHyqvYFwzBCAII0cT5y
2jEHCynW7nBPg2a5lE9i/QEzEIIRYiOFxSAK3vVk8VHfms+czcKn295zTDDBfmv/
w4XHwjO8dv7EpKPHGcGfxackRTIFoCTbVSNmjMFiW/MDwHzzWIlDaPxMvLjArqkB
X8eFofrMNm8FESJN+1AV/L5TjQVWQs+R+KXLjgB40R4I0aR41K3F6RyWgvbLbxDH
o7nZQGcXSVr5nGGSSijHfbMCGbQs2tIPo/BQE8s2LvwDyFXokOqs4SlV8QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLsk2drlY/ZnDzlhkirNCvZywG5SMB8GA1UdIwQY
MBaAFJHCwpEuEFgVhwUqXKdwkQsmF08UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NMQ2tTNFFXQldIQlNwY3AzQ1JDeVlYVHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iMzBiNTctZTdlOS00YjJmLTk5YjYt
OTBmOTdmNzQ2Njc2LzEvdXlUWjJ1Vmo5bWNQT1dHU0tzMEs5bkxBYmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iMzBiNTctZTdlOS00YjJmLTk5YjYtOTBmOTdmNzQ2Njc2
LzEva2NMQ2tTNFFXQldIQlNwY3AzQ1JDeVlYVHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQDHykoAwQC
uURcMBgEAgACMBIDBwAqBRcAAAADBwEqBRcAAAIwDQYJKoZIhvcNAQELBQADggEB
AAnNNww0oAptsj3h06esrlz6S8jgk5ySJ4G2WYJhIVxzhU4TCn0P1GTgHyjBoWk0
UWLhpqJPOGRgMy96G6nvDrfETAgLj1z1J4nA8Z9AHe8BkDudB+tJhYyfcT9/3Eok
TiwGL8eQBv+S29yx8LTG4JFzDOr59t+ZLS5Ir4h9xxzcEFN7YS35oXL+O80e0ElF
V4W3dNNVNWazs2Wx+/C3X9FUjDOhivP1gmpDJGSLlW9ayudvyEIkcYpBGENj1rTh
BioavCWLt/jvZGjj0Cnz+K12WzwHbF4uMuqivGfOUd2WD3tZfH6P0kIPA2x8Wy43
zBCEk0OnF7LE7qSqzjkssq8=
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:13:23 2024 by rpki-client on console-fra.rpki-client.org