Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/309bfd-cbe7-4144-a630-2f80a0a0206a/1/uIUHMCUHibxsJgVpBvtl8p-LcO4.roa
File: uIUHMCUHibxsJgVpBvtl8p-LcO4.roa (raw, json)
Hash identifier: fHSqJ39acdkfmESBNHMrHLiPcW+cdjimkMp/hGIVx9I=
Subject key identifier: B8:85:07:30:25:07:89:BC:6C:26:05:69:06:FB:65:F2:9F:8B:70:EE
Certificate issuer: /CN=f19a5d5cb7949ce1bd209dc213993520e02d1085
Certificate serial: 018CC8DEBBFC1117F89B8A7E49CBB8AA9C5C
Authority key identifier: F1:9A:5D:5C:B7:94:9C:E1:BD:20:9D:C2:13:99:35:20:E0:2D:10:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8ZpdXLeUnOG9IJ3CE5k1IOAtEIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/309bfd-cbe7-4144-a630-2f80a0a0206a/1/uIUHMCUHibxsJgVpBvtl8p-LcO4.roa
Signing time: Tue 02 Jan 2024 06:31:29 +0000
ROA not before: Tue 02 Jan 2024 06:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61211
IP address blocks: 148.163.184.0/22 maxlen: 24
185.15.28.0/22 maxlen: 24
185.62.72.0/22 maxlen: 24
185.203.16.0/22 maxlen: 24
2a03:bb40::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/309bfd-cbe7-4144-a630-2f80a0a0206a/1/8ZpdXLeUnOG9IJ3CE5k1IOAtEIU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/309bfd-cbe7-4144-a630-2f80a0a0206a/1/8ZpdXLeUnOG9IJ3CE5k1IOAtEIU.mft
rsync://rpki.ripe.net/repository/DEFAULT/8ZpdXLeUnOG9IJ3CE5k1IOAtEIU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 22:35:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:bb:fc:11:17:f8:9b:8a:7e:49:cb:b8:aa:9c:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f19a5d5cb7949ce1bd209dc213993520e02d1085
Validity
Not Before: Jan 2 06:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8850730250789bc6c26056906fb65f29f8b70ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0c:2e:75:65:05:9b:88:f2:06:f9:17:f5:35:
20:6b:4a:0d:2c:ef:03:12:05:bc:6a:cc:37:31:34:
97:4c:5e:3d:8f:2c:7a:ed:11:78:89:70:bd:6a:e9:
1a:5a:cb:ca:91:8e:b1:92:f2:2f:cf:24:79:2e:1b:
77:91:29:d9:3e:9a:06:dc:7b:d4:37:9e:37:a2:81:
bf:7b:37:81:b0:97:58:40:27:41:e5:2f:f0:d0:41:
f5:8d:ca:7e:b6:cf:1d:26:2b:31:57:fb:29:e2:f6:
e3:4c:42:24:14:72:22:af:b3:05:e3:44:b2:1c:5c:
80:6b:3a:df:7a:f4:1d:a5:ea:d0:ff:cf:ce:64:fd:
97:12:3d:08:8b:85:20:3d:d5:16:04:d5:0c:ef:93:
7c:98:80:ba:d7:da:96:eb:c9:24:52:77:26:b5:8f:
2e:f4:7f:cc:18:51:49:48:9f:30:70:29:03:e5:5f:
c4:bc:02:f2:ac:4e:48:aa:51:10:bf:7c:10:9f:bf:
d3:74:76:d5:fb:63:a7:4e:fe:0d:f0:34:7f:21:ea:
30:f9:0e:27:72:26:46:4e:bf:ce:b3:bd:77:ee:ea:
8a:41:30:ad:49:81:4a:5e:e4:ca:6d:48:85:0c:4c:
dd:a7:01:74:46:bf:9b:98:d4:81:2a:a7:8c:68:e5:
2c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:85:07:30:25:07:89:BC:6C:26:05:69:06:FB:65:F2:9F:8B:70:EE
X509v3 Authority Key Identifier:
keyid:F1:9A:5D:5C:B7:94:9C:E1:BD:20:9D:C2:13:99:35:20:E0:2D:10:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8ZpdXLeUnOG9IJ3CE5k1IOAtEIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/309bfd-cbe7-4144-a630-2f80a0a0206a/1/uIUHMCUHibxsJgVpBvtl8p-LcO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/309bfd-cbe7-4144-a630-2f80a0a0206a/1/8ZpdXLeUnOG9IJ3CE5k1IOAtEIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.163.184.0/22
185.15.28.0/22
185.62.72.0/22
185.203.16.0/22
IPv6:
2a03:bb40::/32
Signature Algorithm: sha256WithRSAEncryption
5b:53:58:e3:15:50:31:d9:20:2e:0e:1e:1a:b8:95:3c:1d:47:
9a:a9:82:63:50:f8:5e:80:4b:35:93:74:ef:c4:a6:b7:4a:32:
e4:f7:1e:09:7e:f8:de:12:2a:6e:a5:43:10:4a:82:1c:8c:cb:
f0:66:16:b1:ad:ee:1b:40:f5:7c:c5:85:2c:a2:86:73:55:ba:
02:cc:d9:67:32:99:ef:0a:c1:54:a9:40:8d:18:a9:e2:ac:46:
d3:f8:e5:52:da:ea:9b:ec:64:50:27:6e:d1:d5:2c:79:ef:78:
41:67:af:76:0a:09:9e:e8:8a:b7:09:f1:5e:cc:04:e8:cd:1c:
85:25:34:55:32:b3:96:96:14:d7:12:8c:56:7a:a6:da:27:9d:
fe:e5:ab:c5:2b:83:02:63:78:e7:b4:27:0b:f5:b3:d1:ca:41:
bb:e0:12:6d:15:a9:6b:bb:43:49:8b:fb:59:08:30:58:94:b9:
a1:6a:9d:f8:9d:a0:1b:18:b4:e6:9a:29:fb:ca:e3:8e:5d:1e:
3c:d8:30:01:ec:4d:12:3d:67:4b:5d:c0:fc:25:4a:88:d5:a7:
68:73:a6:46:ec:fc:fd:76:51:9a:34:6e:c6:39:2f:47:17:c6:
d4:40:27:ee:9a:ef:39:f7:12:72:7e:62:40:c9:7f:f7:0a:a0:
a7:53:89:72
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzI3rv8ERf4m4p+Scu4qpxcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxOWE1ZDVjYjc5NDljZTFiZDIwOWRjMjEzOTkzNTIwZTAy
ZDEwODUwHhcNMjQwMTAyMDYzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODg1MDczMDI1MDc4OWJjNmMyNjA1NjkwNmZiNjVmMjlmOGI3MGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQwudWUFm4jyBvkX9TUga0oNLO8D
EgW8asw3MTSXTF49jyx67RF4iXC9aukaWsvKkY6xkvIvzyR5Lht3kSnZPpoG3HvU
N543ooG/ezeBsJdYQCdB5S/w0EH1jcp+ts8dJisxV/sp4vbjTEIkFHIir7MF40Sy
HFyAazrfevQdperQ/8/OZP2XEj0Ii4UgPdUWBNUM75N8mIC619qW68kkUncmtY8u
9H/MGFFJSJ8wcCkD5V/EvALyrE5IqlEQv3wQn7/TdHbV+2OnTv4N8DR/Ieow+Q4n
ciZGTr/Os7137uqKQTCtSYFKXuTKbUiFDEzdpwF0Rr+bmNSBKqeMaOUslQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLiFBzAlB4m8bCYFaQb7ZfKfi3DuMB8GA1UdIwQY
MBaAFPGaXVy3lJzhvSCdwhOZNSDgLRCFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFpwZFhMZVVuT0c5SUozQ0U1azFJT0F0RUlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8zMDliZmQtY2JlNy00MTQ0LWE2MzAt
MmY4MGEwYTAyMDZhLzEvdUlVSE1DVUhpYnhzSmdWcEJ2dGw4cC1MY080LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8zMDliZmQtY2JlNy00MTQ0LWE2MzAtMmY4MGEwYTAyMDZh
LzEvOFpwZFhMZVVuT0c5SUozQ0U1azFJT0F0RUlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQClKO4AwQC
uQ8cAwQCuT5IAwQCucsQMA0EAgACMAcDBQAqA7tAMA0GCSqGSIb3DQEBCwUAA4IB
AQBbU1jjFVAx2SAuDh4auJU8HUeaqYJjUPhegEs1k3TvxKa3SjLk9x4JfvjeEipu
pUMQSoIcjMvwZhaxre4bQPV8xYUsooZzVboCzNlnMpnvCsFUqUCNGKnirEbT+OVS
2uqb7GRQJ27R1Sx573hBZ692Cgme6Iq3CfFezATozRyFJTRVMrOWlhTXEoxWeqba
J53+5avFK4MCY3jntCcL9bPRykG74BJtFalru0NJi/tZCDBYlLmhap34naAbGLTm
min7yuOOXR482DAB7E0SPWdLXcD8JUqI1adoc6ZG7Pz9dlGaNG7GOS9HF8bUQCfu
mu859xJyfmJAyX/3CqCnU4ly
-----END CERTIFICATE-----
Generated at Thu May 23 03:05:27 2024 by rpki-client on console-ams.rpki-client.org