Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/uLx76NnvQQ8cBjIvbD6SWLgfir4.roa
File: uLx76NnvQQ8cBjIvbD6SWLgfir4.roa (raw, json)
Hash identifier: RZWcwSQoXvMRbXFSBsHuS1DuSNwvqMsI/3oGhHFGL80=
Subject key identifier: B8:BC:7B:E8:D9:EF:41:0F:1C:06:32:2F:6C:3E:92:58:B8:1F:8A:BE
Certificate issuer: /CN=8fbc7f1707b6d0b22bcd8180f4fbb1b63efc99f9
Certificate serial: 018CC3B6D9EAD23F01B07D634E29C9F4864A
Authority key identifier: 8F:BC:7F:17:07:B6:D0:B2:2B:CD:81:80:F4:FB:B1:B6:3E:FC:99:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j7x_Fwe20LIrzYGA9Puxtj78mfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/uLx76NnvQQ8cBjIvbD6SWLgfir4.roa
Signing time: Mon 01 Jan 2024 06:29:49 +0000
ROA not before: Mon 01 Jan 2024 06:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51661
IP address blocks: 185.99.71.80/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/j7x_Fwe20LIrzYGA9Puxtj78mfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/j7x_Fwe20LIrzYGA9Puxtj78mfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/j7x_Fwe20LIrzYGA9Puxtj78mfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d9:ea:d2:3f:01:b0:7d:63:4e:29:c9:f4:86:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fbc7f1707b6d0b22bcd8180f4fbb1b63efc99f9
Validity
Not Before: Jan 1 06:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8bc7be8d9ef410f1c06322f6c3e9258b81f8abe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:06:d0:9f:fc:ae:83:e2:df:c3:3f:9d:d5:ae:
5c:a5:4f:19:54:f4:86:9d:14:3f:21:57:01:59:93:
ec:9a:24:79:78:89:16:83:07:ab:a9:f6:01:82:63:
bc:9a:d8:ec:16:91:f1:90:6a:96:e0:2c:43:8c:c9:
d6:6b:bc:f2:e6:5e:26:70:af:b4:93:84:9d:45:36:
66:d5:4b:b9:b4:bb:4c:4b:58:5b:2e:a6:58:f6:ff:
fb:06:21:a6:14:98:54:27:36:ef:f4:3c:39:d0:86:
04:4a:ae:d1:59:f9:7b:5a:5a:a5:4b:1a:76:63:d4:
da:ec:69:5f:29:62:dd:53:7c:ca:34:6d:74:9b:82:
f9:9f:71:ce:23:8a:ea:f9:f8:37:cb:ed:68:d1:9a:
e1:04:d3:27:48:cc:51:40:bf:1c:70:7f:92:60:9c:
56:42:b8:53:65:2e:77:5f:20:aa:0f:4c:2e:6f:eb:
16:e9:9b:d2:8d:24:80:19:67:84:43:0b:55:18:91:
ad:77:15:18:81:8a:56:21:9f:70:cf:6e:48:5b:f4:
b2:01:83:4c:d5:50:55:a1:8a:33:02:19:8c:90:23:
28:f1:51:e3:ba:85:48:31:c6:74:b0:60:d3:16:91:
55:1f:af:76:64:ec:48:35:6a:09:80:9e:6f:17:9b:
e7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:BC:7B:E8:D9:EF:41:0F:1C:06:32:2F:6C:3E:92:58:B8:1F:8A:BE
X509v3 Authority Key Identifier:
keyid:8F:BC:7F:17:07:B6:D0:B2:2B:CD:81:80:F4:FB:B1:B6:3E:FC:99:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j7x_Fwe20LIrzYGA9Puxtj78mfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/uLx76NnvQQ8cBjIvbD6SWLgfir4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/j7x_Fwe20LIrzYGA9Puxtj78mfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.71.80/29
Signature Algorithm: sha256WithRSAEncryption
86:b2:7c:80:02:ae:43:6d:82:0f:fa:be:3e:ef:91:19:3e:b6:
ce:bd:b6:0c:cf:6f:f8:24:05:5e:cb:b8:68:f0:db:58:8e:6f:
69:a0:51:96:a9:17:10:bd:ba:35:0b:1f:fb:49:b0:c9:69:0d:
ab:61:2d:23:df:e4:f7:f7:e2:45:e0:82:80:9c:ab:13:8f:98:
c7:61:1e:df:18:44:a3:4a:10:b5:a1:41:6e:95:7e:06:af:f8:
e4:a2:df:59:42:6e:0f:25:38:b4:df:71:5a:c7:12:3d:60:29:
f2:6c:86:ad:0e:f0:04:88:0d:ed:a7:ee:9f:fb:f7:d6:ff:ca:
66:bd:e7:21:7e:91:86:ed:eb:57:36:2a:bd:e3:e5:36:d3:24:
a0:d7:b9:f5:39:bb:0b:be:6e:2f:7b:02:97:aa:ef:59:59:4b:
7d:f8:9e:70:e5:bd:ef:d6:46:bd:c1:7c:19:c1:06:7e:ad:16:
79:7e:62:82:20:c9:78:e4:38:a6:a4:ab:ef:d9:b5:73:38:75:
4d:78:d0:bf:e7:55:9e:f3:61:cd:fb:a2:4e:2a:41:15:f3:22:
da:59:ae:ec:b8:89:a1:61:cc:3e:48:ba:97:5f:f1:87:b4:bc:
0d:8e:38:cd:e4:b1:e2:79:a3:61:61:6a:ac:67:ad:8e:13:58:
74:c7:d3:ce
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzDttnq0j8BsH1jTinJ9IZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYmM3ZjE3MDdiNmQwYjIyYmNkODE4MGY0ZmJiMWI2M2Vm
Yzk5ZjkwHhcNMjQwMTAxMDYyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGJjN2JlOGQ5ZWY0MTBmMWMwNjMyMmY2YzNlOTI1OGI4MWY4YWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwbQn/yug+Lfwz+d1a5cpU8ZVPSG
nRQ/IVcBWZPsmiR5eIkWgwerqfYBgmO8mtjsFpHxkGqW4CxDjMnWa7zy5l4mcK+0
k4SdRTZm1Uu5tLtMS1hbLqZY9v/7BiGmFJhUJzbv9Dw50IYESq7RWfl7WlqlSxp2
Y9Ta7GlfKWLdU3zKNG10m4L5n3HOI4rq+fg3y+1o0ZrhBNMnSMxRQL8ccH+SYJxW
QrhTZS53XyCqD0wub+sW6ZvSjSSAGWeEQwtVGJGtdxUYgYpWIZ9wz25IW/SyAYNM
1VBVoYozAhmMkCMo8VHjuoVIMcZ0sGDTFpFVH692ZOxINWoJgJ5vF5vnLQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLi8e+jZ70EPHAYyL2w+kli4H4q+MB8GA1UdIwQY
MBaAFI+8fxcHttCyK82BgPT7sbY+/Jn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajd4X0Z3ZTIwTElyellHQTlQdXh0ajc4bWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS85MzU1ZWYtZTBiZi00YzYzLTk5YTct
Nzg1MjIwNjIxM2UwLzEvdUx4NzZObnZRUThjQmpJdmJENlNXTGdmaXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS85MzU1ZWYtZTBiZi00YzYzLTk5YTctNzg1MjIwNjIxM2Uw
LzEvajd4X0Z3ZTIwTElyellHQTlQdXh0ajc4bWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUDuWNHUDAN
BgkqhkiG9w0BAQsFAAOCAQEAhrJ8gAKuQ22CD/q+Pu+RGT62zr22DM9v+CQFXsu4
aPDbWI5vaaBRlqkXEL26NQsf+0mwyWkNq2EtI9/k9/fiReCCgJyrE4+Yx2Ee3xhE
o0oQtaFBbpV+Bq/45KLfWUJuDyU4tN9xWscSPWAp8myGrQ7wBIgN7afun/v31v/K
Zr3nIX6Rhu3rVzYqvePlNtMkoNe59Tm7C75uL3sCl6rvWVlLffiecOW979ZGvcF8
GcEGfq0WeX5igiDJeOQ4pqSr79m1czh1TXjQv+dVnvNhzfuiTipBFfMi2lmu7LiJ
oWHMPki6l1/xh7S8DY44zeSx4nmjYWFqrGetjhNYdMfTzg==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:14:42 2024 by rpki-client on console-ams.rpki-client.org