Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/uKjgcUiiELGji79gxQPuFWDy5zM.roa
File: uKjgcUiiELGji79gxQPuFWDy5zM.roa (raw, json)
Hash identifier: vbSFUAOxp/5AuXHSJt4YIzKHtn0xgLmJU2VO6KrFUkY=
Subject key identifier: B8:A8:E0:71:48:A2:10:B1:A3:8B:BF:60:C5:03:EE:15:60:F2:E7:33
Certificate issuer: /CN=2283711bd7ab13da3d11f25bb57a4f483c1f99ac
Certificate serial: 018CC94CCE5FE461B3F9E77464F6E528320E
Authority key identifier: 22:83:71:1B:D7:AB:13:DA:3D:11:F2:5B:B5:7A:4F:48:3C:1F:99:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IoNxG9erE9o9EfJbtXpPSDwfmaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/uKjgcUiiELGji79gxQPuFWDy5zM.roa
Signing time: Tue 02 Jan 2024 08:31:43 +0000
ROA not before: Tue 02 Jan 2024 08:31:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47947
IP address blocks: 185.139.244.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/IoNxG9erE9o9EfJbtXpPSDwfmaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/IoNxG9erE9o9EfJbtXpPSDwfmaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/IoNxG9erE9o9EfJbtXpPSDwfmaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:ce:5f:e4:61:b3:f9:e7:74:64:f6:e5:28:32:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2283711bd7ab13da3d11f25bb57a4f483c1f99ac
Validity
Not Before: Jan 2 08:31:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8a8e07148a210b1a38bbf60c503ee1560f2e733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4a:81:f1:7b:31:71:8e:76:3e:e7:7d:65:44:
5a:72:ca:3a:fd:15:76:77:48:f5:79:ef:69:6d:5f:
ba:12:17:5e:57:02:6f:9e:22:7c:00:4d:d4:60:26:
a1:6d:3c:e2:c6:fc:02:08:c0:83:e5:cd:42:77:6f:
52:71:d5:7d:b6:5b:1d:b6:c5:fd:91:ef:b0:cd:ee:
51:56:aa:06:cd:e0:5f:1e:ce:e4:11:83:bf:ee:4f:
47:cc:92:e1:cd:dd:27:e3:c4:be:76:78:83:87:23:
d6:35:ac:63:5c:b5:ea:a7:56:ab:f4:8f:83:b1:1a:
60:1e:b9:cd:dd:c5:a1:89:01:fa:64:14:a2:1a:d3:
4d:b7:e3:3d:03:fd:96:0f:d9:8d:c5:5f:33:50:95:
1d:c2:9f:37:f6:e7:df:fc:06:14:55:6d:8d:68:19:
c0:bd:b7:21:c8:6e:a5:1c:17:e4:6b:77:94:4a:69:
16:8d:b1:09:be:da:23:1c:be:37:35:55:b1:4f:99:
50:ed:34:4d:cd:98:5b:39:4a:3e:3a:3c:63:0a:2b:
43:60:f6:a5:e4:c0:7e:2c:50:b8:73:5d:67:72:2a:
ce:0b:da:eb:ee:98:97:cd:47:b0:cf:d9:7b:d8:cc:
d5:79:e1:1e:b8:4d:6e:f0:3f:b7:43:72:89:fa:21:
fb:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A8:E0:71:48:A2:10:B1:A3:8B:BF:60:C5:03:EE:15:60:F2:E7:33
X509v3 Authority Key Identifier:
keyid:22:83:71:1B:D7:AB:13:DA:3D:11:F2:5B:B5:7A:4F:48:3C:1F:99:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IoNxG9erE9o9EfJbtXpPSDwfmaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/uKjgcUiiELGji79gxQPuFWDy5zM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/IoNxG9erE9o9EfJbtXpPSDwfmaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.244.0/22
Signature Algorithm: sha256WithRSAEncryption
38:84:0f:f9:14:24:93:ce:9c:6f:09:e4:38:f8:c3:5e:95:12:
6b:e0:52:26:9c:53:67:99:6d:8c:97:ed:b9:1b:09:72:d8:de:
d5:0a:bc:0c:56:28:fe:32:88:c3:ea:89:70:76:b4:e2:05:93:
35:d0:e9:0a:0c:d9:01:61:2f:52:75:1b:6e:c4:eb:f6:d9:bd:
14:55:3d:0d:28:8b:44:a7:4d:54:57:11:6e:fb:d7:06:7c:d3:
28:66:db:a3:34:41:76:fa:a0:48:42:47:e2:d4:27:a8:b7:17:
f1:82:25:e6:4d:cd:60:87:52:41:29:7c:17:8f:77:97:79:7e:
2d:fd:e3:ca:95:41:ae:0d:ca:bd:24:cf:17:e1:ea:ab:88:86:
07:d8:a9:6d:a4:ee:1f:1e:97:5d:cc:20:01:11:fd:cd:84:2c:
b6:ae:08:08:41:30:4e:d6:d7:9c:dc:bd:7f:8d:8e:73:93:7d:
b3:da:8e:5b:4c:0b:4a:1a:14:2e:e7:bb:c4:43:06:4a:e5:33:
c2:ff:b5:3c:88:6d:56:8a:d4:54:b5:19:9e:e1:64:1a:72:55:
9d:a5:93:5b:da:9b:73:e0:c6:8a:cc:a1:39:d2:7d:5b:86:fb:
9e:69:a8:a8:5c:c3:3c:0e:89:62:8d:44:f3:a9:ff:09:bb:bc:
b8:78:24:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTM5f5GGz+ed0ZPblKDIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyODM3MTFiZDdhYjEzZGEzZDExZjI1YmI1N2E0ZjQ4M2Mx
Zjk5YWMwHhcNMjQwMTAyMDgzMTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGE4ZTA3MTQ4YTIxMGIxYTM4YmJmNjBjNTAzZWUxNTYwZjJlNzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkqB8XsxcY52Pud9ZURacso6/RV2
d0j1ee9pbV+6EhdeVwJvniJ8AE3UYCahbTzixvwCCMCD5c1Cd29ScdV9tlsdtsX9
ke+wze5RVqoGzeBfHs7kEYO/7k9HzJLhzd0n48S+dniDhyPWNaxjXLXqp1ar9I+D
sRpgHrnN3cWhiQH6ZBSiGtNNt+M9A/2WD9mNxV8zUJUdwp839uff/AYUVW2NaBnA
vbchyG6lHBfka3eUSmkWjbEJvtojHL43NVWxT5lQ7TRNzZhbOUo+OjxjCitDYPal
5MB+LFC4c11ncirOC9rr7piXzUewz9l72MzVeeEeuE1u8D+3Q3KJ+iH7yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLio4HFIohCxo4u/YMUD7hVg8uczMB8GA1UdIwQY
MBaAFCKDcRvXqxPaPRHyW7V6T0g8H5msMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSW9OeEc5ZXJFOW85RWZKYnRYcFBTRHdmbWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85Y2JlODgtM2U3NS00MmVmLWI4NzEt
NWVlNzZmMGY2NGUyLzEvdUtqZ2NVaWlFTEdqaTc5Z3hRUHVGV0R5NXpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85Y2JlODgtM2U3NS00MmVmLWI4NzEtNWVlNzZmMGY2NGUy
LzEvSW9OeEc5ZXJFOW85RWZKYnRYcFBTRHdmbWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYv0MA0G
CSqGSIb3DQEBCwUAA4IBAQA4hA/5FCSTzpxvCeQ4+MNelRJr4FImnFNnmW2Ml+25
Gwly2N7VCrwMVij+MojD6olwdrTiBZM10OkKDNkBYS9SdRtuxOv22b0UVT0NKItE
p01UVxFu+9cGfNMoZtujNEF2+qBIQkfi1CeotxfxgiXmTc1gh1JBKXwXj3eXeX4t
/ePKlUGuDcq9JM8X4eqriIYH2KltpO4fHpddzCABEf3NhCy2rggIQTBO1tec3L1/
jY5zk32z2o5bTAtKGhQu57vEQwZK5TPC/7U8iG1WitRUtRme4WQaclWdpZNb2ptz
4MaKzKE50n1bhvueaaioXMM8DolijUTzqf8Ju7y4eCR6
-----END CERTIFICATE-----
Generated at Fri May 17 06:57:29 2024 by rpki-client on console-ams.rpki-client.org