Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/um800zU5vfYIRwQ1ytfs-3g82bU.roa
File: um800zU5vfYIRwQ1ytfs-3g82bU.roa (raw, json)
Hash identifier: mlrRtbF+kmGOk/oMVakTYbhI4jqRezWX6hwjJDzwq14=
Subject key identifier: BA:6F:34:D3:35:39:BD:F6:08:47:04:35:CA:D7:EC:FB:78:3C:D9:B5
Certificate issuer: /CN=90d426209bd8c405cbefee5741b1a52548012bab
Certificate serial: 018CC56DEF62F206788299B79678C672882D
Authority key identifier: 90:D4:26:20:9B:D8:C4:05:CB:EF:EE:57:41:B1:A5:25:48:01:2B:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNQmIJvYxAXL7-5XQbGlJUgBK6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/um800zU5vfYIRwQ1ytfs-3g82bU.roa
Signing time: Mon 01 Jan 2024 14:29:25 +0000
ROA not before: Mon 01 Jan 2024 14:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60388
IP address blocks: 185.31.108.0/22 maxlen: 32
212.73.96.0/19 maxlen: 32
2a01:70c0::/32 maxlen: 128
2a00:b4a0::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/kNQmIJvYxAXL7-5XQbGlJUgBK6s.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/kNQmIJvYxAXL7-5XQbGlJUgBK6s.mft
rsync://rpki.ripe.net/repository/DEFAULT/kNQmIJvYxAXL7-5XQbGlJUgBK6s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:ef:62:f2:06:78:82:99:b7:96:78:c6:72:88:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90d426209bd8c405cbefee5741b1a52548012bab
Validity
Not Before: Jan 1 14:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba6f34d33539bdf608470435cad7ecfb783cd9b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ba:fb:76:6e:53:a4:d4:c9:78:0e:8f:69:26:
7d:36:56:6a:81:c8:b1:0e:e7:b1:be:4d:60:09:b8:
80:e4:9a:2e:5b:78:a1:f9:56:6c:4a:68:7e:06:fa:
57:a3:bb:0f:7a:f9:4c:27:22:57:34:f5:4f:2a:c9:
10:aa:2b:4a:cd:ea:85:54:1e:af:0e:0a:a1:65:93:
d1:c7:14:dc:fa:0f:0b:e3:a9:de:4c:a3:f0:35:b4:
c4:6d:85:b7:25:fa:7e:9c:ed:91:2e:38:64:ec:d7:
d7:62:a3:05:b8:b4:54:33:bf:26:9b:d3:1d:58:65:
44:b0:c4:5d:03:2a:27:8c:84:c1:b9:72:df:9b:24:
b7:b4:4c:bc:8a:d6:c6:d0:1e:aa:8f:64:d1:ad:33:
5f:36:53:e5:b8:55:27:bc:05:ad:1b:aa:ab:58:2f:
d6:22:18:88:c0:b7:28:f7:79:3c:4a:da:7c:05:a8:
4b:a0:05:ce:47:99:38:1d:95:bc:e9:df:f5:36:36:
24:6e:46:82:ec:82:6f:1b:96:63:28:d8:ae:02:ae:
ae:7a:0c:90:cd:3b:2f:e5:20:a5:37:0a:39:3f:a2:
2d:7a:f4:61:c8:85:dd:48:13:8e:64:d2:c8:6d:b2:
1b:66:5a:88:00:71:93:0f:7d:2a:d0:46:25:b1:f9:
13:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:6F:34:D3:35:39:BD:F6:08:47:04:35:CA:D7:EC:FB:78:3C:D9:B5
X509v3 Authority Key Identifier:
keyid:90:D4:26:20:9B:D8:C4:05:CB:EF:EE:57:41:B1:A5:25:48:01:2B:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNQmIJvYxAXL7-5XQbGlJUgBK6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/um800zU5vfYIRwQ1ytfs-3g82bU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/kNQmIJvYxAXL7-5XQbGlJUgBK6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.108.0/22
212.73.96.0/19
IPv6:
2a00:b4a0::/32
2a01:70c0::/32
Signature Algorithm: sha256WithRSAEncryption
90:7b:a6:3e:bf:bc:6d:8d:28:46:92:7c:50:97:a4:96:fc:ca:
1c:a6:49:c7:1f:c3:c8:86:c7:5c:3a:7e:19:9a:9e:bc:e4:06:
73:45:ca:e2:58:dc:d3:c3:b9:58:82:02:e4:a9:58:9f:e2:26:
e2:ea:1d:c6:8f:97:a2:52:1f:dd:bd:32:df:85:2b:54:25:ce:
69:51:9f:4e:c8:f7:cb:ef:88:23:21:05:01:1b:15:b4:c8:d6:
07:f8:e3:82:f9:e2:6f:12:07:d5:3c:7e:87:e9:dc:ee:47:5b:
c8:bf:2b:f4:5b:16:55:ec:5e:61:7d:65:24:3d:56:25:0a:6c:
92:a9:39:ee:0d:ae:fa:65:9f:30:e2:2b:ef:5d:e8:ef:f6:51:
a8:97:c7:55:a3:f4:ee:b1:74:42:2f:50:af:40:e7:c0:fe:43:
df:6a:59:6e:cb:7e:89:61:8a:07:13:8b:ee:eb:e1:3c:27:aa:
2b:4d:ad:9a:c4:c9:93:b2:d2:53:06:60:80:92:28:90:5f:a2:
d9:3a:11:88:aa:43:56:a3:df:43:4d:5d:64:3a:a4:4c:13:94:
54:4f:16:28:0a:b1:18:50:46:96:53:e9:24:58:bd:ad:91:61:
aa:fa:55:58:82:03:f8:ed:c0:0e:5c:29:e0:ce:4c:72:1d:d7:
60:1b:ef:6b
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzFbe9i8gZ4gpm3lnjGcogtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDQyNjIwOWJkOGM0MDVjYmVmZWU1NzQxYjFhNTI1NDgw
MTJiYWIwHhcNMjQwMTAxMTQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTZmMzRkMzM1MzliZGY2MDg0NzA0MzVjYWQ3ZWNmYjc4M2NkOWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbr7dm5TpNTJeA6PaSZ9NlZqgcix
Duexvk1gCbiA5JouW3ih+VZsSmh+BvpXo7sPevlMJyJXNPVPKskQqitKzeqFVB6v
DgqhZZPRxxTc+g8L46neTKPwNbTEbYW3Jfp+nO2RLjhk7NfXYqMFuLRUM78mm9Md
WGVEsMRdAyonjITBuXLfmyS3tEy8itbG0B6qj2TRrTNfNlPluFUnvAWtG6qrWC/W
IhiIwLco93k8Stp8BahLoAXOR5k4HZW86d/1NjYkbkaC7IJvG5ZjKNiuAq6uegyQ
zTsv5SClNwo5P6ItevRhyIXdSBOOZNLIbbIbZlqIAHGTD30q0EYlsfkTLwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLpvNNM1Ob32CEcENcrX7Pt4PNm1MB8GA1UdIwQY
MBaAFJDUJiCb2MQFy+/uV0GxpSVIASurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05RbUlKdll4QVhMNy01WFFiR2xKVWdCSzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lYzk2MTYtNzlhZC00YTM2LWFiYTQt
ODRiZDY3ZWQwZWVmLzEvdW04MDB6VTV2ZllJUndRMXl0ZnMtM2c4MmJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lYzk2MTYtNzlhZC00YTM2LWFiYTQtODRiZDY3ZWQwZWVm
LzEva05RbUlKdll4QVhMNy01WFFiR2xKVWdCSzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuR9sAwQF
1ElgMBQEAgACMA4DBQAqALSgAwUAKgFwwDANBgkqhkiG9w0BAQsFAAOCAQEAkHum
Pr+8bY0oRpJ8UJeklvzKHKZJxx/DyIbHXDp+GZqevOQGc0XK4ljc08O5WIIC5KlY
n+Im4uodxo+XolIf3b0y34UrVCXOaVGfTsj3y++IIyEFARsVtMjWB/jjgvnibxIH
1Tx+h+nc7kdbyL8r9FsWVexeYX1lJD1WJQpskqk57g2u+mWfMOIr713o7/ZRqJfH
VaP07rF0Qi9Qr0DnwP5D32pZbst+iWGKBxOL7uvhPCeqK02tmsTJk7LSUwZggJIo
kF+i2ToRiKpDVqPfQ01dZDqkTBOUVE8WKAqxGFBGllPpJFi9rZFhqvpVWIID+O3A
Dlwp4M5Mch3XYBvvaw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:45:36 2024 by rpki-client on console-fra.rpki-client.org