Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/UZiJGg1Xee5tbnPKznyu_Cl2qu4.roa
File: UZiJGg1Xee5tbnPKznyu_Cl2qu4.roa (raw, json)
Hash identifier: DjUo/o21InkOeqH/lqkwbSaiKDxtS5uP6RfVfD8Zl/Q=
Subject key identifier: 51:98:89:1A:0D:57:79:EE:6D:6E:73:CA:CE:7C:AE:FC:29:76:AA:EE
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 018CC26D1FC740B209822DB0D04B2BBAD267
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/UZiJGg1Xee5tbnPKznyu_Cl2qu4.roa
Signing time: Mon 01 Jan 2024 00:29:40 +0000
ROA not before: Mon 01 Jan 2024 00:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51057
IP address blocks: 217.181.250.0/23 maxlen: 23
109.235.232.0/23 maxlen: 23
109.235.232.0/21 maxlen: 21
109.235.233.0/24 maxlen: 24
109.235.234.0/23 maxlen: 23
109.235.234.0/24 maxlen: 24
109.235.238.0/24 maxlen: 24
109.235.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:1f:c7:40:b2:09:82:2d:b0:d0:4b:2b:ba:d2:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Jan 1 00:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5198891a0d5779ee6d6e73cace7caefc2976aaee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:b9:b3:5d:00:2b:b7:17:d7:2e:cf:4e:ab:cd:
09:38:e0:94:cf:69:d3:fa:25:d8:32:27:50:05:20:
b9:d4:b1:a6:6a:f6:f9:60:b2:5f:7b:c5:15:65:f7:
5b:3c:4a:12:db:98:d5:97:30:57:87:2d:69:ed:59:
77:27:b4:3f:50:be:06:ef:ef:91:e7:3d:cb:9b:be:
be:25:ba:53:ee:43:25:2f:84:b9:c8:e8:a3:f7:3d:
eb:f3:39:06:74:de:15:a6:e4:18:e6:28:fa:be:af:
01:a8:86:b1:e6:99:b9:4e:df:cc:c3:6e:a8:eb:a0:
23:e8:99:2e:a7:1f:02:15:e4:17:b6:9e:d9:bf:9b:
d3:43:cb:a1:eb:34:d1:69:4b:eb:15:ba:4d:f4:2f:
4c:d6:10:eb:76:91:d3:f7:a5:3a:40:17:4b:0a:74:
7f:ad:7f:34:6a:0a:58:2c:55:be:14:f2:6b:a4:8a:
88:58:97:a9:4f:3e:8a:13:5b:0c:52:1c:fe:c2:40:
cc:4c:4b:dc:27:80:e8:00:99:d7:bc:09:cd:27:dc:
e5:b6:76:ca:b4:c0:99:03:94:e2:f7:d5:36:72:2a:
08:25:9c:c2:83:dd:0a:0e:bd:28:41:47:fd:a7:91:
6b:4f:26:6f:ec:6d:9a:50:2f:48:52:9d:34:8e:ce:
61:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:98:89:1A:0D:57:79:EE:6D:6E:73:CA:CE:7C:AE:FC:29:76:AA:EE
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/UZiJGg1Xee5tbnPKznyu_Cl2qu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.232.0/21
217.181.250.0/23
Signature Algorithm: sha256WithRSAEncryption
92:62:30:1b:2f:df:63:73:98:71:77:88:bf:6b:d3:b8:5c:6f:
a3:22:c0:40:d3:5f:fb:1c:59:d8:72:4d:d8:d0:cd:88:98:f6:
ed:48:af:fb:17:d2:bb:47:90:0b:00:4f:7b:66:26:fd:17:d8:
e0:83:7d:c6:6a:03:42:6a:ce:98:2b:2f:98:8c:37:44:9e:7a:
2e:2d:41:21:94:8f:9f:7c:45:65:83:23:69:8a:e5:51:e7:0a:
04:50:4f:ec:45:fa:6f:de:34:81:23:a3:70:35:aa:0e:a7:5f:
a1:7f:40:3e:9c:55:a5:4a:6f:98:89:0d:b0:e5:26:c1:07:cc:
a8:17:6e:8b:04:1c:c6:1f:04:af:b9:95:31:48:97:cc:75:20:
5a:a9:2a:40:85:58:c7:ec:27:ac:3d:10:9c:b0:8b:f4:1a:34:
98:cb:16:ca:c1:89:7a:98:e0:fc:31:23:6c:0f:98:9b:a1:91:
cb:ba:1b:60:e7:15:78:5f:21:15:48:80:45:d4:60:af:32:d2:
ac:de:de:43:b1:d3:88:80:b1:65:e6:50:d7:7e:44:b2:9e:cc:
48:64:4f:78:27:33:3f:39:23:a9:83:d9:ec:34:ef:3d:15:25:
c0:11:c1:5e:6d:d9:45:d8:fe:da:2b:f7:b5:4b:36:be:73:83:
86:66:70:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbR/HQLIJgi2w0EsrutJnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjQwMTAxMDAyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTk4ODkxYTBkNTc3OWVlNmQ2ZTczY2FjZTdjYWVmYzI5NzZhYWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8rmzXQArtxfXLs9Oq80JOOCUz2nT
+iXYMidQBSC51LGmavb5YLJfe8UVZfdbPEoS25jVlzBXhy1p7Vl3J7Q/UL4G7++R
5z3Lm76+JbpT7kMlL4S5yOij9z3r8zkGdN4VpuQY5ij6vq8BqIax5pm5Tt/Mw26o
66Aj6Jkupx8CFeQXtp7Zv5vTQ8uh6zTRaUvrFbpN9C9M1hDrdpHT96U6QBdLCnR/
rX80agpYLFW+FPJrpIqIWJepTz6KE1sMUhz+wkDMTEvcJ4DoAJnXvAnNJ9zltnbK
tMCZA5Ti99U2cioIJZzCg90KDr0oQUf9p5FrTyZv7G2aUC9IUp00js5hEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFGYiRoNV3nubW5zys58rvwpdqruMB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvVVppSkdnMVhlZTV0Ym5QS3pueXVfQ2wycXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDbevoAwQB
2bX6MA0GCSqGSIb3DQEBCwUAA4IBAQCSYjAbL99jc5hxd4i/a9O4XG+jIsBA01/7
HFnYck3Y0M2ImPbtSK/7F9K7R5ALAE97Zib9F9jgg33GagNCas6YKy+YjDdEnnou
LUEhlI+ffEVlgyNpiuVR5woEUE/sRfpv3jSBI6NwNaoOp1+hf0A+nFWlSm+YiQ2w
5SbBB8yoF26LBBzGHwSvuZUxSJfMdSBaqSpAhVjH7CesPRCcsIv0GjSYyxbKwYl6
mOD8MSNsD5iboZHLuhtg5xV4XyEVSIBF1GCvMtKs3t5DsdOIgLFl5lDXfkSynsxI
ZE94JzM/OSOpg9nsNO89FSXAEcFebdlF2P7aK/e1Sza+c4OGZnAo
-----END CERTIFICATE-----
Generated at Sat May 25 21:15:03 2024 by rpki-client on console-ams.rpki-client.org