Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/uVGirIQndi2O8x64Cpz4vDPgdPg.roa
File: uVGirIQndi2O8x64Cpz4vDPgdPg.roa (raw, json)
Hash identifier: N+v/H4WGFW2El/DejOKMDA6ZVQ7Nijm4z8X5qKC9OXs=
Subject key identifier: B9:51:A2:AC:84:27:76:2D:8E:F3:1E:B8:0A:9C:F8:BC:33:E0:74:F8
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018E283781C5772A1F5A2B98829AE6C669C0
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/uVGirIQndi2O8x64Cpz4vDPgdPg.roa
Signing time: Sun 10 Mar 2024 11:55:10 +0000
ROA not before: Sun 10 Mar 2024 11:55:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 89.249.192.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.mft
rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:28:37:81:c5:77:2a:1f:5a:2b:98:82:9a:e6:c6:69:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Mar 10 11:55:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b951a2ac8427762d8ef31eb80a9cf8bc33e074f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:70:b5:f1:74:84:b6:ad:f6:91:22:7b:db:b6:
87:9d:f9:80:5f:f5:92:18:5c:06:ef:ed:22:bf:23:
32:58:56:a5:b9:38:9a:aa:7d:16:70:9e:84:c8:ef:
cb:f7:db:bf:48:37:48:a2:8f:13:82:fb:76:fc:41:
a7:c4:ac:87:b2:8f:c3:7a:f4:c7:c6:e4:22:7e:92:
2d:85:13:08:ae:de:cf:12:3d:0d:59:4e:a4:91:2d:
76:1f:e1:e9:83:96:a3:9d:14:c0:06:02:eb:49:f5:
b8:c4:74:55:47:f7:74:7c:6a:46:27:51:76:c0:ef:
7b:e0:f6:a1:d2:ff:77:65:6c:d0:dc:b7:5a:27:85:
c8:79:d7:15:7d:b9:b0:ee:70:df:a1:fb:00:f4:c8:
68:a9:2b:f0:98:b4:fd:ce:3b:3e:29:cf:10:13:b1:
64:41:40:35:e5:2e:00:16:d1:b4:04:b0:5c:b5:e1:
d8:a5:49:91:9b:94:cc:ee:05:aa:71:cf:cd:c5:6e:
6c:6a:73:10:35:80:fc:bd:da:8a:4a:91:be:b1:a7:
eb:5e:28:88:88:68:d2:03:fc:00:21:86:09:3a:28:
f7:51:8c:67:5c:c8:8d:7a:d5:87:10:43:3a:e2:46:
ea:ca:5c:35:db:d5:d0:e0:5c:33:a0:85:96:95:92:
64:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:51:A2:AC:84:27:76:2D:8E:F3:1E:B8:0A:9C:F8:BC:33:E0:74:F8
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/uVGirIQndi2O8x64Cpz4vDPgdPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/21
Signature Algorithm: sha256WithRSAEncryption
5e:4a:31:d6:fa:6b:4f:63:2f:60:2e:94:86:26:3f:3b:1b:35:
8c:25:58:da:2b:91:12:0f:95:6b:20:bf:c5:e3:9e:c4:18:1b:
b7:6f:f2:d4:08:86:65:21:4e:be:c2:74:4a:26:5a:f5:d0:cc:
43:41:db:c7:73:a3:f7:47:22:94:fa:47:11:7b:eb:8f:84:1c:
25:44:11:f5:36:8e:cb:e5:1a:b9:b8:37:36:ca:d0:a7:25:d7:
02:d6:e5:d5:32:c1:ff:c7:b8:e4:ad:5d:7b:f1:cb:2b:b1:dd:
f0:3e:c9:e3:07:f0:ac:12:40:3e:ef:c1:51:2c:a8:17:39:f6:
77:37:22:74:d8:d0:71:29:b9:21:18:f9:c9:c9:53:55:b1:3f:
0d:60:19:a8:1c:94:58:b0:95:81:78:f9:6b:51:43:d5:cd:fc:
c9:de:b7:26:7d:37:09:6c:29:21:8a:b7:20:33:92:d9:a8:72:
16:8e:53:52:39:5a:65:48:b3:d0:02:3a:15:a6:67:be:ee:70:
02:a2:12:d5:67:d2:d3:fa:54:31:c3:1a:bd:94:c9:1f:1c:bb:
a6:70:68:ae:5d:ad:09:5c:e4:ab:c5:74:e1:72:12:95:36:ed:
12:cb:49:1f:c6:48:16:6b:cf:99:e1:8f:b1:ca:f6:23:87:a4:
c9:ce:5c:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4oN4HFdyofWiuYgprmxmnAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMzEwMTE1NTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTUxYTJhYzg0Mjc3NjJkOGVmMzFlYjgwYTljZjhiYzMzZTA3NGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3C18XSEtq32kSJ727aHnfmAX/WS
GFwG7+0ivyMyWFaluTiaqn0WcJ6EyO/L99u/SDdIoo8Tgvt2/EGnxKyHso/DevTH
xuQifpIthRMIrt7PEj0NWU6kkS12H+Hpg5ajnRTABgLrSfW4xHRVR/d0fGpGJ1F2
wO974Pah0v93ZWzQ3LdaJ4XIedcVfbmw7nDfofsA9MhoqSvwmLT9zjs+Kc8QE7Fk
QUA15S4AFtG0BLBcteHYpUmRm5TM7gWqcc/NxW5sanMQNYD8vdqKSpG+safrXiiI
iGjSA/wAIYYJOij3UYxnXMiNetWHEEM64kbqylw129XQ4FwzoIWWlZJkSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLlRoqyEJ3YtjvMeuAqc+Lwz4HT4MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvdVZHaXJJUW5kaTJPOHg2NENwejR2RFBnZFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWfnAMA0G
CSqGSIb3DQEBCwUAA4IBAQBeSjHW+mtPYy9gLpSGJj87GzWMJVjaK5ESD5VrIL/F
457EGBu3b/LUCIZlIU6+wnRKJlr10MxDQdvHc6P3RyKU+kcRe+uPhBwlRBH1No7L
5Rq5uDc2ytCnJdcC1uXVMsH/x7jkrV178csrsd3wPsnjB/CsEkA+78FRLKgXOfZ3
NyJ02NBxKbkhGPnJyVNVsT8NYBmoHJRYsJWBePlrUUPVzfzJ3rcmfTcJbCkhircg
M5LZqHIWjlNSOVplSLPQAjoVpme+7nACohLVZ9LT+lQxwxq9lMkfHLumcGiuXa0J
XOSrxXThchKVNu0Sy0kfxkgWa8+Z4Y+xyvYjh6TJzlxi
-----END CERTIFICATE-----
Generated at Thu May 2 06:09:28 2024 by rpki-client on console-ams.rpki-client.org