Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/uxJ6WGNeyBKwQglbGfUt9ppmbxo.roa
File: uxJ6WGNeyBKwQglbGfUt9ppmbxo.roa (raw, json)
Hash identifier: SphifDAp1SVn3mHUhdCqaRvHU1IOk/+XMTL05V9SKJY=
Subject key identifier: BB:12:7A:58:63:5E:C8:12:B0:42:09:5B:19:F5:2D:F6:9A:66:6F:1A
Certificate issuer: /CN=a2074339bb216b85bdc83d61778821adf9149d56
Certificate serial: 018CC9BC02EC761B221B9EA8AC975444E803
Authority key identifier: A2:07:43:39:BB:21:6B:85:BD:C8:3D:61:77:88:21:AD:F9:14:9D:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogdDObsha4W9yD1hd4ghrfkUnVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/uxJ6WGNeyBKwQglbGfUt9ppmbxo.roa
Signing time: Tue 02 Jan 2024 10:33:11 +0000
ROA not before: Tue 02 Jan 2024 10:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52051
IP address blocks: 185.124.48.0/22 maxlen: 24
2a0e:8f80::/48 maxlen: 48
2a01:b1c2::/32 maxlen: 48
2a01:b1c3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/ogdDObsha4W9yD1hd4ghrfkUnVY.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/ogdDObsha4W9yD1hd4ghrfkUnVY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogdDObsha4W9yD1hd4ghrfkUnVY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:02:ec:76:1b:22:1b:9e:a8:ac:97:54:44:e8:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2074339bb216b85bdc83d61778821adf9149d56
Validity
Not Before: Jan 2 10:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb127a58635ec812b042095b19f52df69a666f1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:be:ca:04:3a:a5:b7:1c:c5:d8:65:c4:67:b8:
62:01:c4:ac:44:9c:c7:28:f2:7d:ed:b7:7f:56:0c:
32:55:f3:0d:01:ac:fc:5b:d1:53:1c:5a:1a:a4:02:
3a:5a:95:9b:e3:4d:8d:c6:b9:7d:39:2b:be:d2:b6:
1e:00:1f:db:5a:86:8b:f1:ef:e7:0c:6e:fb:57:1e:
d0:2f:15:54:40:1c:f4:a2:ea:43:b1:e9:27:8b:89:
aa:e4:b5:c4:0f:50:ce:a7:2e:d0:73:40:ee:b2:d2:
35:2b:af:e3:92:39:93:81:c8:91:4f:e6:3a:1f:6c:
9e:7b:3c:45:60:11:18:5a:53:90:7c:88:6d:b3:0b:
58:0f:68:37:38:cb:9a:b3:d8:db:34:91:91:eb:95:
fe:22:88:cb:eb:53:3a:95:21:23:5a:0a:61:ff:9e:
92:db:28:87:67:6b:b1:77:48:7a:a3:47:02:ff:e2:
ee:0c:ee:e4:e1:d5:be:8d:0e:5d:b4:d1:db:4d:ee:
a2:56:07:af:75:27:39:2a:35:5c:0a:78:7a:91:05:
ef:b4:d6:02:ba:5e:92:bd:63:9f:b5:01:0a:9e:f2:
da:5a:3b:9b:8b:fc:41:75:e9:37:01:67:bb:e3:f4:
9f:8b:7c:03:63:7a:d1:33:6a:37:6f:d4:67:59:11:
6d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:12:7A:58:63:5E:C8:12:B0:42:09:5B:19:F5:2D:F6:9A:66:6F:1A
X509v3 Authority Key Identifier:
keyid:A2:07:43:39:BB:21:6B:85:BD:C8:3D:61:77:88:21:AD:F9:14:9D:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogdDObsha4W9yD1hd4ghrfkUnVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/uxJ6WGNeyBKwQglbGfUt9ppmbxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/ogdDObsha4W9yD1hd4ghrfkUnVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.48.0/22
IPv6:
2a01:b1c2::/31
2a0e:8f80::/48
Signature Algorithm: sha256WithRSAEncryption
46:1a:20:58:fd:e1:e3:d6:b2:08:aa:f1:13:0e:d3:db:b3:07:
57:44:e8:4b:fd:16:07:d0:8f:b1:80:a2:a6:b0:8c:05:54:ae:
b2:85:39:a4:bc:91:dd:4b:b8:9b:15:93:fa:14:a9:d2:5a:75:
3b:96:21:28:e6:3f:ad:a1:d6:49:08:62:b7:ac:41:55:48:61:
7a:d4:c8:45:28:bd:5d:e5:45:d2:ef:e3:ce:09:85:fb:28:6b:
40:f6:90:06:56:55:88:59:0e:d4:17:68:59:d9:14:1b:6b:55:
b0:44:6f:d9:ef:6a:b8:44:22:b4:8a:d4:68:5b:89:f1:ee:99:
78:37:15:84:20:af:f4:61:e5:ec:58:ad:3d:93:bb:4e:71:4d:
06:25:9d:c0:73:42:81:61:6b:b0:83:c9:70:6d:ec:c0:0e:98:
f0:d8:e4:73:42:22:1a:5e:4c:0e:0b:a8:bb:cd:e9:30:a9:29:
a1:b5:36:11:a0:94:fd:f8:ee:38:67:f7:90:f3:c8:82:da:cd:
fc:01:3d:c2:3f:cc:e6:3c:e8:73:13:47:cd:1a:04:b3:79:fe:
f1:fc:3e:e3:9a:24:2e:0d:65:84:cc:86:04:79:d7:d4:e9:86:
7e:d1:d8:f9:82:ec:8c:c6:ca:69:1d:1b:81:d7:0e:cd:0b:90:
1e:a1:1e:eb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJvALsdhsiG56orJdUROgDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDc0MzM5YmIyMTZiODViZGM4M2Q2MTc3ODgyMWFkZjkx
NDlkNTYwHhcNMjQwMTAyMTAzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjEyN2E1ODYzNWVjODEyYjA0MjA5NWIxOWY1MmRmNjlhNjY2ZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAob7KBDqltxzF2GXEZ7hiAcSsRJzH
KPJ97bd/VgwyVfMNAaz8W9FTHFoapAI6WpWb402Nxrl9OSu+0rYeAB/bWoaL8e/n
DG77Vx7QLxVUQBz0oupDsekni4mq5LXED1DOpy7Qc0DustI1K6/jkjmTgciRT+Y6
H2yeezxFYBEYWlOQfIhtswtYD2g3OMuas9jbNJGR65X+IojL61M6lSEjWgph/56S
2yiHZ2uxd0h6o0cC/+LuDO7k4dW+jQ5dtNHbTe6iVgevdSc5KjVcCnh6kQXvtNYC
ul6SvWOftQEKnvLaWjubi/xBdek3AWe74/Sfi3wDY3rRM2o3b9RnWRFtLQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLsSelhjXsgSsEIJWxn1LfaaZm8aMB8GA1UdIwQY
MBaAFKIHQzm7IWuFvcg9YXeIIa35FJ1WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dkRE9ic2hhNFc5eUQxaGQ0Z2hyZmtVblZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy81NzFiMzQtYWNmOS00ZWJmLTk4OGIt
MGZlYjY2ZTdmMjhhLzEvdXhKNldHTmV5Qkt3UWdsYkdmVXQ5cHBtYnhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy81NzFiMzQtYWNmOS00ZWJmLTk4OGItMGZlYjY2ZTdmMjhh
LzEvb2dkRE9ic2hhNFc5eUQxaGQ0Z2hyZmtVblZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuXwwMBYE
AgACMBADBQEqAbHCAwcAKg6PgAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBGGiBY/eHj
1rIIqvETDtPbswdXROhL/RYH0I+xgKKmsIwFVK6yhTmkvJHdS7ibFZP6FKnSWnU7
liEo5j+todZJCGK3rEFVSGF61MhFKL1d5UXS7+POCYX7KGtA9pAGVlWIWQ7UF2hZ
2RQba1WwRG/Z72q4RCK0itRoW4nx7pl4NxWEIK/0YeXsWK09k7tOcU0GJZ3Ac0KB
YWuwg8lwbezADpjw2ORzQiIaXkwOC6i7zekwqSmhtTYRoJT9+O44Z/eQ88iC2s38
AT3CP8zmPOhzE0fNGgSzef7x/D7jmiQuDWWEzIYEedfU6YZ+0dj5guyMxsppHRuB
1w7NC5AeoR7r
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:03:04 2024 by rpki-client on console-ams.rpki-client.org