Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/uGCHCDIAfpLQGdGlXwOtfeih_Wg.roa
File: uGCHCDIAfpLQGdGlXwOtfeih_Wg.roa (raw, json)
Hash identifier: SXzJEw+2ifl6qw67KxcGrvROHN1+Z+Er7RsUgxk6Fh8=
Subject key identifier: B8:60:87:08:32:00:7E:92:D0:19:D1:A5:5F:03:AD:7D:E8:A1:FD:68
Certificate issuer: /CN=dede91a0fb1f4dd17900d06db6e88336f78b5c05
Certificate serial: 018CC3B744AA45CD5DD0958D96BD32F11BFA
Authority key identifier: DE:DE:91:A0:FB:1F:4D:D1:79:00:D0:6D:B6:E8:83:36:F7:8B:5C:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3t6RoPsfTdF5ANBttuiDNveLXAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/uGCHCDIAfpLQGdGlXwOtfeih_Wg.roa
Signing time: Mon 01 Jan 2024 06:30:16 +0000
ROA not before: Mon 01 Jan 2024 06:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210544
IP address blocks: 192.124.252.0/24 maxlen: 24
193.28.64.0/23 maxlen: 24
193.28.71.0/24 maxlen: 24
2a12:6900::/36 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/3t6RoPsfTdF5ANBttuiDNveLXAU.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/3t6RoPsfTdF5ANBttuiDNveLXAU.mft
rsync://rpki.ripe.net/repository/DEFAULT/3t6RoPsfTdF5ANBttuiDNveLXAU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 03:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:44:aa:45:cd:5d:d0:95:8d:96:bd:32:f1:1b:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dede91a0fb1f4dd17900d06db6e88336f78b5c05
Validity
Not Before: Jan 1 06:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b860870832007e92d019d1a55f03ad7de8a1fd68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e5:89:d6:88:c2:db:05:b6:c2:e0:b4:95:22:
3f:9d:b5:d6:ae:6f:5c:1d:34:19:23:f8:a2:ac:21:
47:09:26:ef:36:04:72:d2:bb:51:a6:51:95:a7:9a:
7e:2a:3d:a1:f8:f3:64:15:9e:cc:77:2a:0f:4a:3a:
44:f0:dd:3d:9a:6a:d8:e0:11:56:76:81:de:36:1a:
f8:84:e7:b1:8a:67:9a:6e:8c:bf:98:b2:d2:0e:df:
0a:61:7f:96:bd:d6:99:6c:ac:5b:eb:32:29:89:82:
68:da:4b:d9:cb:50:85:8e:86:f9:c2:0f:7a:a9:08:
cd:65:11:81:96:6a:04:59:a4:77:37:ad:3d:ec:00:
8e:a2:23:83:ed:1c:b0:05:bc:a8:75:48:69:96:af:
01:8e:ef:dd:41:e2:71:53:70:f5:bf:ed:ec:4c:ad:
f3:26:48:40:2b:d9:b4:05:64:12:2e:22:25:d6:19:
cf:bc:07:33:b9:49:09:89:67:c3:8c:03:44:10:9e:
e4:01:eb:b4:ab:28:85:9d:66:63:aa:0f:7a:d6:13:
c2:21:29:28:f3:b1:6f:5f:71:f4:2f:16:d9:ce:17:
53:17:9e:c8:44:b6:0d:d6:c9:5e:f5:d2:37:77:87:
63:b1:e9:ec:f4:09:d8:42:e7:04:b2:90:49:21:57:
0a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:60:87:08:32:00:7E:92:D0:19:D1:A5:5F:03:AD:7D:E8:A1:FD:68
X509v3 Authority Key Identifier:
keyid:DE:DE:91:A0:FB:1F:4D:D1:79:00:D0:6D:B6:E8:83:36:F7:8B:5C:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3t6RoPsfTdF5ANBttuiDNveLXAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/uGCHCDIAfpLQGdGlXwOtfeih_Wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/3t6RoPsfTdF5ANBttuiDNveLXAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.252.0/24
193.28.64.0/23
193.28.71.0/24
IPv6:
2a12:6900::/36
Signature Algorithm: sha256WithRSAEncryption
96:93:83:1b:a4:b2:ef:d5:34:f4:e6:da:33:d9:e4:53:43:a0:
52:ac:4d:d3:94:34:bc:cf:a9:40:e4:9b:25:38:52:c6:7f:19:
22:f1:49:19:14:bd:f8:58:07:37:cd:2b:80:9f:87:82:7c:5b:
90:33:e5:dd:96:f6:ef:57:a3:59:6b:aa:37:bf:ca:8c:00:a9:
d3:3a:7a:ad:b8:dd:3b:74:94:90:b2:dc:c2:95:d6:e0:84:73:
7a:0d:ed:77:63:90:50:39:6c:aa:16:7b:4e:8e:8e:5e:fa:e4:
50:fd:63:e8:99:fb:fb:85:b4:b2:b9:41:90:fb:5f:d7:1d:10:
d9:32:1c:ba:8e:47:af:6f:72:93:9c:cd:6f:c6:5f:ff:6a:9b:
d1:90:e6:c3:50:be:ae:ce:ae:77:56:85:62:15:27:02:0f:39:
9f:ee:cd:ee:69:cf:9a:e6:09:2e:50:9e:2d:a4:e3:43:5c:a3:
25:2c:0d:0a:92:d2:d8:86:a7:4a:e6:73:48:52:a0:42:8b:23:
37:8e:ab:f9:25:65:03:b9:da:00:75:8c:1c:fc:a2:d4:79:cd:
e1:33:15:20:9f:e1:60:a1:f0:66:fa:7b:00:56:29:1f:39:1a:
51:5c:b5:e1:73:94:fe:ba:47:56:37:3e:33:c4:f6:26:a1:fc:
fa:29:4f:26
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzDt0SqRc1d0JWNlr0y8Rv6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZGU5MWEwZmIxZjRkZDE3OTAwZDA2ZGI2ZTg4MzM2Zjc4
YjVjMDUwHhcNMjQwMTAxMDYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODYwODcwODMyMDA3ZTkyZDAxOWQxYTU1ZjAzYWQ3ZGU4YTFmZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOWJ1ojC2wW2wuC0lSI/nbXWrm9c
HTQZI/iirCFHCSbvNgRy0rtRplGVp5p+Kj2h+PNkFZ7MdyoPSjpE8N09mmrY4BFW
doHeNhr4hOeximeaboy/mLLSDt8KYX+WvdaZbKxb6zIpiYJo2kvZy1CFjob5wg96
qQjNZRGBlmoEWaR3N6097ACOoiOD7RywBbyodUhplq8Bju/dQeJxU3D1v+3sTK3z
JkhAK9m0BWQSLiIl1hnPvAczuUkJiWfDjANEEJ7kAeu0qyiFnWZjqg961hPCISko
87FvX3H0LxbZzhdTF57IRLYN1sle9dI3d4djsens9AnYQucEspBJIVcKFQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLhghwgyAH6S0BnRpV8DrX3oof1oMB8GA1UdIwQY
MBaAFN7ekaD7H03ReQDQbbbogzb3i1wFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3Q2Um9Qc2ZUZEY1QU5CdHR1aUROdmVMWEFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8yMzIxZDYtYmQ2Yy00YjJhLWFmODMt
MjFhNzAwYzcxMTlmLzEvdUdDSENESUFmcExRR2RHbFh3T3RmZWloX1dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8yMzIxZDYtYmQ2Yy00YjJhLWFmODMtMjFhNzAwYzcxMTlm
LzEvM3Q2Um9Qc2ZUZEY1QU5CdHR1aUROdmVMWEFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAwHz8AwQB
wRxAAwQAwRxHMA4EAgACMAgDBgQqEmkAADANBgkqhkiG9w0BAQsFAAOCAQEAlpOD
G6Sy79U09ObaM9nkU0OgUqxN05Q0vM+pQOSbJThSxn8ZIvFJGRS9+FgHN80rgJ+H
gnxbkDPl3Zb271ejWWuqN7/KjACp0zp6rbjdO3SUkLLcwpXW4IRzeg3td2OQUDls
qhZ7To6OXvrkUP1j6Jn7+4W0srlBkPtf1x0Q2TIcuo5Hr29yk5zNb8Zf/2qb0ZDm
w1C+rs6ud1aFYhUnAg85n+7N7mnPmuYJLlCeLaTjQ1yjJSwNCpLS2IanSuZzSFKg
QosjN46r+SVlA7naAHWMHPyi1HnN4TMVIJ/hYKHwZvp7AFYpHzkaUVy14XOU/rpH
Vjc+M8T2JqH8+ilPJg==
-----END CERTIFICATE-----
Generated at Thu May 23 09:53:29 2024 by rpki-client on console-fra.rpki-client.org