Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/uJzr-rHGrHdeOUuvD-Pv5Pt-Z3A.roa
File: uJzr-rHGrHdeOUuvD-Pv5Pt-Z3A.roa (raw, json)
Hash identifier: KqMXIbukoSTfEfNZSC09tGgJz7ccf9wH+B6xt0gfTnQ=
Subject key identifier: B8:9C:EB:FA:B1:C6:AC:77:5E:39:4B:AF:0F:E3:EF:E4:FB:7E:67:70
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 018F4C5AE8C674D1D9585CEB9A2265380305
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/uJzr-rHGrHdeOUuvD-Pv5Pt-Z3A.roa
Signing time: Mon 06 May 2024 05:22:57 +0000
ROA not before: Mon 06 May 2024 05:22:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48950
IP address blocks: 104.160.4.0/24 maxlen: 24
104.160.10.0/24 maxlen: 24
158.222.3.0/24 maxlen: 24
158.222.5.0/24 maxlen: 24
158.222.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4c:5a:e8:c6:74:d1:d9:58:5c:eb:9a:22:65:38:03:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: May 6 05:22:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b89cebfab1c6ac775e394baf0fe3efe4fb7e6770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ce:30:ae:20:55:2c:68:87:00:13:3d:df:4c:
ad:7b:7b:45:0f:6e:fd:61:e2:1b:cb:2a:fd:aa:d3:
fd:8d:77:f7:1c:31:3f:e6:fd:58:16:18:ae:df:e6:
d5:45:cf:b5:15:96:8b:4c:d3:b0:cc:91:6a:2f:64:
c6:7b:51:ba:56:f7:03:54:a0:a7:06:d9:11:29:d3:
ab:32:c5:ba:98:eb:ae:81:0d:07:79:ca:4d:be:18:
36:06:4e:e2:bf:75:a6:a3:7d:0e:2e:20:68:9d:11:
75:aa:00:2c:b2:39:35:9a:9d:2d:c1:84:5c:55:f7:
31:d2:44:41:20:bb:ca:df:f8:0e:93:c1:5f:b1:02:
11:ee:d8:17:80:e5:a2:7b:bf:27:8c:d0:16:ee:d3:
5d:82:54:14:8c:ad:dd:1a:8f:10:76:c9:29:ca:b7:
f9:d5:62:ff:00:52:3a:36:5e:4f:89:fd:52:3c:57:
ff:84:73:41:4b:c6:c6:fe:53:db:9f:90:4f:a5:54:
3d:8a:3a:18:db:99:be:c6:f0:dd:4e:75:60:a8:ab:
11:ca:17:a5:fa:25:55:28:8d:23:9f:a7:ce:42:51:
ed:5d:bf:13:ec:99:fb:12:be:5d:44:5d:79:b4:7f:
c1:6f:6a:68:db:41:f9:cb:af:1d:42:08:3d:31:63:
d7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:9C:EB:FA:B1:C6:AC:77:5E:39:4B:AF:0F:E3:EF:E4:FB:7E:67:70
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/uJzr-rHGrHdeOUuvD-Pv5Pt-Z3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.160.4.0/24
104.160.10.0/24
158.222.3.0/24
158.222.5.0/24
158.222.7.0/24
Signature Algorithm: sha256WithRSAEncryption
86:6a:22:54:3d:b7:22:90:77:5d:6b:64:c8:28:53:ef:3d:b8:
12:d0:40:c4:90:21:9c:54:66:8d:42:26:34:fa:c5:e2:40:58:
e1:73:e0:b3:00:aa:fd:d7:1d:85:48:0e:20:52:e9:90:6a:ff:
f2:9f:63:9a:f3:98:d5:09:eb:13:0a:fd:d1:99:69:8b:b7:cf:
87:d2:86:a6:b2:a3:b3:01:03:e3:eb:94:82:91:28:88:21:d4:
75:f1:03:5f:ed:4f:e4:46:a7:8b:1b:05:4a:0b:76:de:5d:d5:
3f:46:a7:f6:a9:0c:0c:88:8f:a4:5d:b0:83:c3:87:7c:8d:28:
f7:94:24:bb:ae:8b:fc:a8:c4:2d:3f:1f:d7:17:f3:10:80:93:
01:75:a6:6b:14:23:95:1f:c0:ab:ac:c9:d8:8d:5f:6a:bb:c2:
c5:ad:a9:61:a6:db:4a:5f:59:6b:b4:68:22:a3:0b:0b:b5:59:
72:c0:9b:43:c9:ad:6b:69:c5:41:4d:ca:85:e2:54:56:f9:b1:
54:e4:77:2c:ea:4d:64:93:04:fc:df:b9:46:cc:b0:a6:38:35:
78:a7:6c:f0:7b:af:32:ea:81:82:e1:c0:8b:98:a8:d9:ee:47:
6b:d7:48:8a:83:82:27:b3:d8:17:58:91:3e:cd:18:58:67:c3:
56:e5:f6:ff
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY9MWujGdNHZWFzrmiJlOAMFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjQwNTA2MDUyMjU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODljZWJmYWIxYzZhYzc3NWUzOTRiYWYwZmUzZWZlNGZiN2U2NzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA184wriBVLGiHABM930yte3tFD279
YeIbyyr9qtP9jXf3HDE/5v1YFhiu3+bVRc+1FZaLTNOwzJFqL2TGe1G6VvcDVKCn
BtkRKdOrMsW6mOuugQ0HecpNvhg2Bk7iv3Wmo30OLiBonRF1qgAssjk1mp0twYRc
Vfcx0kRBILvK3/gOk8FfsQIR7tgXgOWie78njNAW7tNdglQUjK3dGo8Qdskpyrf5
1WL/AFI6Nl5Pif1SPFf/hHNBS8bG/lPbn5BPpVQ9ijoY25m+xvDdTnVgqKsRyhel
+iVVKI0jn6fOQlHtXb8T7Jn7Er5dRF15tH/Bb2po20H5y68dQgg9MWPXbwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLic6/qxxqx3XjlLrw/j7+T7fmdwMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEvdUp6ci1ySEdySGRlT1V1dkQtUHY1UHQtWjNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAaKAEAwQA
aKAKAwQAnt4DAwQAnt4FAwQAnt4HMA0GCSqGSIb3DQEBCwUAA4IBAQCGaiJUPbci
kHdda2TIKFPvPbgS0EDEkCGcVGaNQiY0+sXiQFjhc+CzAKr91x2FSA4gUumQav/y
n2Oa85jVCesTCv3RmWmLt8+H0oamsqOzAQPj65SCkSiIIdR18QNf7U/kRqeLGwVK
C3beXdU/Rqf2qQwMiI+kXbCDw4d8jSj3lCS7rov8qMQtPx/XF/MQgJMBdaZrFCOV
H8CrrMnYjV9qu8LFralhpttKX1lrtGgiowsLtVlywJtDya1racVBTcqF4lRW+bFU
5Hcs6k1kkwT837lGzLCmODV4p2zwe68y6oGC4cCLmKjZ7kdr10iKg4Ins9gXWJE+
zRhYZ8NW5fb/
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:11:50 2024 by rpki-client on console-fra.rpki-client.org