Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/UL8Xdp2zhQRnrKN8jmHV59xfics.roa
File: UL8Xdp2zhQRnrKN8jmHV59xfics.roa (raw, json)
Hash identifier: G2IO3xaieg+HJG+0CbMXDkoIljJTU+XvFncq4/YHVSg=
Subject key identifier: 50:BF:17:76:9D:B3:85:04:67:AC:A3:7C:8E:61:D5:E7:DC:5F:89:CB
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01904E9F337F8AAD104D7E750E9D6D0CFAE1
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/UL8Xdp2zhQRnrKN8jmHV59xfics.roa
Signing time: Tue 25 Jun 2024 08:59:34 +0000
ROA not before: Tue 25 Jun 2024 08:59:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43419
IP address blocks: 185.229.218.0/24 maxlen: 24
2a04:3a40:8000::/33 maxlen: 33
2a0a:e9c4::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4e:9f:33:7f:8a:ad:10:4d:7e:75:0e:9d:6d:0c:fa:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jun 25 08:59:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50bf17769db3850467aca37c8e61d5e7dc5f89cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:26:c3:d3:e6:33:d2:71:ab:fe:b3:8d:9e:15:
2f:96:a1:57:c7:70:ed:e4:a8:d5:ed:5a:a9:5e:e2:
dd:53:57:4a:0c:88:b7:5c:d9:a3:30:26:31:b9:4b:
04:bd:f0:9e:12:d6:b4:86:55:55:e9:77:b2:d2:58:
b0:08:b8:64:2c:59:fb:58:b0:7c:f4:76:3d:87:6e:
25:27:52:8f:5a:eb:11:ce:67:f4:5b:66:c7:44:1b:
08:d8:71:da:d2:21:cb:2c:e4:6c:85:5a:f8:d9:40:
c2:26:2f:6b:85:b9:d9:7b:88:60:49:2a:cb:3e:ce:
0f:e6:3e:33:87:ba:12:c1:ec:24:b9:cf:77:a9:44:
a9:28:ca:b8:0f:63:f0:e8:92:86:f9:47:de:1e:5e:
9d:dc:41:ea:7c:f5:9f:0e:d0:a1:fa:94:8b:44:a2:
0f:f6:1f:0e:64:93:30:ea:e5:3f:80:92:85:8d:50:
c9:7b:78:f6:95:9d:8d:f8:f0:57:c7:3f:20:cf:62:
c6:75:1b:50:a1:4e:1f:01:45:c7:1d:73:67:0d:c3:
5a:40:c0:b9:91:20:8e:32:3f:11:b3:4b:33:87:ee:
93:a2:b8:e4:df:08:cc:b1:0e:3e:e5:98:b1:d0:9d:
32:b6:fd:ab:74:a8:af:bc:e2:6f:fe:fb:4f:67:78:
52:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:BF:17:76:9D:B3:85:04:67:AC:A3:7C:8E:61:D5:E7:DC:5F:89:CB
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/UL8Xdp2zhQRnrKN8jmHV59xfics.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.218.0/24
IPv6:
2a04:3a40:8000::/33
2a0a:e9c4::/32
Signature Algorithm: sha256WithRSAEncryption
3d:f5:ec:ad:3f:91:46:ec:48:e6:36:7e:df:aa:14:02:57:2e:
eb:df:6c:7f:6d:c7:ae:ee:95:02:e2:86:7d:b8:9c:6f:d8:42:
63:c3:bb:50:d0:20:cd:ff:ba:44:b4:a3:25:44:38:8f:14:a2:
87:be:99:86:c7:e0:f6:63:4a:11:4e:ee:5e:bf:4f:b8:f7:2a:
b8:43:8b:d9:c7:d0:03:9c:6a:b6:fe:99:a2:8c:cf:0d:1b:da:
3c:77:98:51:dd:68:6f:7b:00:5a:c4:99:94:ff:65:e1:94:32:
1c:45:0e:cf:cf:57:31:c6:b9:a7:27:59:42:cf:b2:bb:9c:08:
89:10:96:80:d2:bd:47:61:59:03:69:92:0a:3d:af:78:d2:d4:
b3:e9:b2:a1:7c:5b:13:cb:8a:7f:ff:4c:0e:df:d9:b9:e8:7e:
1a:63:e4:d3:9e:89:3f:ba:13:02:79:20:9a:5d:5b:f9:39:d5:
9e:35:12:cf:f5:6d:2a:fd:72:dd:9a:ce:19:b2:f3:21:a5:3e:
22:40:44:b2:7a:39:87:2d:d1:e0:de:25:de:c1:48:73:db:b0:
49:08:86:78:8c:2a:59:ba:8b:af:99:35:c4:64:fd:d8:1d:e6:
7b:11:27:18:a6:31:1b:03:0c:33:c6:cd:e9:c5:a6:d9:fd:96:
5a:16:fd:32
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZBOnzN/iq0QTX51Dp1tDPrhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwNjI1MDg1OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGJmMTc3NjlkYjM4NTA0NjdhY2EzN2M4ZTYxZDVlN2RjNWY4OWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArybD0+Yz0nGr/rONnhUvlqFXx3Dt
5KjV7VqpXuLdU1dKDIi3XNmjMCYxuUsEvfCeEta0hlVV6Xey0liwCLhkLFn7WLB8
9HY9h24lJ1KPWusRzmf0W2bHRBsI2HHa0iHLLORshVr42UDCJi9rhbnZe4hgSSrL
Ps4P5j4zh7oSwewkuc93qUSpKMq4D2Pw6JKG+UfeHl6d3EHqfPWfDtCh+pSLRKIP
9h8OZJMw6uU/gJKFjVDJe3j2lZ2N+PBXxz8gz2LGdRtQoU4fAUXHHXNnDcNaQMC5
kSCOMj8Rs0szh+6Torjk3wjMsQ4+5Zix0J0ytv2rdKivvOJv/vtPZ3hSmwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFC/F3ads4UEZ6yjfI5h1efcX4nLMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvVUw4WGRwMnpoUVJucktOOGptSFY1OXhmaWNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAMBAIAATAGAwQAueXaMBUE
AgACMA8DBgcqBDpAgAMFACoK6cQwDQYJKoZIhvcNAQELBQADggEBAD317K0/kUbs
SOY2ft+qFAJXLuvfbH9tx67ulQLihn24nG/YQmPDu1DQIM3/ukS0oyVEOI8Uooe+
mYbH4PZjShFO7l6/T7j3KrhDi9nH0AOcarb+maKMzw0b2jx3mFHdaG97AFrEmZT/
ZeGUMhxFDs/PVzHGuacnWULPsrucCIkQloDSvUdhWQNpkgo9r3jS1LPpsqF8WxPL
in//TA7f2bnofhpj5NOeiT+6EwJ5IJpdW/k51Z41Es/1bSr9ct2azhmy8yGlPiJA
RLJ6OYct0eDeJd7BSHPbsEkIhniMKlm6i6+ZNcRk/dgd5nsRJximMRsDDDPGzenF
ptn9lloW/TI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:53:09 2024 by rpki-client on console-fra.rpki-client.org