Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/UPvdmWFD0H1ymlFOl5_yAhZ9ikc.roa
File: UPvdmWFD0H1ymlFOl5_yAhZ9ikc.roa (raw, json)
Hash identifier: UcwP96XTVsppDLDPmjVB3wvmFFwAD/ae9Ogizg6cH6E=
Subject key identifier: 50:FB:DD:99:61:43:D0:7D:72:9A:51:4E:97:9F:F2:02:16:7D:8A:47
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 018CC3B68E497CFE1AB88AF19C40F30C584A
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/UPvdmWFD0H1ymlFOl5_yAhZ9ikc.roa
Signing time: Mon 01 Jan 2024 06:29:30 +0000
ROA not before: Mon 01 Jan 2024 06:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212494
IP address blocks: 128.127.146.0/24 maxlen: 24
128.127.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 07:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:8e:49:7c:fe:1a:b8:8a:f1:9c:40:f3:0c:58:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Jan 1 06:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50fbdd996143d07d729a514e979ff202167d8a47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:66:23:a9:33:6e:5d:5f:a3:a0:4f:8c:46:e9:
62:00:79:b1:39:f8:b6:ec:5a:88:67:8d:21:fe:42:
c2:61:c3:a4:fd:89:d3:66:32:73:83:e8:44:a2:95:
2a:43:4f:fa:6f:2c:af:6d:75:a2:b2:08:b4:21:4c:
25:d0:8d:ca:8f:44:1a:0e:77:f2:da:9d:bf:57:b3:
22:9a:23:3b:f3:66:5f:58:fa:c2:db:a7:7c:2b:66:
f4:b4:f1:da:ac:8f:f5:7e:eb:fb:5a:16:5b:8d:16:
aa:e5:5b:84:73:54:80:96:75:23:e4:33:6f:12:3e:
f7:9d:25:3d:91:6c:0a:ee:80:37:f5:0b:26:b5:b9:
df:6f:9c:76:7f:0a:b0:e2:cd:aa:2f:62:fb:b0:38:
ca:e3:91:31:78:55:e7:5c:48:a3:f4:84:4a:5a:11:
ed:f5:06:2b:f5:b6:94:58:cd:c7:af:1d:93:bf:a5:
68:db:4c:c4:33:3a:b5:09:84:18:cb:34:ab:db:17:
e6:a0:90:84:ca:5a:12:74:6e:83:33:7d:64:63:f9:
6f:44:ec:f7:da:af:b4:6b:1e:f7:5e:e3:9b:c3:6c:
69:f1:a2:eb:83:6c:d4:b0:e6:1e:5d:dd:86:8b:38:
4c:5a:89:d5:93:c8:dd:40:24:26:7d:2b:84:1d:2f:
1d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:FB:DD:99:61:43:D0:7D:72:9A:51:4E:97:9F:F2:02:16:7D:8A:47
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/UPvdmWFD0H1ymlFOl5_yAhZ9ikc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.127.146.0/23
Signature Algorithm: sha256WithRSAEncryption
41:8e:b9:a7:64:21:0b:b5:d8:02:f2:a9:75:ed:83:56:83:c4:
0a:cc:55:2d:95:4c:a8:48:1a:a1:de:04:8f:31:c9:7b:ab:55:
2e:05:7c:9a:42:73:6c:9a:fc:32:bc:b2:1d:68:08:b9:d6:0b:
cb:1a:4f:7d:6a:e2:99:04:85:9d:39:de:46:a8:7b:83:b0:8a:
af:94:0a:2c:47:fb:01:e5:3c:a2:f8:01:03:58:a7:c4:39:fd:
87:09:0f:40:a5:b6:14:51:85:17:be:58:be:a1:4d:cd:ca:91:
ce:1d:9a:a3:54:b7:cc:3b:a4:f8:5c:43:32:33:78:1d:ed:02:
a5:da:82:71:ca:35:db:6a:29:10:d0:98:77:67:b0:c5:ea:36:
fb:57:d4:01:97:13:6d:ca:4d:42:0c:af:f4:f6:f1:37:0f:5a:
8a:6b:f3:45:f8:04:31:8b:15:a8:5d:f9:12:91:e8:60:3a:2a:
4b:ef:be:a2:a7:5c:9d:4a:cc:8c:5b:95:8d:7a:da:db:d1:cf:
b0:93:40:42:67:c3:b9:f6:87:4d:5a:28:81:cd:ac:5d:24:1d:
a4:2d:36:57:dd:90:37:70:d6:ed:cf:b9:05:63:f8:60:23:58:
be:5e:09:2a:72:c3:9c:e1:8d:9d:85:a4:f5:4d:f1:65:22:23:
ef:8d:94:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDto5JfP4auIrxnEDzDFhKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjQwMTAxMDYyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGZiZGQ5OTYxNDNkMDdkNzI5YTUxNGU5NzlmZjIwMjE2N2Q4YTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWYjqTNuXV+joE+MRuliAHmxOfi2
7FqIZ40h/kLCYcOk/YnTZjJzg+hEopUqQ0/6byyvbXWisgi0IUwl0I3Kj0QaDnfy
2p2/V7MimiM782ZfWPrC26d8K2b0tPHarI/1fuv7WhZbjRaq5VuEc1SAlnUj5DNv
Ej73nSU9kWwK7oA39Qsmtbnfb5x2fwqw4s2qL2L7sDjK45ExeFXnXEij9IRKWhHt
9QYr9baUWM3Hrx2Tv6Vo20zEMzq1CYQYyzSr2xfmoJCEyloSdG6DM31kY/lvROz3
2q+0ax73XuObw2xp8aLrg2zUsOYeXd2GizhMWonVk8jdQCQmfSuEHS8dMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFD73ZlhQ9B9cppRTpef8gIWfYpHMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvVVB2ZG1XRkQwSDF5bWxGT2w1X3lBaFo5aWtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBgH+SMA0G
CSqGSIb3DQEBCwUAA4IBAQBBjrmnZCELtdgC8ql17YNWg8QKzFUtlUyoSBqh3gSP
Mcl7q1UuBXyaQnNsmvwyvLIdaAi51gvLGk99auKZBIWdOd5GqHuDsIqvlAosR/sB
5Tyi+AEDWKfEOf2HCQ9ApbYUUYUXvli+oU3NypHOHZqjVLfMO6T4XEMyM3gd7QKl
2oJxyjXbaikQ0Jh3Z7DF6jb7V9QBlxNtyk1CDK/09vE3D1qKa/NF+AQxixWoXfkS
kehgOipL776ip1ydSsyMW5WNetrb0c+wk0BCZ8O59odNWiiBzaxdJB2kLTZX3ZA3
cNbtz7kFY/hgI1i+XgkqcsOc4Y2dhaT1TfFlIiPvjZRb
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:23:33 2024 by rpki-client on console-ams.rpki-client.org