Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/UGHtz0uj3vh0ASEnmPzHbH7qZeE.roa
File: UGHtz0uj3vh0ASEnmPzHbH7qZeE.roa (raw, json)
Hash identifier: hKh9RhxSL9SN0z36F2Tqo6QQYBYvzqhM3cUOp5vL1UM=
Subject key identifier: 50:61:ED:CF:4B:A3:DE:F8:74:01:21:27:98:FC:C7:6C:7E:EA:65:E1
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018EC2B4CC6C4E5CD3C1ECA6EE19697B7300
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/UGHtz0uj3vh0ASEnmPzHbH7qZeE.roa
Signing time: Tue 09 Apr 2024 11:53:32 +0000
ROA not before: Tue 09 Apr 2024 11:53:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48147
IP address blocks: 212.16.86.0/24 maxlen: 24
212.80.18.0/23 maxlen: 23
212.80.18.0/24 maxlen: 24
212.80.19.0/24 maxlen: 24
212.80.20.0/22 maxlen: 22
212.80.20.0/24 maxlen: 24
212.80.21.0/24 maxlen: 24
212.80.22.0/24 maxlen: 24
212.80.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 12:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:b4:cc:6c:4e:5c:d3:c1:ec:a6:ee:19:69:7b:73:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Apr 9 11:53:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5061edcf4ba3def87401212798fcc76c7eea65e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fc:bf:b7:ad:c1:53:43:dc:f3:04:03:21:26:
d7:54:af:0e:d5:0f:15:ab:37:0b:7b:8b:99:d9:19:
c7:c1:2f:02:5b:52:25:91:ff:3f:20:7c:1f:c3:b0:
92:7b:aa:df:a3:7d:d2:78:70:4c:b7:9c:d1:26:14:
b6:9e:2c:1c:ff:d2:cb:cf:9f:68:0b:2f:3f:3a:5a:
62:24:9b:5c:64:a9:14:3d:c6:1f:c3:94:29:d9:95:
52:97:ad:ec:9f:40:66:aa:2c:6e:fa:20:ba:e4:77:
b5:11:bb:c9:2f:97:a1:24:b6:e6:92:98:f5:05:d3:
e6:b0:15:8a:3c:5a:8c:f1:ef:c3:d3:ea:1e:45:e5:
5c:cd:9d:92:46:e6:ab:bf:dd:6e:fc:f3:7b:7b:3d:
c4:22:1c:b3:69:bd:0b:5f:0c:96:c0:dc:3b:b3:76:
9b:ce:a8:f8:e0:fd:a7:f3:2b:14:be:b1:73:98:1e:
e1:84:a0:77:d7:c1:a3:2f:b1:a5:0e:c4:bc:38:8a:
2c:60:31:0d:73:b7:e1:44:08:6e:c1:fd:95:ce:6f:
43:cb:31:5b:e7:d9:1f:97:4a:85:f1:4d:5c:67:5b:
d8:9b:dc:51:15:d5:f3:5c:db:dd:33:1b:0a:1c:17:
82:2a:b9:b1:96:f8:b3:90:1d:f3:f2:2f:9f:e8:ae:
cc:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:61:ED:CF:4B:A3:DE:F8:74:01:21:27:98:FC:C7:6C:7E:EA:65:E1
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/UGHtz0uj3vh0ASEnmPzHbH7qZeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.16.86.0/24
212.80.18.0-212.80.23.255
Signature Algorithm: sha256WithRSAEncryption
7e:b1:77:a8:02:40:92:7f:41:41:bb:f3:5f:f0:d7:5a:2f:28:
7c:cc:2b:13:2f:0c:03:d4:aa:e3:91:c8:69:c4:84:36:a7:bd:
1d:da:4c:e9:d3:06:e5:b1:1a:fc:46:2f:0f:f3:c3:45:49:18:
3d:19:53:42:ec:95:92:7a:17:ee:74:23:c2:a9:c1:53:bb:fe:
20:b6:71:10:3e:b2:3b:14:98:09:41:f1:96:a2:cf:0e:2c:01:
a9:a6:0b:09:4b:b6:5a:60:03:44:14:af:2a:96:b5:5a:9e:0b:
3d:7f:55:0b:b9:8a:0d:2e:4c:3f:7a:8f:20:81:87:60:c8:de:
88:9d:33:94:7f:8e:44:02:e9:f8:24:09:ad:5e:27:04:5a:e0:
9a:4f:6c:15:05:13:74:9b:2c:d7:59:bd:10:83:ef:72:73:f7:
d5:61:e9:83:83:2f:62:72:e3:ec:fe:23:ac:91:c2:80:da:08:
c6:51:de:84:3f:cd:86:9a:67:e5:79:53:19:9b:ec:ae:8d:11:
5a:a0:30:e4:f9:52:f1:92:c0:6c:4f:9f:c9:b6:a3:bf:14:e8:
bf:23:75:01:6f:76:ef:9e:93:ed:95:a8:dc:37:95:1a:9d:4e:
d2:da:92:05:10:fa:7b:90:7e:98:48:62:55:67:df:42:06:ae:
98:b5:73:7c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY7CtMxsTlzTweym7hlpe3MAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwNDA5MTE1MzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDYxZWRjZjRiYTNkZWY4NzQwMTIxMjc5OGZjYzc2YzdlZWE2NWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvy/t63BU0Pc8wQDISbXVK8O1Q8V
qzcLe4uZ2RnHwS8CW1Ilkf8/IHwfw7CSe6rfo33SeHBMt5zRJhS2niwc/9LLz59o
Cy8/OlpiJJtcZKkUPcYfw5Qp2ZVSl63sn0Bmqixu+iC65He1EbvJL5ehJLbmkpj1
BdPmsBWKPFqM8e/D0+oeReVczZ2SRuarv91u/PN7ez3EIhyzab0LXwyWwNw7s3ab
zqj44P2n8ysUvrFzmB7hhKB318GjL7GlDsS8OIosYDENc7fhRAhuwf2Vzm9DyzFb
59kfl0qF8U1cZ1vYm9xRFdXzXNvdMxsKHBeCKrmxlvizkB3z8i+f6K7MMQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFBh7c9Lo974dAEhJ5j8x2x+6mXhMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvVUdIdHowdWozdmgwQVNFbm1QekhiSDdxWmVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQA1BBWMAwD
BAHUUBIDBAPUUBAwDQYJKoZIhvcNAQELBQADggEBAH6xd6gCQJJ/QUG781/w11ov
KHzMKxMvDAPUquORyGnEhDanvR3aTOnTBuWxGvxGLw/zw0VJGD0ZU0LslZJ6F+50
I8KpwVO7/iC2cRA+sjsUmAlB8Zaizw4sAammCwlLtlpgA0QUryqWtVqeCz1/VQu5
ig0uTD96jyCBh2DI3oidM5R/jkQC6fgkCa1eJwRa4JpPbBUFE3SbLNdZvRCD73Jz
99Vh6YODL2Jy4+z+I6yRwoDaCMZR3oQ/zYaaZ+V5Uxmb7K6NEVqgMOT5UvGSwGxP
n8m2o78U6L8jdQFvdu+ek+2VqNw3lRqdTtLakgUQ+nuQfphIYlVn30IGrpi1c3w=
-----END CERTIFICATE-----
Generated at Mon Jun 3 21:37:50 2024 by rpki-client on console-ams.rpki-client.org