Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/ueXErPRt9vifMuV8GlmOLMofjOI.roa
File: ueXErPRt9vifMuV8GlmOLMofjOI.roa (raw, json)
Hash identifier: H9qvMzmLopadybBfGhNM2Fbjhhw05F89DnmBX1c6dLs=
Subject key identifier: B9:E5:C4:AC:F4:6D:F6:F8:9F:32:E5:7C:1A:59:8E:2C:CA:1F:8C:E2
Certificate issuer: /CN=c7770135d0f0d30a868df551d8752d4b4badc2c1
Certificate serial: 018CDA22464A413E539FB5979E52DE4F9B65
Authority key identifier: C7:77:01:35:D0:F0:D3:0A:86:8D:F5:51:D8:75:2D:4B:4B:AD:C2:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3cBNdDw0wqGjfVR2HUtS0utwsE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/ueXErPRt9vifMuV8GlmOLMofjOI.roa
Signing time: Fri 05 Jan 2024 14:58:48 +0000
ROA not before: Fri 05 Jan 2024 14:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209288
IP address blocks: 81.173.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/x3cBNdDw0wqGjfVR2HUtS0utwsE.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/x3cBNdDw0wqGjfVR2HUtS0utwsE.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3cBNdDw0wqGjfVR2HUtS0utwsE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:da:22:46:4a:41:3e:53:9f:b5:97:9e:52:de:4f:9b:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7770135d0f0d30a868df551d8752d4b4badc2c1
Validity
Not Before: Jan 5 14:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9e5c4acf46df6f89f32e57c1a598e2cca1f8ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d4:47:5e:75:09:1b:0d:80:71:09:cc:a0:55:
3f:63:8e:67:b0:62:5e:b2:8b:10:3d:db:ab:15:0b:
95:a9:26:a4:1a:92:ba:50:f5:f1:51:3a:cd:18:de:
49:ef:38:03:75:6f:41:36:24:35:d6:42:17:c6:c5:
2f:af:ba:5a:19:43:3a:13:44:44:7a:39:b3:b2:7e:
d5:32:d9:42:2b:04:67:7e:8d:13:77:f6:4e:7d:b6:
b3:da:36:fa:88:10:2d:6c:66:fd:fb:d6:a5:a1:f7:
f5:ad:5d:ba:53:6f:74:6b:e9:73:46:00:aa:8b:e9:
fe:12:62:50:77:41:87:43:aa:0b:3a:4e:d4:e4:b4:
23:e2:aa:c0:e6:e8:8a:a0:9e:7d:e9:be:72:42:58:
74:e6:9d:c4:0c:7b:be:33:a7:32:ab:bf:f0:b9:f0:
f3:23:38:f0:d0:ca:14:b3:4d:32:a9:40:92:ad:cc:
e5:15:f3:c7:b3:a1:fc:37:f2:e2:3b:82:02:84:86:
2b:e6:aa:5b:a6:b5:eb:d2:c9:d4:5e:d7:a7:03:05:
c7:96:f4:26:92:11:5a:4a:a8:98:60:3e:7f:80:4f:
6c:cc:ae:34:79:2d:a4:d7:28:4d:90:85:57:18:ba:
c9:63:cb:3c:c1:8a:f9:01:76:1b:c8:b3:e7:0b:77:
d3:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:E5:C4:AC:F4:6D:F6:F8:9F:32:E5:7C:1A:59:8E:2C:CA:1F:8C:E2
X509v3 Authority Key Identifier:
keyid:C7:77:01:35:D0:F0:D3:0A:86:8D:F5:51:D8:75:2D:4B:4B:AD:C2:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3cBNdDw0wqGjfVR2HUtS0utwsE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/ueXErPRt9vifMuV8GlmOLMofjOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/x3cBNdDw0wqGjfVR2HUtS0utwsE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.173.47.0/24
Signature Algorithm: sha256WithRSAEncryption
40:bb:7d:53:ac:23:02:74:cd:84:e3:5e:bf:76:bf:64:d2:c4:
51:56:b3:46:79:89:08:25:86:0a:d5:fc:b3:7f:fe:e9:4e:21:
03:9e:a5:27:ee:6a:4e:cf:dc:6f:54:86:f4:76:cb:1c:9d:1f:
51:3b:c9:8d:ca:81:d9:bc:f5:79:8d:d1:7e:22:4a:81:0a:66:
76:f2:87:a4:1b:8a:08:77:bb:34:75:14:66:26:2d:b6:ad:10:
f2:c4:98:84:ab:f9:de:19:e2:b3:94:d9:73:45:87:7d:b3:c2:
b2:1b:99:bd:46:7f:70:63:f9:71:17:6c:27:ab:06:99:e7:50:
66:ed:f1:ac:16:98:05:0a:31:99:a9:87:62:55:c6:c1:75:a7:
c0:05:a7:42:59:ff:15:a4:69:e2:84:64:11:be:4f:ae:b7:3a:
b1:b8:e1:8e:4c:8c:3c:4d:c6:95:1d:6d:74:04:dd:43:47:b0:
17:ec:16:1a:44:ef:b4:ec:16:a8:78:5b:5e:83:2d:3e:7d:d9:
9e:71:bc:97:b3:49:bc:00:68:e0:b7:c7:00:d4:32:c5:06:d5:
9a:7d:cb:37:94:79:7a:67:88:a8:f6:c7:78:1d:eb:b7:dc:5f:
fb:62:b1:ea:2c:7e:1c:c2:e3:62:e5:f6:b4:51:a1:ba:da:39:
69:eb:67:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzaIkZKQT5Tn7WXnlLeT5tlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NzcwMTM1ZDBmMGQzMGE4NjhkZjU1MWQ4NzUyZDRiNGJh
ZGMyYzEwHhcNMjQwMTA1MTQ1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWU1YzRhY2Y0NmRmNmY4OWYzMmU1N2MxYTU5OGUyY2NhMWY4Y2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktRHXnUJGw2AcQnMoFU/Y45nsGJe
sosQPdurFQuVqSakGpK6UPXxUTrNGN5J7zgDdW9BNiQ11kIXxsUvr7paGUM6E0RE
ejmzsn7VMtlCKwRnfo0Td/ZOfbaz2jb6iBAtbGb9+9aloff1rV26U290a+lzRgCq
i+n+EmJQd0GHQ6oLOk7U5LQj4qrA5uiKoJ596b5yQlh05p3EDHu+M6cyq7/wufDz
Izjw0MoUs00yqUCSrczlFfPHs6H8N/LiO4IChIYr5qpbprXr0snUXtenAwXHlvQm
khFaSqiYYD5/gE9szK40eS2k1yhNkIVXGLrJY8s8wYr5AXYbyLPnC3fTcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLnlxKz0bfb4nzLlfBpZjizKH4ziMB8GA1UdIwQY
MBaAFMd3ATXQ8NMKho31Udh1LUtLrcLBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNjQk5kRHcwd3FHamZWUjJIVXRTMHV0d3NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9iOTcwNzAtYzVmNC00NDEwLTk0YjUt
ZDY0ZDc1Mzk0MDM3LzEvdWVYRXJQUnQ5dmlmTXVWOEdsbU9MTW9mak9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9iOTcwNzAtYzVmNC00NDEwLTk0YjUtZDY0ZDc1Mzk0MDM3
LzEveDNjQk5kRHcwd3FHamZWUjJIVXRTMHV0d3NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUa0vMA0G
CSqGSIb3DQEBCwUAA4IBAQBAu31TrCMCdM2E416/dr9k0sRRVrNGeYkIJYYK1fyz
f/7pTiEDnqUn7mpOz9xvVIb0dsscnR9RO8mNyoHZvPV5jdF+IkqBCmZ28oekG4oI
d7s0dRRmJi22rRDyxJiEq/neGeKzlNlzRYd9s8KyG5m9Rn9wY/lxF2wnqwaZ51Bm
7fGsFpgFCjGZqYdiVcbBdafABadCWf8VpGnihGQRvk+utzqxuOGOTIw8TcaVHW10
BN1DR7AX7BYaRO+07BaoeFtegy0+fdmecbyXs0m8AGjgt8cA1DLFBtWafcs3lHl6
Z4io9sd4Heu33F/7YrHqLH4cwuNi5fa0UaG62jlp62cj
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:41:15 2024 by rpki-client on console-ams.rpki-client.org