Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/2fbccc-64b6-4f66-8969-a6d27c431818/1/uuUCF0Q7fyLxnw5gq29V6auG-mk.roa
File: uuUCF0Q7fyLxnw5gq29V6auG-mk.roa (raw, json)
Hash identifier: 32g82S4HBlnGOb944vPx/gRbkXDfdcBWgjVyuYLeFFU=
Subject key identifier: BA:E5:02:17:44:3B:7F:22:F1:9F:0E:60:AB:6F:55:E9:AB:86:FA:69
Certificate issuer: /CN=d283616f1362c25d82ec2a70c4b9750565b1197f
Certificate serial: 018CC7274F992721BD1B8E20C72E425AF4AB
Authority key identifier: D2:83:61:6F:13:62:C2:5D:82:EC:2A:70:C4:B9:75:05:65:B1:19:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0oNhbxNiwl2C7CpwxLl1BWWxGX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/2fbccc-64b6-4f66-8969-a6d27c431818/1/uuUCF0Q7fyLxnw5gq29V6auG-mk.roa
Signing time: Mon 01 Jan 2024 22:31:31 +0000
ROA not before: Mon 01 Jan 2024 22:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24931
IP address blocks: 185.54.72.0/22 maxlen: 22
2a01:ba20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/2fbccc-64b6-4f66-8969-a6d27c431818/1/0oNhbxNiwl2C7CpwxLl1BWWxGX8.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/2fbccc-64b6-4f66-8969-a6d27c431818/1/0oNhbxNiwl2C7CpwxLl1BWWxGX8.mft
rsync://rpki.ripe.net/repository/DEFAULT/0oNhbxNiwl2C7CpwxLl1BWWxGX8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:4f:99:27:21:bd:1b:8e:20:c7:2e:42:5a:f4:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d283616f1362c25d82ec2a70c4b9750565b1197f
Validity
Not Before: Jan 1 22:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bae50217443b7f22f19f0e60ab6f55e9ab86fa69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6b:93:1e:fc:90:1c:55:8f:60:66:ec:cc:74:
2c:e0:24:80:ea:48:2a:50:bc:b7:ec:d0:03:c6:14:
86:59:f9:0a:12:be:5a:a6:df:a6:d8:d5:6c:26:b1:
a9:8e:cb:99:eb:5c:d7:6d:9d:c1:a8:9a:7a:98:09:
02:a8:b0:8f:b1:d7:0b:a6:e2:ef:56:62:ee:56:67:
c4:31:db:c5:bd:7f:2e:06:25:de:dc:dd:7e:7a:2a:
b5:58:40:da:69:d8:8f:fd:30:31:e7:67:e1:d1:3f:
bc:5e:28:ad:d3:15:c1:b5:15:9b:70:67:bf:9c:c5:
d8:70:71:1d:75:3c:3c:e2:d7:5e:11:55:79:78:4f:
e3:a9:7b:72:32:40:67:7b:22:c5:7d:06:3a:65:04:
72:74:d7:fe:cd:99:25:ef:7d:3c:0f:9d:65:a3:11:
75:b2:c1:39:ff:bf:f5:b3:51:2a:38:5e:db:0e:2c:
12:f9:f6:f0:fd:0c:17:9f:e2:7a:cf:cf:cc:73:5b:
13:93:5e:83:aa:16:bb:41:c3:a4:d0:82:7d:b2:32:
fb:9a:a4:b0:87:6a:21:7b:7e:fe:11:63:4f:df:4c:
ab:99:84:0c:64:c7:92:3f:0e:c1:b5:2f:15:22:f6:
67:5e:87:5a:48:7d:25:f3:b7:8b:9c:dd:3c:55:0b:
8e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:E5:02:17:44:3B:7F:22:F1:9F:0E:60:AB:6F:55:E9:AB:86:FA:69
X509v3 Authority Key Identifier:
keyid:D2:83:61:6F:13:62:C2:5D:82:EC:2A:70:C4:B9:75:05:65:B1:19:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0oNhbxNiwl2C7CpwxLl1BWWxGX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/2fbccc-64b6-4f66-8969-a6d27c431818/1/uuUCF0Q7fyLxnw5gq29V6auG-mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/2fbccc-64b6-4f66-8969-a6d27c431818/1/0oNhbxNiwl2C7CpwxLl1BWWxGX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.72.0/22
IPv6:
2a01:ba20::/32
Signature Algorithm: sha256WithRSAEncryption
0b:3b:12:2c:59:db:da:73:35:6f:3c:9c:2e:21:ab:d6:b5:0f:
12:dc:9d:d1:48:ef:52:ac:0e:8b:35:8f:16:e7:b4:ae:74:fb:
84:b8:8f:dd:a1:6c:ff:be:6b:69:38:89:65:c7:bc:5f:46:54:
b1:ff:c2:62:dd:53:da:23:1a:24:09:3a:72:d4:a4:97:3e:3c:
78:33:6b:db:18:15:c2:b4:a4:32:f4:dd:ca:eb:66:70:e2:8f:
23:85:1e:6f:3d:97:a0:6d:61:2e:a9:f7:28:1f:46:7b:c2:fa:
88:fe:95:da:87:f2:52:4a:d0:f4:73:3c:4a:86:ba:a6:ad:59:
71:58:5a:83:87:10:46:ef:a0:ce:b9:92:b2:67:1a:0b:d7:be:
58:38:a6:84:a4:c7:aa:ea:ed:22:48:47:13:77:1e:22:27:ba:
62:e5:5a:57:30:55:77:ca:90:2a:15:ab:6b:68:51:71:2c:61:
f2:16:ba:a9:c2:98:01:b9:a9:fe:49:b2:32:99:86:24:21:d1:
d3:f6:d6:c3:ea:fc:4c:28:be:57:b4:45:5c:58:b8:70:f2:67:
ac:f2:b2:41:d8:e8:ca:71:91:74:c9:a0:9b:d2:9d:c5:ec:8f:
f5:9d:ff:29:aa:eb:c6:20:da:91:32:75:af:76:02:6d:c7:7b:
0d:d3:35:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJ0+ZJyG9G44gxy5CWvSrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyODM2MTZmMTM2MmMyNWQ4MmVjMmE3MGM0Yjk3NTA1NjVi
MTE5N2YwHhcNMjQwMTAxMjIzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWU1MDIxNzQ0M2I3ZjIyZjE5ZjBlNjBhYjZmNTVlOWFiODZmYTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWuTHvyQHFWPYGbszHQs4CSA6kgq
ULy37NADxhSGWfkKEr5apt+m2NVsJrGpjsuZ61zXbZ3BqJp6mAkCqLCPsdcLpuLv
VmLuVmfEMdvFvX8uBiXe3N1+eiq1WEDaadiP/TAx52fh0T+8Xiit0xXBtRWbcGe/
nMXYcHEddTw84tdeEVV5eE/jqXtyMkBneyLFfQY6ZQRydNf+zZkl7308D51loxF1
ssE5/7/1s1EqOF7bDiwS+fbw/QwXn+J6z8/Mc1sTk16Dqha7QcOk0IJ9sjL7mqSw
h2ohe37+EWNP30yrmYQMZMeSPw7BtS8VIvZnXodaSH0l87eLnN08VQuO5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLrlAhdEO38i8Z8OYKtvVemrhvppMB8GA1UdIwQY
MBaAFNKDYW8TYsJdguwqcMS5dQVlsRl/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG9OaGJ4Tml3bDJDN0Nwd3hMbDFCV1d4R1g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8yZmJjY2MtNjRiNi00ZjY2LTg5Njkt
YTZkMjdjNDMxODE4LzEvdXVVQ0YwUTdmeUx4bnc1Z3EyOVY2YXVHLW1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8yZmJjY2MtNjRiNi00ZjY2LTg5NjktYTZkMjdjNDMxODE4
LzEvMG9OaGJ4Tml3bDJDN0Nwd3hMbDFCV1d4R1g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTZIMA0E
AgACMAcDBQAqAbogMA0GCSqGSIb3DQEBCwUAA4IBAQALOxIsWdvaczVvPJwuIavW
tQ8S3J3RSO9SrA6LNY8W57SudPuEuI/doWz/vmtpOIllx7xfRlSx/8Ji3VPaIxok
CTpy1KSXPjx4M2vbGBXCtKQy9N3K62Zw4o8jhR5vPZegbWEuqfcoH0Z7wvqI/pXa
h/JSStD0czxKhrqmrVlxWFqDhxBG76DOuZKyZxoL175YOKaEpMeq6u0iSEcTdx4i
J7pi5VpXMFV3ypAqFatraFFxLGHyFrqpwpgBuan+SbIymYYkIdHT9tbD6vxMKL5X
tEVcWLhw8mes8rJB2OjKcZF0yaCb0p3F7I/1nf8pquvGINqRMnWvdgJtx3sN0zV3
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:41:40 2024 by rpki-client on console-ams.rpki-client.org