Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/uFJz_H7TsZClKsefFhZC4Yyb0fo.roa
File: uFJz_H7TsZClKsefFhZC4Yyb0fo.roa (raw, json)
Hash identifier: 6+c6jLFrjciJbVSPpoAnpK9Vf/h7WTLLN6iZYu9quys=
Subject key identifier: B8:52:73:FC:7E:D3:B1:90:A5:2A:C7:9F:16:16:42:E1:8C:9B:D1:FA
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018D5A16CB724ABE30F496E4FEC8BDF71828
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/uFJz_H7TsZClKsefFhZC4Yyb0fo.roa
Signing time: Tue 30 Jan 2024 11:17:39 +0000
ROA not before: Tue 30 Jan 2024 11:17:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209973
IP address blocks: 188.130.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 03:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:16:cb:72:4a:be:30:f4:96:e4:fe:c8:bd:f7:18:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 30 11:17:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b85273fc7ed3b190a52ac79f161642e18c9bd1fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:90:2b:e0:42:e5:d6:aa:2b:98:f1:fc:23:69:
85:6f:39:2d:4a:c8:b5:63:8f:ea:26:24:dc:4d:20:
30:eb:d2:b3:5e:44:ef:f8:05:b9:8c:e9:07:65:0f:
9a:32:ab:f6:d1:e3:70:4b:30:60:38:c0:fa:dc:6a:
02:a3:5f:4e:6d:66:0b:c6:6a:78:9f:63:db:aa:31:
9b:e2:a8:cd:fb:97:e5:26:ea:0c:08:d7:a0:40:b5:
6c:37:d3:95:ed:84:89:e1:d7:7e:70:19:28:7d:70:
f0:cd:33:d2:f2:ab:91:9a:c3:8e:6e:32:ca:09:ed:
d3:d1:7e:ea:82:27:ec:0a:87:c9:0a:59:b1:41:72:
ae:11:4b:99:71:7a:20:6d:0d:4b:b3:73:1e:93:4b:
5d:d7:fc:de:78:c0:d8:b1:f3:f3:59:50:27:d0:0c:
7c:2e:c5:41:50:a4:07:69:84:ee:43:c3:49:4c:f3:
2a:9d:69:e9:3a:6b:87:91:1f:4a:11:55:ea:44:de:
e7:26:2e:8d:ed:4e:c5:eb:13:8e:c5:61:cd:f1:c3:
9f:5f:01:cd:59:51:ca:a5:3b:7a:99:96:3c:4b:0a:
ff:db:65:af:2e:98:fe:83:53:5e:10:c4:3c:c1:89:
0a:82:a9:5b:a7:33:76:f9:85:56:99:17:b1:05:30:
60:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:52:73:FC:7E:D3:B1:90:A5:2A:C7:9F:16:16:42:E1:8C:9B:D1:FA
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/uFJz_H7TsZClKsefFhZC4Yyb0fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.130.244.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:e4:98:bd:67:d2:05:d6:66:7a:b4:22:8d:fa:84:a5:0f:60:
27:3c:be:ca:19:49:cc:25:50:a9:04:fd:f0:61:ce:41:5e:cc:
98:9e:e9:11:86:dc:09:4e:5b:9b:8a:fc:29:2c:cf:33:ee:82:
fd:eb:9d:51:5f:56:81:8b:26:e4:cf:a3:0d:78:3d:a7:0a:e4:
f2:f1:71:f4:48:a3:2e:2f:c6:3f:42:92:ba:d1:49:9d:b2:ad:
e1:60:cf:62:92:f8:72:b0:49:9e:c6:e7:69:2c:55:1d:da:f0:
55:8a:97:8c:d5:eb:3f:bd:49:53:81:64:a2:79:9c:76:90:a1:
01:bc:03:be:c4:a4:c7:4f:e9:20:ba:06:1c:49:d1:93:d3:f4:
29:75:34:e6:c7:9c:42:87:a1:fe:ae:8c:eb:7d:ef:97:30:64:
33:cd:82:37:de:28:0a:24:36:ad:c5:09:a9:11:92:83:ff:64:
bb:85:97:33:12:67:18:89:d7:e3:ce:20:30:c8:a7:ad:7b:09:
13:a7:ab:52:0e:db:39:b4:dd:3e:23:02:32:8b:38:da:d8:8d:
4d:ea:54:3d:08:48:0c:50:90:71:37:bb:ae:26:1c:1b:1a:c6:
f4:3b:8f:ba:15:aa:2c:fa:83:42:c4:7e:2f:52:c4:fd:0f:d0:
d2:b4:a8:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1aFstySr4w9Jbk/si99xgoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMTMwMTExNzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODUyNzNmYzdlZDNiMTkwYTUyYWM3OWYxNjE2NDJlMThjOWJkMWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA75Ar4ELl1qormPH8I2mFbzktSsi1
Y4/qJiTcTSAw69KzXkTv+AW5jOkHZQ+aMqv20eNwSzBgOMD63GoCo19ObWYLxmp4
n2PbqjGb4qjN+5flJuoMCNegQLVsN9OV7YSJ4dd+cBkofXDwzTPS8quRmsOObjLK
Ce3T0X7qgifsCofJClmxQXKuEUuZcXogbQ1Ls3Mek0td1/zeeMDYsfPzWVAn0Ax8
LsVBUKQHaYTuQ8NJTPMqnWnpOmuHkR9KEVXqRN7nJi6N7U7F6xOOxWHN8cOfXwHN
WVHKpTt6mZY8Swr/22WvLpj+g1NeEMQ8wYkKgqlbpzN2+YVWmRexBTBgqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLhSc/x+07GQpSrHnxYWQuGMm9H6MB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvdUZKel9IN1RzWkNsS3NlZkZoWkM0WXliMGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvIL0MA0G
CSqGSIb3DQEBCwUAA4IBAQCa5Ji9Z9IF1mZ6tCKN+oSlD2AnPL7KGUnMJVCpBP3w
Yc5BXsyYnukRhtwJTlubivwpLM8z7oL9651RX1aBiybkz6MNeD2nCuTy8XH0SKMu
L8Y/QpK60Umdsq3hYM9ikvhysEmexudpLFUd2vBVipeM1es/vUlTgWSieZx2kKEB
vAO+xKTHT+kgugYcSdGT0/QpdTTmx5xCh6H+rozrfe+XMGQzzYI33igKJDatxQmp
EZKD/2S7hZczEmcYidfjziAwyKetewkTp6tSDts5tN0+IwIyizja2I1N6lQ9CEgM
UJBxN7uuJhwbGsb0O4+6Faos+oNCxH4vUsT9D9DStKgz
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:56:20 2024 by rpki-client on console-ams.rpki-client.org