Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/U9pf3yBNWK9FzsLtCKWrRg2txEo.roa
File: U9pf3yBNWK9FzsLtCKWrRg2txEo.roa (raw, json)
Hash identifier: X8G23lpq/eyxZlgnp4XzV/rRkeWmaicDk/Pr7VtTWsY=
Subject key identifier: 53:DA:5F:DF:20:4D:58:AF:45:CE:C2:ED:08:A5:AB:46:0D:AD:C4:4A
Certificate issuer: /CN=179301dcc7fae4f7ce01e4987a77cb82a336abff
Certificate serial: 018CC26CF71D76A548FE9F8A40A6D70D496C
Authority key identifier: 17:93:01:DC:C7:FA:E4:F7:CE:01:E4:98:7A:77:CB:82:A3:36:AB:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/U9pf3yBNWK9FzsLtCKWrRg2txEo.roa
Signing time: Mon 01 Jan 2024 00:29:30 +0000
ROA not before: Mon 01 Jan 2024 00:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202141
IP address blocks: 88.199.95.0/24 maxlen: 24
88.199.94.0/24 maxlen: 24
82.160.140.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/F5MB3Mf65PfOAeSYenfLgqM2q_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/F5MB3Mf65PfOAeSYenfLgqM2q_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f7:1d:76:a5:48:fe:9f:8a:40:a6:d7:0d:49:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=179301dcc7fae4f7ce01e4987a77cb82a336abff
Validity
Not Before: Jan 1 00:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53da5fdf204d58af45cec2ed08a5ab460dadc44a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:12:b4:c9:8c:e8:4e:01:ad:10:ce:e5:02:5b:
d0:31:21:93:f1:52:da:10:5a:db:3f:d0:42:40:6f:
16:8e:5c:19:2c:74:a7:41:2c:65:8d:fe:36:b1:1e:
1e:30:05:8f:9b:d9:6a:97:10:66:81:67:c8:d1:80:
cb:9b:38:ee:f3:c8:4b:00:ca:94:4e:67:ea:be:c3:
46:ef:05:a3:d9:10:3c:fa:43:1b:ca:a7:40:ac:35:
b9:60:fe:1e:65:ee:46:c3:07:88:bf:99:ba:16:4c:
19:a9:a6:03:13:bb:be:93:1f:4b:cf:c6:3b:f2:85:
e5:d1:45:36:9a:62:12:12:30:a9:93:6d:c1:8b:2e:
a2:3c:da:93:da:28:90:58:e2:68:d6:28:7b:4e:54:
d3:a6:6f:5b:c3:82:37:80:8c:83:49:33:db:e6:f4:
c5:86:71:24:1e:71:39:44:c4:ac:e2:47:ad:42:06:
dd:d4:62:39:7b:7c:1e:1e:1e:0f:5e:a6:ff:84:a6:
9e:27:0e:d3:dc:76:1f:58:30:5c:c8:e0:f8:52:4e:
39:50:10:f8:d8:8e:90:ff:0e:17:bd:b1:9a:7a:02:
42:6a:f4:44:1e:3f:55:9f:ef:51:66:f3:68:35:d3:
bf:af:dd:c6:c3:a1:55:f5:54:d2:54:15:1f:8e:3a:
75:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:DA:5F:DF:20:4D:58:AF:45:CE:C2:ED:08:A5:AB:46:0D:AD:C4:4A
X509v3 Authority Key Identifier:
keyid:17:93:01:DC:C7:FA:E4:F7:CE:01:E4:98:7A:77:CB:82:A3:36:AB:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/U9pf3yBNWK9FzsLtCKWrRg2txEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/F5MB3Mf65PfOAeSYenfLgqM2q_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.160.140.0/23
88.199.94.0/23
Signature Algorithm: sha256WithRSAEncryption
63:13:8e:e4:10:00:a9:a5:3e:66:ec:33:b0:d3:7b:d9:71:90:
8f:30:91:92:89:79:5c:39:cd:f2:aa:ad:82:fa:27:31:89:ec:
26:86:d0:63:0f:8b:0f:f5:87:b1:84:95:66:59:6b:39:59:8f:
8c:43:ad:7a:a6:30:1e:35:a5:8b:89:22:e0:f4:6c:f9:54:ef:
33:5c:ae:4f:93:01:ca:0e:8a:74:82:a8:ac:9d:4d:cf:49:c2:
0d:7e:47:47:00:30:4a:78:b0:3b:3e:04:99:dc:16:9b:f4:0c:
09:5f:eb:6b:17:c0:ea:5d:e6:1f:75:76:4d:06:c1:ac:32:4a:
4a:2d:6e:75:dd:e7:88:0f:7b:ea:36:62:97:ba:f7:da:7d:64:
90:7a:3b:b0:cf:a4:73:a6:78:e0:63:5e:03:8b:b9:97:c7:5d:
50:3e:4e:70:89:d3:00:e1:91:a0:da:cf:6a:59:bb:56:20:e5:
62:c3:6b:b1:8f:84:ca:bc:49:fd:88:20:92:9b:dc:70:cd:a4:
a8:d2:d5:d4:f9:b7:04:60:03:bc:8d:5d:61:1c:19:69:4c:4a:
ca:eb:cf:2d:8d:10:51:6a:11:df:17:59:b2:30:79:b5:87:ac:
74:b4:ba:8f:1b:6d:e6:83:ad:b1:7b:14:45:35:0e:59:49:67:
3c:87:9a:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbPcddqVI/p+KQKbXDUlsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTMwMWRjYzdmYWU0ZjdjZTAxZTQ5ODdhNzdjYjgyYTMz
NmFiZmYwHhcNMjQwMTAxMDAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2RhNWZkZjIwNGQ1OGFmNDVjZWMyZWQwOGE1YWI0NjBkYWRjNDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxK0yYzoTgGtEM7lAlvQMSGT8VLa
EFrbP9BCQG8WjlwZLHSnQSxljf42sR4eMAWPm9lqlxBmgWfI0YDLmzju88hLAMqU
TmfqvsNG7wWj2RA8+kMbyqdArDW5YP4eZe5GwweIv5m6FkwZqaYDE7u+kx9Lz8Y7
8oXl0UU2mmISEjCpk23Biy6iPNqT2iiQWOJo1ih7TlTTpm9bw4I3gIyDSTPb5vTF
hnEkHnE5RMSs4ketQgbd1GI5e3weHh4PXqb/hKaeJw7T3HYfWDBcyOD4Uk45UBD4
2I6Q/w4XvbGaegJCavREHj9Vn+9RZvNoNdO/r93Gw6FV9VTSVBUfjjp1KQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFPaX98gTVivRc7C7Qilq0YNrcRKMB8GA1UdIwQY
MBaAFBeTAdzH+uT3zgHkmHp3y4KjNqv/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVNQjNNZjY1UGZPQWVTWWVuZkxncU0ycV84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9lZDc5NjMtNzJlYS00YzFkLWFkZGQt
YWZmOTJjMTZkOGUzLzEvVTlwZjN5Qk5XSzlGenNMdENLV3JSZzJ0eEVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9lZDc5NjMtNzJlYS00YzFkLWFkZGQtYWZmOTJjMTZkOGUz
LzEvRjVNQjNNZjY1UGZPQWVTWWVuZkxncU0ycV84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUqCMAwQB
WMdeMA0GCSqGSIb3DQEBCwUAA4IBAQBjE47kEACppT5m7DOw03vZcZCPMJGSiXlc
Oc3yqq2C+icxiewmhtBjD4sP9YexhJVmWWs5WY+MQ616pjAeNaWLiSLg9Gz5VO8z
XK5PkwHKDop0gqisnU3PScINfkdHADBKeLA7PgSZ3Bab9AwJX+trF8DqXeYfdXZN
BsGsMkpKLW513eeID3vqNmKXuvfafWSQejuwz6RzpnjgY14Di7mXx11QPk5widMA
4ZGg2s9qWbtWIOViw2uxj4TKvEn9iCCSm9xwzaSo0tXU+bcEYAO8jV1hHBlpTErK
688tjRBRahHfF1myMHm1h6x0tLqPG23mg62xexRFNQ5ZSWc8h5o6
-----END CERTIFICATE-----
Generated at Tue May 28 06:14:55 2024 by rpki-client on console-ams.rpki-client.org