Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/UzHt5wWZJyfglmoovwxftAIEOm4.roa
File: UzHt5wWZJyfglmoovwxftAIEOm4.roa (raw, json)
Hash identifier: F5n2TvY5m9QoVL+cZ5B2W01lG7C3mfIueufndhem/dQ=
Subject key identifier: 53:31:ED:E7:05:99:27:27:E0:96:6A:28:BF:0C:5F:B4:02:04:3A:6E
Certificate issuer: /CN=fbfcd4515b493039216758de738e4f1ae8e3224c
Certificate serial: 018CC56E740ACC3C7DE61CD49440B09C899C
Authority key identifier: FB:FC:D4:51:5B:49:30:39:21:67:58:DE:73:8E:4F:1A:E8:E3:22:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_zUUVtJMDkhZ1jec45PGujjIkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/UzHt5wWZJyfglmoovwxftAIEOm4.roa
Signing time: Mon 01 Jan 2024 14:29:59 +0000
ROA not before: Mon 01 Jan 2024 14:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211873
IP address blocks: 185.105.40.0/22 maxlen: 24
185.149.28.0/22 maxlen: 22
2a06:34c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/1-_zUUVtJMDkhZ1jec45PGujjIkw.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/1-_zUUVtJMDkhZ1jec45PGujjIkw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-_zUUVtJMDkhZ1jec45PGujjIkw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:74:0a:cc:3c:7d:e6:1c:d4:94:40:b0:9c:89:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbfcd4515b493039216758de738e4f1ae8e3224c
Validity
Not Before: Jan 1 14:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5331ede705992727e0966a28bf0c5fb402043a6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:cd:97:74:cc:ff:bd:02:04:8a:73:11:d4:a2:
e8:c0:e7:6f:ca:6e:37:5e:5f:d7:b6:e8:80:1a:8f:
26:00:a4:e1:bd:75:ba:1f:4b:fc:c1:6d:5d:70:bd:
5d:cf:ae:9e:7d:72:3d:6b:2a:e5:a6:1f:00:cd:f1:
fc:5b:81:13:f9:98:f6:c5:62:2b:e2:5e:03:ed:7e:
4d:04:d2:1c:91:29:ab:09:0d:ae:71:11:cd:2a:ac:
0b:ba:4c:5a:a5:5c:f3:c5:bd:f9:03:db:0f:6b:f5:
27:fd:55:89:2b:a6:0a:d9:cc:d3:b7:ae:94:3c:e1:
ef:b3:0a:08:00:d5:7c:ce:5e:2b:a0:72:72:19:d8:
fb:b0:64:83:f3:dd:33:2e:a8:48:08:c5:c2:7e:d6:
09:ea:4e:f0:53:c1:9c:05:36:3f:c3:9e:8b:05:da:
b7:d1:17:3f:83:a2:1f:d5:17:65:8c:77:85:88:8a:
9c:fb:52:7e:de:13:c0:87:c0:ba:8d:63:3a:11:23:
f0:be:40:14:bb:10:5e:71:ff:e6:e3:7f:08:a9:36:
ce:2d:77:4a:f8:68:79:65:03:3b:fa:17:50:17:0d:
82:ec:47:4b:a1:f0:b7:aa:15:ea:12:94:5d:93:24:
ef:d1:38:77:6e:d7:8f:db:57:49:89:80:78:d6:41:
a4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:31:ED:E7:05:99:27:27:E0:96:6A:28:BF:0C:5F:B4:02:04:3A:6E
X509v3 Authority Key Identifier:
keyid:FB:FC:D4:51:5B:49:30:39:21:67:58:DE:73:8E:4F:1A:E8:E3:22:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_zUUVtJMDkhZ1jec45PGujjIkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/UzHt5wWZJyfglmoovwxftAIEOm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/1-_zUUVtJMDkhZ1jec45PGujjIkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.40.0/22
185.149.28.0/22
IPv6:
2a06:34c0::/29
Signature Algorithm: sha256WithRSAEncryption
04:91:1d:91:f2:67:f1:3b:4e:2f:dd:0e:19:a1:0a:ca:ba:d5:
32:e8:67:88:1f:be:86:77:d9:a8:20:0b:36:a8:54:f6:ec:4c:
50:39:8d:66:0f:a9:4d:c8:40:65:ca:db:54:56:f4:0e:00:5f:
dd:80:0b:0a:b7:62:33:bb:6b:2e:bb:88:83:d4:30:67:29:bd:
4c:7e:0c:a0:8f:a4:6e:17:92:fd:76:d2:4b:b4:dd:c8:0c:39:
75:51:22:4d:4f:81:82:47:ca:92:2e:ec:0b:15:a7:d7:da:b6:
30:82:5c:76:9e:9f:62:32:a3:2b:f7:2c:3e:cc:e0:0d:05:ed:
f8:7f:6b:7c:51:d1:47:ae:f8:ca:6d:20:00:7e:ea:e1:6c:cd:
61:4d:5c:30:ad:72:fa:cb:eb:84:73:49:ae:cb:b4:bd:fe:5b:
5a:74:bf:24:35:4a:ce:7c:23:ca:43:2e:47:70:e9:14:e0:2e:
80:13:10:75:3f:74:b5:4a:b0:6d:79:db:36:28:6b:ee:9e:07:
13:30:4a:c7:2a:0e:af:6f:01:73:98:66:92:49:16:61:2e:40:
2f:10:61:a3:9e:cc:af:6d:f2:08:f5:95:d6:f1:18:f9:21:c1:
48:8d:aa:c4:3c:e9:d9:0e:49:0e:fc:fd:f6:66:72:47:8f:04:
4e:25:c0:87
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzFbnQKzDx95hzUlECwnImcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZmNkNDUxNWI0OTMwMzkyMTY3NThkZTczOGU0ZjFhZThl
MzIyNGMwHhcNMjQwMTAxMTQyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzMxZWRlNzA1OTkyNzI3ZTA5NjZhMjhiZjBjNWZiNDAyMDQzYTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu82XdMz/vQIEinMR1KLowOdvym43
Xl/XtuiAGo8mAKThvXW6H0v8wW1dcL1dz66efXI9ayrlph8AzfH8W4ET+Zj2xWIr
4l4D7X5NBNIckSmrCQ2ucRHNKqwLukxapVzzxb35A9sPa/Un/VWJK6YK2czTt66U
POHvswoIANV8zl4roHJyGdj7sGSD890zLqhICMXCftYJ6k7wU8GcBTY/w56LBdq3
0Rc/g6If1RdljHeFiIqc+1J+3hPAh8C6jWM6ESPwvkAUuxBecf/m438IqTbOLXdK
+Gh5ZQM7+hdQFw2C7EdLofC3qhXqEpRdkyTv0Th3bteP21dJiYB41kGkowIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFMx7ecFmScn4JZqKL8MX7QCBDpuMB8GA1UdIwQY
MBaAFPv81FFbSTA5IWdY3nOOTxro4yJMMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1felVVVnRKTURraFoxamVjNDVQR3Vqaklrdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgvZDY0ODZhLThmZjctNDI2Zi04ZDg2
LTA5OGQwNGNlNTFiMi8xL1V6SHQ1d1daSnlmZ2xtb292d3hmdEFJRU9tNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjgvZDY0ODZhLThmZjctNDI2Zi04ZDg2LTA5OGQwNGNlNTFi
Mi8xLzEtX3pVVVZ0Sk1Ea2haMWplYzQ1UEd1ampJa3cuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAK5aSgD
BAK5lRwwDQQCAAIwBwMFAyoGNMAwDQYJKoZIhvcNAQELBQADggEBAASRHZHyZ/E7
Ti/dDhmhCsq61TLoZ4gfvoZ32aggCzaoVPbsTFA5jWYPqU3IQGXK21RW9A4AX92A
Cwq3YjO7ay67iIPUMGcpvUx+DKCPpG4Xkv120ku03cgMOXVRIk1PgYJHypIu7AsV
p9fatjCCXHaen2Iyoyv3LD7M4A0F7fh/a3xR0Ueu+MptIAB+6uFszWFNXDCtcvrL
64RzSa7LtL3+W1p0vyQ1Ss58I8pDLkdw6RTgLoATEHU/dLVKsG152zYoa+6eBxMw
SscqDq9vAXOYZpJJFmEuQC8QYaOezK9t8gj1ldbxGPkhwUiNqsQ86dkOSQ78/fZm
ckePBE4lwIc=
-----END CERTIFICATE-----
Generated at Sat May 25 09:09:37 2024 by rpki-client on console-fra.rpki-client.org