Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/2cf88f-2c6a-4b48-a25e-4a8b6b4082b1/1/ucQk23cjMlYkJ0sVhAIvA7nM0PI.roa
File: ucQk23cjMlYkJ0sVhAIvA7nM0PI.roa (raw, json)
Hash identifier: wDENZC7TQGixu2f9DrGqePmSVJkx791QxEinV4EuWCw=
Subject key identifier: B9:C4:24:DB:77:23:32:56:24:27:4B:15:84:02:2F:03:B9:CC:D0:F2
Certificate issuer: /CN=039b01353e51a3a87e835963bd8833ed81853d77
Certificate serial: 018CC870832815435B13BD78F82A405994FB
Authority key identifier: 03:9B:01:35:3E:51:A3:A8:7E:83:59:63:BD:88:33:ED:81:85:3D:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A5sBNT5Ro6h-g1ljvYgz7YGFPXc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/2cf88f-2c6a-4b48-a25e-4a8b6b4082b1/1/ucQk23cjMlYkJ0sVhAIvA7nM0PI.roa
Signing time: Tue 02 Jan 2024 04:31:05 +0000
ROA not before: Tue 02 Jan 2024 04:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35260
IP address blocks: 217.26.112.0/20 maxlen: 20
2a00:1ac0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/2cf88f-2c6a-4b48-a25e-4a8b6b4082b1/1/A5sBNT5Ro6h-g1ljvYgz7YGFPXc.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/2cf88f-2c6a-4b48-a25e-4a8b6b4082b1/1/A5sBNT5Ro6h-g1ljvYgz7YGFPXc.mft
rsync://rpki.ripe.net/repository/DEFAULT/A5sBNT5Ro6h-g1ljvYgz7YGFPXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:83:28:15:43:5b:13:bd:78:f8:2a:40:59:94:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=039b01353e51a3a87e835963bd8833ed81853d77
Validity
Not Before: Jan 2 04:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9c424db7723325624274b1584022f03b9ccd0f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:74:5e:8c:3b:fd:34:7e:42:f5:30:15:f0:74:
6e:3f:77:20:d7:69:b1:1a:c0:cf:c5:ac:f6:84:b9:
a4:63:be:0c:6b:26:44:d7:c5:50:87:f9:8a:72:56:
bf:01:6b:ec:2d:be:99:08:57:22:1e:66:cc:5d:31:
02:01:c0:3f:7d:6d:a2:e1:1c:f9:81:68:37:ad:6b:
b5:31:9d:8d:a7:38:a5:3b:3d:bc:33:7f:d9:a7:1d:
04:db:12:6d:6f:3c:b4:6f:33:ec:5c:91:58:6e:97:
78:9e:9d:0c:3c:d8:13:a6:25:82:03:53:a7:bb:01:
94:ff:b9:26:83:d1:f2:0b:8b:2b:15:78:da:27:b3:
1e:dd:40:f4:fb:fa:8d:10:2c:ac:a6:95:e1:a9:af:
c8:e5:fa:eb:ba:1b:75:0b:1a:4e:2b:16:fa:36:c3:
27:d7:b6:ee:4b:74:eb:b5:c9:94:e3:64:f9:a9:0f:
a4:61:26:b9:c9:c4:87:7e:56:a7:c5:22:98:5c:2f:
fd:80:5b:15:1a:6f:18:aa:04:fc:e8:58:d2:f9:21:
a3:f4:2a:0a:63:9d:81:5b:14:7c:04:61:26:96:f8:
66:ae:2d:19:f5:ca:f2:3c:a0:c7:b8:64:52:5a:5a:
d9:99:96:f7:3e:3d:d7:d6:fe:7b:36:e7:81:d9:e6:
78:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:C4:24:DB:77:23:32:56:24:27:4B:15:84:02:2F:03:B9:CC:D0:F2
X509v3 Authority Key Identifier:
keyid:03:9B:01:35:3E:51:A3:A8:7E:83:59:63:BD:88:33:ED:81:85:3D:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A5sBNT5Ro6h-g1ljvYgz7YGFPXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/2cf88f-2c6a-4b48-a25e-4a8b6b4082b1/1/ucQk23cjMlYkJ0sVhAIvA7nM0PI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/2cf88f-2c6a-4b48-a25e-4a8b6b4082b1/1/A5sBNT5Ro6h-g1ljvYgz7YGFPXc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.26.112.0/20
IPv6:
2a00:1ac0::/32
Signature Algorithm: sha256WithRSAEncryption
8a:7e:0a:02:89:45:fe:60:28:7b:fc:99:12:b7:ac:2f:43:e5:
a7:08:0c:13:2a:65:fe:9f:aa:63:39:31:4e:e9:b0:a2:87:4a:
4b:37:13:fc:14:a3:49:a0:ab:2d:9c:76:8c:a6:c8:8b:59:d1:
4c:9b:ad:1c:e2:a5:b3:f6:44:3e:5c:9f:41:93:89:8d:a1:cf:
08:45:10:c8:38:aa:38:4a:79:31:eb:ed:63:1b:19:a8:d8:7a:
bd:c5:6e:2c:ee:72:ff:1c:f5:2d:36:8d:78:34:6e:b0:58:4f:
22:aa:68:7c:66:ca:0e:0d:e2:68:6d:88:08:55:b1:33:ef:2d:
2c:16:cd:29:c4:fa:fd:8d:97:1a:2e:15:27:d8:9a:4b:eb:c3:
4e:0a:23:7f:ec:b8:2c:1b:b7:07:7a:35:33:0a:6a:41:1d:73:
7b:56:02:2d:89:20:eb:a0:08:6b:5c:b6:f0:01:4f:3b:01:7f:
24:33:99:bb:75:cf:94:c4:33:97:c4:8b:26:37:57:b3:a7:4e:
c0:e9:5f:f1:d1:5c:b6:87:29:c4:8d:b2:07:cc:63:05:c6:26:
68:15:08:88:09:bb:84:f3:38:4f:40:a8:20:3b:86:7d:89:e6:
8c:ea:f3:c6:f7:1f:07:26:c3:82:9b:90:e4:7f:c4:37:f1:29:
1c:8c:77:48
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIcIMoFUNbE714+CpAWZT7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzOWIwMTM1M2U1MWEzYTg3ZTgzNTk2M2JkODgzM2VkODE4
NTNkNzcwHhcNMjQwMTAyMDQzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWM0MjRkYjc3MjMzMjU2MjQyNzRiMTU4NDAyMmYwM2I5Y2NkMGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXRejDv9NH5C9TAV8HRuP3cg12mx
GsDPxaz2hLmkY74MayZE18VQh/mKcla/AWvsLb6ZCFciHmbMXTECAcA/fW2i4Rz5
gWg3rWu1MZ2NpzilOz28M3/Zpx0E2xJtbzy0bzPsXJFYbpd4np0MPNgTpiWCA1On
uwGU/7kmg9HyC4srFXjaJ7Me3UD0+/qNECysppXhqa/I5frruht1CxpOKxb6NsMn
17buS3TrtcmU42T5qQ+kYSa5ycSHflanxSKYXC/9gFsVGm8YqgT86FjS+SGj9CoK
Y52BWxR8BGEmlvhmri0Z9cryPKDHuGRSWlrZmZb3Pj3X1v57NueB2eZ4BQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLnEJNt3IzJWJCdLFYQCLwO5zNDyMB8GA1UdIwQY
MBaAFAObATU+UaOofoNZY72IM+2BhT13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTVzQk5UNVJvNmgtZzFsanZZZ3o3WUdGUFhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8yY2Y4OGYtMmM2YS00YjQ4LWEyNWUt
NGE4YjZiNDA4MmIxLzEvdWNRazIzY2pNbFlrSjBzVmhBSXZBN25NMFBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8yY2Y4OGYtMmM2YS00YjQ4LWEyNWUtNGE4YjZiNDA4MmIx
LzEvQTVzQk5UNVJvNmgtZzFsanZZZ3o3WUdGUFhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2RpwMA0E
AgACMAcDBQAqABrAMA0GCSqGSIb3DQEBCwUAA4IBAQCKfgoCiUX+YCh7/JkSt6wv
Q+WnCAwTKmX+n6pjOTFO6bCih0pLNxP8FKNJoKstnHaMpsiLWdFMm60c4qWz9kQ+
XJ9Bk4mNoc8IRRDIOKo4Snkx6+1jGxmo2Hq9xW4s7nL/HPUtNo14NG6wWE8iqmh8
ZsoODeJobYgIVbEz7y0sFs0pxPr9jZcaLhUn2JpL68NOCiN/7LgsG7cHejUzCmpB
HXN7VgItiSDroAhrXLbwAU87AX8kM5m7dc+UxDOXxIsmN1ezp07A6V/x0Vy2hynE
jbIHzGMFxiZoFQiICbuE8zhPQKggO4Z9ieaM6vPG9x8HJsOCm5Dkf8Q38SkcjHdI
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:44:49 2024 by rpki-client on console-fra.rpki-client.org