Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/uwnOoSAPK75RVzGI9-xJ0ccygG0.roa
File: uwnOoSAPK75RVzGI9-xJ0ccygG0.roa (raw, json)
Hash identifier: MZwydemFfIiyxfdvDNMWEsXHohSwyj1eWRSxp67+Ano=
Subject key identifier: BB:09:CE:A1:20:0F:2B:BE:51:57:31:88:F7:EC:49:D1:C7:32:80:6D
Certificate issuer: /CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Certificate serial: 018CC5013160377C9A47972B66933A8E6285
Authority key identifier: 10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/uwnOoSAPK75RVzGI9-xJ0ccygG0.roa
Signing time: Mon 01 Jan 2024 12:30:38 +0000
ROA not before: Mon 01 Jan 2024 12:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2110
IP address blocks: 193.95.128.0/18 maxlen: 24
194.125.0.0/17 maxlen: 17
213.202.128.0/18 maxlen: 18
192.111.39.0/24 maxlen: 24
78.16.0.0/14 maxlen: 14
212.2.160.0/19 maxlen: 19
185.146.180.0/22 maxlen: 22
185.146.180.0/24 maxlen: 24
193.120.52.0/24 maxlen: 24
194.145.128.0/21 maxlen: 21
193.120.216.0/24 maxlen: 24
194.46.192.0/18 maxlen: 18
193.120.0.0/16 maxlen: 16
193.203.128.0/19 maxlen: 19
194.165.160.0/19 maxlen: 19
2001:7c8::/29 maxlen: 29
2001:7c8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.mft
rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:31:60:37:7c:9a:47:97:2b:66:93:3a:8e:62:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Validity
Not Before: Jan 1 12:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb09cea1200f2bbe51573188f7ec49d1c732806d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8b:ed:82:17:83:14:01:a3:72:a3:ed:2a:cf:
a3:aa:1b:47:f3:c2:9b:25:30:5f:48:3d:14:38:91:
3b:5a:c5:25:e4:84:8e:da:40:4c:48:18:0c:4b:c9:
3f:93:5c:2e:bc:9a:ce:23:63:39:48:26:d8:79:d7:
d1:96:94:e9:b6:8e:32:d5:87:29:a4:81:a7:01:b2:
23:a1:81:80:f1:dc:5c:01:5a:66:b1:0f:9a:54:e5:
38:52:13:17:8e:76:42:79:eb:61:c0:7e:05:b7:b9:
a2:74:16:a7:53:c9:21:32:54:3c:9d:e3:4c:8b:68:
14:88:d1:1d:00:35:9e:48:e4:df:43:3b:5e:69:fb:
95:43:8d:58:2d:ac:26:32:33:b5:bd:eb:fc:7f:a3:
1d:92:fa:f7:a4:3e:9c:f9:4b:e9:8b:4d:b9:30:9e:
77:f6:44:33:ce:c6:5a:c5:7b:7c:3c:bd:63:52:a5:
03:c7:10:f4:74:2f:b5:fb:7e:92:ef:78:42:6f:a1:
4b:70:63:61:b9:0b:90:51:97:cf:e2:48:98:a6:6f:
f6:8f:e3:53:95:22:cb:08:e2:a2:f4:2a:ed:d8:2e:
09:70:20:26:eb:ce:f8:15:9c:63:0b:f6:38:7e:b1:
d4:d6:cb:dd:62:89:a6:53:30:20:64:1d:9f:48:18:
2b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:09:CE:A1:20:0F:2B:BE:51:57:31:88:F7:EC:49:D1:C7:32:80:6D
X509v3 Authority Key Identifier:
keyid:10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/uwnOoSAPK75RVzGI9-xJ0ccygG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.16.0.0/14
185.146.180.0/22
192.111.39.0/24
193.95.128.0/18
193.120.0.0/16
193.203.128.0/19
194.46.192.0/18
194.125.0.0/17
194.145.128.0/21
194.165.160.0/19
212.2.160.0/19
213.202.128.0/18
IPv6:
2001:7c8::/29
Signature Algorithm: sha256WithRSAEncryption
bb:27:11:74:31:b9:5d:06:26:ef:50:db:4e:ba:11:34:fe:1b:
48:36:4d:6a:29:70:35:7a:50:d0:ff:7b:bf:4d:d1:d7:55:28:
28:b4:64:9c:17:45:7d:c2:bd:d4:92:2a:05:77:d7:f3:68:d6:
53:f9:74:2e:99:4f:79:a1:18:6a:93:b4:5a:f0:36:5b:e9:5c:
a7:3d:ef:10:0b:80:7f:b8:02:db:9b:f5:6c:6b:73:3e:dd:ac:
31:0e:60:1d:5a:92:5f:a7:9d:ef:7d:1b:6b:9a:7d:88:4f:3d:
d2:43:07:88:71:79:ca:73:e9:fb:ce:f6:ae:7b:57:e4:83:23:
ca:4a:21:04:a4:8d:93:46:0f:2b:c0:f4:fb:fc:26:5f:d0:bf:
3e:75:96:16:75:d2:87:33:46:bf:b0:8a:16:6b:ad:57:20:b3:
9b:1d:7c:ca:9f:63:31:7a:09:98:94:f1:7e:61:5e:42:95:72:
fa:45:40:80:9c:1c:ce:0c:2c:cc:89:37:67:1b:7c:41:fb:3a:
05:11:09:1e:d8:d9:23:2e:30:98:b6:f3:c1:c6:33:f0:c1:66:
5f:4f:10:18:d9:41:d3:09:e7:30:75:a6:70:cb:9a:2c:d2:d7:
96:41:bf:aa:67:e7:3e:5f:25:3b:c5:8c:4e:8f:0b:69:04:f7:
38:d4:32:c6
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYzFATFgN3yaR5crZpM6jmKFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTQzYTUxOTdlYjI1NDQ0NDdlOWQzNmIzZWJmMTQ0NTJj
Nzc3ZWIwHhcNMjQwMTAxMTIzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjA5Y2VhMTIwMGYyYmJlNTE1NzMxODhmN2VjNDlkMWM3MzI4MDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYvtgheDFAGjcqPtKs+jqhtH88Kb
JTBfSD0UOJE7WsUl5ISO2kBMSBgMS8k/k1wuvJrOI2M5SCbYedfRlpTpto4y1Ycp
pIGnAbIjoYGA8dxcAVpmsQ+aVOU4UhMXjnZCeethwH4Ft7midBanU8khMlQ8neNM
i2gUiNEdADWeSOTfQzteafuVQ41YLawmMjO1vev8f6Mdkvr3pD6c+Uvpi025MJ53
9kQzzsZaxXt8PL1jUqUDxxD0dC+1+36S73hCb6FLcGNhuQuQUZfP4kiYpm/2j+NT
lSLLCOKi9Crt2C4JcCAm6874FZxjC/Y4frHU1svdYommUzAgZB2fSBgrjwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFLsJzqEgDyu+UVcxiPfsSdHHMoBtMB8GA1UdIwQY
MBaAFBBUOlGX6yVERH6dNrPr8URSx3frMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZRNlVaZnJKVVJFZnAwMnMtdnhSRkxIZC1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8xYmU3YmMtYjY0Mi00YTBkLThlNmIt
ZjdlMGM1ZTI3MDJlLzEvdXduT29TQVBLNzVSVnpHSTkteEowY2N5Z0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8xYmU3YmMtYjY0Mi00YTBkLThlNmItZjdlMGM1ZTI3MDJl
LzEvRUZRNlVaZnJKVVJFZnAwMnMtdnhSRkxIZC1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwMCThADBAK5
krQDBADAbycDBAbBX4ADAwDBeAMEBcHLgAMEBsIuwAMEB8J9AAMEA8KRgAMEBcKl
oAMEBdQCoAMEBtXKgDANBAIAAjAHAwUDIAEHyDANBgkqhkiG9w0BAQsFAAOCAQEA
uycRdDG5XQYm71DbTroRNP4bSDZNailwNXpQ0P97v03R11UoKLRknBdFfcK91JIq
BXfX82jWU/l0LplPeaEYapO0WvA2W+lcpz3vEAuAf7gC25v1bGtzPt2sMQ5gHVqS
X6ed730ba5p9iE890kMHiHF5ynPp+872rntX5IMjykohBKSNk0YPK8D0+/wmX9C/
PnWWFnXShzNGv7CKFmutVyCzmx18yp9jMXoJmJTxfmFeQpVy+kVAgJwczgwszIk3
Zxt8Qfs6BREJHtjZIy4wmLbzwcYz8MFmX08QGNlB0wnnMHWmcMuaLNLXlkG/qmfn
Pl8lO8WMTo8LaQT3ONQyxg==
-----END CERTIFICATE-----
Generated at Sun May 19 08:33:01 2024 by rpki-client on console-ams.rpki-client.org