Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/Uu1J__-yTKvR63rlTd24AnmAO80.roa
File: Uu1J__-yTKvR63rlTd24AnmAO80.roa (raw, json)
Hash identifier: zugdrnBohGQp/KEN0uLVP7ptm+kQznKGEzlATfccX2I=
Subject key identifier: 52:ED:49:FF:FF:B2:4C:AB:D1:EB:7A:E5:4D:DD:B8:02:79:80:3B:CD
Certificate issuer: /CN=07c40d70160f308642129a1b72ae5ae52db883c4
Certificate serial: 018CC64B39C12E455E0CC0E3683117599D3E
Authority key identifier: 07:C4:0D:70:16:0F:30:86:42:12:9A:1B:72:AE:5A:E5:2D:B8:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B8QNcBYPMIZCEpobcq5a5S24g8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/Uu1J__-yTKvR63rlTd24AnmAO80.roa
Signing time: Mon 01 Jan 2024 18:31:07 +0000
ROA not before: Mon 01 Jan 2024 18:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59666
IP address blocks: 185.51.208.0/24 maxlen: 24
185.51.209.0/24 maxlen: 24
185.51.210.0/23 maxlen: 23
185.51.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/B8QNcBYPMIZCEpobcq5a5S24g8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/B8QNcBYPMIZCEpobcq5a5S24g8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/B8QNcBYPMIZCEpobcq5a5S24g8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 13:02:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:39:c1:2e:45:5e:0c:c0:e3:68:31:17:59:9d:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07c40d70160f308642129a1b72ae5ae52db883c4
Validity
Not Before: Jan 1 18:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52ed49ffffb24cabd1eb7ae54dddb80279803bcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:db:55:75:c0:35:44:87:61:8e:2a:69:1c:82:
4a:dd:54:35:82:cf:60:20:19:d6:c8:12:7e:a5:77:
69:4d:a7:07:6c:1f:d3:5c:23:c9:1d:bc:57:42:d8:
b2:3f:03:7d:73:23:41:4f:0c:9d:be:a1:24:69:b0:
ba:25:f8:22:bf:ca:dd:86:5a:6e:91:a1:8a:2a:fb:
d2:75:85:25:dd:64:2e:f1:15:12:d0:bb:df:f4:56:
f7:07:fc:f0:25:71:2d:8f:4f:95:ac:e7:9e:7d:0c:
26:22:fb:bc:b7:c9:5f:9b:ae:bf:f7:3e:a5:1c:d3:
60:e2:39:b7:7f:db:7c:9a:1d:9e:c7:ca:aa:46:46:
14:b5:9d:9e:34:69:0d:84:4c:72:81:57:65:be:0a:
55:53:05:c7:d9:39:f2:68:b7:60:24:d1:92:58:d0:
27:57:6d:90:cf:4d:db:59:0c:2e:42:bd:17:a8:25:
5a:c2:30:22:41:a7:db:31:7e:9e:37:20:0b:d5:eb:
4d:45:09:74:1e:22:99:0f:e3:fd:63:f2:93:c7:5c:
7e:90:74:21:10:f7:e1:a2:d2:21:5c:cb:5d:0d:3a:
1e:42:11:3e:16:57:4b:87:7f:a1:df:b5:f2:28:2d:
96:87:ac:df:8b:bf:48:6e:db:91:d8:08:1f:27:ff:
3d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:ED:49:FF:FF:B2:4C:AB:D1:EB:7A:E5:4D:DD:B8:02:79:80:3B:CD
X509v3 Authority Key Identifier:
keyid:07:C4:0D:70:16:0F:30:86:42:12:9A:1B:72:AE:5A:E5:2D:B8:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B8QNcBYPMIZCEpobcq5a5S24g8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/Uu1J__-yTKvR63rlTd24AnmAO80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/B8QNcBYPMIZCEpobcq5a5S24g8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.208.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:42:93:10:be:99:d4:46:85:8c:5f:80:82:bb:91:63:25:c7:
3d:68:eb:3f:50:57:78:d2:03:46:fb:38:f1:4c:25:1e:d6:95:
b3:7b:d8:93:b4:3f:0d:2d:3f:82:0f:c3:a8:7d:1e:9a:c5:4c:
53:a8:9d:04:5b:67:6a:a2:83:50:7a:74:7d:d6:e9:83:a6:52:
d2:d9:72:a7:04:70:51:72:9b:7c:4c:ec:ca:66:db:dd:9e:08:
b0:79:d1:d5:3e:53:63:f5:a9:cf:23:b8:86:1c:6e:f1:16:c8:
2b:45:2b:af:71:e4:fe:c4:f5:53:d0:d0:1c:47:82:eb:75:22:
3f:dc:73:f4:50:06:6d:0d:50:03:26:7e:ce:06:b6:a0:e4:92:
98:b4:52:99:d4:71:bf:fd:03:32:71:a7:c0:3e:85:da:6b:23:
a9:bf:2c:46:16:1f:3c:b6:9a:92:23:46:2f:53:bd:82:d9:f6:
31:bf:14:6e:a5:03:4b:3e:54:cb:de:b8:3f:a6:ee:05:ba:2b:
a6:33:34:cf:32:4f:e9:65:03:c2:3b:af:ae:33:24:2c:7a:37:
0b:fd:7e:06:3f:84:73:0c:18:44:2f:8e:72:a5:32:90:99:53:
89:f2:03:5b:4d:1b:17:8d:5f:a4:eb:4f:0d:3c:35:d5:a0:ed:
35:1f:c5:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSznBLkVeDMDjaDEXWZ0+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YzQwZDcwMTYwZjMwODY0MjEyOWExYjcyYWU1YWU1MmRi
ODgzYzQwHhcNMjQwMTAxMTgzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmVkNDlmZmZmYjI0Y2FiZDFlYjdhZTU0ZGRkYjgwMjc5ODAzYmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNtVdcA1RIdhjippHIJK3VQ1gs9g
IBnWyBJ+pXdpTacHbB/TXCPJHbxXQtiyPwN9cyNBTwydvqEkabC6Jfgiv8rdhlpu
kaGKKvvSdYUl3WQu8RUS0Lvf9Fb3B/zwJXEtj0+VrOeefQwmIvu8t8lfm66/9z6l
HNNg4jm3f9t8mh2ex8qqRkYUtZ2eNGkNhExygVdlvgpVUwXH2TnyaLdgJNGSWNAn
V22Qz03bWQwuQr0XqCVawjAiQafbMX6eNyAL1etNRQl0HiKZD+P9Y/KTx1x+kHQh
EPfhotIhXMtdDToeQhE+FldLh3+h37XyKC2Wh6zfi79IbtuR2AgfJ/89iQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFLtSf//skyr0et65U3duAJ5gDvNMB8GA1UdIwQY
MBaAFAfEDXAWDzCGQhKaG3KuWuUtuIPEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjhRTmNCWVBNSVpDRXBvYmNxNWE1UzI0ZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lMTE2YzItOGY4Mi00Y2JhLWI1YWUt
OTdkY2JiMDA4NmUzLzEvVXUxSl9fLXlUS3ZSNjNybFRkMjRBbm1BTzgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9lMTE2YzItOGY4Mi00Y2JhLWI1YWUtOTdkY2JiMDA4NmUz
LzEvQjhRTmNCWVBNSVpDRXBvYmNxNWE1UzI0ZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTPQMA0G
CSqGSIb3DQEBCwUAA4IBAQB6QpMQvpnURoWMX4CCu5FjJcc9aOs/UFd40gNG+zjx
TCUe1pWze9iTtD8NLT+CD8OofR6axUxTqJ0EW2dqooNQenR91umDplLS2XKnBHBR
cpt8TOzKZtvdngiwedHVPlNj9anPI7iGHG7xFsgrRSuvceT+xPVT0NAcR4LrdSI/
3HP0UAZtDVADJn7OBrag5JKYtFKZ1HG//QMycafAPoXaayOpvyxGFh88tpqSI0Yv
U72C2fYxvxRupQNLPlTL3rg/pu4FuiumMzTPMk/pZQPCO6+uMyQsejcL/X4GP4Rz
DBhEL45ypTKQmVOJ8gNbTRsXjV+k608NPDXVoO01H8Vh
-----END CERTIFICATE-----
Generated at Tue May 28 20:24:34 2024 by rpki-client on console-ams.rpki-client.org