Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/UC7baScaRMmKC_CIiU4krHcTwT4.roa
File: UC7baScaRMmKC_CIiU4krHcTwT4.roa (raw, json)
Hash identifier: EIomMnKX8qbDHOJ8ajo1J/G6IOmhP+IBUur+PRGPRlY=
Subject key identifier: 50:2E:DB:69:27:1A:44:C9:8A:0B:F0:88:89:4E:24:AC:77:13:C1:3E
Certificate issuer: /CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Certificate serial: 018CC8019E7DE93598F9103895CDA1DA1AD3
Authority key identifier: FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/UC7baScaRMmKC_CIiU4krHcTwT4.roa
Signing time: Tue 02 Jan 2024 02:29:58 +0000
ROA not before: Tue 02 Jan 2024 02:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9137
IP address blocks: 213.204.0.0/19 maxlen: 19
204.14.244.0/22 maxlen: 22
185.82.56.0/22 maxlen: 22
2a02:5640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/_vMpNgwbb8r79SU6ZX4-nX8iT34.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/_vMpNgwbb8r79SU6ZX4-nX8iT34.mft
rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 19:03:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:9e:7d:e9:35:98:f9:10:38:95:cd:a1:da:1a:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Validity
Not Before: Jan 2 02:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=502edb69271a44c98a0bf088894e24ac7713c13e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7d:e9:9a:83:0f:c3:c8:00:8f:64:c1:ad:be:
f2:90:d9:3c:db:fe:88:a9:25:91:68:5d:7a:8c:7b:
b7:84:b4:a8:d4:11:6c:76:ad:87:03:da:60:e6:65:
80:23:3d:6d:22:be:a1:1c:21:3f:2e:60:d0:af:83:
64:20:21:04:28:c8:51:34:81:eb:a4:c4:aa:0b:a1:
f9:58:10:2a:7d:a3:9d:13:de:1b:f8:4f:cf:aa:55:
1a:1e:cb:56:bc:b4:3b:91:d5:e3:a1:73:e8:b5:0d:
16:35:f1:8f:93:e3:07:6f:8e:40:a1:43:1c:48:1f:
10:4f:39:7b:88:c9:68:0f:dc:fe:06:d8:d4:11:df:
5a:b8:b0:4e:45:03:f0:08:f4:34:13:b8:e6:6c:3f:
a9:a3:95:48:42:b7:a1:de:9e:16:20:e4:74:9e:42:
d3:c5:3e:2e:51:7a:9c:09:5e:1b:22:38:31:4a:fd:
30:59:27:5b:3b:75:0b:3f:3d:9d:a5:50:2f:7a:b0:
47:89:bf:5d:bd:b4:7f:56:c9:fc:66:11:19:76:d7:
b9:2c:65:20:03:be:85:0a:60:ea:c0:cb:c7:5f:ae:
f9:b8:2a:93:ff:48:0c:bb:63:0a:4f:6b:11:16:0c:
58:e5:47:a7:a1:b3:30:26:75:d7:56:99:f6:1d:b7:
3a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:2E:DB:69:27:1A:44:C9:8A:0B:F0:88:89:4E:24:AC:77:13:C1:3E
X509v3 Authority Key Identifier:
keyid:FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/UC7baScaRMmKC_CIiU4krHcTwT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/_vMpNgwbb8r79SU6ZX4-nX8iT34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.56.0/22
204.14.244.0/22
213.204.0.0/19
IPv6:
2a02:5640::/29
Signature Algorithm: sha256WithRSAEncryption
1b:5d:ff:b9:53:16:94:91:e7:0c:32:05:c1:c3:a7:dd:72:fc:
e4:57:11:aa:8e:e8:d2:c9:28:f9:52:5d:a6:b3:d7:98:a7:8a:
a1:34:e1:d1:3c:50:77:fd:fa:eb:c6:72:46:75:8e:eb:8e:07:
b7:1c:cf:90:ba:66:0b:ea:1b:47:bf:bb:e6:44:4b:c9:ee:f3:
fe:ca:c0:91:06:83:e6:c8:d3:5d:a7:db:59:30:eb:51:c6:ce:
b0:ec:e0:1e:ab:d4:e4:3b:02:8c:8f:e7:7c:19:6d:ee:47:0d:
da:20:bf:62:dc:bf:70:c0:32:72:07:2f:d0:85:c0:50:04:93:
8e:27:df:09:94:00:1f:e0:a2:c3:5a:03:a1:ea:30:93:f4:54:
da:1f:b4:8e:f4:70:e9:c9:f9:1e:7e:7c:89:da:ec:a3:78:ea:
07:b5:51:62:13:8e:68:22:90:81:11:3f:f4:c0:2a:24:0e:e6:
82:a5:f3:36:32:23:a1:e9:76:37:ac:47:56:27:32:97:dd:b4:
88:7f:03:14:fe:e7:e0:1c:c4:23:81:c2:4c:04:77:68:bd:57:
72:d0:90:f3:d5:95:db:ab:c3:51:75:13:4a:0d:3f:41:e2:62:
08:b6:29:68:78:53:21:92:e2:61:94:4d:12:78:5b:1e:d1:f0:
53:12:84:4c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIAZ596TWY+RA4lc2h2hrTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZjMyOTM2MGMxYjZmY2FmYmY1MjUzYTY1N2UzZTlkN2Yy
MjRmN2UwHhcNMjQwMTAyMDIyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDJlZGI2OTI3MWE0NGM5OGEwYmYwODg4OTRlMjRhYzc3MTNjMTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo33pmoMPw8gAj2TBrb7ykNk82/6I
qSWRaF16jHu3hLSo1BFsdq2HA9pg5mWAIz1tIr6hHCE/LmDQr4NkICEEKMhRNIHr
pMSqC6H5WBAqfaOdE94b+E/PqlUaHstWvLQ7kdXjoXPotQ0WNfGPk+MHb45AoUMc
SB8QTzl7iMloD9z+BtjUEd9auLBORQPwCPQ0E7jmbD+po5VIQreh3p4WIOR0nkLT
xT4uUXqcCV4bIjgxSv0wWSdbO3ULPz2dpVAverBHib9dvbR/Vsn8ZhEZdte5LGUg
A76FCmDqwMvHX675uCqT/0gMu2MKT2sRFgxY5UenobMwJnXXVpn2Hbc6kQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFAu22knGkTJigvwiIlOJKx3E8E+MB8GA1UdIwQY
MBaAFP7zKTYMG2/K+/UlOmV+Pp1/Ik9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgt
NTAwYjg4MzQyODllLzEvVUM3YmFTY2FSTW1LQ19DSWlVNGtySGNUd1Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgtNTAwYjg4MzQyODll
LzEvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuVI4AwQC
zA70AwQF1cwAMA0EAgACMAcDBQMqAlZAMA0GCSqGSIb3DQEBCwUAA4IBAQAbXf+5
UxaUkecMMgXBw6fdcvzkVxGqjujSySj5Ul2ms9eYp4qhNOHRPFB3/frrxnJGdY7r
jge3HM+QumYL6htHv7vmREvJ7vP+ysCRBoPmyNNdp9tZMOtRxs6w7OAeq9TkOwKM
j+d8GW3uRw3aIL9i3L9wwDJyBy/QhcBQBJOOJ98JlAAf4KLDWgOh6jCT9FTaH7SO
9HDpyfkefnyJ2uyjeOoHtVFiE45oIpCBET/0wCokDuaCpfM2MiOh6XY3rEdWJzKX
3bSIfwMU/ufgHMQjgcJMBHdovVdy0JDz1ZXbq8NRdRNKDT9B4mIItiloeFMhkuJh
lE0SeFse0fBTEoRM
-----END CERTIFICATE-----
Generated at Sat Sep 28 04:44:05 2024 by rpki-client on console-ams.rpki-client.org