Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/UiFvEwu7zsW-6l12aWIPnZLm6aE.roa
File: UiFvEwu7zsW-6l12aWIPnZLm6aE.roa (raw, json)
Hash identifier: SooOsU7dRbaCMIqA0JDLJEaKuJ2iYt+EVKmLhFvVphg=
Subject key identifier: 52:21:6F:13:0B:BB:CE:C5:BE:EA:5D:76:69:62:0F:9D:92:E6:E9:A1
Certificate issuer: /CN=8da03e0d020efc944c1eebdaee5427d365b70076
Certificate serial: 018CC9BBDBF30B10A0E4752665FB988AB7E2
Authority key identifier: 8D:A0:3E:0D:02:0E:FC:94:4C:1E:EB:DA:EE:54:27:D3:65:B7:00:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jaA-DQIO_JRMHuva7lQn02W3AHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/UiFvEwu7zsW-6l12aWIPnZLm6aE.roa
Signing time: Tue 02 Jan 2024 10:33:01 +0000
ROA not before: Tue 02 Jan 2024 10:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202561
IP address blocks: 198.145.119.0/24 maxlen: 24
109.224.242.0/24 maxlen: 24
185.200.36.0/22 maxlen: 24
198.145.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/jaA-DQIO_JRMHuva7lQn02W3AHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/jaA-DQIO_JRMHuva7lQn02W3AHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/jaA-DQIO_JRMHuva7lQn02W3AHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:db:f3:0b:10:a0:e4:75:26:65:fb:98:8a:b7:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8da03e0d020efc944c1eebdaee5427d365b70076
Validity
Not Before: Jan 2 10:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52216f130bbbcec5beea5d7669620f9d92e6e9a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:80:c0:68:31:3c:07:dd:8b:47:ba:cb:27:a9:
9d:4a:cc:ba:ce:44:00:5e:07:1d:0b:70:90:0c:94:
75:6c:67:0a:7d:26:11:f1:56:1d:d1:96:62:a4:57:
18:a2:39:ce:e3:8b:ac:6a:92:52:89:f7:a5:72:e6:
23:f9:d7:81:ea:ae:56:98:3a:b3:fd:8c:75:13:ce:
81:6a:82:7d:9f:89:92:74:87:0e:f2:c7:1d:fd:bb:
1c:52:b6:fa:31:5e:21:3e:ff:f1:03:17:40:01:0d:
ec:35:35:d0:fc:de:52:83:81:72:a9:f8:c7:d6:8c:
4a:69:ee:34:db:ea:e1:fb:1a:58:62:0a:ef:01:3b:
15:df:fe:b8:8e:b3:d5:1d:4e:d6:ff:24:b7:21:17:
9e:dd:c4:c4:54:43:02:b6:54:97:2a:5e:33:4f:35:
a0:d8:4a:16:90:44:b5:3c:4e:d3:c5:d2:97:b5:2b:
77:c4:49:a1:38:64:a0:39:a9:06:62:d1:dd:74:ea:
4b:1d:f1:3c:87:8b:31:2d:b2:1b:c2:f7:71:40:d4:
95:bb:46:9d:65:ea:78:63:71:6d:e5:98:2e:bc:1d:
4a:1e:53:f7:29:e4:ae:94:da:90:db:7a:fb:6a:a1:
85:99:58:50:68:ea:73:8d:89:20:1a:b9:46:65:c3:
12:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:21:6F:13:0B:BB:CE:C5:BE:EA:5D:76:69:62:0F:9D:92:E6:E9:A1
X509v3 Authority Key Identifier:
keyid:8D:A0:3E:0D:02:0E:FC:94:4C:1E:EB:DA:EE:54:27:D3:65:B7:00:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jaA-DQIO_JRMHuva7lQn02W3AHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/UiFvEwu7zsW-6l12aWIPnZLm6aE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/jaA-DQIO_JRMHuva7lQn02W3AHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.242.0/24
185.200.36.0/22
198.145.118.0/23
Signature Algorithm: sha256WithRSAEncryption
10:63:f6:f8:43:5f:42:12:8d:a3:dc:01:e9:22:fb:8a:8b:57:
8b:c2:b3:5f:bc:9e:64:f1:7e:97:a8:91:c8:cf:60:d3:95:90:
ee:47:2f:f6:cd:e7:17:1d:fe:93:77:3f:4d:91:fe:c6:78:d4:
fa:75:c6:7e:fa:b8:c4:3d:90:f9:4d:21:d1:a1:8d:92:05:4f:
cf:72:33:84:43:d7:ad:32:74:37:c4:b8:fb:2a:17:e5:89:dd:
fe:2f:f9:66:bd:be:b7:45:d9:e3:ca:4e:3c:f3:f5:6d:03:1c:
ef:e5:43:fa:5c:35:df:30:8f:52:b1:25:fe:e1:d4:82:28:6c:
f9:b5:d2:25:8c:42:8b:6c:ab:fc:10:69:e8:cf:43:65:15:85:
55:7b:44:01:63:f1:f8:60:3a:2e:ba:2e:52:13:14:26:f0:65:
a5:81:22:0a:8d:b0:19:50:aa:0b:91:b8:29:ce:8f:df:fc:6f:
a6:8e:a0:9e:db:8f:0f:ae:5b:ff:ff:4e:dd:40:6e:ec:d5:f3:
89:fb:b9:b6:4a:d5:0a:26:87:3f:75:d4:49:20:98:ef:de:e0:
4d:e4:34:3a:77:0b:79:24:be:6c:8e:9b:0a:89:86:89:15:d3:
a3:74:28:79:f2:7c:67:52:1a:a2:5e:b8:93:9a:4c:4b:b9:ef:
f7:32:c3:67
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJu9vzCxCg5HUmZfuYirfiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYTAzZTBkMDIwZWZjOTQ0YzFlZWJkYWVlNTQyN2QzNjVi
NzAwNzYwHhcNMjQwMTAyMTAzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjIxNmYxMzBiYmJjZWM1YmVlYTVkNzY2OTYyMGY5ZDkyZTZlOWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04DAaDE8B92LR7rLJ6mdSsy6zkQA
XgcdC3CQDJR1bGcKfSYR8VYd0ZZipFcYojnO44usapJSifelcuYj+deB6q5WmDqz
/Yx1E86BaoJ9n4mSdIcO8scd/bscUrb6MV4hPv/xAxdAAQ3sNTXQ/N5Sg4FyqfjH
1oxKae402+rh+xpYYgrvATsV3/64jrPVHU7W/yS3IRee3cTEVEMCtlSXKl4zTzWg
2EoWkES1PE7TxdKXtSt3xEmhOGSgOakGYtHddOpLHfE8h4sxLbIbwvdxQNSVu0ad
Zep4Y3Ft5ZguvB1KHlP3KeSulNqQ23r7aqGFmVhQaOpzjYkgGrlGZcMSBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFIhbxMLu87FvupddmliD52S5umhMB8GA1UdIwQY
MBaAFI2gPg0CDvyUTB7r2u5UJ9NltwB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamFBLURRSU9fSlJNSHV2YTdsUW4wMlczQUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS81NjIxMTItYWQ0NC00ZDcxLTljYjkt
ZmI3ZDdkY2EzNGE3LzEvVWlGdkV3dTd6c1ctNmwxMmFXSVBuWkxtNmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS81NjIxMTItYWQ0NC00ZDcxLTljYjktZmI3ZDdkY2EzNGE3
LzEvamFBLURRSU9fSlJNSHV2YTdsUW4wMlczQUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbeDyAwQC
ucgkAwQBxpF2MA0GCSqGSIb3DQEBCwUAA4IBAQAQY/b4Q19CEo2j3AHpIvuKi1eL
wrNfvJ5k8X6XqJHIz2DTlZDuRy/2zecXHf6Tdz9Nkf7GeNT6dcZ++rjEPZD5TSHR
oY2SBU/PcjOEQ9etMnQ3xLj7Khflid3+L/lmvb63Rdnjyk488/VtAxzv5UP6XDXf
MI9SsSX+4dSCKGz5tdIljEKLbKv8EGnoz0NlFYVVe0QBY/H4YDouui5SExQm8GWl
gSIKjbAZUKoLkbgpzo/f/G+mjqCe248Prlv//07dQG7s1fOJ+7m2StUKJoc/ddRJ
IJjv3uBN5DQ6dwt5JL5sjpsKiYaJFdOjdCh58nxnUhqiXriTmkxLue/3MsNn
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:54:19 2024 by rpki-client on console-ams.rpki-client.org