Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ubuGeyr3AM_7rakNi9Ry3gpxk3U.roa
File: ubuGeyr3AM_7rakNi9Ry3gpxk3U.roa (raw, json)
Hash identifier: p4UuCgSflUj5sgjuGNy73vjnCxdl8J6JiAzKtBNrUu8=
Subject key identifier: B9:BB:86:7B:2A:F7:00:CF:FB:AD:A9:0D:8B:D4:72:DE:0A:71:93:75
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FED7521E85C3FEF1370D49583B79D0AF3
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ubuGeyr3AM_7rakNi9Ry3gpxk3U.roa
Signing time: Thu 06 Jun 2024 12:10:27 +0000
ROA not before: Thu 06 Jun 2024 12:10:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.mft
rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 07 Jun 2024 11:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ed:75:21:e8:5c:3f:ef:13:70:d4:95:83:b7:9d:0a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 6 12:10:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9bb867b2af700cffbada90d8bd472de0a719375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ef:84:f2:6c:e1:59:12:93:8b:86:a2:89:dd:
3e:00:1a:6e:c5:8c:7c:9c:fa:45:1d:46:3f:d0:b9:
d3:fd:85:8f:11:f7:ab:b8:b8:c9:58:3b:1c:02:bf:
80:83:b4:c6:c6:7f:26:0e:5b:2c:82:9b:90:ee:7d:
91:d5:f0:26:cf:b9:4b:a0:42:3b:63:76:f7:40:5e:
42:e6:c3:04:c5:1a:10:17:57:0a:0c:04:b5:ba:f8:
a2:bf:9f:7d:03:a3:05:6d:c6:5f:ce:04:c7:54:b8:
7a:15:b5:8b:a2:c8:bb:69:16:a6:78:e5:4b:44:e1:
95:94:bd:0a:2f:a9:a5:11:35:ff:cc:18:51:d9:d9:
51:20:b1:06:fd:1e:66:ad:1e:10:c3:21:59:74:cf:
a3:00:f9:f3:3c:ce:d9:26:d4:5a:55:fd:88:42:6b:
b9:c7:16:db:1d:b8:90:29:25:f5:70:a4:96:a3:9d:
9e:2b:87:bf:fd:26:c2:9f:36:78:28:8c:08:51:ee:
32:cc:82:e0:02:d8:05:e1:7d:83:89:7c:bd:31:17:
13:37:56:d8:53:f1:c3:64:7e:0c:3a:e1:41:31:67:
88:3e:fc:b2:09:72:59:74:33:36:88:83:28:c2:29:
fc:c5:f0:9a:63:d3:4c:5c:76:d8:ee:62:da:2e:6e:
40:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:BB:86:7B:2A:F7:00:CF:FB:AD:A9:0D:8B:D4:72:DE:0A:71:93:75
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ubuGeyr3AM_7rakNi9Ry3gpxk3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:14:ff:49:46:74:b4:b0:6b:61:a0:80:f7:1a:3e:14:45:6e:
ba:54:3e:09:6d:b1:fb:c6:1c:f2:50:36:0a:59:75:32:3f:76:
29:90:0d:59:86:83:a0:f6:d4:3b:66:8a:c6:d1:07:f9:e6:cd:
db:7f:e2:bc:27:49:45:43:a7:fb:fa:7f:0f:40:60:2e:36:c0:
04:7b:43:0c:1e:e2:0a:61:b5:f1:79:ea:c0:1a:d8:f8:a2:1d:
e0:d6:7d:01:11:6e:67:36:11:3b:6c:75:f9:a4:ff:10:b4:3c:
f5:68:c9:a9:c9:bd:3e:d8:25:03:40:93:2a:a7:63:b0:91:ae:
b2:32:40:eb:12:5e:7c:68:97:e9:3e:8e:22:02:43:d3:ca:e5:
1c:1e:92:d2:e2:f5:58:0f:d1:9e:85:ff:6c:11:67:90:06:8f:
f4:f2:61:66:be:cc:a3:97:2e:b3:a6:8d:d6:ef:df:d6:15:d7:
8c:a4:99:ee:18:0a:9d:63:5b:00:8e:d1:c9:f2:f7:f6:dc:ad:
b4:91:4d:03:f6:4e:c4:3f:60:7d:64:60:60:0b:a3:54:cd:f5:
9e:7b:c4:84:7c:71:6a:b2:be:e4:3b:34:93:99:7f:dd:3d:60:
1a:62:e1:3f:c2:fd:d7:bb:7e:01:43:e4:2b:e6:38:55:2d:06:
7b:5d:b8:6b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/tdSHoXD/vE3DUlYO3nQrzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA2MTIxMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWJiODY3YjJhZjcwMGNmZmJhZGE5MGQ4YmQ0NzJkZTBhNzE5Mzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt++E8mzhWRKTi4aiid0+ABpuxYx8
nPpFHUY/0LnT/YWPEferuLjJWDscAr+Ag7TGxn8mDlssgpuQ7n2R1fAmz7lLoEI7
Y3b3QF5C5sMExRoQF1cKDAS1uviiv599A6MFbcZfzgTHVLh6FbWLosi7aRameOVL
ROGVlL0KL6mlETX/zBhR2dlRILEG/R5mrR4QwyFZdM+jAPnzPM7ZJtRaVf2IQmu5
xxbbHbiQKSX1cKSWo52eK4e//SbCnzZ4KIwIUe4yzILgAtgF4X2DiXy9MRcTN1bY
U/HDZH4MOuFBMWeIPvyyCXJZdDM2iIMowin8xfCaY9NMXHbY7mLaLm5AQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLm7hnsq9wDP+62pDYvUct4KcZN1MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdWJ1R2V5cjNBTV83cmFrTmk5UnkzZ3B4azNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAcU/0lGdLSwa2GggPca
PhRFbrpUPgltsfvGHPJQNgpZdTI/dimQDVmGg6D21DtmisbRB/nmzdt/4rwnSUVD
p/v6fw9AYC42wAR7Qwwe4gphtfF56sAa2PiiHeDWfQERbmc2ETtsdfmk/xC0PPVo
yanJvT7YJQNAkyqnY7CRrrIyQOsSXnxol+k+jiICQ9PK5RwektLi9VgP0Z6F/2wR
Z5AGj/TyYWa+zKOXLrOmjdbv39YV14ykme4YCp1jWwCO0cny9/bcrbSRTQP2TsQ/
YH1kYGALo1TN9Z57xIR8cWqyvuQ7NJOZf909YBpi4T/C/de7fgFD5CvmOFUtBntd
uGs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 13:54:02 2024 by rpki-client on console-fra.rpki-client.org