Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/uofbaMoDPTuoioWuFkVHfuICmig.roa
File: uofbaMoDPTuoioWuFkVHfuICmig.roa (raw, json)
Hash identifier: v44HREUmJ31JjUN0dv0xcbJSSAzEo+DIAwWo00zVuHU=
Subject key identifier: BA:87:DB:68:CA:03:3D:3B:A8:8A:85:AE:16:45:47:7E:E2:02:9A:28
Certificate issuer: /CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486
Certificate serial: 018CC2DB547A2A3CBA59BB1B64C786C3976A
Authority key identifier: 32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/uofbaMoDPTuoioWuFkVHfuICmig.roa
Signing time: Mon 01 Jan 2024 02:30:03 +0000
ROA not before: Mon 01 Jan 2024 02:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38983
IP address blocks: 5.172.216.0/21 maxlen: 24
185.64.192.0/22 maxlen: 24
188.126.96.0/19 maxlen: 24
185.122.152.0/22 maxlen: 22
188.126.108.0/23 maxlen: 23
188.126.112.0/21 maxlen: 22
2a09:f400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/Mjq1upi-9dDZvQzqAxof4Td3pIY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/Mjq1upi-9dDZvQzqAxof4Td3pIY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:54:7a:2a:3c:ba:59:bb:1b:64:c7:86:c3:97:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486
Validity
Not Before: Jan 1 02:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba87db68ca033d3ba88a85ae1645477ee2029a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:fa:df:7d:0b:b4:93:9d:83:4a:84:6f:bd:dc:
ea:7f:6f:27:da:3f:f3:2e:73:46:df:03:f0:45:0a:
80:1b:a6:3b:3f:b1:a6:87:ac:0d:bf:69:d6:1a:5a:
87:51:50:5a:23:87:3d:c2:4f:6b:8a:53:1b:74:4a:
8f:65:83:b2:63:a9:e5:48:43:ce:b8:eb:02:dd:f8:
bd:1a:fc:8f:2f:2f:95:21:bc:e4:86:97:5d:b5:bd:
48:3e:b1:99:6a:d5:ab:ce:78:21:f0:14:c7:73:ce:
70:a3:84:fa:da:a6:b7:77:4f:e6:bc:5a:af:02:c0:
15:17:86:46:d6:92:4e:7b:fc:1c:fd:1a:4f:f6:e8:
11:86:16:99:f8:f1:85:72:09:30:7c:be:b8:39:14:
98:a5:6b:68:ce:87:44:ac:ff:3d:aa:51:00:ed:2f:
3f:a0:f3:09:2e:cf:8e:b9:ff:55:29:fc:a2:d0:38:
27:74:13:eb:3c:4d:c3:6c:6e:d9:00:31:91:c4:ec:
b7:71:6f:0a:3c:a5:35:ab:4b:42:63:4b:fe:cd:fd:
c2:cb:c9:b9:81:09:57:42:49:71:7e:b4:e1:6c:2f:
25:7b:cd:fe:04:bd:14:42:7a:ab:c1:a7:a5:66:06:
3d:50:a0:fb:f1:51:db:b0:3d:a7:74:25:36:d6:91:
3e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:87:DB:68:CA:03:3D:3B:A8:8A:85:AE:16:45:47:7E:E2:02:9A:28
X509v3 Authority Key Identifier:
keyid:32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/uofbaMoDPTuoioWuFkVHfuICmig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/Mjq1upi-9dDZvQzqAxof4Td3pIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.216.0/21
185.64.192.0/22
185.122.152.0/22
188.126.96.0/19
IPv6:
2a09:f400::/29
Signature Algorithm: sha256WithRSAEncryption
00:19:d4:21:4f:a2:32:82:b7:0b:10:59:88:c9:86:f7:c4:c3:
c1:51:74:69:68:fc:17:f3:ea:85:02:d8:44:35:91:e3:d7:c4:
31:f0:58:4e:ec:f9:45:ea:0a:a2:95:c9:5c:ec:cd:9b:c7:dd:
ce:82:26:c1:ac:bf:2c:ee:92:eb:ac:a7:6c:f4:c9:38:9d:36:
bf:96:48:c3:9a:09:01:5c:fd:5e:dc:d5:51:ab:fc:99:29:b1:
b4:b4:36:aa:f3:61:71:2b:b3:30:80:96:d2:3f:0f:b5:56:a3:
6e:85:01:45:11:59:52:4f:53:35:a5:13:e7:f9:d1:9b:8e:45:
9b:a5:84:b8:d2:35:e4:d0:f8:75:13:cc:ed:f2:c5:46:1a:c9:
a0:fb:94:06:df:00:6d:54:68:82:92:6c:85:30:cb:bc:92:ba:
a1:6b:06:44:19:aa:a7:bd:29:29:c2:a8:06:71:33:72:50:4a:
67:d1:37:f4:0f:69:89:15:3f:d9:1f:ef:d9:4f:7c:62:cd:db:
37:27:eb:2d:68:2a:c7:1a:3f:80:1f:3f:72:10:77:7b:00:e2:
d9:51:55:6b:b9:41:c9:4e:e7:a1:0b:7b:f5:91:13:3d:f7:3c:
77:54:d4:a8:4d:f6:bc:1c:7f:a0:ac:78:f3:a7:ae:72:99:ec:
3e:73:67:9b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzC21R6Kjy6WbsbZMeGw5dqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyM2FiNWJhOThiZWY1ZDBkOWJkMGNlYTAzMWExZmUxMzc3
N2E0ODYwHhcNMjQwMTAxMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTg3ZGI2OGNhMDMzZDNiYTg4YTg1YWUxNjQ1NDc3ZWUyMDI5YTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/rffQu0k52DSoRvvdzqf28n2j/z
LnNG3wPwRQqAG6Y7P7Gmh6wNv2nWGlqHUVBaI4c9wk9rilMbdEqPZYOyY6nlSEPO
uOsC3fi9GvyPLy+VIbzkhpddtb1IPrGZatWrzngh8BTHc85wo4T62qa3d0/mvFqv
AsAVF4ZG1pJOe/wc/RpP9ugRhhaZ+PGFcgkwfL64ORSYpWtozodErP89qlEA7S8/
oPMJLs+Ouf9VKfyi0DgndBPrPE3DbG7ZADGRxOy3cW8KPKU1q0tCY0v+zf3Cy8m5
gQlXQklxfrThbC8le83+BL0UQnqrwaelZgY9UKD78VHbsD2ndCU21pE+RQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLqH22jKAz07qIqFrhZFR37iApooMB8GA1UdIwQY
MBaAFDI6tbqYvvXQ2b0M6gMaH+E3d6SGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWpxMXVwaS05ZERadlF6cUF4b2Y0VGQzcElZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9iMDEyOTAtZDc2ZC00MmQ4LWEyMzQt
Zjk1MTI0OTllMDVjLzEvdW9mYmFNb0RQVHVvaW9XdUZrVkhmdUlDbWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9iMDEyOTAtZDc2ZC00MmQ4LWEyMzQtZjk1MTI0OTllMDVj
LzEvTWpxMXVwaS05ZERadlF6cUF4b2Y0VGQzcElZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBazYAwQC
uUDAAwQCuXqYAwQFvH5gMA0EAgACMAcDBQMqCfQAMA0GCSqGSIb3DQEBCwUAA4IB
AQAAGdQhT6IygrcLEFmIyYb3xMPBUXRpaPwX8+qFAthENZHj18Qx8FhO7PlF6gqi
lclc7M2bx93OgibBrL8s7pLrrKds9Mk4nTa/lkjDmgkBXP1e3NVRq/yZKbG0tDaq
82FxK7MwgJbSPw+1VqNuhQFFEVlST1M1pRPn+dGbjkWbpYS40jXk0Ph1E8zt8sVG
Gsmg+5QG3wBtVGiCkmyFMMu8krqhawZEGaqnvSkpwqgGcTNyUEpn0Tf0D2mJFT/Z
H+/ZT3xizds3J+staCrHGj+AHz9yEHd7AOLZUVVruUHJTuehC3v1kRM99zx3VNSo
Tfa8HH+grHjzp65ymew+c2eb
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:50:28 2024 by rpki-client on console-fra.rpki-client.org