Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d608b8-501f-491f-a2f2-10e57f56a17a/1/UcXjH2pUlPyHOSwIRazh3S_JORw.roa
File: UcXjH2pUlPyHOSwIRazh3S_JORw.roa (raw, json)
Hash identifier: 85W0QUHb0pEugRLBo1Cs6yM0Zs042tXvKvWdTCN5ouI=
Subject key identifier: 51:C5:E3:1F:6A:54:94:FC:87:39:2C:08:45:AC:E1:DD:2F:C9:39:1C
Certificate issuer: /CN=4d77ccd7a94415dfc68ccca874e94c2e8c22202d
Certificate serial: 018CC4253B8CEAE82741FD3C260EA4F9317F
Authority key identifier: 4D:77:CC:D7:A9:44:15:DF:C6:8C:CC:A8:74:E9:4C:2E:8C:22:20:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXfM16lEFd_GjMyodOlMLowiIC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d608b8-501f-491f-a2f2-10e57f56a17a/1/UcXjH2pUlPyHOSwIRazh3S_JORw.roa
Signing time: Mon 01 Jan 2024 08:30:23 +0000
ROA not before: Mon 01 Jan 2024 08:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38719
IP address blocks: 176.74.24.0/21 maxlen: 24
185.184.152.0/22 maxlen: 24
2a00:fd80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/d608b8-501f-491f-a2f2-10e57f56a17a/1/TXfM16lEFd_GjMyodOlMLowiIC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/d608b8-501f-491f-a2f2-10e57f56a17a/1/TXfM16lEFd_GjMyodOlMLowiIC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/TXfM16lEFd_GjMyodOlMLowiIC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:3b:8c:ea:e8:27:41:fd:3c:26:0e:a4:f9:31:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d77ccd7a94415dfc68ccca874e94c2e8c22202d
Validity
Not Before: Jan 1 08:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51c5e31f6a5494fc87392c0845ace1dd2fc9391c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f8:0b:ea:e6:28:e4:3c:1b:be:18:9e:7b:f3:
f4:e1:a2:f1:02:d7:33:f6:c5:fc:40:d1:ef:90:4b:
74:29:26:f3:b2:1d:fd:cc:4d:c0:8f:c2:20:5e:f4:
a4:de:f0:16:89:a7:8e:8f:64:ff:ea:42:78:9f:ae:
c6:a4:5e:10:a9:f4:90:43:d1:10:4f:2f:f6:fa:e1:
48:db:1d:38:98:71:c3:7d:ab:1d:3b:bf:ed:9a:61:
d0:d8:81:18:4c:7c:1d:c0:86:ec:7a:45:ab:c0:82:
5c:64:fd:98:6e:c7:24:63:6d:19:1e:7c:49:b6:90:
08:e1:c6:7f:39:f2:60:69:3e:2b:83:36:a5:d9:d4:
31:89:7a:92:88:e2:9b:af:bd:ef:dc:2e:74:08:cd:
7d:ca:ff:6d:5c:74:81:64:38:e2:46:25:0e:2e:8c:
b4:1a:88:3f:15:86:69:39:e2:4b:8a:1b:a5:42:b6:
fd:0c:21:08:3d:ca:85:57:33:75:cc:08:f9:86:24:
e0:56:87:1a:d1:35:8b:c8:da:23:c3:a8:ab:fa:ab:
88:3a:03:91:f0:54:b0:34:ed:6a:02:a6:0a:12:ed:
05:68:14:43:40:32:fd:12:de:09:2c:0d:f5:d0:4d:
85:bb:dd:be:5d:0b:40:3c:60:a5:b4:75:97:17:c6:
82:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:C5:E3:1F:6A:54:94:FC:87:39:2C:08:45:AC:E1:DD:2F:C9:39:1C
X509v3 Authority Key Identifier:
keyid:4D:77:CC:D7:A9:44:15:DF:C6:8C:CC:A8:74:E9:4C:2E:8C:22:20:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXfM16lEFd_GjMyodOlMLowiIC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d608b8-501f-491f-a2f2-10e57f56a17a/1/UcXjH2pUlPyHOSwIRazh3S_JORw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d608b8-501f-491f-a2f2-10e57f56a17a/1/TXfM16lEFd_GjMyodOlMLowiIC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.74.24.0/21
185.184.152.0/22
IPv6:
2a00:fd80::/32
Signature Algorithm: sha256WithRSAEncryption
69:5f:9d:27:43:4d:a8:00:40:82:3f:9b:8f:6d:4e:48:53:3d:
cc:69:fa:97:f6:a8:87:c2:33:c2:52:8b:57:5a:47:bd:3c:7d:
09:57:90:49:0a:2a:81:61:c8:79:50:02:a4:17:40:7f:54:c8:
52:d7:81:dc:7e:7c:7c:42:1c:74:85:f5:78:b3:26:42:64:b3:
af:29:d0:2f:18:b6:50:61:c1:16:d1:f2:c7:4a:b4:9a:51:09:
a9:e9:e2:8b:19:6c:21:c9:e7:4c:e0:7a:ca:60:c5:40:24:b9:
92:a2:4f:9a:64:0a:1b:5d:dc:b8:35:18:9f:12:b7:88:2d:ab:
89:8e:10:80:7f:9d:72:5f:04:d9:77:f7:01:1c:3d:23:fd:27:
9d:da:ec:b5:fa:3d:99:1c:d2:97:1b:e5:35:4b:10:5b:c5:10:
74:23:98:4d:52:fa:26:0c:6e:be:16:cd:03:f4:2d:e7:11:1c:
00:6c:2c:11:5c:36:7a:1f:6b:08:ab:fa:34:a9:38:3d:96:d9:
3b:6d:c4:c3:cd:9e:80:fc:d9:cc:ea:c4:73:88:12:3b:ac:2a:
a7:06:f4:0b:02:c8:24:2f:b2:14:44:ab:47:70:0e:dd:2b:81:
f9:f4:6d:5e:f9:65:c8:7f:b8:27:7c:c1:67:58:72:5d:29:7c:
b4:1f:fd:80
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEJTuM6ugnQf08Jg6k+TF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNzdjY2Q3YTk0NDE1ZGZjNjhjY2NhODc0ZTk0YzJlOGMy
MjIwMmQwHhcNMjQwMTAxMDgzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWM1ZTMxZjZhNTQ5NGZjODczOTJjMDg0NWFjZTFkZDJmYzkzOTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvgL6uYo5Dwbvhiee/P04aLxAtcz
9sX8QNHvkEt0KSbzsh39zE3Aj8IgXvSk3vAWiaeOj2T/6kJ4n67GpF4QqfSQQ9EQ
Ty/2+uFI2x04mHHDfasdO7/tmmHQ2IEYTHwdwIbsekWrwIJcZP2YbsckY20ZHnxJ
tpAI4cZ/OfJgaT4rgzal2dQxiXqSiOKbr73v3C50CM19yv9tXHSBZDjiRiUOLoy0
Gog/FYZpOeJLihulQrb9DCEIPcqFVzN1zAj5hiTgVoca0TWLyNojw6ir+quIOgOR
8FSwNO1qAqYKEu0FaBRDQDL9Et4JLA310E2Fu92+XQtAPGCltHWXF8aChQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFHF4x9qVJT8hzksCEWs4d0vyTkcMB8GA1UdIwQY
MBaAFE13zNepRBXfxozMqHTpTC6MIiAtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFhmTTE2bEVGZF9Hak15b2RPbE1Mb3dpSUMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kNjA4YjgtNTAxZi00OTFmLWEyZjIt
MTBlNTdmNTZhMTdhLzEvVWNYakgycFVsUHlIT1N3SVJhemgzU19KT1J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kNjA4YjgtNTAxZi00OTFmLWEyZjItMTBlNTdmNTZhMTdh
LzEvVFhmTTE2bEVGZF9Hak15b2RPbE1Mb3dpSUMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsEoYAwQC
ubiYMA0EAgACMAcDBQAqAP2AMA0GCSqGSIb3DQEBCwUAA4IBAQBpX50nQ02oAECC
P5uPbU5IUz3MafqX9qiHwjPCUotXWke9PH0JV5BJCiqBYch5UAKkF0B/VMhS14Hc
fnx8Qhx0hfV4syZCZLOvKdAvGLZQYcEW0fLHSrSaUQmp6eKLGWwhyedM4HrKYMVA
JLmSok+aZAobXdy4NRifEreILauJjhCAf51yXwTZd/cBHD0j/Sed2uy1+j2ZHNKX
G+U1SxBbxRB0I5hNUvomDG6+Fs0D9C3nERwAbCwRXDZ6H2sIq/o0qTg9ltk7bcTD
zZ6A/NnM6sRziBI7rCqnBvQLAsgkL7IURKtHcA7dK4H59G1e+WXIf7gnfMFnWHJd
KXy0H/2A
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:15:49 2024 by rpki-client on console-fra.rpki-client.org