Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/2bb603-f479-40cb-82d4-48d672973b13/1/UZyNUYGi__JqluJa8hTsROabbEU.roa
File: UZyNUYGi__JqluJa8hTsROabbEU.roa (raw, json)
Hash identifier: 8uGwR+ldUj39kxE/2Mp27eOrDQ3Szc8ay3QcYju6q0Q=
Subject key identifier: 51:9C:8D:51:81:A2:FF:F2:6A:96:E2:5A:F2:14:EC:44:E6:9B:6C:45
Certificate issuer: /CN=1c37a9026e45b68fe4735a469b75636130ad125c
Certificate serial: 019348EDE2CCDA4900E96C7C8F479DB1E3DD
Authority key identifier: 1C:37:A9:02:6E:45:B6:8F:E4:73:5A:46:9B:75:63:61:30:AD:12:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDepAm5Fto_kc1pGm3VjYTCtElw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/2bb603-f479-40cb-82d4-48d672973b13/1/UZyNUYGi__JqluJa8hTsROabbEU.roa
Signing time: Wed 20 Nov 2024 09:36:09 +0000
ROA not before: Wed 20 Nov 2024 09:36:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210625
IP address blocks: 83.229.103.0/24 maxlen: 24
83.229.111.0/24 maxlen: 24
141.226.55.0/24 maxlen: 24
141.226.71.0/24 maxlen: 24
147.236.98.0/23 maxlen: 24
147.236.98.0/24 maxlen: 24
147.236.99.0/24 maxlen: 24
147.236.228.0/22 maxlen: 22
147.236.228.0/23 maxlen: 23
147.236.228.0/24 maxlen: 24
147.236.229.0/24 maxlen: 24
147.236.230.0/23 maxlen: 23
147.236.230.0/24 maxlen: 24
147.236.231.0/24 maxlen: 24
2a13:54c0::/29 maxlen: 36
2a13:54c1::/32 maxlen: 32
2a13:54c2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/2bb603-f479-40cb-82d4-48d672973b13/1/HDepAm5Fto_kc1pGm3VjYTCtElw.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/2bb603-f479-40cb-82d4-48d672973b13/1/HDepAm5Fto_kc1pGm3VjYTCtElw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HDepAm5Fto_kc1pGm3VjYTCtElw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:48:ed:e2:cc:da:49:00:e9:6c:7c:8f:47:9d:b1:e3:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c37a9026e45b68fe4735a469b75636130ad125c
Validity
Not Before: Nov 20 09:36:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=519c8d5181a2fff26a96e25af214ec44e69b6c45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:42:60:89:0f:d2:a6:d0:f6:ff:22:09:89:77:
4a:1b:56:b8:8d:87:02:d3:86:cd:2e:49:17:c3:a8:
d5:bf:a2:17:1a:b6:9c:f7:94:51:62:1d:d1:35:b4:
91:f2:25:ad:10:84:11:2e:62:ab:05:5c:62:ee:7f:
58:5f:68:0b:bd:ae:da:e7:a6:75:98:b4:45:22:19:
a9:d8:21:11:38:09:2f:a4:3e:b8:ca:7d:8a:02:33:
2a:3b:8c:f7:36:16:90:20:14:73:f6:c6:d4:6f:bb:
8c:9d:71:14:95:ab:c1:1e:63:3a:ce:7f:56:43:fc:
1b:cb:0a:0d:36:8f:c9:9d:0f:33:0b:13:fe:39:6f:
15:ce:e1:24:9f:ac:8c:bf:5b:1d:09:13:78:e5:47:
1b:29:5a:3b:20:e1:1d:9f:b7:48:a4:11:5f:16:35:
f2:41:39:36:09:3d:59:3e:36:dc:dc:4e:87:0a:61:
8b:55:b7:a8:cf:69:d7:38:67:60:05:06:54:77:45:
2a:fb:a2:f6:59:f9:6f:9b:9f:f3:a6:5f:a4:35:3c:
0b:f3:46:e9:34:7f:7d:85:fc:3d:ea:cd:d6:76:2d:
cb:06:29:0c:ea:52:83:07:da:e3:16:0b:2d:92:9f:
6f:8d:e7:12:c9:86:d1:5a:2c:c9:54:9f:7d:c7:2e:
b1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:9C:8D:51:81:A2:FF:F2:6A:96:E2:5A:F2:14:EC:44:E6:9B:6C:45
X509v3 Authority Key Identifier:
keyid:1C:37:A9:02:6E:45:B6:8F:E4:73:5A:46:9B:75:63:61:30:AD:12:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDepAm5Fto_kc1pGm3VjYTCtElw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/2bb603-f479-40cb-82d4-48d672973b13/1/UZyNUYGi__JqluJa8hTsROabbEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/2bb603-f479-40cb-82d4-48d672973b13/1/HDepAm5Fto_kc1pGm3VjYTCtElw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.229.103.0/24
83.229.111.0/24
141.226.55.0/24
141.226.71.0/24
147.236.98.0/23
147.236.228.0/22
IPv6:
2a13:54c0::/29
Signature Algorithm: sha256WithRSAEncryption
1e:de:d1:f3:f6:26:52:9d:d6:20:eb:ea:da:d4:1d:a8:97:d9:
21:0b:17:80:3e:43:97:28:e0:80:fb:3a:9e:7d:c5:d5:4d:31:
45:b3:c8:ad:29:5e:6c:c5:13:4a:8c:ce:81:c0:59:d1:d9:2a:
38:f3:49:64:70:22:69:59:0b:4c:32:ec:24:41:32:a5:55:ed:
0d:72:b9:8e:8e:8c:6b:30:8f:c5:d0:d7:62:ff:45:35:5d:c0:
55:b6:df:f1:59:15:cc:58:33:b0:ec:e9:2a:31:de:7c:d3:cc:
7a:88:3e:10:15:6d:95:0e:1c:65:96:fe:61:f8:1c:d8:4a:58:
c4:60:27:6e:ec:28:ef:5b:d7:d0:7e:aa:4d:53:b3:c1:d5:d2:
65:d9:25:99:c3:55:06:cc:c9:5e:92:7f:07:2d:e4:4d:92:11:
47:28:75:ce:60:2d:cf:34:46:bb:45:2e:ed:83:1f:16:0d:b5:
2e:32:6b:db:b3:26:9c:34:aa:0d:43:50:d9:86:21:74:c0:ab:
03:ac:74:71:29:cd:85:f5:1c:82:09:27:75:88:dc:76:c4:e6:
28:a3:28:73:0b:5f:d2:67:25:ec:32:44:3a:d4:70:a0:51:5a:
de:df:a1:40:94:43:94:5a:e6:d0:c3:34:35:e3:13:24:e7:66:
3b:c8:98:08
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZNI7eLM2kkA6Wx8j0edsePdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzdhOTAyNmU0NWI2OGZlNDczNWE0NjliNzU2MzYxMzBh
ZDEyNWMwHhcNMjQxMTIwMDkzNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTljOGQ1MTgxYTJmZmYyNmE5NmUyNWFmMjE0ZWM0NGU2OWI2YzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1EJgiQ/SptD2/yIJiXdKG1a4jYcC
04bNLkkXw6jVv6IXGrac95RRYh3RNbSR8iWtEIQRLmKrBVxi7n9YX2gLva7a56Z1
mLRFIhmp2CEROAkvpD64yn2KAjMqO4z3NhaQIBRz9sbUb7uMnXEUlavBHmM6zn9W
Q/wbywoNNo/JnQ8zCxP+OW8VzuEkn6yMv1sdCRN45UcbKVo7IOEdn7dIpBFfFjXy
QTk2CT1ZPjbc3E6HCmGLVbeoz2nXOGdgBQZUd0Uq+6L2Wflvm5/zpl+kNTwL80bp
NH99hfw96s3Wdi3LBikM6lKDB9rjFgstkp9vjecSyYbRWizJVJ99xy6xUQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFGcjVGBov/yapbiWvIU7ETmm2xFMB8GA1UdIwQY
MBaAFBw3qQJuRbaP5HNaRpt1Y2EwrRJcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERlcEFtNUZ0b19rYzFwR20zVmpZVEN0RWx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8yYmI2MDMtZjQ3OS00MGNiLTgyZDQt
NDhkNjcyOTczYjEzLzEvVVp5TlVZR2lfX0pxbHVKYThoVHNST2FiYkVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8yYmI2MDMtZjQ3OS00MGNiLTgyZDQtNDhkNjcyOTczYjEz
LzEvSERlcEFtNUZ0b19rYzFwR20zVmpZVEN0RWx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAU+VnAwQA
U+VvAwQAjeI3AwQAjeJHAwQBk+xiAwQCk+zkMA0EAgACMAcDBQMqE1TAMA0GCSqG
SIb3DQEBCwUAA4IBAQAe3tHz9iZSndYg6+ra1B2ol9khCxeAPkOXKOCA+zqefcXV
TTFFs8itKV5sxRNKjM6BwFnR2So480lkcCJpWQtMMuwkQTKlVe0NcrmOjoxrMI/F
0Ndi/0U1XcBVtt/xWRXMWDOw7OkqMd5808x6iD4QFW2VDhxllv5h+BzYSljEYCdu
7CjvW9fQfqpNU7PB1dJl2SWZw1UGzMlekn8HLeRNkhFHKHXOYC3PNEa7RS7tgx8W
DbUuMmvbsyacNKoNQ1DZhiF0wKsDrHRxKc2F9RyCCSd1iNx2xOYooyhzC1/SZyXs
MkQ61HCgUVre36FAlEOUWubQwzQ14xMk52Y7yJgI
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:26:05 2024 by rpki-client on console-fra.rpki-client.org