Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/46e400-87fa-49e9-9198-65b86a035a08/1/UYCxk7UJFUbh9V4wumh2YrkhmmU.roa
File: UYCxk7UJFUbh9V4wumh2YrkhmmU.roa (raw, json)
Hash identifier: fIYZAfOYru1Qp5gMWpcZbPaiyyIbfInWXVGljXXjHfs=
Subject key identifier: 51:80:B1:93:B5:09:15:46:E1:F5:5E:30:BA:68:76:62:B9:21:9A:65
Certificate issuer: /CN=0fc4f70a92d46ac02c8dfe7f975be48abd62e7a4
Certificate serial: 018CC2DAC4A1E9FA01D09E3FC73F4394887A
Authority key identifier: 0F:C4:F7:0A:92:D4:6A:C0:2C:8D:FE:7F:97:5B:E4:8A:BD:62:E7:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D8T3CpLUasAsjf5_l1vkir1i56Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/46e400-87fa-49e9-9198-65b86a035a08/1/UYCxk7UJFUbh9V4wumh2YrkhmmU.roa
Signing time: Mon 01 Jan 2024 02:29:26 +0000
ROA not before: Mon 01 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196865
IP address blocks: 178.19.160.0/21 maxlen: 21
178.19.168.0/22 maxlen: 22
185.142.168.0/22 maxlen: 22
185.75.108.0/22 maxlen: 22
109.232.136.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/46e400-87fa-49e9-9198-65b86a035a08/1/D8T3CpLUasAsjf5_l1vkir1i56Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/46e400-87fa-49e9-9198-65b86a035a08/1/D8T3CpLUasAsjf5_l1vkir1i56Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/D8T3CpLUasAsjf5_l1vkir1i56Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c4:a1:e9:fa:01:d0:9e:3f:c7:3f:43:94:88:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fc4f70a92d46ac02c8dfe7f975be48abd62e7a4
Validity
Not Before: Jan 1 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5180b193b5091546e1f55e30ba687662b9219a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:dc:40:9f:77:cc:26:54:eb:43:7e:89:64:12:
34:7e:06:25:9e:9c:30:af:78:4d:65:aa:37:9d:b7:
96:1d:46:c7:ad:33:f8:41:de:4f:67:63:0c:63:3d:
e6:70:9f:91:42:10:ab:c8:89:64:8f:94:7f:57:b2:
57:b0:13:47:26:37:a7:22:20:95:b6:6a:f8:a6:e3:
10:f3:5c:2c:35:8f:b4:58:47:d6:5a:41:c5:15:96:
07:6a:2a:1d:f0:3c:a2:89:1c:4f:fb:18:38:0d:18:
ec:6f:ef:58:fb:33:02:9b:3e:7e:cb:cb:82:76:a9:
7e:b3:35:e5:64:56:0b:98:17:77:32:89:5b:09:b5:
0c:3f:36:30:a5:c4:ef:ea:88:d7:f1:1f:27:3a:1a:
0e:04:be:05:a2:58:19:48:bb:c1:0e:0c:55:4a:c5:
bc:d6:9f:5b:b1:ed:5d:76:b0:34:84:c0:eb:d3:10:
34:21:fd:c2:b4:d4:d1:44:b9:c8:a2:60:1b:ab:f9:
99:40:c6:2a:a9:42:c9:2e:70:45:21:14:b5:ab:0b:
6d:84:d1:5b:f7:90:d3:0a:2f:72:08:70:79:f3:0c:
e6:5a:c3:f2:39:7b:96:81:e4:98:9a:72:91:58:9b:
01:78:b0:78:84:9b:4b:70:e8:1b:51:45:40:61:e9:
f2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:80:B1:93:B5:09:15:46:E1:F5:5E:30:BA:68:76:62:B9:21:9A:65
X509v3 Authority Key Identifier:
keyid:0F:C4:F7:0A:92:D4:6A:C0:2C:8D:FE:7F:97:5B:E4:8A:BD:62:E7:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D8T3CpLUasAsjf5_l1vkir1i56Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/46e400-87fa-49e9-9198-65b86a035a08/1/UYCxk7UJFUbh9V4wumh2YrkhmmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/46e400-87fa-49e9-9198-65b86a035a08/1/D8T3CpLUasAsjf5_l1vkir1i56Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.232.136.0/21
178.19.160.0-178.19.171.255
185.75.108.0/22
185.142.168.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:bf:aa:39:67:24:f9:47:a2:67:d8:a5:a1:3f:2c:8f:e4:36:
3a:39:ad:0f:de:db:b6:9f:e5:a2:75:2b:f5:40:74:30:ab:3b:
a7:84:af:12:89:ef:de:a8:8f:c9:6a:06:f2:84:fe:eb:0c:ea:
c5:aa:77:ad:f6:32:ae:57:42:f2:bb:49:1f:88:ef:88:97:a6:
c9:7d:ae:c5:28:62:d8:c7:f4:42:88:2a:bb:5c:34:2b:cf:39:
ce:9c:1c:61:13:c8:97:50:8e:fd:5a:b7:6e:18:51:f8:a4:ab:
52:eb:c7:14:77:b7:47:d1:66:87:ae:a9:11:68:f2:dd:90:0f:
1d:96:b6:72:72:cd:9b:d6:f1:88:fc:ff:17:7f:c0:36:08:f3:
91:71:c9:d9:3f:7b:62:84:32:80:ac:cf:43:b9:41:68:20:c2:
71:7f:05:ba:6f:b0:eb:cc:66:0d:ca:21:c7:d1:11:4f:e1:86:
73:29:12:87:e5:78:fb:f2:83:e0:ae:b8:55:f4:74:0a:b8:cb:
4b:91:f4:32:a7:c3:8a:78:a1:e2:4e:11:5c:8f:b1:4c:b1:af:
fe:b1:0c:9a:fa:d8:f6:90:55:63:02:7c:3c:5a:f3:b1:83:5d:
11:a1:8a:95:04:48:f8:7e:61:87:d8:b2:49:79:fd:bd:f4:20:
ca:53:87:4e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzC2sSh6foB0J4/xz9DlIh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYzRmNzBhOTJkNDZhYzAyYzhkZmU3Zjk3NWJlNDhhYmQ2
MmU3YTQwHhcNMjQwMTAxMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTgwYjE5M2I1MDkxNTQ2ZTFmNTVlMzBiYTY4NzY2MmI5MjE5YTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdxAn3fMJlTrQ36JZBI0fgYlnpww
r3hNZao3nbeWHUbHrTP4Qd5PZ2MMYz3mcJ+RQhCryIlkj5R/V7JXsBNHJjenIiCV
tmr4puMQ81wsNY+0WEfWWkHFFZYHaiod8DyiiRxP+xg4DRjsb+9Y+zMCmz5+y8uC
dql+szXlZFYLmBd3MolbCbUMPzYwpcTv6ojX8R8nOhoOBL4FolgZSLvBDgxVSsW8
1p9bse1ddrA0hMDr0xA0If3CtNTRRLnIomAbq/mZQMYqqULJLnBFIRS1qwtthNFb
95DTCi9yCHB58wzmWsPyOXuWgeSYmnKRWJsBeLB4hJtLcOgbUUVAYenyuwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFGAsZO1CRVG4fVeMLpodmK5IZplMB8GA1UdIwQY
MBaAFA/E9wqS1GrALI3+f5db5Iq9YuekMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDhUM0NwTFVhc0FzamY1X2wxdmtpcjFpNTZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS80NmU0MDAtODdmYS00OWU5LTkxOTgt
NjViODZhMDM1YTA4LzEvVVlDeGs3VUpGVWJoOVY0d3VtaDJZcmtobW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS80NmU0MDAtODdmYS00OWU5LTkxOTgtNjViODZhMDM1YTA4
LzEvRDhUM0NwTFVhc0FzamY1X2wxdmtpcjFpNTZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDbeiIMAwD
BAWyE6ADBAKyE6gDBAK5S2wDBAK5jqgwDQYJKoZIhvcNAQELBQADggEBAE6/qjln
JPlHomfYpaE/LI/kNjo5rQ/e27af5aJ1K/VAdDCrO6eErxKJ796oj8lqBvKE/usM
6sWqd632Mq5XQvK7SR+I74iXpsl9rsUoYtjH9EKIKrtcNCvPOc6cHGETyJdQjv1a
t24YUfikq1LrxxR3t0fRZoeuqRFo8t2QDx2WtnJyzZvW8Yj8/xd/wDYI85Fxydk/
e2KEMoCsz0O5QWggwnF/BbpvsOvMZg3KIcfREU/hhnMpEoflePvyg+CuuFX0dAq4
y0uR9DKnw4p4oeJOEVyPsUyxr/6xDJr62PaQVWMCfDxa87GDXRGhipUESPh+YYfY
skl5/b30IMpTh04=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:48:37 2024 by rpki-client on console-fra.rpki-client.org