Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/uuH8l7HE1j68kpZWjLoCbvFy7Oc.roa
File: uuH8l7HE1j68kpZWjLoCbvFy7Oc.roa (raw, json)
Hash identifier: UxWh93F+ImuKNVWcNVYl2Mn+I7QFIJ8ZlqzUkVOm7nI=
Subject key identifier: BA:E1:FC:97:B1:C4:D6:3E:BC:92:96:56:8C:BA:02:6E:F1:72:EC:E7
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 018CC56E881F96B7B26BE6E61078498EC8E1
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/uuH8l7HE1j68kpZWjLoCbvFy7Oc.roa
Signing time: Mon 01 Jan 2024 14:30:04 +0000
ROA not before: Mon 01 Jan 2024 14:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24640
IP address blocks: 80.86.182.0/23 maxlen: 23
80.86.181.0/24 maxlen: 24
81.209.180.0/22 maxlen: 22
81.209.196.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:88:1f:96:b7:b2:6b:e6:e6:10:78:49:8e:c8:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 14:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bae1fc97b1c4d63ebc9296568cba026ef172ece7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:94:1f:36:d3:0d:f5:14:88:14:ea:67:8b:a8:
dc:1e:d3:34:97:50:11:88:1b:cf:8a:58:44:e2:15:
c9:09:a8:6d:bd:f3:d6:71:94:09:ef:4f:96:7b:96:
58:45:71:62:9f:10:0e:a9:1a:a6:e0:5b:bc:2a:e8:
6a:e9:87:19:ee:48:a0:62:84:ae:b9:48:93:76:06:
4c:63:bf:43:03:76:31:20:c1:41:02:ee:e4:ae:77:
1e:f2:2c:d7:e0:7a:e9:1d:48:4a:6e:1a:ee:a9:02:
ba:6f:fa:95:c5:84:24:c4:2e:29:4a:6e:b9:75:22:
9c:58:6f:a3:68:96:54:fd:a4:cf:0f:f0:f5:3e:4a:
2b:5f:f1:a1:08:a7:c7:ee:b9:76:15:ce:ca:d3:5d:
da:4e:1d:a5:43:80:6e:5b:e0:c8:cc:3f:e8:d0:21:
15:ac:47:51:b6:6d:e7:d0:3a:f2:e1:2d:be:fd:cb:
f0:ae:6e:a9:42:21:02:16:ca:0a:e5:28:91:11:e8:
bd:aa:45:3e:7b:31:92:65:54:87:c7:9d:8e:71:32:
62:13:52:99:f2:04:52:9b:d9:f9:b7:f6:06:04:a8:
d5:f4:dc:37:46:33:30:55:23:5f:f1:ca:b5:9b:a8:
8c:ee:76:e2:b8:30:90:9c:59:ca:36:4d:37:d5:80:
72:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:E1:FC:97:B1:C4:D6:3E:BC:92:96:56:8C:BA:02:6E:F1:72:EC:E7
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/uuH8l7HE1j68kpZWjLoCbvFy7Oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.181.0-80.86.183.255
81.209.180.0/22
81.209.196.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:bc:62:61:d5:ec:44:54:c3:31:ba:11:18:d5:ac:41:d4:ec:
28:cc:00:a6:5c:34:57:d0:b7:2b:56:28:43:d2:a6:64:71:ab:
38:7a:f7:e4:e2:03:e7:98:f0:57:01:dc:2c:3d:43:51:d7:4b:
c2:58:5f:01:5e:c1:7f:be:35:1c:dd:4d:1c:03:dc:38:d2:5e:
74:1a:43:79:2e:de:16:4b:4c:97:b8:e0:da:dc:54:c1:4c:9a:
3a:6d:88:69:cb:57:25:7b:1b:5a:2b:02:29:97:2f:bc:4b:da:
0a:65:a6:ad:94:36:be:30:7c:05:ed:82:18:9a:28:4c:dc:9e:
2e:b6:4d:bb:48:64:79:04:15:43:86:63:13:3b:84:41:b3:31:
17:92:78:92:b9:31:6f:d0:69:a4:f9:1d:dc:fc:7e:fa:cb:72:
f8:23:6c:b6:dd:ae:20:92:25:17:17:f5:41:18:f2:fb:c5:48:
ba:a3:c5:97:f1:1a:b7:73:fc:c2:f1:f9:c6:9d:e1:dd:98:ef:
34:31:16:1d:dd:46:1d:1a:30:0b:e7:5b:46:b9:1a:b4:c4:c2:
46:f9:13:ce:a5:93:2f:61:6e:51:f8:8c:bc:dd:b1:fd:f1:0a:
8b:63:ec:6a:ce:7f:60:23:04:c6:8e:e9:92:c7:20:17:71:7e:
04:a7:96:4b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzFbogflreya+bmEHhJjsjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjQwMTAxMTQzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWUxZmM5N2IxYzRkNjNlYmM5Mjk2NTY4Y2JhMDI2ZWYxNzJlY2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpQfNtMN9RSIFOpni6jcHtM0l1AR
iBvPilhE4hXJCahtvfPWcZQJ70+We5ZYRXFinxAOqRqm4Fu8Kuhq6YcZ7kigYoSu
uUiTdgZMY79DA3YxIMFBAu7krnce8izX4HrpHUhKbhruqQK6b/qVxYQkxC4pSm65
dSKcWG+jaJZU/aTPD/D1PkorX/GhCKfH7rl2Fc7K013aTh2lQ4BuW+DIzD/o0CEV
rEdRtm3n0Dry4S2+/cvwrm6pQiECFsoK5SiREei9qkU+ezGSZVSHx52OcTJiE1KZ
8gRSm9n5t/YGBKjV9Nw3RjMwVSNf8cq1m6iM7nbiuDCQnFnKNk031YBy6wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLrh/JexxNY+vJKWVoy6Am7xcuznMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvdXVIOGw3SEUxajY4a3BaV2pMb0NidkZ5N09jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABQVrUD
BANQVrADBAJR0bQDBAJR0cQwDQYJKoZIhvcNAQELBQADggEBAHq8YmHV7ERUwzG6
ERjVrEHU7CjMAKZcNFfQtytWKEPSpmRxqzh69+TiA+eY8FcB3Cw9Q1HXS8JYXwFe
wX++NRzdTRwD3DjSXnQaQ3ku3hZLTJe44NrcVMFMmjptiGnLVyV7G1orAimXL7xL
2gplpq2UNr4wfAXtghiaKEzcni62TbtIZHkEFUOGYxM7hEGzMReSeJK5MW/QaaT5
Hdz8fvrLcvgjbLbdriCSJRcX9UEY8vvFSLqjxZfxGrdz/MLx+cad4d2Y7zQxFh3d
Rh0aMAvnW0a5GrTEwkb5E86lky9hblH4jLzdsf3xCotj7GrOf2AjBMaO6ZLHIBdx
fgSnlks=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:18:36 2024 by rpki-client on console-ams.rpki-client.org