Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/1-UngzwW9tP7x2ktKq_2hsaQk5qY.roa
File: 1-UngzwW9tP7x2ktKq_2hsaQk5qY.roa (raw, json)
Hash identifier: Mi5IDGOc+4ZZB0HrZuwzWZ1oNvQjOOTLLaOzsDZSgb8=
Subject key identifier: F9:49:E0:CF:05:BD:B4:FE:F1:DA:4B:4A:AB:FD:A1:B1:A4:24:E6:A6
Certificate issuer: /CN=8324c5df19789d5259104e0ae0dcd4672a8e2bab
Certificate serial: 018CC87144AC766333804C35D5FEA2C02113
Authority key identifier: 83:24:C5:DF:19:78:9D:52:59:10:4E:0A:E0:DC:D4:67:2A:8E:2B:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gyTF3xl4nVJZEE4K4NzUZyqOK6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/1-UngzwW9tP7x2ktKq_2hsaQk5qY.roa
Signing time: Tue 02 Jan 2024 04:31:55 +0000
ROA not before: Tue 02 Jan 2024 04:31:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8680
IP address blocks: 93.191.206.0/23 maxlen: 23
93.191.202.0/23 maxlen: 23
93.191.200.0/22 maxlen: 22
93.191.200.0/21 maxlen: 24
93.191.204.0/23 maxlen: 23
93.191.200.0/23 maxlen: 23
185.48.60.0/22 maxlen: 24
46.254.248.0/21 maxlen: 24
83.137.248.0/21 maxlen: 24
5.42.128.0/21 maxlen: 24
2a01:94a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/gyTF3xl4nVJZEE4K4NzUZyqOK6s.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/gyTF3xl4nVJZEE4K4NzUZyqOK6s.mft
rsync://rpki.ripe.net/repository/DEFAULT/gyTF3xl4nVJZEE4K4NzUZyqOK6s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:44:ac:76:63:33:80:4c:35:d5:fe:a2:c0:21:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8324c5df19789d5259104e0ae0dcd4672a8e2bab
Validity
Not Before: Jan 2 04:31:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f949e0cf05bdb4fef1da4b4aabfda1b1a424e6a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:52:74:18:5a:95:b4:e7:6f:4a:70:64:49:68:
2c:6d:1a:a3:83:b9:55:d3:1f:48:18:95:b7:e4:23:
00:58:6e:5c:de:1b:a3:0c:ff:55:2d:4e:3c:6d:14:
72:73:4b:92:56:ba:83:72:6c:0f:0b:d3:b8:81:d1:
f0:51:2c:9e:2b:6f:bf:65:b9:27:61:f7:2b:ef:67:
f6:fd:ca:37:95:23:aa:b0:aa:55:37:9f:a7:78:5b:
c0:d1:ca:ee:7e:da:60:b0:3f:74:af:87:50:64:c6:
bb:44:95:b0:fb:96:33:a2:9a:c6:09:20:7f:8f:31:
1c:2b:2a:91:0f:b3:34:36:a7:42:d1:7a:9c:af:0d:
d6:21:04:04:dd:aa:72:4f:09:f8:96:47:c9:fd:6e:
57:14:5c:18:bd:97:00:cb:b9:20:83:66:e9:7c:b5:
86:90:18:61:72:9d:f8:68:68:7c:29:43:a9:76:23:
f8:96:e2:a9:7f:0f:81:e9:08:bc:df:e7:ee:3b:79:
3f:91:0d:62:48:6c:53:16:d2:21:e7:9d:84:a4:fd:
1c:8f:c6:5c:d9:9a:40:4a:86:68:d3:f2:61:36:16:
0b:b0:3d:dc:1c:70:61:6d:08:dd:f5:05:22:83:67:
88:7c:62:29:ea:05:0a:09:79:bd:a2:ff:b6:36:a9:
59:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:49:E0:CF:05:BD:B4:FE:F1:DA:4B:4A:AB:FD:A1:B1:A4:24:E6:A6
X509v3 Authority Key Identifier:
keyid:83:24:C5:DF:19:78:9D:52:59:10:4E:0A:E0:DC:D4:67:2A:8E:2B:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gyTF3xl4nVJZEE4K4NzUZyqOK6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/1-UngzwW9tP7x2ktKq_2hsaQk5qY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/gyTF3xl4nVJZEE4K4NzUZyqOK6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.128.0/21
46.254.248.0/21
83.137.248.0/21
93.191.200.0/21
185.48.60.0/22
IPv6:
2a01:94a0::/32
Signature Algorithm: sha256WithRSAEncryption
4a:a8:17:a2:e1:e7:0e:a4:78:ac:da:58:63:c9:85:0e:15:fc:
2e:40:b4:a2:5a:2f:de:bf:cb:0f:b3:72:da:34:c1:ed:32:47:
b7:92:25:ce:bc:df:bf:2f:f7:9a:f4:57:a4:b4:fe:52:f5:37:
56:1d:cf:ac:0f:8d:85:8e:5a:8a:fe:58:8f:21:88:70:84:b1:
30:fd:b0:f2:67:c1:4c:fc:7a:89:1c:fd:48:cc:65:b1:4b:a6:
e5:d5:13:63:97:61:14:60:4b:6d:b9:fa:ac:22:d3:ab:70:10:
35:22:38:77:0d:20:7b:06:86:66:a3:82:e4:77:c9:8b:c1:d7:
71:c4:6b:09:20:3c:74:96:f0:1b:41:4c:65:25:fb:35:87:46:
d9:71:98:71:8e:aa:c4:5c:37:2e:49:82:89:b9:a1:06:f0:c3:
4b:38:b1:6b:65:32:83:47:51:08:9e:0b:26:65:17:fd:9d:f2:
dd:68:ff:ee:8e:8a:ed:2a:96:f6:3e:08:c5:c7:d8:6b:d6:04:
54:2f:fd:c3:75:b0:52:33:72:8b:be:cb:cd:9d:d4:1a:b8:1a:
3f:04:50:10:c6:a6:bc:03:de:38:a4:c3:df:cb:b9:21:d6:d3:
ef:5b:86:bd:7d:d5:7e:d8:9b:ff:78:cd:7a:12:13:d1:b8:8a:
86:35:55:18
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzIcUSsdmMzgEw11f6iwCETMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMjRjNWRmMTk3ODlkNTI1OTEwNGUwYWUwZGNkNDY3MmE4
ZTJiYWIwHhcNMjQwMTAyMDQzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTQ5ZTBjZjA1YmRiNGZlZjFkYTRiNGFhYmZkYTFiMWE0MjRlNmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1J0GFqVtOdvSnBkSWgsbRqjg7lV
0x9IGJW35CMAWG5c3hujDP9VLU48bRRyc0uSVrqDcmwPC9O4gdHwUSyeK2+/Zbkn
Yfcr72f2/co3lSOqsKpVN5+neFvA0cruftpgsD90r4dQZMa7RJWw+5YzoprGCSB/
jzEcKyqRD7M0NqdC0Xqcrw3WIQQE3apyTwn4lkfJ/W5XFFwYvZcAy7kgg2bpfLWG
kBhhcp34aGh8KUOpdiP4luKpfw+B6Qi83+fuO3k/kQ1iSGxTFtIh552EpP0cj8Zc
2ZpASoZo0/JhNhYLsD3cHHBhbQjd9QUig2eIfGIp6gUKCXm9ov+2NqlZ9QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFPlJ4M8FvbT+8dpLSqv9obGkJOamMB8GA1UdIwQY
MBaAFIMkxd8ZeJ1SWRBOCuDc1GcqjiurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3lURjN4bDRuVkpaRUU0SzROelVaeXFPSzZzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80YjJlNDktZjY2Ny00OTRhLWFmZTkt
NmRmM2U0YTRlZWIxLzEvMS1Vbmd6d1c5dFA3eDJrdEtxXzJoc2FRazVxWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTMvNGIyZTQ5LWY2NjctNDk0YS1hZmU5LTZkZjNlNGE0ZWVi
MS8xL2d5VEYzeGw0blZKWkVFNEs0TnpVWnlxT0s2cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBGBggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAwUqgAME
Ay7++AMEA1OJ+AMEA12/yAMEArkwPDANBAIAAjAHAwUAKgGUoDANBgkqhkiG9w0B
AQsFAAOCAQEASqgXouHnDqR4rNpYY8mFDhX8LkC0olov3r/LD7Ny2jTB7TJHt5Il
zrzfvy/3mvRXpLT+UvU3Vh3PrA+NhY5aiv5YjyGIcISxMP2w8mfBTPx6iRz9SMxl
sUum5dUTY5dhFGBLbbn6rCLTq3AQNSI4dw0gewaGZqOC5HfJi8HXccRrCSA8dJbw
G0FMZSX7NYdG2XGYcY6qxFw3LkmCibmhBvDDSzixa2Uyg0dRCJ4LJmUX/Z3y3Wj/
7o6K7SqW9j4IxcfYa9YEVC/9w3WwUjNyi77LzZ3UGrgaPwRQEMamvAPeOKTD38u5
IdbT71uGvX3Vftib/3jNehIT0biKhjVVGA==
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:04:05 2024 by rpki-client on console-ams.rpki-client.org