Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/UYn7YK2s35596b4GDQcM1KhX0Hc.roa
File: UYn7YK2s35596b4GDQcM1KhX0Hc.roa (raw, json)
Hash identifier: IVQFNV8dWc2bL3u44R9KIX4L2EZy0qlC0yr0ljJ6KvU=
Subject key identifier: 51:89:FB:60:AD:AC:DF:9E:7D:E9:BE:06:0D:07:0C:D4:A8:57:D0:77
Certificate issuer: /CN=34f47b73ee8fbedd25f41b3b17b2be08f5bf6563
Certificate serial: 018CCA29F6A46CD064BE70BC8659866B805A
Authority key identifier: 34:F4:7B:73:EE:8F:BE:DD:25:F4:1B:3B:17:B2:BE:08:F5:BF:65:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/UYn7YK2s35596b4GDQcM1KhX0Hc.roa
Signing time: Tue 02 Jan 2024 12:33:16 +0000
ROA not before: Tue 02 Jan 2024 12:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.1.22.0/24 maxlen: 24
185.1.143.0/24 maxlen: 24
2001:7f8:c6::/48 maxlen: 48
2001:7f8:de::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:f6:a4:6c:d0:64:be:70:bc:86:59:86:6b:80:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f47b73ee8fbedd25f41b3b17b2be08f5bf6563
Validity
Not Before: Jan 2 12:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5189fb60adacdf9e7de9be060d070cd4a857d077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:be:f3:93:17:9e:ef:f6:b6:be:c9:10:90:46:
ff:bc:be:81:65:fc:9a:3f:b0:5d:d8:7c:f4:23:fa:
ed:47:a0:04:d2:c3:75:c2:0b:88:71:7f:66:3f:75:
83:c5:65:28:c6:be:00:f3:00:cb:f0:f9:a7:c0:fd:
31:43:89:15:1a:fe:64:97:9e:9a:47:60:02:26:40:
d8:7a:aa:29:56:87:60:98:f8:a6:2b:ce:d9:4e:16:
9f:7a:e6:29:0c:74:a9:06:87:38:d9:05:32:70:f7:
32:c1:6a:4a:df:45:74:38:79:f8:ac:c3:75:1a:5d:
73:cc:94:88:b3:9e:cb:f3:c2:9d:43:cc:2d:bf:11:
96:7a:70:a1:2b:0e:7a:a5:58:de:f0:e6:ed:75:1e:
64:46:52:d1:98:8c:91:e6:c5:62:e6:08:17:75:3e:
14:bc:d0:c0:ca:32:51:9d:7d:24:eb:21:ee:74:ff:
75:e5:af:79:ed:f4:de:85:cf:b8:42:55:65:b7:29:
9f:77:41:d0:90:fc:b9:e5:a0:19:60:5b:46:7f:74:
d5:1e:c6:23:84:40:29:88:69:82:7a:04:cc:d8:68:
01:13:ae:3f:45:17:df:35:97:f0:03:fc:17:4d:a8:
5b:11:6a:2a:e6:7f:01:d7:c1:b7:da:87:74:62:5d:
cc:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:89:FB:60:AD:AC:DF:9E:7D:E9:BE:06:0D:07:0C:D4:A8:57:D0:77
X509v3 Authority Key Identifier:
keyid:34:F4:7B:73:EE:8F:BE:DD:25:F4:1B:3B:17:B2:BE:08:F5:BF:65:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/UYn7YK2s35596b4GDQcM1KhX0Hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.22.0/24
185.1.143.0/24
IPv6:
2001:7f8:c6::/48
2001:7f8:de::/48
Signature Algorithm: sha256WithRSAEncryption
10:d7:8a:8f:d0:24:c3:be:66:c6:b0:2e:d7:c8:65:cb:49:c5:
cc:5f:6b:62:7a:67:47:c4:08:e2:fd:c9:67:6c:2d:74:ed:1e:
17:f3:4c:ea:62:86:14:7f:30:b5:3d:e4:df:a0:ec:28:fc:74:
9d:dc:57:e8:6b:b1:8c:71:83:c8:b7:f6:6d:9e:3c:c6:98:92:
fc:43:3e:cc:b7:a8:aa:74:80:4c:88:74:67:d8:8f:66:e0:f4:
f2:d4:9c:c7:e2:34:03:01:2f:37:db:94:cf:7b:95:24:7e:84:
ab:55:e1:47:b9:3f:51:d9:71:61:31:9a:e7:ec:79:75:4d:39:
93:08:d4:a6:6c:15:ca:7b:ce:05:fe:ee:9d:ac:10:2b:2e:11:
8c:cb:51:34:31:cf:c2:e4:31:cc:62:2b:b4:27:0b:11:42:bd:
11:7e:34:81:f6:63:10:1f:5a:26:bc:e0:57:87:aa:b8:98:ee:
17:8d:df:29:2d:eb:b7:da:ce:14:62:1c:c3:27:33:a2:79:63:
ab:ae:2c:61:a1:1d:b4:70:cc:c6:43:55:6c:3a:95:88:40:bf:
d7:6e:c2:c6:c4:b1:f2:f6:3b:fb:22:98:dc:87:31:d7:2f:3c:
76:13:ce:bd:e4:c6:a8:df:dd:8c:b2:37:37:ee:3f:84:4c:88:
e4:f8:c9:e0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzKKfakbNBkvnC8hlmGa4BaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjQ3YjczZWU4ZmJlZGQyNWY0MWIzYjE3YjJiZTA4ZjVi
ZjY1NjMwHhcNMjQwMTAyMTIzMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTg5ZmI2MGFkYWNkZjllN2RlOWJlMDYwZDA3MGNkNGE4NTdkMDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwL7zkxee7/a2vskQkEb/vL6BZfya
P7Bd2Hz0I/rtR6AE0sN1wguIcX9mP3WDxWUoxr4A8wDL8PmnwP0xQ4kVGv5kl56a
R2ACJkDYeqopVodgmPimK87ZThafeuYpDHSpBoc42QUycPcywWpK30V0OHn4rMN1
Gl1zzJSIs57L88KdQ8wtvxGWenChKw56pVje8ObtdR5kRlLRmIyR5sVi5ggXdT4U
vNDAyjJRnX0k6yHudP915a957fTehc+4QlVltymfd0HQkPy55aAZYFtGf3TVHsYj
hEApiGmCegTM2GgBE64/RRffNZfwA/wXTahbEWoq5n8B18G32od0Yl3MGwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFGJ+2CtrN+efem+Bg0HDNSoV9B3MB8GA1UdIwQY
MBaAFDT0e3Puj77dJfQbOxeyvgj1v2VjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBSN2MtNlB2dDBsOUJzN0Y3Sy1DUFdfWldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wZmM1YzktNGVjNi00ZGY2LTgyYzQt
ZDg3ZTQwNDdmODUzLzEvVVluN1lLMnMzNTU5NmI0R0RRY00xS2hYMEhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wZmM1YzktNGVjNi00ZGY2LTgyYzQtZDg3ZTQwNDdmODUz
LzEvTlBSN2MtNlB2dDBsOUJzN0Y3Sy1DUFdfWldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAuQEWAwQA
uQGPMBgEAgACMBIDBwAgAQf4AMYDBwAgAQf4AN4wDQYJKoZIhvcNAQELBQADggEB
ABDXio/QJMO+ZsawLtfIZctJxcxfa2J6Z0fECOL9yWdsLXTtHhfzTOpihhR/MLU9
5N+g7Cj8dJ3cV+hrsYxxg8i39m2ePMaYkvxDPsy3qKp0gEyIdGfYj2bg9PLUnMfi
NAMBLzfblM97lSR+hKtV4Ue5P1HZcWExmufseXVNOZMI1KZsFcp7zgX+7p2sECsu
EYzLUTQxz8LkMcxiK7QnCxFCvRF+NIH2YxAfWia84FeHqriY7heN3ykt67fazhRi
HMMnM6J5Y6uuLGGhHbRwzMZDVWw6lYhAv9duwsbEsfL2O/simNyHMdcvPHYTzr3k
xqjf3YyyNzfuP4RMiOT4yeA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:46:28 2024 by rpki-client on console-fra.rpki-client.org