Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/uhYFYb6ockZ6tFuE_4kYKvxnVBQ.roa
File: uhYFYb6ockZ6tFuE_4kYKvxnVBQ.roa (raw, json)
Hash identifier: 5qCpg3PTgDiqk0Y93RwrEXfmvqEu2FcUmoOjb+/NWUE=
Subject key identifier: BA:16:05:61:BE:A8:72:46:7A:B4:5B:84:FF:89:18:2A:FC:67:54:14
Certificate issuer: /CN=34f47b73ee8fbedd25f41b3b17b2be08f5bf6563
Certificate serial: 018CCA29F75D422C3D701CE55B59E392B10B
Authority key identifier: 34:F4:7B:73:EE:8F:BE:DD:25:F4:1B:3B:17:B2:BE:08:F5:BF:65:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/uhYFYb6ockZ6tFuE_4kYKvxnVBQ.roa
Signing time: Tue 02 Jan 2024 12:33:17 +0000
ROA not before: Tue 02 Jan 2024 12:33:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15830
IP address blocks: 185.117.176.0/22 maxlen: 32
217.15.32.0/20 maxlen: 32
88.84.64.0/19 maxlen: 32
217.149.144.0/20 maxlen: 32
95.142.0.0/20 maxlen: 32
2a02:206a::/32 maxlen: 32
2a02:206d::/32 maxlen: 32
2a02:206b::/32 maxlen: 32
2a02:2068::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 13:03:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:f7:5d:42:2c:3d:70:1c:e5:5b:59:e3:92:b1:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f47b73ee8fbedd25f41b3b17b2be08f5bf6563
Validity
Not Before: Jan 2 12:33:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba160561bea872467ab45b84ff89182afc675414
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ed:0d:c8:39:9e:73:c6:c0:af:69:53:e8:8f:
51:cc:b2:74:ba:0f:b9:3c:f0:51:b4:65:70:98:0e:
ca:9a:24:36:88:4c:fc:fe:9e:5d:c0:9a:40:d0:19:
fe:8d:e8:2a:29:dc:35:4b:4e:01:a2:5a:91:86:3b:
ca:0c:90:87:f1:dd:d2:91:31:73:52:1e:e7:74:5a:
1e:83:03:58:5a:97:1e:8d:89:e5:a6:4f:88:fb:ef:
7f:6d:b5:f8:7c:5e:7f:6f:41:28:82:f3:84:7a:1f:
eb:c2:c2:d0:26:20:48:e4:90:8a:3a:1e:ca:a2:7c:
7d:40:13:44:8a:41:68:b8:d1:7e:b6:75:fd:8b:e3:
03:33:77:40:31:ef:f9:94:b0:8a:e8:d3:09:b9:3e:
db:cd:d1:fe:6e:33:b6:6f:57:3b:b4:c2:61:15:d9:
d8:fd:41:56:fb:9b:f8:01:28:19:28:e6:0c:5d:50:
18:2f:e7:6b:c6:5e:a8:21:a0:7a:ec:c7:0c:51:76:
4c:a3:5a:cd:62:b9:16:6a:51:4e:47:1c:4c:c9:96:
82:cb:b8:a4:fb:2a:3c:ad:b3:ce:e0:4c:b3:f8:99:
02:1b:53:7c:1e:25:7e:88:72:a6:60:8b:e2:be:cc:
a7:17:5c:28:0a:e8:e7:40:7e:e9:51:b4:fe:a2:d6:
a4:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:16:05:61:BE:A8:72:46:7A:B4:5B:84:FF:89:18:2A:FC:67:54:14
X509v3 Authority Key Identifier:
keyid:34:F4:7B:73:EE:8F:BE:DD:25:F4:1B:3B:17:B2:BE:08:F5:BF:65:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/uhYFYb6ockZ6tFuE_4kYKvxnVBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.84.64.0/19
95.142.0.0/20
185.117.176.0/22
217.15.32.0/20
217.149.144.0/20
IPv6:
2a02:2068::/29
Signature Algorithm: sha256WithRSAEncryption
7b:30:bc:30:0a:73:8a:e6:23:4b:63:c4:12:4c:07:91:82:28:
22:77:05:46:d7:be:90:b4:63:cf:f2:a7:d3:f4:5e:a1:ae:b8:
31:45:f6:0e:13:64:3c:81:e7:f2:d3:a1:94:92:b3:4d:b6:70:
13:f4:ec:83:d9:7d:ee:99:4c:b6:15:3f:6f:51:d6:04:6f:cb:
4e:ff:7f:ea:98:4b:fb:c2:25:fe:85:e7:fa:f1:f8:56:3f:af:
bb:46:18:d6:15:5d:17:90:93:19:ae:56:0d:21:55:7e:1a:d5:
35:7a:04:c9:a2:ec:4b:b9:fa:01:67:d9:d9:14:60:fe:b0:89:
88:4c:11:6b:48:d1:08:7c:3c:4d:3c:69:18:90:9f:c3:06:31:
9b:d1:59:c0:6a:d0:fb:f4:52:2a:34:8f:25:19:0a:60:58:e2:
e5:d9:73:2f:e2:ef:74:81:6a:f3:50:f8:2b:23:a0:99:de:35:
ce:0b:64:9d:3e:01:fc:33:18:51:32:40:a9:fb:35:3f:4d:fb:
03:2e:e9:55:8e:a3:08:01:86:f2:d4:f5:d0:69:ad:91:9a:95:
98:95:38:54:52:ad:9a:bf:f9:e1:4b:d6:62:d3:5b:24:5b:ba:
a2:63:2d:cf:f5:12:ab:60:c5:06:27:45:de:e9:fc:fc:51:00:
0a:0a:6f:80
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzKKfddQiw9cBzlW1njkrELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjQ3YjczZWU4ZmJlZGQyNWY0MWIzYjE3YjJiZTA4ZjVi
ZjY1NjMwHhcNMjQwMTAyMTIzMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTE2MDU2MWJlYTg3MjQ2N2FiNDViODRmZjg5MTgyYWZjNjc1NDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+0NyDmec8bAr2lT6I9RzLJ0ug+5
PPBRtGVwmA7KmiQ2iEz8/p5dwJpA0Bn+jegqKdw1S04BolqRhjvKDJCH8d3SkTFz
Uh7ndFoegwNYWpcejYnlpk+I++9/bbX4fF5/b0EogvOEeh/rwsLQJiBI5JCKOh7K
onx9QBNEikFouNF+tnX9i+MDM3dAMe/5lLCK6NMJuT7bzdH+bjO2b1c7tMJhFdnY
/UFW+5v4ASgZKOYMXVAYL+drxl6oIaB67McMUXZMo1rNYrkWalFORxxMyZaCy7ik
+yo8rbPO4Eyz+JkCG1N8HiV+iHKmYIvivsynF1woCujnQH7pUbT+otak5QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLoWBWG+qHJGerRbhP+JGCr8Z1QUMB8GA1UdIwQY
MBaAFDT0e3Puj77dJfQbOxeyvgj1v2VjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBSN2MtNlB2dDBsOUJzN0Y3Sy1DUFdfWldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wZmM1YzktNGVjNi00ZGY2LTgyYzQt
ZDg3ZTQwNDdmODUzLzEvdWhZRlliNm9ja1o2dEZ1RV80a1lLdnhuVkJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wZmM1YzktNGVjNi00ZGY2LTgyYzQtZDg3ZTQwNDdmODUz
LzEvTlBSN2MtNlB2dDBsOUJzN0Y3Sy1DUFdfWldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFWFRAAwQE
X44AAwQCuXWwAwQE2Q8gAwQE2ZWQMA0EAgACMAcDBQMqAiBoMA0GCSqGSIb3DQEB
CwUAA4IBAQB7MLwwCnOK5iNLY8QSTAeRgigidwVG176QtGPP8qfT9F6hrrgxRfYO
E2Q8gefy06GUkrNNtnAT9OyD2X3umUy2FT9vUdYEb8tO/3/qmEv7wiX+hef68fhW
P6+7RhjWFV0XkJMZrlYNIVV+GtU1egTJouxLufoBZ9nZFGD+sImITBFrSNEIfDxN
PGkYkJ/DBjGb0VnAatD79FIqNI8lGQpgWOLl2XMv4u90gWrzUPgrI6CZ3jXOC2Sd
PgH8MxhRMkCp+zU/TfsDLulVjqMIAYby1PXQaa2RmpWYlThUUq2av/nhS9Zi01sk
W7qiYy3P9RKrYMUGJ0Xe6fz8UQAKCm+A
-----END CERTIFICATE-----
Generated at Sat May 4 19:13:26 2024 by rpki-client on console-fra.rpki-client.org