Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/ufGHHZxjbc3dyClA4kTzp3FYXm8.roa
File: ufGHHZxjbc3dyClA4kTzp3FYXm8.roa (raw, json)
Hash identifier: jP9+CVsOXbs4kfW/yjl9wXNS906L5TNpJk0cXzyd/Vc=
Subject key identifier: B9:F1:87:1D:9C:63:6D:CD:DD:C8:29:40:E2:44:F3:A7:71:58:5E:6F
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 018CC42558D3F864016BA08CE867082496B6
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/ufGHHZxjbc3dyClA4kTzp3FYXm8.roa
Signing time: Mon 01 Jan 2024 08:30:31 +0000
ROA not before: Mon 01 Jan 2024 08:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20860
IP address blocks: 162.220.244.0/24 maxlen: 24
162.220.245.0/24 maxlen: 24
107.181.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.mft
rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:58:d3:f8:64:01:6b:a0:8c:e8:67:08:24:96:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 08:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9f1871d9c636dcdddc82940e244f3a771585e6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:22:69:dc:53:50:c9:4f:2c:d2:94:db:f5:53:
05:40:d9:cc:cf:d6:84:61:83:98:c8:a8:23:c0:ca:
1e:e9:b4:97:2f:06:1b:6e:97:f7:90:38:dc:83:96:
2a:97:9d:e7:3f:2d:3a:73:56:7b:fb:d7:8d:0a:be:
f0:97:a9:80:f6:82:d8:80:c6:19:a9:09:66:45:54:
7a:22:e3:73:9e:be:5d:d7:e9:09:7b:70:a7:73:38:
34:bc:3a:94:97:e2:7b:ae:b7:aa:4a:eb:71:e9:42:
c6:ae:ca:3d:58:64:56:5f:50:1b:29:59:26:32:6b:
04:a4:9d:5c:55:17:ea:65:21:34:e6:66:5b:c3:63:
74:da:b5:99:1e:f6:0b:41:ca:9d:c7:15:ae:fa:8e:
51:ad:ae:b8:8a:0f:a9:4e:f4:9f:25:82:c1:22:7f:
97:f5:4d:db:4e:ae:e2:16:e5:dc:58:58:7a:39:66:
2e:80:1e:9f:3a:d7:86:16:65:4f:93:7e:35:9c:6f:
47:67:3b:98:0f:fd:3c:44:e4:68:4a:90:17:46:c2:
ef:51:1b:66:70:04:db:b2:22:22:6c:1f:f9:03:0c:
90:07:08:82:32:8e:47:c9:10:75:0c:d3:24:c3:0b:
e8:90:df:1b:03:a4:03:74:ff:43:82:ca:23:fd:08:
cb:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:F1:87:1D:9C:63:6D:CD:DD:C8:29:40:E2:44:F3:A7:71:58:5E:6F
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/ufGHHZxjbc3dyClA4kTzp3FYXm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.181.136.0/24
162.220.244.0/23
Signature Algorithm: sha256WithRSAEncryption
91:8b:05:f4:fb:cd:94:50:a3:8c:39:57:7f:aa:28:ee:e3:46:
89:46:4d:7b:6b:c9:84:3d:ca:df:96:53:02:4d:06:23:c4:79:
bf:ca:af:37:c3:c7:d0:d9:2e:20:fd:56:cc:e2:a6:e9:fc:d9:
cf:d6:32:71:61:28:d3:44:3b:5b:24:97:a3:2b:87:ef:22:d3:
0e:62:c5:f3:ce:32:01:83:32:38:01:b5:35:f7:02:6b:5e:34:
30:91:0c:53:70:7a:2d:af:d0:09:6e:80:e5:0b:06:a0:64:80:
cf:7f:f5:81:6d:13:0f:1e:17:09:63:88:a5:bf:c9:b2:c9:a4:
d6:03:e4:88:79:5f:72:24:c9:4f:35:77:ac:47:a5:b7:97:de:
ae:f4:7e:29:3a:9f:cc:44:e6:58:4c:2b:00:46:87:b3:47:3e:
2f:a5:a4:1c:eb:3e:d0:9d:9c:b3:99:24:03:4a:cc:ee:32:48:
dc:36:17:c1:b9:3a:f0:4a:b2:f0:bb:89:2d:d9:5b:1f:0f:f5:
8e:60:df:83:6e:4b:51:3a:56:fe:22:98:4b:66:25:03:cd:4a:
bd:b9:27:7a:7b:2b:d9:4f:46:45:ab:c1:46:0a:22:ff:a1:9b:
0e:75:84:bf:ab:30:4b:c8:b5:cb:2a:f4:02:92:61:0c:01:32:
54:cd:57:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJVjT+GQBa6CM6GcIJJa2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjQwMTAxMDgzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWYxODcxZDljNjM2ZGNkZGRjODI5NDBlMjQ0ZjNhNzcxNTg1ZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyJp3FNQyU8s0pTb9VMFQNnMz9aE
YYOYyKgjwMoe6bSXLwYbbpf3kDjcg5Yql53nPy06c1Z7+9eNCr7wl6mA9oLYgMYZ
qQlmRVR6IuNznr5d1+kJe3Cnczg0vDqUl+J7rreqSutx6ULGrso9WGRWX1AbKVkm
MmsEpJ1cVRfqZSE05mZbw2N02rWZHvYLQcqdxxWu+o5Rra64ig+pTvSfJYLBIn+X
9U3bTq7iFuXcWFh6OWYugB6fOteGFmVPk341nG9HZzuYD/08RORoSpAXRsLvURtm
cATbsiIibB/5AwyQBwiCMo5HyRB1DNMkwwvokN8bA6QDdP9Dgsoj/QjL3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLnxhx2cY23N3cgpQOJE86dxWF5vMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvdWZHSEhaeGpiYzNkeUNsQTRrVHpwM0ZZWG04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAa7WIAwQB
otz0MA0GCSqGSIb3DQEBCwUAA4IBAQCRiwX0+82UUKOMOVd/qiju40aJRk17a8mE
PcrfllMCTQYjxHm/yq83w8fQ2S4g/VbM4qbp/NnP1jJxYSjTRDtbJJejK4fvItMO
YsXzzjIBgzI4AbU19wJrXjQwkQxTcHotr9AJboDlCwagZIDPf/WBbRMPHhcJY4il
v8myyaTWA+SIeV9yJMlPNXesR6W3l96u9H4pOp/MROZYTCsARoezRz4vpaQc6z7Q
nZyzmSQDSszuMkjcNhfBuTrwSrLwu4kt2VsfD/WOYN+DbktROlb+IphLZiUDzUq9
uSd6eyvZT0ZFq8FGCiL/oZsOdYS/qzBLyLXLKvQCkmEMATJUzVem
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:47:28 2024 by rpki-client on console-fra.rpki-client.org