Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/UyIKudae7tkUHa8HdCrrPiTelMU.roa
File: UyIKudae7tkUHa8HdCrrPiTelMU.roa (raw, json)
Hash identifier: dt5mwrSHW6GYTG04F1JiG9QB/bE0we6osLRDkoYCrno=
Subject key identifier: 53:22:0A:B9:D6:9E:EE:D9:14:1D:AF:07:74:2A:EB:3E:24:DE:94:C5
Certificate issuer: /CN=2bbc002a2b359b1aa8879e1c4d70455b3192efac
Certificate serial: 018CC5DC24479999E4C41AD418E7A5428DE3
Authority key identifier: 2B:BC:00:2A:2B:35:9B:1A:A8:87:9E:1C:4D:70:45:5B:31:92:EF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K7wAKis1mxqoh54cTXBFWzGS76w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/UyIKudae7tkUHa8HdCrrPiTelMU.roa
Signing time: Mon 01 Jan 2024 16:29:47 +0000
ROA not before: Mon 01 Jan 2024 16:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29217
IP address blocks: 159.72.128.0/21 maxlen: 21
164.9.95.0/24 maxlen: 24
159.72.136.0/24 maxlen: 24
159.72.137.0/24 maxlen: 24
159.72.138.0/24 maxlen: 24
164.9.100.0/22 maxlen: 22
164.9.102.0/24 maxlen: 24
164.9.104.0/22 maxlen: 22
164.9.99.0/24 maxlen: 24
78.41.240.0/21 maxlen: 21
85.119.129.0/24 maxlen: 24
85.119.128.0/21 maxlen: 21
192.16.143.0/24 maxlen: 24
164.9.0.0/16 maxlen: 16
2a02:c58:7::/48 maxlen: 48
2a02:c58:6::/48 maxlen: 48
2a02:c58::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/K7wAKis1mxqoh54cTXBFWzGS76w.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/K7wAKis1mxqoh54cTXBFWzGS76w.mft
rsync://rpki.ripe.net/repository/DEFAULT/K7wAKis1mxqoh54cTXBFWzGS76w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:24:47:99:99:e4:c4:1a:d4:18:e7:a5:42:8d:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bbc002a2b359b1aa8879e1c4d70455b3192efac
Validity
Not Before: Jan 1 16:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53220ab9d69eeed9141daf07742aeb3e24de94c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:96:79:cb:b2:f2:39:32:59:97:05:0c:93:09:
43:1b:a6:1b:fe:77:de:35:6d:ea:c5:6e:2a:e1:eb:
3d:12:95:ad:83:2b:bd:43:d2:b9:36:32:b4:60:83:
5c:80:91:8a:0e:09:f2:fe:0f:5c:71:0f:74:09:7d:
f8:f3:3d:ab:82:dd:46:2b:ef:4b:bc:64:d6:af:e8:
2a:a5:15:f5:09:41:87:a1:14:62:03:e9:e2:28:73:
11:77:07:1e:24:f9:ce:c6:b9:48:a2:c7:d0:73:e4:
0e:5b:26:f7:c5:a8:27:52:29:aa:8a:e0:97:f4:de:
f9:99:b0:a1:37:86:ba:55:38:b4:7f:88:d2:64:61:
5b:20:86:63:b1:ad:36:34:d4:32:f5:fa:3c:b7:dc:
07:92:83:7c:06:01:86:76:fb:7f:b2:3d:5f:34:c9:
15:30:1c:31:5d:ad:2e:12:31:92:45:55:bf:53:23:
99:2c:73:04:34:b0:8e:a4:40:e4:35:77:0d:7f:7b:
24:84:0d:9a:2b:cc:19:63:6d:0e:ec:a5:e2:12:e9:
9f:50:79:91:0d:34:24:3a:85:df:81:0a:00:2e:f3:
5c:67:4a:98:1e:1d:e6:0a:c3:50:95:c8:b7:82:b9:
f3:bd:4f:0f:c5:28:44:c5:2c:c9:51:55:6f:4f:48:
c7:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:22:0A:B9:D6:9E:EE:D9:14:1D:AF:07:74:2A:EB:3E:24:DE:94:C5
X509v3 Authority Key Identifier:
keyid:2B:BC:00:2A:2B:35:9B:1A:A8:87:9E:1C:4D:70:45:5B:31:92:EF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K7wAKis1mxqoh54cTXBFWzGS76w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/UyIKudae7tkUHa8HdCrrPiTelMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/K7wAKis1mxqoh54cTXBFWzGS76w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.240.0/21
85.119.128.0/21
159.72.128.0-159.72.138.255
164.9.0.0/16
192.16.143.0/24
IPv6:
2a02:c58::/32
Signature Algorithm: sha256WithRSAEncryption
e8:5b:c8:ca:f0:d9:4b:be:e8:41:ae:73:a1:64:aa:0e:45:79:
49:01:98:fd:80:fc:fd:32:a2:e4:9e:cb:31:d4:5e:e8:11:d2:
8c:de:79:c3:07:06:f4:ec:67:d1:df:e8:75:03:41:a9:a3:07:
13:6d:99:af:35:f1:81:f9:56:ff:b9:10:66:44:1e:c6:1f:a9:
43:79:5e:77:ad:9e:98:16:85:65:a5:0e:32:6f:ea:ce:25:6f:
0e:a4:af:d6:12:b2:00:cc:33:22:7e:ec:b8:8d:10:b5:81:b3:
87:44:91:0e:a9:c7:fd:49:69:89:83:3c:1b:5a:64:5e:27:74:
57:54:38:a4:09:be:e0:08:40:e9:5d:f8:a2:94:9f:3d:95:2d:
50:c5:fa:92:23:d6:bd:02:75:40:8b:98:a1:c1:04:22:af:2b:
50:cd:37:6c:9b:7f:2b:0b:30:22:8d:ed:43:c1:f7:91:64:ec:
56:b7:b7:46:ee:a3:d5:6d:88:b8:77:1c:7d:ec:cc:94:2b:9c:
0f:f6:fd:62:d4:62:07:42:63:43:66:a3:c7:0b:79:c2:d7:21:
cd:82:15:c7:a2:a8:74:16:d8:7b:db:d0:e2:24:1e:4f:52:3c:
a3:d9:77:c5:f5:4d:5c:20:c8:48:64:9f:37:1f:af:81:bc:ba:
be:9b:45:fc
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzF3CRHmZnkxBrUGOelQo3jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYmMwMDJhMmIzNTliMWFhODg3OWUxYzRkNzA0NTViMzE5
MmVmYWMwHhcNMjQwMTAxMTYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzIyMGFiOWQ2OWVlZWQ5MTQxZGFmMDc3NDJhZWIzZTI0ZGU5NGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5Z5y7LyOTJZlwUMkwlDG6Yb/nfe
NW3qxW4q4es9EpWtgyu9Q9K5NjK0YINcgJGKDgny/g9ccQ90CX348z2rgt1GK+9L
vGTWr+gqpRX1CUGHoRRiA+niKHMRdwceJPnOxrlIosfQc+QOWyb3xagnUimqiuCX
9N75mbChN4a6VTi0f4jSZGFbIIZjsa02NNQy9fo8t9wHkoN8BgGGdvt/sj1fNMkV
MBwxXa0uEjGSRVW/UyOZLHMENLCOpEDkNXcNf3skhA2aK8wZY20O7KXiEumfUHmR
DTQkOoXfgQoALvNcZ0qYHh3mCsNQlci3grnzvU8PxShExSzJUVVvT0jHewIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFFMiCrnWnu7ZFB2vB3Qq6z4k3pTFMB8GA1UdIwQY
MBaAFCu8ACorNZsaqIeeHE1wRVsxku+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzd3QUtpczFteHFvaDU0Y1RYQkZXekdTNzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83YzM3MjYtMmRiZS00MTc0LWIxNjQt
YTg5ODg5Y2U1Zjg0LzEvVXlJS3VkYWU3dGtVSGE4SGRDcnJQaVRlbE1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83YzM3MjYtMmRiZS00MTc0LWIxNjQtYTg5ODg5Y2U1Zjg0
LzEvSzd3QUtpczFteHFvaDU0Y1RYQkZXekdTNzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDArBAIAATAlAwQDTinwAwQD
VXeAMAwDBAefSIADBACfSIoDAwCkCQMEAMAQjzANBAIAAjAHAwUAKgIMWDANBgkq
hkiG9w0BAQsFAAOCAQEA6FvIyvDZS77oQa5zoWSqDkV5SQGY/YD8/TKi5J7LMdRe
6BHSjN55wwcG9Oxn0d/odQNBqaMHE22ZrzXxgflW/7kQZkQexh+pQ3led62emBaF
ZaUOMm/qziVvDqSv1hKyAMwzIn7suI0QtYGzh0SRDqnH/UlpiYM8G1pkXid0V1Q4
pAm+4AhA6V34opSfPZUtUMX6kiPWvQJ1QIuYocEEIq8rUM03bJt/KwswIo3tQ8H3
kWTsVre3Ru6j1W2IuHccfezMlCucD/b9YtRiB0JjQ2ajxwt5wtchzYIVx6KodBbY
e9vQ4iQeT1I8o9l3xfVNXCDISGSfNx+vgby6vptF/A==
-----END CERTIFICATE-----
Generated at Sat Jun 8 04:09:11 2024 by rpki-client on console-ams.rpki-client.org