Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/82fb05-61e6-4335-b167-36aed87e3388/1/UdndFC58SkQuCEHWpsZPCw1kkrc.roa
File: UdndFC58SkQuCEHWpsZPCw1kkrc.roa (raw, json)
Hash identifier: 6h/c94WjdNGidGK6BWLzTjj0MfTfEP53N3h2viPAQu8=
Subject key identifier: 51:D9:DD:14:2E:7C:4A:44:2E:08:41:D6:A6:C6:4F:0B:0D:64:92:B7
Certificate issuer: /CN=bfd7bbfcc2b8fab66a581b8227ca0ac817fa146b
Certificate serial: 018CC26D0ECF331DFB944570D9A1F1821217
Authority key identifier: BF:D7:BB:FC:C2:B8:FA:B6:6A:58:1B:82:27:CA:0A:C8:17:FA:14:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v9e7_MK4-rZqWBuCJ8oKyBf6FGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/82fb05-61e6-4335-b167-36aed87e3388/1/UdndFC58SkQuCEHWpsZPCw1kkrc.roa
Signing time: Mon 01 Jan 2024 00:29:36 +0000
ROA not before: Mon 01 Jan 2024 00:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42043
IP address blocks: 193.186.32.0/24 maxlen: 24
185.88.152.0/24 maxlen: 24
185.88.154.0/24 maxlen: 24
185.88.155.0/24 maxlen: 24
185.88.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/82fb05-61e6-4335-b167-36aed87e3388/1/v9e7_MK4-rZqWBuCJ8oKyBf6FGs.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/82fb05-61e6-4335-b167-36aed87e3388/1/v9e7_MK4-rZqWBuCJ8oKyBf6FGs.mft
rsync://rpki.ripe.net/repository/DEFAULT/v9e7_MK4-rZqWBuCJ8oKyBf6FGs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:03:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:0e:cf:33:1d:fb:94:45:70:d9:a1:f1:82:12:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfd7bbfcc2b8fab66a581b8227ca0ac817fa146b
Validity
Not Before: Jan 1 00:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51d9dd142e7c4a442e0841d6a6c64f0b0d6492b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a5:bd:89:06:54:1e:0f:73:22:60:a7:da:f0:
c4:ca:1c:d7:69:f9:0f:7c:8f:86:04:c4:58:17:ff:
58:9a:df:fc:63:7a:b1:7b:09:c3:74:a3:26:bf:39:
23:b5:79:a5:ad:16:38:11:aa:f1:ba:f7:70:80:3c:
81:ac:c7:b5:92:b7:a8:a2:4f:73:13:62:ca:31:fc:
c6:c6:ff:17:f1:a0:a9:e5:69:84:80:b4:a9:47:f8:
92:cc:1f:40:42:4b:b0:64:88:8f:2b:ab:af:ba:92:
7d:d2:50:27:7c:47:53:56:ef:f0:61:41:6a:9c:16:
94:94:86:a6:d2:f9:29:d8:5d:60:10:48:7b:da:16:
7c:8e:0a:c0:d7:6a:ce:23:82:68:1c:84:5b:1d:57:
49:d6:67:e6:6d:12:26:64:75:fc:d1:db:1f:a2:e7:
e1:ab:3f:52:b2:3f:19:0e:b4:e1:8a:34:e5:9f:30:
a6:1a:cb:51:80:b2:0c:fa:7b:43:b4:89:0b:4e:57:
a3:31:74:c2:bf:b2:b0:25:d5:bd:78:af:2d:06:3f:
2d:e7:8d:c1:2f:1f:b5:59:a1:b8:71:b1:20:0d:74:
68:96:1d:61:82:e7:69:89:bb:7b:fb:96:d7:91:d4:
55:44:ae:f0:70:68:51:b1:fd:7f:d8:0c:a3:04:d5:
c8:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:D9:DD:14:2E:7C:4A:44:2E:08:41:D6:A6:C6:4F:0B:0D:64:92:B7
X509v3 Authority Key Identifier:
keyid:BF:D7:BB:FC:C2:B8:FA:B6:6A:58:1B:82:27:CA:0A:C8:17:FA:14:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v9e7_MK4-rZqWBuCJ8oKyBf6FGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/82fb05-61e6-4335-b167-36aed87e3388/1/UdndFC58SkQuCEHWpsZPCw1kkrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/82fb05-61e6-4335-b167-36aed87e3388/1/v9e7_MK4-rZqWBuCJ8oKyBf6FGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.152.0/22
193.186.32.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:cf:c7:26:27:c0:d7:f4:72:a6:23:9f:cd:c1:d1:a3:40:7a:
50:48:61:ec:03:d2:32:b7:db:b2:ef:cb:66:33:15:ee:03:df:
b6:cb:8a:0e:2c:2d:d2:a3:b8:a4:0d:f2:02:a8:7d:8e:78:03:
e3:4d:47:db:eb:86:05:06:11:04:d6:e8:f7:e5:e5:7d:1a:e0:
21:34:cc:ad:9d:60:49:eb:2a:61:2c:13:af:df:6a:f9:d2:aa:
a7:5a:bd:d8:47:48:2a:b8:9e:bc:63:c2:7e:38:c1:e1:90:11:
6b:06:21:5a:94:77:25:7d:4f:11:1f:b9:41:55:fb:02:1c:fe:
bd:9b:1a:38:2a:5d:d3:9f:3d:e1:89:0c:e0:62:1e:a0:72:2a:
f9:df:f4:d8:e0:d2:fc:39:8a:66:95:5a:ce:e6:68:cf:2a:4e:
0c:75:7a:d9:a2:f1:a9:9d:fc:00:fa:b2:5e:af:7f:1c:a6:8a:
cf:de:20:23:e8:fe:5c:e2:f7:6f:b0:fa:27:aa:17:2e:64:ad:
e8:ec:56:ea:9e:09:8e:28:6d:53:ac:02:4f:1c:d8:93:e2:4e:
64:ab:d0:2f:38:91:66:09:fb:80:be:c4:41:b3:0f:d0:a1:f1:
f9:ed:95:ab:97:4b:7a:89:db:20:fa:ea:76:1d:19:f0:4f:38:
5d:20:b3:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbQ7PMx37lEVw2aHxghIXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZDdiYmZjYzJiOGZhYjY2YTU4MWI4MjI3Y2EwYWM4MTdm
YTE0NmIwHhcNMjQwMTAxMDAyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWQ5ZGQxNDJlN2M0YTQ0MmUwODQxZDZhNmM2NGYwYjBkNjQ5MmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaW9iQZUHg9zImCn2vDEyhzXafkP
fI+GBMRYF/9Ymt/8Y3qxewnDdKMmvzkjtXmlrRY4EarxuvdwgDyBrMe1kreook9z
E2LKMfzGxv8X8aCp5WmEgLSpR/iSzB9AQkuwZIiPK6uvupJ90lAnfEdTVu/wYUFq
nBaUlIam0vkp2F1gEEh72hZ8jgrA12rOI4JoHIRbHVdJ1mfmbRImZHX80dsfoufh
qz9Ssj8ZDrThijTlnzCmGstRgLIM+ntDtIkLTlejMXTCv7KwJdW9eK8tBj8t543B
Lx+1WaG4cbEgDXRolh1hgudpibt7+5bXkdRVRK7wcGhRsf1/2AyjBNXI2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFHZ3RQufEpELghB1qbGTwsNZJK3MB8GA1UdIwQY
MBaAFL/Xu/zCuPq2algbgifKCsgX+hRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjllN19NSzQtclpxV0J1Q0o4b0t5QmY2RkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS84MmZiMDUtNjFlNi00MzM1LWIxNjct
MzZhZWQ4N2UzMzg4LzEvVWRuZEZDNThTa1F1Q0VIV3BzWlBDdzFra3JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS84MmZiMDUtNjFlNi00MzM1LWIxNjctMzZhZWQ4N2UzMzg4
LzEvdjllN19NSzQtclpxV0J1Q0o4b0t5QmY2RkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuViYAwQA
wbogMA0GCSqGSIb3DQEBCwUAA4IBAQDFz8cmJ8DX9HKmI5/NwdGjQHpQSGHsA9Iy
t9uy78tmMxXuA9+2y4oOLC3So7ikDfICqH2OeAPjTUfb64YFBhEE1uj35eV9GuAh
NMytnWBJ6yphLBOv32r50qqnWr3YR0gquJ68Y8J+OMHhkBFrBiFalHclfU8RH7lB
VfsCHP69mxo4Kl3Tnz3hiQzgYh6gcir53/TY4NL8OYpmlVrO5mjPKk4MdXrZovGp
nfwA+rJer38cporP3iAj6P5c4vdvsPonqhcuZK3o7FbqngmOKG1TrAJPHNiT4k5k
q9AvOJFmCfuAvsRBsw/QofH57ZWrl0t6idsg+up2HRnwTzhdILOU
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:35:06 2024 by rpki-client on console-fra.rpki-client.org