Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/eeb1b2-e3c3-413d-a164-80d4782437ff/1/UMIqaGOOayE16QkDc2buubUqDGw.roa
File: UMIqaGOOayE16QkDc2buubUqDGw.roa (raw, json)
Hash identifier: 9PQJqgLxhUwHak5krGYa9HJ/CFxF1XarMwF/VDbuCSE=
Subject key identifier: 50:C2:2A:68:63:8E:6B:21:35:E9:09:03:73:66:EE:B9:B5:2A:0C:6C
Certificate issuer: /CN=b6fa40adbe936b184f844586a0f90d1230b68537
Certificate serial: 018CC6B94037ECFE44F109646154511B2ADB
Authority key identifier: B6:FA:40:AD:BE:93:6B:18:4F:84:45:86:A0:F9:0D:12:30:B6:85:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tvpArb6TaxhPhEWGoPkNEjC2hTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/eeb1b2-e3c3-413d-a164-80d4782437ff/1/UMIqaGOOayE16QkDc2buubUqDGw.roa
Signing time: Mon 01 Jan 2024 20:31:18 +0000
ROA not before: Mon 01 Jan 2024 20:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51778
IP address blocks: 194.5.228.0/22 maxlen: 22
194.5.228.0/23 maxlen: 23
2a0c:e740::/32 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/eeb1b2-e3c3-413d-a164-80d4782437ff/1/tvpArb6TaxhPhEWGoPkNEjC2hTc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/eeb1b2-e3c3-413d-a164-80d4782437ff/1/tvpArb6TaxhPhEWGoPkNEjC2hTc.mft
rsync://rpki.ripe.net/repository/DEFAULT/tvpArb6TaxhPhEWGoPkNEjC2hTc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:40:37:ec:fe:44:f1:09:64:61:54:51:1b:2a:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6fa40adbe936b184f844586a0f90d1230b68537
Validity
Not Before: Jan 1 20:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50c22a68638e6b2135e909037366eeb9b52a0c6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fa:d3:c7:8b:36:f6:2d:f1:43:c2:7a:8e:21:
93:2d:f8:df:4a:54:22:7b:e6:9d:98:9a:a0:12:9d:
a8:4d:79:f6:47:b8:82:75:95:b9:98:9c:ea:b6:c4:
c2:ef:5d:83:56:0c:fb:d7:69:5f:33:29:ab:b9:0c:
ac:c0:4c:bc:67:7e:6c:4c:6d:04:c0:28:e7:7f:e7:
b4:81:98:62:b3:01:e4:eb:bd:68:82:9b:b0:e3:26:
c8:98:85:0d:af:0d:72:d5:f8:8f:bb:93:c8:ed:eb:
ca:56:ac:15:be:34:40:bb:9d:79:d8:99:43:cc:31:
bd:64:b2:d9:4c:fa:d1:29:79:63:d3:70:b7:36:ef:
d8:7f:34:11:ed:e7:ac:a0:3d:47:aa:39:fb:4c:1d:
e9:95:63:f2:fd:72:7b:b8:71:83:db:e9:44:fb:0a:
19:fc:16:a3:d7:06:9e:51:29:e0:fe:d2:e4:65:6b:
e9:51:fa:e5:67:b6:04:e2:b8:89:69:e5:9b:b6:88:
e3:ba:1c:2d:56:37:4b:eb:e8:75:54:cf:03:e6:c7:
0d:81:a5:c3:51:25:e2:d9:01:65:64:71:b8:99:96:
a8:d2:d1:b0:e6:a8:ae:79:29:ab:2a:8a:e4:94:2e:
4a:9f:c4:ed:77:ad:35:9a:fd:82:9e:48:54:98:ee:
7e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:C2:2A:68:63:8E:6B:21:35:E9:09:03:73:66:EE:B9:B5:2A:0C:6C
X509v3 Authority Key Identifier:
keyid:B6:FA:40:AD:BE:93:6B:18:4F:84:45:86:A0:F9:0D:12:30:B6:85:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tvpArb6TaxhPhEWGoPkNEjC2hTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/eeb1b2-e3c3-413d-a164-80d4782437ff/1/UMIqaGOOayE16QkDc2buubUqDGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/eeb1b2-e3c3-413d-a164-80d4782437ff/1/tvpArb6TaxhPhEWGoPkNEjC2hTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.228.0/22
IPv6:
2a0c:e740::/32
Signature Algorithm: sha256WithRSAEncryption
86:30:a3:e8:da:cc:65:21:a3:08:75:1a:e8:93:a1:92:4e:77:
42:f7:4b:ae:87:9c:9f:f4:8d:96:81:be:f6:45:82:e4:e9:4b:
41:e5:58:51:a6:d2:33:e4:26:61:61:81:91:dd:ab:3b:ba:bb:
60:d7:19:46:a5:33:8b:78:bb:08:68:68:87:cc:19:67:f4:59:
5f:50:55:aa:a5:5d:63:17:67:71:84:92:10:9e:44:1b:ab:6b:
cf:ee:be:b7:55:35:6c:79:df:c0:72:82:2b:87:1b:3f:1f:eb:
5e:c2:4d:bd:f8:5f:9e:b0:73:cd:94:52:6e:1d:c4:ef:92:68:
26:8d:7f:b1:47:bf:17:42:cf:7a:2f:33:2b:99:6e:85:c3:9f:
76:b1:77:d9:c9:0c:d0:b4:4e:87:43:ce:3b:d0:5b:24:ef:27:
41:24:ab:71:bd:bd:6a:14:32:02:df:6c:56:5d:c4:d9:1f:03:
1c:6e:5e:c4:2a:59:fa:dd:32:f1:11:38:3c:af:b3:33:ea:ef:
e5:49:38:36:c3:e6:7c:0e:51:79:5e:07:85:06:52:0e:62:62:
d7:45:b4:b1:e4:a5:87:63:95:09:3d:4e:d1:87:92:64:49:2b:
89:4c:91:97:f3:f8:77:c9:70:ae:28:cb:b5:7b:ff:f3:66:33:
88:ee:2d:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuUA37P5E8QlkYVRRGyrbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZmE0MGFkYmU5MzZiMTg0Zjg0NDU4NmEwZjkwZDEyMzBi
Njg1MzcwHhcNMjQwMTAxMjAzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGMyMmE2ODYzOGU2YjIxMzVlOTA5MDM3MzY2ZWViOWI1MmEwYzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/rTx4s29i3xQ8J6jiGTLfjfSlQi
e+admJqgEp2oTXn2R7iCdZW5mJzqtsTC712DVgz712lfMymruQyswEy8Z35sTG0E
wCjnf+e0gZhiswHk671ogpuw4ybImIUNrw1y1fiPu5PI7evKVqwVvjRAu5152JlD
zDG9ZLLZTPrRKXlj03C3Nu/YfzQR7eesoD1Hqjn7TB3plWPy/XJ7uHGD2+lE+woZ
/Baj1waeUSng/tLkZWvpUfrlZ7YE4riJaeWbtojjuhwtVjdL6+h1VM8D5scNgaXD
USXi2QFlZHG4mZao0tGw5qiueSmrKorklC5Kn8Ttd601mv2CnkhUmO5+AQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFDCKmhjjmshNekJA3Nm7rm1KgxsMB8GA1UdIwQY
MBaAFLb6QK2+k2sYT4RFhqD5DRIwtoU3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHZwQXJiNlRheGhQaEVXR29Qa05FakMyaFRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9lZWIxYjItZTNjMy00MTNkLWExNjQt
ODBkNDc4MjQzN2ZmLzEvVU1JcWFHT09heUUxNlFrRGMyYnV1YlVxREd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9lZWIxYjItZTNjMy00MTNkLWExNjQtODBkNDc4MjQzN2Zm
LzEvdHZwQXJiNlRheGhQaEVXR29Qa05FakMyaFRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwgXkMA0E
AgACMAcDBQAqDOdAMA0GCSqGSIb3DQEBCwUAA4IBAQCGMKPo2sxlIaMIdRrok6GS
TndC90uuh5yf9I2Wgb72RYLk6UtB5VhRptIz5CZhYYGR3as7urtg1xlGpTOLeLsI
aGiHzBln9FlfUFWqpV1jF2dxhJIQnkQbq2vP7r63VTVsed/AcoIrhxs/H+tewk29
+F+esHPNlFJuHcTvkmgmjX+xR78XQs96LzMrmW6Fw592sXfZyQzQtE6HQ8470Fsk
7ydBJKtxvb1qFDIC32xWXcTZHwMcbl7EKln63TLxETg8r7Mz6u/lSTg2w+Z8DlF5
XgeFBlIOYmLXRbSx5KWHY5UJPU7Rh5JkSSuJTJGX8/h3yXCuKMu1e//zZjOI7i1n
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:13:16 2024 by rpki-client on console-fra.rpki-client.org