Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/UKLojICvvul8hOwhDglJ9fItnvc.roa
File: UKLojICvvul8hOwhDglJ9fItnvc.roa (raw, json)
Hash identifier: GKneZrsW3RWX3vkMB+CmAXMKiYm1/Jo5vvGdYG7eaL4=
Subject key identifier: 50:A2:E8:8C:80:AF:BE:E9:7C:84:EC:21:0E:09:49:F5:F2:2D:9E:F7
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 019335F998E6425AA51B0EC4772B835C2189
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/UKLojICvvul8hOwhDglJ9fItnvc.roa
Signing time: Sat 16 Nov 2024 17:16:10 +0000
ROA not before: Sat 16 Nov 2024 17:16:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a0d:8b40::/29 maxlen: 29
2a0d:9440::/29 maxlen: 29
2a11:26c0::/29 maxlen: 29
2a11:2b40::/29 maxlen: 29
2a11:3580::/29 maxlen: 29
2a11:4080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:35:f9:98:e6:42:5a:a5:1b:0e:c4:77:2b:83:5c:21:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Nov 16 17:16:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50a2e88c80afbee97c84ec210e0949f5f22d9ef7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:26:7e:88:b5:0e:1f:c0:a6:9c:5e:df:86:8f:
77:67:1e:aa:9e:c2:eb:39:a3:25:95:7f:99:b3:80:
b9:a9:29:41:53:00:4f:ec:4b:00:79:62:64:45:f3:
7c:ca:7f:01:07:be:77:7a:10:11:70:f9:df:0b:ce:
b1:0b:ac:8f:78:d1:36:d8:68:51:1c:06:af:e7:94:
41:f1:e3:59:e6:08:b2:30:28:e1:13:78:c7:d8:26:
ee:76:0e:8f:04:e5:da:3c:37:fc:37:9b:57:1f:55:
f5:cd:5e:09:41:2c:80:c5:26:49:7c:b4:a0:4a:d3:
47:c1:0d:4a:e4:b8:8b:56:31:28:93:bf:12:84:b9:
b9:fe:87:13:01:31:56:5c:58:79:16:17:b4:cf:90:
9c:40:1d:05:7d:64:bd:6c:43:36:07:b4:ee:39:76:
c0:3a:27:cc:92:12:6b:49:42:03:fd:6c:d4:92:84:
b1:ca:eb:bb:07:8c:d1:c3:50:7b:23:e7:9d:fa:db:
13:71:63:bb:6a:c5:27:a1:5b:ce:b8:8c:09:ee:54:
0a:46:03:2b:ca:87:93:3a:fd:d3:79:c8:cf:b5:0c:
d5:75:31:e9:37:17:19:e2:62:e3:56:5d:83:e6:23:
47:58:33:b1:d4:57:3d:72:73:db:28:ef:f5:60:14:
ec:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:A2:E8:8C:80:AF:BE:E9:7C:84:EC:21:0E:09:49:F5:F2:2D:9E:F7
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/UKLojICvvul8hOwhDglJ9fItnvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:8b40::/29
2a0d:9440::/29
2a11:26c0::/29
2a11:2b40::/29
2a11:3580::/29
2a11:4080::/29
Signature Algorithm: sha256WithRSAEncryption
65:d7:93:ee:6d:64:e7:b3:12:06:d8:4b:1a:ff:e9:99:01:ab:
40:fd:c6:1d:eb:32:68:02:66:5c:ba:a6:00:79:ca:30:4c:c1:
ef:d3:84:78:21:78:48:b3:d4:d2:ac:8c:49:dd:4a:c9:32:83:
14:65:1d:69:a2:27:9e:4b:43:90:c8:c7:76:a3:6c:08:4d:86:
3e:c2:02:ec:34:e2:96:17:79:4d:c4:c1:11:fd:6a:a8:ca:d6:
0c:1a:8a:e2:94:69:b1:bd:de:68:6b:99:02:17:5d:32:4f:65:
b2:c9:69:7e:c4:fe:1f:4b:b1:06:21:e4:a4:71:cb:95:d2:10:
ef:51:51:d7:75:61:af:9b:56:b1:72:c8:46:48:cf:1c:e9:67:
eb:cf:49:b6:00:e6:f6:35:2e:e1:b1:6b:9c:dc:07:e9:9e:16:
3a:8b:65:3b:35:78:56:9a:7f:60:ab:51:78:21:22:b3:ca:6e:
00:39:1e:0f:a1:62:0a:44:10:60:b4:42:53:4a:e4:0c:67:6e:
5b:3e:e5:21:78:14:d9:2b:dd:30:a0:20:f5:f1:d2:71:e9:98:
4d:72:8f:0a:55:ac:36:57:ac:8c:23:45:15:c8:0e:50:f0:a7:
a9:64:f9:1e:ea:86:08:56:5f:a1:cb:f4:c1:f7:b0:7c:54:c5:
a2:0b:40:59
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZM1+ZjmQlqlGw7EdyuDXCGJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQxMTE2MTcxNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGEyZTg4YzgwYWZiZWU5N2M4NGVjMjEwZTA5NDlmNWYyMmQ5ZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CZ+iLUOH8CmnF7fho93Zx6qnsLr
OaMllX+Zs4C5qSlBUwBP7EsAeWJkRfN8yn8BB753ehARcPnfC86xC6yPeNE22GhR
HAav55RB8eNZ5giyMCjhE3jH2Cbudg6PBOXaPDf8N5tXH1X1zV4JQSyAxSZJfLSg
StNHwQ1K5LiLVjEok78ShLm5/ocTATFWXFh5Fhe0z5CcQB0FfWS9bEM2B7TuOXbA
OifMkhJrSUID/WzUkoSxyuu7B4zRw1B7I+ed+tsTcWO7asUnoVvOuIwJ7lQKRgMr
yoeTOv3TecjPtQzVdTHpNxcZ4mLjVl2D5iNHWDOx1Fc9cnPbKO/1YBTsKQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFCi6IyAr77pfITsIQ4JSfXyLZ73MB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvVUtMb2pJQ3Z2dWw4aE93aERnbEo5Zkl0bnZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKg2LQAMF
AyoNlEADBQMqESbAAwUDKhErQAMFAyoRNYADBQMqEUCAMA0GCSqGSIb3DQEBCwUA
A4IBAQBl15PubWTnsxIG2Esa/+mZAatA/cYd6zJoAmZcuqYAecowTMHv04R4IXhI
s9TSrIxJ3UrJMoMUZR1poieeS0OQyMd2o2wITYY+wgLsNOKWF3lNxMER/WqoytYM
GorilGmxvd5oa5kCF10yT2WyyWl+xP4fS7EGIeSkccuV0hDvUVHXdWGvm1axcshG
SM8c6Wfrz0m2AOb2NS7hsWuc3AfpnhY6i2U7NXhWmn9gq1F4ISKzym4AOR4PoWIK
RBBgtEJTSuQMZ25bPuUheBTZK90woCD18dJx6ZhNco8KVaw2V6yMI0UVyA5Q8Kep
ZPke6oYIVl+hy/TB97B8VMWiC0BZ
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:48:15 2024 by rpki-client on console-ams.rpki-client.org