Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/_blxf_eLSVh6WO99LbsVv_UCCAI.roa
File: _blxf_eLSVh6WO99LbsVv_UCCAI.roa (raw, json)
Hash identifier: YpWVx+UtjMBo7LylHiMzH5eidCD5h3GFXk2qTxsCaNs=
Subject key identifier: FD:B9:71:7F:F7:8B:49:58:7A:58:EF:7D:2D:BB:15:BF:F5:02:08:02
Certificate issuer: /CN=1d0c7e7bb27c533a997d277cadd417ec7bd284f0
Certificate serial: 018CCA9945E59E80C33C94C4CE1EAD7990E6
Authority key identifier: 1D:0C:7E:7B:B2:7C:53:3A:99:7D:27:7C:AD:D4:17:EC:7B:D2:84:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQx-e7J8UzqZfSd8rdQX7HvShPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/_blxf_eLSVh6WO99LbsVv_UCCAI.roa
Signing time: Tue 02 Jan 2024 14:34:51 +0000
ROA not before: Tue 02 Jan 2024 14:34:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207614
IP address blocks: 185.133.4.0/22 maxlen: 24
185.238.84.0/22 maxlen: 24
45.128.236.0/22 maxlen: 24
2a0f:4200::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/HQx-e7J8UzqZfSd8rdQX7HvShPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/HQx-e7J8UzqZfSd8rdQX7HvShPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/HQx-e7J8UzqZfSd8rdQX7HvShPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 10:02:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:45:e5:9e:80:c3:3c:94:c4:ce:1e:ad:79:90:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d0c7e7bb27c533a997d277cadd417ec7bd284f0
Validity
Not Before: Jan 2 14:34:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdb9717ff78b49587a58ef7d2dbb15bff5020802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:32:5f:ea:ce:b7:b2:5e:e6:0b:af:c1:59:95:
4a:39:eb:82:be:e6:2d:b6:af:7e:74:03:0f:a9:23:
a7:6f:be:f5:3d:9d:c2:39:f1:27:d4:df:73:95:9b:
61:49:82:5b:01:7e:b6:8a:6e:68:26:80:d6:e8:0d:
b6:50:d4:fb:de:a6:53:fc:bc:db:7e:11:56:fb:0a:
f1:05:ac:f5:c6:b8:3b:8f:42:77:e3:8c:96:72:88:
1e:c5:59:e8:27:fe:b0:71:98:b2:0a:ab:75:3f:b4:
0d:2a:9a:14:22:5a:dd:dc:60:9f:d9:cd:d7:9e:76:
fe:e1:f3:8b:81:40:71:51:94:02:c8:b5:5a:99:c1:
31:ea:ae:d0:cd:ec:e8:66:23:6d:fd:b8:c9:9e:5f:
c9:93:07:ba:69:ef:03:92:8a:90:3e:04:07:75:95:
a9:2c:af:c2:16:a4:db:3d:8e:53:6b:43:51:70:3f:
ac:ea:c5:24:6d:a3:f7:cd:38:94:72:75:10:12:41:
4b:ed:cf:f7:b9:31:24:78:b0:5c:15:40:e6:1d:80:
df:d1:c1:44:6d:43:81:4a:ce:b4:a5:b9:ef:56:ce:
d9:66:90:02:72:8d:66:b0:47:25:c3:6c:c9:af:ef:
60:18:cc:bb:7b:5f:2d:d7:6d:7d:53:01:9c:eb:29:
26:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B9:71:7F:F7:8B:49:58:7A:58:EF:7D:2D:BB:15:BF:F5:02:08:02
X509v3 Authority Key Identifier:
keyid:1D:0C:7E:7B:B2:7C:53:3A:99:7D:27:7C:AD:D4:17:EC:7B:D2:84:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQx-e7J8UzqZfSd8rdQX7HvShPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/_blxf_eLSVh6WO99LbsVv_UCCAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/HQx-e7J8UzqZfSd8rdQX7HvShPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.236.0/22
185.133.4.0/22
185.238.84.0/22
IPv6:
2a0f:4200::/29
Signature Algorithm: sha256WithRSAEncryption
18:d4:75:8b:ea:77:ec:43:c7:09:a6:90:fa:08:bf:00:85:8b:
9e:7f:12:be:d9:a4:71:aa:f6:0b:2b:aa:1a:b1:cb:e2:e1:f7:
6f:bd:7a:f2:7c:2f:c6:7d:77:66:57:c2:d6:54:af:8a:59:07:
f0:d5:ab:c3:5c:a3:ba:da:2d:46:34:27:66:70:27:20:f8:e6:
9a:8d:82:25:37:fc:29:4c:1d:e2:8b:53:2b:6f:27:2c:94:a0:
4e:cc:a0:01:a3:66:fd:76:fa:dc:be:3c:a6:ca:15:8f:d2:42:
d4:70:b6:a2:46:43:45:53:d4:35:fc:5f:59:23:53:43:32:58:
e8:66:67:65:45:10:f1:7a:0a:fb:4d:d2:08:ea:77:76:1f:14:
46:17:58:61:9f:8d:5d:d2:7d:0f:ea:ca:c8:e2:bf:f5:2b:2a:
5b:4e:b0:a6:b6:5b:7f:59:f9:dd:be:31:65:86:7c:d4:d1:af:
38:0b:d2:71:d3:a1:d3:96:66:c1:a9:62:45:af:a0:76:15:86:
d4:61:53:c0:e6:05:8c:56:11:fd:d5:21:57:59:2d:14:da:b3:
ba:e6:e0:94:38:07:ae:c4:d3:81:fb:18:ee:72:d4:96:ae:e6:
10:a6:18:16:81:44:7f:6d:ff:4a:02:97:d0:9f:a9:42:0c:ee:
43:fc:33:68
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzKmUXlnoDDPJTEzh6teZDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMGM3ZTdiYjI3YzUzM2E5OTdkMjc3Y2FkZDQxN2VjN2Jk
Mjg0ZjAwHhcNMjQwMTAyMTQzNDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGI5NzE3ZmY3OGI0OTU4N2E1OGVmN2QyZGJiMTViZmY1MDIwODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDJf6s63sl7mC6/BWZVKOeuCvuYt
tq9+dAMPqSOnb771PZ3COfEn1N9zlZthSYJbAX62im5oJoDW6A22UNT73qZT/Lzb
fhFW+wrxBaz1xrg7j0J344yWcogexVnoJ/6wcZiyCqt1P7QNKpoUIlrd3GCf2c3X
nnb+4fOLgUBxUZQCyLVamcEx6q7QzezoZiNt/bjJnl/Jkwe6ae8DkoqQPgQHdZWp
LK/CFqTbPY5Ta0NRcD+s6sUkbaP3zTiUcnUQEkFL7c/3uTEkeLBcFUDmHYDf0cFE
bUOBSs60pbnvVs7ZZpACco1msEclw2zJr+9gGMy7e18t1219UwGc6ykm8wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFP25cX/3i0lYeljvfS27Fb/1AggCMB8GA1UdIwQY
MBaAFB0MfnuyfFM6mX0nfK3UF+x70oTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFF4LWU3SjhVenFaZlNkOHJkUVg3SHZTaFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9kZGQzNDktYWM1MC00M2U1LWE4OGEt
YjI4ZjA3YjJmNDViLzEvX2JseGZfZUxTVmg2V085OUxic1Z2X1VDQ0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9kZGQzNDktYWM1MC00M2U1LWE4OGEtYjI4ZjA3YjJmNDVi
LzEvSFF4LWU3SjhVenFaZlNkOHJkUVg3SHZTaFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLYDsAwQC
uYUEAwQCue5UMA0EAgACMAcDBQMqD0IAMA0GCSqGSIb3DQEBCwUAA4IBAQAY1HWL
6nfsQ8cJppD6CL8AhYuefxK+2aRxqvYLK6oascvi4fdvvXryfC/GfXdmV8LWVK+K
WQfw1avDXKO62i1GNCdmcCcg+OaajYIlN/wpTB3ii1MrbycslKBOzKABo2b9dvrc
vjymyhWP0kLUcLaiRkNFU9Q1/F9ZI1NDMljoZmdlRRDxegr7TdII6nd2HxRGF1hh
n41d0n0P6srI4r/1KypbTrCmtlt/WfndvjFlhnzU0a84C9Jx06HTlmbBqWJFr6B2
FYbUYVPA5gWMVhH91SFXWS0U2rO65uCUOAeuxNOB+xjuctSWruYQphgWgUR/bf9K
ApfQn6lCDO5D/DNo
-----END CERTIFICATE-----
Generated at Wed May 15 19:11:56 2024 by rpki-client on console-fra.rpki-client.org