Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/uOUWTstbn1XqY8kWNWaqnVcbSao.roa
File: uOUWTstbn1XqY8kWNWaqnVcbSao.roa (raw, json)
Hash identifier: jsuGj9fOOmgTFfyhORHlmfpNrWyFTdLauybsJNp9cP8=
Subject key identifier: B8:E5:16:4E:CB:5B:9F:55:EA:63:C9:16:35:66:AA:9D:57:1B:49:AA
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 018CCA2B3338E49C3F3836E988A91A72E3C9
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/uOUWTstbn1XqY8kWNWaqnVcbSao.roa
Signing time: Tue 02 Jan 2024 12:34:37 +0000
ROA not before: Tue 02 Jan 2024 12:34:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56381
IP address blocks: 141.98.136.0/24 maxlen: 24
2a09:11c0:1000::/36 maxlen: 36
2a09:11c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.mft
rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 21:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:33:38:e4:9c:3f:38:36:e9:88:a9:1a:72:e3:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Jan 2 12:34:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8e5164ecb5b9f55ea63c9163566aa9d571b49aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:40:64:50:b2:40:da:86:92:ed:ba:e4:a9:41:
4e:37:17:b6:31:1b:cf:20:88:26:db:d2:9d:b7:93:
22:a3:26:85:48:c0:4f:97:d3:a3:89:5e:c8:1e:03:
7e:a8:0a:99:64:c3:6f:db:30:b9:55:b8:ba:53:ed:
b7:36:dd:8a:3c:d6:84:47:7b:e2:e9:fe:50:69:08:
10:9e:91:1b:bf:39:9a:78:93:71:aa:2b:0a:10:d3:
03:d7:1d:17:23:b9:8f:16:38:8d:20:d7:f6:84:b9:
cf:b1:70:86:a5:f7:d6:3a:ce:87:1a:64:1b:72:e4:
8c:ba:e5:b5:b0:6b:76:39:da:94:7e:8f:df:7b:ae:
e4:4d:1f:df:f8:f7:00:b7:f3:a7:74:ec:ec:03:e5:
c5:e9:34:79:97:ba:68:8b:39:90:73:d1:42:13:ba:
df:bc:af:70:cf:ef:fd:52:cd:ea:1d:fa:c6:17:5e:
c0:75:82:97:ec:97:03:04:83:c3:91:b4:26:72:ee:
b1:fd:8f:05:6b:36:99:f9:96:b4:d0:e0:1d:a1:a1:
b4:c0:a5:2d:42:cc:49:c6:a3:b2:d6:5c:a0:1b:21:
da:36:81:7b:5c:5c:20:83:60:c8:e1:4c:e9:b1:da:
46:4d:85:70:16:36:73:76:21:9d:26:eb:e2:f8:d8:
ff:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:E5:16:4E:CB:5B:9F:55:EA:63:C9:16:35:66:AA:9D:57:1B:49:AA
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/uOUWTstbn1XqY8kWNWaqnVcbSao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.136.0/24
IPv6:
2a09:11c0::/48
2a09:11c0:1000::/36
Signature Algorithm: sha256WithRSAEncryption
78:38:df:eb:ef:45:f7:54:51:5e:f7:ec:64:38:bc:22:4f:a8:
df:17:c6:67:76:a0:1a:64:ab:bd:9d:b4:77:81:4c:6d:b0:32:
a7:34:33:99:07:02:21:a4:c7:5e:e9:01:47:eb:ce:cd:2c:80:
3c:8d:2b:32:dc:43:b0:23:77:07:ea:e7:80:0d:eb:e0:d6:27:
0e:18:81:43:dc:4a:f7:26:07:61:ce:c4:50:cf:fd:75:79:96:
da:a3:a2:ef:96:e4:e3:95:43:6a:2f:15:16:8d:4b:38:99:b6:
6c:29:94:0c:be:05:85:1d:e9:b3:5f:5b:c4:1c:53:84:ca:e2:
cf:53:a5:2d:fe:84:3a:8a:6c:0e:36:5e:a0:47:9a:00:07:7f:
3b:2f:29:eb:2a:39:d4:cd:3a:ca:fe:44:40:5b:5c:84:9a:a6:
6d:ed:4a:1d:4f:7d:a1:c1:77:2e:67:31:19:2d:37:89:73:85:
9f:66:70:41:ba:68:23:1e:54:1f:69:02:49:58:ec:a7:b2:63:
e7:51:e9:ab:2b:b8:29:f3:1c:14:f0:6c:59:ab:11:f7:bd:b6:
65:84:9b:de:d7:f6:95:58:c9:44:f9:c8:83:05:d7:b8:f5:99:
57:7f:f7:57:51:6d:b3:6c:a2:1c:08:ec:b3:94:81:d2:e2:78:
8d:7e:12:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzKKzM45Jw/ODbpiKkacuPJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjQwMTAyMTIzNDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGU1MTY0ZWNiNWI5ZjU1ZWE2M2M5MTYzNTY2YWE5ZDU3MWI0OWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA50BkULJA2oaS7brkqUFONxe2MRvP
IIgm29Kdt5MioyaFSMBPl9OjiV7IHgN+qAqZZMNv2zC5Vbi6U+23Nt2KPNaER3vi
6f5QaQgQnpEbvzmaeJNxqisKENMD1x0XI7mPFjiNINf2hLnPsXCGpffWOs6HGmQb
cuSMuuW1sGt2OdqUfo/fe67kTR/f+PcAt/OndOzsA+XF6TR5l7poizmQc9FCE7rf
vK9wz+/9Us3qHfrGF17AdYKX7JcDBIPDkbQmcu6x/Y8FazaZ+Za00OAdoaG0wKUt
QsxJxqOy1lygGyHaNoF7XFwgg2DI4UzpsdpGTYVwFjZzdiGdJuvi+Nj/QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLjlFk7LW59V6mPJFjVmqp1XG0mqMB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvdU9VV1RzdGJuMVhxWThrV05XYXFuVmNiU2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQAjWKIMBcE
AgACMBEDBwAqCRHAAAADBgQqCRHAEDANBgkqhkiG9w0BAQsFAAOCAQEAeDjf6+9F
91RRXvfsZDi8Ik+o3xfGZ3agGmSrvZ20d4FMbbAypzQzmQcCIaTHXukBR+vOzSyA
PI0rMtxDsCN3B+rngA3r4NYnDhiBQ9xK9yYHYc7EUM/9dXmW2qOi75bk45VDai8V
Fo1LOJm2bCmUDL4FhR3ps19bxBxThMriz1OlLf6EOopsDjZeoEeaAAd/Oy8p6yo5
1M06yv5EQFtchJqmbe1KHU99ocF3LmcxGS03iXOFn2ZwQbpoIx5UH2kCSVjsp7Jj
51Hpqyu4KfMcFPBsWasR9722ZYSb3tf2lVjJRPnIgwXXuPWZV3/3V1Fts2yiHAjs
s5SB0uJ4jX4SBQ==
-----END CERTIFICATE-----
Generated at Sat May 18 06:14:55 2024 by rpki-client on console-fra.rpki-client.org