Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/UWoPvQi7A9UW8V1WTJrHDlAoxts.roa
File: UWoPvQi7A9UW8V1WTJrHDlAoxts.roa (raw, json)
Hash identifier: Uq+YJPrL13PEfVtGKOdmzIJ+EA+9qKFpwKpgMfxGlpg=
Subject key identifier: 51:6A:0F:BD:08:BB:03:D5:16:F1:5D:56:4C:9A:C7:0E:50:28:C6:DB
Certificate issuer: /CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Certificate serial: 0190A63B4CD372A9A74F9AAFC8032BC41F9A
Authority key identifier: E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/UWoPvQi7A9UW8V1WTJrHDlAoxts.roa
Signing time: Fri 12 Jul 2024 09:17:02 +0000
ROA not before: Fri 12 Jul 2024 09:17:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212496
IP address blocks: 141.98.184.0/22 maxlen: 22
193.169.194.0/23 maxlen: 23
194.9.118.0/24 maxlen: 24
2a13:6c40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/5sLg0_3CFaOJxwQ8paGga-LFWO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/5sLg0_3CFaOJxwQ8paGga-LFWO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a6:3b:4c:d3:72:a9:a7:4f:9a:af:c8:03:2b:c4:1f:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Validity
Not Before: Jul 12 09:17:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=516a0fbd08bb03d516f15d564c9ac70e5028c6db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b5:b5:07:ec:c2:c3:24:2e:3d:11:d5:c6:64:
ad:96:11:02:93:dd:5b:0f:22:24:35:f9:5c:17:03:
0a:f2:9d:49:13:80:53:df:8c:02:09:b1:d3:53:65:
c0:39:18:6a:bd:c0:3c:e7:61:91:5d:ed:91:c7:da:
aa:48:c0:1f:36:d1:24:20:ec:b7:e8:ed:90:c6:35:
64:b5:b5:3d:6a:49:87:31:e6:ad:96:e6:f2:e1:02:
42:dd:73:68:c0:2c:c5:b8:0f:f0:00:f6:0a:45:b6:
00:74:7c:0c:42:c0:5b:64:fb:4b:2e:a0:40:c1:30:
36:29:17:60:3a:74:88:eb:db:6a:14:8f:2f:37:51:
ec:cc:e3:d8:f4:e8:8d:17:02:5b:5a:51:fd:1d:b2:
ed:5d:28:76:e2:2c:ab:a6:e4:d7:8e:b1:36:36:8b:
10:24:f8:fd:33:58:8b:57:d8:cc:5e:a8:97:b0:8a:
b6:e9:6d:7d:a6:22:2a:ba:b4:0d:53:3b:e5:82:c0:
6b:14:5c:1a:7c:9b:12:c3:c2:c6:91:73:4a:94:4d:
a3:b6:54:74:be:18:f5:da:6e:3f:3f:c7:89:ab:01:
82:aa:11:fc:25:3c:5d:17:e3:88:e9:52:b6:4d:31:
39:59:90:a7:00:e9:c1:49:09:73:1c:fe:58:5b:54:
a5:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:6A:0F:BD:08:BB:03:D5:16:F1:5D:56:4C:9A:C7:0E:50:28:C6:DB
X509v3 Authority Key Identifier:
keyid:E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/UWoPvQi7A9UW8V1WTJrHDlAoxts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/5sLg0_3CFaOJxwQ8paGga-LFWO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.184.0/22
193.169.194.0/23
194.9.118.0/24
IPv6:
2a13:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
07:e4:a7:d5:17:4e:05:f4:8c:c7:bd:3f:77:d3:13:aa:7b:13:
a4:f6:b6:93:aa:4e:5f:f2:eb:e7:e3:0b:07:3d:9e:61:7e:87:
72:86:25:9d:67:6d:f6:9f:05:95:39:8b:6b:a5:1a:4f:1b:cf:
58:0d:11:e8:3b:fc:c8:d7:54:99:51:65:61:cf:10:70:90:ee:
e2:a3:9c:63:29:34:8a:5e:0e:f6:e6:86:99:ab:84:d3:d7:d6:
e2:d1:82:0c:12:e7:85:92:88:46:be:73:60:2a:4f:e9:cb:6c:
ad:5c:af:dc:c6:8a:f5:4a:7f:db:41:eb:c9:da:02:d9:67:9f:
1e:c2:84:3f:33:57:7f:e1:e1:a8:e9:a8:bc:4c:93:02:20:9d:
22:d4:82:5e:c6:7b:a0:09:d7:a2:13:c1:f2:a2:3d:7d:bc:6e:
61:9d:77:09:b9:84:5e:cf:37:0a:97:b8:a7:dd:36:99:ac:aa:
08:5f:62:bf:52:31:cb:ba:b0:a6:05:c4:ce:c9:cc:c3:51:62:
6d:e3:cf:96:8e:2b:d3:6a:80:49:62:30:af:15:5f:04:f6:60:
44:de:cc:b4:44:da:0d:6f:30:77:7d:50:c7:9d:d4:10:47:7f:
ff:56:d1:c3:96:73:23:9d:99:bb:b3:dd:90:a8:16:fe:56:94:
dd:91:8e:ce
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZCmO0zTcqmnT5qvyAMrxB+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2YzJlMGQzZmRjMjE1YTM4OWM3MDQzY2E1YTFhMDZiZTJj
NTU4ZWYwHhcNMjQwNzEyMDkxNzAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTZhMGZiZDA4YmIwM2Q1MTZmMTVkNTY0YzlhYzcwZTUwMjhjNmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLW1B+zCwyQuPRHVxmStlhECk91b
DyIkNflcFwMK8p1JE4BT34wCCbHTU2XAORhqvcA852GRXe2Rx9qqSMAfNtEkIOy3
6O2QxjVktbU9akmHMeatluby4QJC3XNowCzFuA/wAPYKRbYAdHwMQsBbZPtLLqBA
wTA2KRdgOnSI69tqFI8vN1HszOPY9OiNFwJbWlH9HbLtXSh24iyrpuTXjrE2NosQ
JPj9M1iLV9jMXqiXsIq26W19piIqurQNUzvlgsBrFFwafJsSw8LGkXNKlE2jtlR0
vhj12m4/P8eJqwGCqhH8JTxdF+OI6VK2TTE5WZCnAOnBSQlzHP5YW1SlrQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFFqD70IuwPVFvFdVkyaxw5QKMbbMB8GA1UdIwQY
MBaAFObC4NP9whWjiccEPKWhoGvixVjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQt
ZjNlMDUyYmFiMTQ0LzEvVVdvUHZRaTdBOVVXOFYxV1RKckhEbEFveHRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQtZjNlMDUyYmFiMTQ0
LzEvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCjWK4AwQB
wanCAwQAwgl2MA0EAgACMAcDBQMqE2xAMA0GCSqGSIb3DQEBCwUAA4IBAQAH5KfV
F04F9IzHvT930xOqexOk9raTqk5f8uvn4wsHPZ5hfodyhiWdZ232nwWVOYtrpRpP
G89YDRHoO/zI11SZUWVhzxBwkO7io5xjKTSKXg725oaZq4TT19bi0YIMEueFkohG
vnNgKk/py2ytXK/cxor1Sn/bQevJ2gLZZ58ewoQ/M1d/4eGo6ai8TJMCIJ0i1IJe
xnugCdeiE8Hyoj19vG5hnXcJuYRezzcKl7in3TaZrKoIX2K/UjHLurCmBcTOyczD
UWJt48+WjivTaoBJYjCvFV8E9mBE3sy0RNoNbzB3fVDHndQQR3//VtHDlnMjnZm7
s92QqBb+VpTdkY7O
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:34:25 2024 by rpki-client on console-ams.rpki-client.org