Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/db5399-6fbb-4ce2-897b-3bbbca310d71/1/_uBzzwORVuYrYSJ2B-HfxV464S4.roa
File: _uBzzwORVuYrYSJ2B-HfxV464S4.roa (raw, json)
Hash identifier: ZN/Ihj6eHDb6uyEl0aJrynaq5Jn7GtVHly0VjVZGtdc=
Subject key identifier: FE:E0:73:CF:03:91:56:E6:2B:61:22:76:07:E1:DF:C5:5E:3A:E1:2E
Certificate issuer: /CN=ec51314e04ec9676f2b60248e1b9bd02ef00e168
Certificate serial: 018CC7273550C5F76593B5FC575F14E1DBE7
Authority key identifier: EC:51:31:4E:04:EC:96:76:F2:B6:02:48:E1:B9:BD:02:EF:00:E1:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7FExTgTslnbytgJI4bm9Au8A4Wg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/db5399-6fbb-4ce2-897b-3bbbca310d71/1/_uBzzwORVuYrYSJ2B-HfxV464S4.roa
Signing time: Mon 01 Jan 2024 22:31:24 +0000
ROA not before: Mon 01 Jan 2024 22:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204189
IP address blocks: 185.111.148.0/22 maxlen: 24
157.97.184.0/21 maxlen: 24
2a0d:ce80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/db5399-6fbb-4ce2-897b-3bbbca310d71/1/7FExTgTslnbytgJI4bm9Au8A4Wg.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/db5399-6fbb-4ce2-897b-3bbbca310d71/1/7FExTgTslnbytgJI4bm9Au8A4Wg.mft
rsync://rpki.ripe.net/repository/DEFAULT/7FExTgTslnbytgJI4bm9Au8A4Wg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:35:50:c5:f7:65:93:b5:fc:57:5f:14:e1:db:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec51314e04ec9676f2b60248e1b9bd02ef00e168
Validity
Not Before: Jan 1 22:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fee073cf039156e62b61227607e1dfc55e3ae12e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ca:9f:9b:0c:91:a3:80:c0:7a:a1:1f:ed:4f:
e6:5f:84:af:6f:ea:fd:f0:93:12:16:d9:4b:85:11:
f2:e5:19:ec:ae:82:66:3f:4d:85:79:66:48:e3:d5:
34:61:ea:89:a5:3d:70:44:e4:96:f4:b3:2c:32:6e:
32:7b:61:06:64:5e:61:52:49:88:18:d5:5f:3e:e1:
0f:59:a8:3f:d1:0b:f4:82:32:ca:85:1f:39:a9:b5:
50:f4:bb:6f:6c:93:4c:b0:22:9d:d7:71:97:d0:9f:
7c:cd:35:7a:63:c2:5e:82:d4:e9:7d:7b:ee:f8:b1:
67:92:10:73:64:c3:f2:88:9d:aa:9e:af:5f:6f:20:
a3:6e:ca:f0:67:f3:67:12:85:20:f7:4d:f7:35:e5:
65:3e:c9:65:2c:ff:e8:e9:a3:c2:c2:4b:55:21:09:
e5:80:a3:1f:f2:ca:d4:4b:b3:7f:6f:55:cb:07:49:
f9:b1:81:f1:f6:af:20:86:b2:0a:dd:18:3d:96:f5:
1e:c6:f7:0e:d6:60:ed:68:3d:cf:2f:de:21:9a:a9:
6b:28:c4:94:08:a5:ac:1b:78:2b:89:ef:c0:05:b0:
48:13:94:c2:35:44:a7:db:94:2f:b6:a0:0e:6f:1d:
3b:29:03:cc:01:94:9f:fc:88:8a:e4:f1:ec:f0:48:
b8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E0:73:CF:03:91:56:E6:2B:61:22:76:07:E1:DF:C5:5E:3A:E1:2E
X509v3 Authority Key Identifier:
keyid:EC:51:31:4E:04:EC:96:76:F2:B6:02:48:E1:B9:BD:02:EF:00:E1:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7FExTgTslnbytgJI4bm9Au8A4Wg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/db5399-6fbb-4ce2-897b-3bbbca310d71/1/_uBzzwORVuYrYSJ2B-HfxV464S4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/db5399-6fbb-4ce2-897b-3bbbca310d71/1/7FExTgTslnbytgJI4bm9Au8A4Wg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.184.0/21
185.111.148.0/22
IPv6:
2a0d:ce80::/29
Signature Algorithm: sha256WithRSAEncryption
b0:e6:93:57:36:b2:ae:09:58:e4:39:a3:fb:b5:a9:6f:9e:7d:
84:9b:7d:0c:a6:30:ed:3f:0f:69:dc:2e:be:44:fe:8c:1a:9a:
65:aa:c3:02:96:12:1d:36:86:17:7b:95:13:62:75:71:20:88:
2d:dc:dd:55:e7:bd:a5:ea:29:f3:f4:b7:c2:10:3c:f4:4b:71:
04:37:84:6e:b1:8c:15:41:66:43:e2:05:38:0a:79:f8:51:f3:
60:89:91:29:28:e6:fe:50:1d:a8:fb:4d:21:ff:4e:9d:88:29:
60:c9:3a:8f:dc:22:bd:87:7a:c4:7a:66:1c:2c:d9:b9:86:13:
26:75:14:f5:42:44:ea:3a:9a:4a:b8:d7:e6:b9:4e:52:ac:c5:
a9:ec:cb:4d:23:7c:ec:19:ae:d2:b6:3f:44:e4:49:fc:1e:12:
64:71:67:9c:03:22:5a:52:59:9c:06:bf:ee:d1:57:af:9e:91:
7b:ee:3e:f1:da:34:1b:b4:3e:40:e4:8a:cd:f8:e9:30:44:a1:
a1:7f:c1:bb:72:2e:a1:ac:13:18:4e:b1:c0:4f:fa:f0:c3:1f:
c9:da:af:94:ae:aa:bd:bf:db:aa:e0:2a:fd:ca:d4:13:b3:15:
91:c8:e2:50:15:05:0c:ce:76:dd:c6:2c:a6:8d:d6:ee:6c:f3:
a9:b0:c8:2e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJzVQxfdlk7X8V18U4dvnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNTEzMTRlMDRlYzk2NzZmMmI2MDI0OGUxYjliZDAyZWYw
MGUxNjgwHhcNMjQwMTAxMjIzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWUwNzNjZjAzOTE1NmU2MmI2MTIyNzYwN2UxZGZjNTVlM2FlMTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicqfmwyRo4DAeqEf7U/mX4Svb+r9
8JMSFtlLhRHy5RnsroJmP02FeWZI49U0YeqJpT1wROSW9LMsMm4ye2EGZF5hUkmI
GNVfPuEPWag/0Qv0gjLKhR85qbVQ9LtvbJNMsCKd13GX0J98zTV6Y8JegtTpfXvu
+LFnkhBzZMPyiJ2qnq9fbyCjbsrwZ/NnEoUg9033NeVlPsllLP/o6aPCwktVIQnl
gKMf8srUS7N/b1XLB0n5sYHx9q8ghrIK3Rg9lvUexvcO1mDtaD3PL94hmqlrKMSU
CKWsG3grie/ABbBIE5TCNUSn25QvtqAObx07KQPMAZSf/IiK5PHs8Ei4fQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP7gc88DkVbmK2Eidgfh38VeOuEuMB8GA1UdIwQY
MBaAFOxRMU4E7JZ28rYCSOG5vQLvAOFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0ZFeFRnVHNsbmJ5dGdKSTRibTlBdThBNFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kYjUzOTktNmZiYi00Y2UyLTg5N2It
M2JiYmNhMzEwZDcxLzEvX3VCenp3T1JWdVlyWVNKMkItSGZ4VjQ2NFM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kYjUzOTktNmZiYi00Y2UyLTg5N2ItM2JiYmNhMzEwZDcx
LzEvN0ZFeFRnVHNsbmJ5dGdKSTRibTlBdThBNFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDnWG4AwQC
uW+UMA0EAgACMAcDBQMqDc6AMA0GCSqGSIb3DQEBCwUAA4IBAQCw5pNXNrKuCVjk
OaP7talvnn2Em30MpjDtPw9p3C6+RP6MGpplqsMClhIdNoYXe5UTYnVxIIgt3N1V
572l6inz9LfCEDz0S3EEN4RusYwVQWZD4gU4Cnn4UfNgiZEpKOb+UB2o+00h/06d
iClgyTqP3CK9h3rEemYcLNm5hhMmdRT1QkTqOppKuNfmuU5SrMWp7MtNI3zsGa7S
tj9E5En8HhJkcWecAyJaUlmcBr/u0VevnpF77j7x2jQbtD5A5IrN+OkwRKGhf8G7
ci6hrBMYTrHAT/rwwx/J2q+Urqq9v9uq4Cr9ytQTsxWRyOJQFQUMznbdxiymjdbu
bPOpsMgu
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:54:42 2024 by rpki-client on console-ams.rpki-client.org