Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/ueS71UzdsOTGa0Lr-jQyh_yz4bI.roa
File: ueS71UzdsOTGa0Lr-jQyh_yz4bI.roa (raw, json)
Hash identifier: 41ajrZE2xbP9njJ+QpY2kNf6lhPZGGNKXe9dNK8gvnQ=
Subject key identifier: B9:E4:BB:D5:4C:DD:B0:E4:C6:6B:42:EB:FA:34:32:87:FC:B3:E1:B2
Certificate issuer: /CN=739f3ebcd26792b913c1dcb9941996e998f16078
Certificate serial: 01912C646CCD6DD91FEC0E9C11006A40351F
Authority key identifier: 73:9F:3E:BC:D2:67:92:B9:13:C1:DC:B9:94:19:96:E9:98:F1:60:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c58-vNJnkrkTwdy5lBmW6ZjxYHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/ueS71UzdsOTGa0Lr-jQyh_yz4bI.roa
Signing time: Wed 07 Aug 2024 10:31:04 +0000
ROA not before: Wed 07 Aug 2024 10:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35063
IP address blocks: 31.7.40.0/21 maxlen: 21
46.29.144.0/21 maxlen: 24
85.237.160.0/19 maxlen: 24
185.18.140.0/22 maxlen: 22
212.109.160.0/21 maxlen: 21
217.171.48.0/20 maxlen: 24
2a03:9500::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/c58-vNJnkrkTwdy5lBmW6ZjxYHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/c58-vNJnkrkTwdy5lBmW6ZjxYHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/c58-vNJnkrkTwdy5lBmW6ZjxYHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2c:64:6c:cd:6d:d9:1f:ec:0e:9c:11:00:6a:40:35:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=739f3ebcd26792b913c1dcb9941996e998f16078
Validity
Not Before: Aug 7 10:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9e4bbd54cddb0e4c66b42ebfa343287fcb3e1b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:56:d1:71:61:f6:4a:75:12:e2:c8:5e:cc:57:
c6:dc:99:2f:62:60:cd:6c:21:c5:1c:d2:99:fc:d7:
f0:27:a1:cd:c4:de:bc:79:e5:fc:c8:95:c1:26:03:
5c:b7:4b:a0:2d:3b:ac:5f:32:2b:77:26:ee:83:e4:
24:c0:80:de:2d:be:9b:78:3c:c7:19:a2:6f:21:ec:
1d:da:28:2f:36:61:a8:b3:25:91:e3:ca:ba:dd:67:
48:66:dd:57:a9:b3:23:91:7d:5a:8a:96:52:2f:0a:
d4:f5:2f:6a:1d:d0:38:d5:f0:9e:56:63:53:ac:bd:
55:59:71:6e:a1:90:3a:b4:d8:15:a9:44:fe:0b:03:
e8:7e:12:77:bc:5c:b9:e1:42:38:5b:f2:fb:7d:34:
8c:85:83:ea:91:92:90:fc:a2:dd:c3:8a:9a:8d:7a:
a2:7c:28:ca:02:67:1f:cd:92:72:c9:78:e3:d0:ae:
89:0c:8d:76:ed:d0:c1:eb:91:11:e5:26:36:41:6d:
85:60:40:2a:e6:a3:77:15:3b:db:53:78:0a:37:63:
49:8f:b6:22:b9:a1:78:b2:ee:0b:dd:50:36:a0:79:
b0:a0:cb:f5:54:03:ac:42:78:b5:d1:13:c8:e1:94:
62:ff:b2:33:03:6a:4f:42:40:b5:45:a6:6a:49:8d:
4e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:E4:BB:D5:4C:DD:B0:E4:C6:6B:42:EB:FA:34:32:87:FC:B3:E1:B2
X509v3 Authority Key Identifier:
keyid:73:9F:3E:BC:D2:67:92:B9:13:C1:DC:B9:94:19:96:E9:98:F1:60:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c58-vNJnkrkTwdy5lBmW6ZjxYHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/ueS71UzdsOTGa0Lr-jQyh_yz4bI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/c58-vNJnkrkTwdy5lBmW6ZjxYHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.40.0/21
46.29.144.0/21
85.237.160.0/19
185.18.140.0/22
212.109.160.0/21
217.171.48.0/20
IPv6:
2a03:9500::/32
Signature Algorithm: sha256WithRSAEncryption
9e:2e:41:ed:8e:db:6c:b4:1a:1f:8f:97:37:66:36:27:ad:f5:
26:d4:e3:41:24:9c:07:5f:4a:da:07:61:72:92:8f:03:87:91:
9c:2d:b7:a0:aa:fb:a3:80:f7:02:60:48:72:87:1b:c7:f3:e1:
6e:d4:cd:41:19:b8:0b:1b:78:1d:a4:aa:63:6d:4b:75:34:fe:
e3:a4:df:58:6c:65:f4:34:87:55:c4:98:33:25:ef:f2:a8:85:
6d:7c:b9:21:4e:64:42:6c:9c:8f:35:ad:d8:60:1e:6e:9f:99:
43:aa:dc:55:a9:8e:df:77:54:3f:3c:d3:49:e0:b7:fd:f3:34:
8e:03:bc:a2:a3:3b:55:29:23:53:34:fb:4e:4d:37:11:52:9c:
3d:64:1a:9d:2b:62:af:85:34:0a:a6:ed:90:fd:ae:91:45:d4:
8c:ea:d0:a7:98:0e:18:40:b9:c4:c7:50:39:49:44:03:29:b5:
d3:bd:3d:bd:8a:d1:49:9c:87:3b:db:57:ab:88:59:77:bf:76:
f3:17:d1:e4:19:58:63:51:a8:32:0c:35:56:ad:55:e4:57:b7:
60:32:1f:f6:b9:da:2d:8e:60:ec:b5:56:79:73:da:17:d4:2a:
72:83:49:ea:e8:53:b2:3a:d6:27:2d:9d:6d:83:f9:33:b0:a2:
20:90:65:61
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZEsZGzNbdkf7A6cEQBqQDUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczOWYzZWJjZDI2NzkyYjkxM2MxZGNiOTk0MTk5NmU5OThm
MTYwNzgwHhcNMjQwODA3MTAzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWU0YmJkNTRjZGRiMGU0YzY2YjQyZWJmYTM0MzI4N2ZjYjNlMWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FbRcWH2SnUS4shezFfG3JkvYmDN
bCHFHNKZ/NfwJ6HNxN68eeX8yJXBJgNct0ugLTusXzIrdybug+QkwIDeLb6beDzH
GaJvIewd2igvNmGosyWR48q63WdIZt1XqbMjkX1aipZSLwrU9S9qHdA41fCeVmNT
rL1VWXFuoZA6tNgVqUT+CwPofhJ3vFy54UI4W/L7fTSMhYPqkZKQ/KLdw4qajXqi
fCjKAmcfzZJyyXjj0K6JDI127dDB65ER5SY2QW2FYEAq5qN3FTvbU3gKN2NJj7Yi
uaF4su4L3VA2oHmwoMv1VAOsQni10RPI4ZRi/7IzA2pPQkC1RaZqSY1OoQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLnku9VM3bDkxmtC6/o0Mof8s+GyMB8GA1UdIwQY
MBaAFHOfPrzSZ5K5E8HcuZQZlumY8WB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzU4LXZOSm5rcmtUd2R5NWxCbVc2Wmp4WUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9kMmQ5OWUtYTdjMS00M2U4LTkzZjUt
YTExYTk2ZDIxODYxLzEvdWVTNzFVemRzT1RHYTBMci1qUXloX3l6NGJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9kMmQ5OWUtYTdjMS00M2U4LTkzZjUtYTExYTk2ZDIxODYx
LzEvYzU4LXZOSm5rcmtUd2R5NWxCbVc2Wmp4WUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDHwcoAwQD
Lh2QAwQFVe2gAwQCuRKMAwQD1G2gAwQE2aswMA0EAgACMAcDBQAqA5UAMA0GCSqG
SIb3DQEBCwUAA4IBAQCeLkHtjttstBofj5c3ZjYnrfUm1ONBJJwHX0raB2Fyko8D
h5GcLbegqvujgPcCYEhyhxvH8+Fu1M1BGbgLG3gdpKpjbUt1NP7jpN9YbGX0NIdV
xJgzJe/yqIVtfLkhTmRCbJyPNa3YYB5un5lDqtxVqY7fd1Q/PNNJ4Lf98zSOA7yi
oztVKSNTNPtOTTcRUpw9ZBqdK2KvhTQKpu2Q/a6RRdSM6tCnmA4YQLnEx1A5SUQD
KbXTvT29itFJnIc721eriFl3v3bzF9HkGVhjUagyDDVWrVXkV7dgMh/2udotjmDs
tVZ5c9oX1Cpyg0nq6FOyOtYnLZ1tg/kzsKIgkGVh
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:04:55 2024 by rpki-client on console-fra.rpki-client.org