Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/UizrqC8wWRX57ztTM4vDeGUEBHI.roa
File: UizrqC8wWRX57ztTM4vDeGUEBHI.roa (raw, json)
Hash identifier: JJ3pexXSVSQ4/neNTxS/NVKY3ENlLhNVmZ2bq7hT/mI=
Subject key identifier: 52:2C:EB:A8:2F:30:59:15:F9:EF:3B:53:33:8B:C3:78:65:04:04:72
Certificate issuer: /CN=f215a277949711b2c01cdc669e40e171395855bb
Certificate serial: 018CC8DD176C2F614E5DA657855D09236A30
Authority key identifier: F2:15:A2:77:94:97:11:B2:C0:1C:DC:66:9E:40:E1:71:39:58:55:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8hWid5SXEbLAHNxmnkDhcTlYVbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/UizrqC8wWRX57ztTM4vDeGUEBHI.roa
Signing time: Tue 02 Jan 2024 06:29:41 +0000
ROA not before: Tue 02 Jan 2024 06:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39116
IP address blocks: 212.31.128.0/19 maxlen: 21
85.90.32.0/19 maxlen: 19
85.90.32.0/21 maxlen: 21
85.90.44.0/23 maxlen: 23
85.90.40.0/22 maxlen: 22
85.90.48.0/22 maxlen: 22
85.90.52.0/22 maxlen: 22
85.90.56.0/22 maxlen: 22
85.90.60.0/22 maxlen: 22
46.254.192.0/21 maxlen: 21
46.254.192.0/23 maxlen: 23
46.254.196.0/23 maxlen: 23
46.254.194.0/23 maxlen: 23
46.254.198.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/8hWid5SXEbLAHNxmnkDhcTlYVbs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/8hWid5SXEbLAHNxmnkDhcTlYVbs.mft
rsync://rpki.ripe.net/repository/DEFAULT/8hWid5SXEbLAHNxmnkDhcTlYVbs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:17:6c:2f:61:4e:5d:a6:57:85:5d:09:23:6a:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f215a277949711b2c01cdc669e40e171395855bb
Validity
Not Before: Jan 2 06:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=522ceba82f305915f9ef3b53338bc37865040472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:73:71:8d:a1:4b:57:da:50:4f:2a:8f:4f:87:
d4:91:d5:ad:dd:88:1d:d5:f7:89:04:2a:9e:f3:86:
05:25:68:27:af:7f:ff:35:2c:6a:3e:79:d5:55:73:
24:2a:58:ed:7e:d7:14:db:aa:8c:34:a0:cd:54:65:
e8:c5:47:a6:b5:8a:e1:61:38:41:37:1b:07:22:4f:
65:64:6a:d8:8b:f2:c3:c7:fb:97:d0:9f:6f:79:ee:
61:32:c8:3f:e9:3e:aa:d1:de:05:7a:90:ad:92:29:
04:d4:7d:45:65:b1:94:a6:be:5c:04:b6:62:3c:cb:
54:d0:7b:99:aa:02:86:42:45:46:c3:8d:91:ca:3f:
ae:ff:94:86:03:17:68:62:0a:fd:af:63:ec:01:a4:
a3:aa:1d:2c:08:5d:dc:ef:c5:8b:fb:4c:ba:54:44:
6b:b8:1a:1e:44:b4:94:82:a6:9c:ca:62:c8:b0:2f:
ae:e3:2a:d9:7f:2a:ff:0a:60:3b:52:75:ec:56:b3:
0d:e7:98:f2:65:54:bf:07:ad:6b:f9:a0:c4:0d:ac:
b1:98:08:b0:42:30:90:44:5f:eb:25:0a:2c:15:e1:
35:fb:a9:37:d3:cb:5e:96:22:21:77:74:5d:1a:6b:
6c:79:dc:43:a9:14:c7:dd:77:96:ef:84:56:a9:c0:
87:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:2C:EB:A8:2F:30:59:15:F9:EF:3B:53:33:8B:C3:78:65:04:04:72
X509v3 Authority Key Identifier:
keyid:F2:15:A2:77:94:97:11:B2:C0:1C:DC:66:9E:40:E1:71:39:58:55:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8hWid5SXEbLAHNxmnkDhcTlYVbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/UizrqC8wWRX57ztTM4vDeGUEBHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/8hWid5SXEbLAHNxmnkDhcTlYVbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.192.0/21
85.90.32.0/19
212.31.128.0/19
Signature Algorithm: sha256WithRSAEncryption
72:83:fc:bf:9a:bb:e4:be:e5:4e:b0:6c:98:3c:a3:94:01:fe:
c0:9c:f2:ca:a3:2c:44:72:83:66:47:19:5e:e5:58:b8:95:37:
93:5b:14:b6:31:ab:3d:5f:3a:34:b5:7f:54:22:d6:fa:e0:8b:
02:3c:5b:5e:17:a1:a0:1d:e4:83:3d:49:a0:78:56:f2:c2:82:
0e:ac:e9:43:83:a4:ae:12:01:e9:8a:ba:4b:c6:e3:c9:ca:62:
6e:1c:60:f2:fd:4b:1a:d9:6e:8f:7c:d3:7e:1e:31:92:3d:21:
4e:a1:24:31:f4:7f:41:9f:d1:6f:fd:49:27:50:77:26:98:2b:
9a:42:e5:56:6a:5a:7b:82:7e:90:5e:d9:de:77:d0:0c:6a:71:
22:c3:61:61:52:aa:cb:ef:32:d6:06:e2:6a:f5:42:d3:19:54:
7a:fc:53:11:54:1f:2d:7e:0e:ca:0c:1c:a0:f2:d9:7f:c1:3d:
e3:f4:8a:38:c3:2e:3b:4d:5b:c1:64:d8:b2:fb:13:86:b9:96:
b0:1d:54:0c:43:93:81:60:ec:e1:f8:4a:37:60:b6:4d:d0:aa:
6f:e8:d6:d5:a1:04:b6:7e:dc:39:ef:76:26:3d:7c:61:a2:45:
30:e1:8b:1c:2b:a7:ea:45:73:b7:25:c9:f9:8f:67:e8:f4:87:
3f:b4:11:22
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI3RdsL2FOXaZXhV0JI2owMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMTVhMjc3OTQ5NzExYjJjMDFjZGM2NjllNDBlMTcxMzk1
ODU1YmIwHhcNMjQwMTAyMDYyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjJjZWJhODJmMzA1OTE1ZjllZjNiNTMzMzhiYzM3ODY1MDQwNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonNxjaFLV9pQTyqPT4fUkdWt3Ygd
1feJBCqe84YFJWgnr3//NSxqPnnVVXMkKljtftcU26qMNKDNVGXoxUemtYrhYThB
NxsHIk9lZGrYi/LDx/uX0J9vee5hMsg/6T6q0d4FepCtkikE1H1FZbGUpr5cBLZi
PMtU0HuZqgKGQkVGw42Ryj+u/5SGAxdoYgr9r2PsAaSjqh0sCF3c78WL+0y6VERr
uBoeRLSUgqacymLIsC+u4yrZfyr/CmA7UnXsVrMN55jyZVS/B61r+aDEDayxmAiw
QjCQRF/rJQosFeE1+6k308teliIhd3RdGmtsedxDqRTH3XeW74RWqcCH5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFIs66gvMFkV+e87UzOLw3hlBARyMB8GA1UdIwQY
MBaAFPIVoneUlxGywBzcZp5A4XE5WFW7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGhXaWQ1U1hFYkxBSE54bW5rRGhjVGxZVmJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9mMDhkNDUtNTQzYy00OWY3LTllNzgt
OTAzYzE5ODU5MGZhLzEvVWl6cnFDOHdXUlg1N3p0VE00dkRlR1VFQkhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9mMDhkNDUtNTQzYy00OWY3LTllNzgtOTAzYzE5ODU5MGZh
LzEvOGhXaWQ1U1hFYkxBSE54bW5rRGhjVGxZVmJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDLv7AAwQF
VVogAwQF1B+AMA0GCSqGSIb3DQEBCwUAA4IBAQByg/y/mrvkvuVOsGyYPKOUAf7A
nPLKoyxEcoNmRxle5Vi4lTeTWxS2Mas9Xzo0tX9UItb64IsCPFteF6GgHeSDPUmg
eFbywoIOrOlDg6SuEgHpirpLxuPJymJuHGDy/Usa2W6PfNN+HjGSPSFOoSQx9H9B
n9Fv/UknUHcmmCuaQuVWalp7gn6QXtned9AManEiw2FhUqrL7zLWBuJq9ULTGVR6
/FMRVB8tfg7KDByg8tl/wT3j9Io4wy47TVvBZNiy+xOGuZawHVQMQ5OBYOzh+Eo3
YLZN0Kpv6NbVoQS2ftw573YmPXxhokUw4YscK6fqRXO3Jcn5j2fo9Ic/tBEi
-----END CERTIFICATE-----
Generated at Wed May 22 07:41:49 2024 by rpki-client on console-fra.rpki-client.org