Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/UIsaIlZSTz4fxX_IN1UmaYBYTpQ.roa
File: UIsaIlZSTz4fxX_IN1UmaYBYTpQ.roa (raw, json)
Hash identifier: FrNzM0jyqMbkM/2WxV0tzZPvh3BKXAWmbtjG4vwkAfg=
Subject key identifier: 50:8B:1A:22:56:52:4F:3E:1F:C5:7F:C8:37:55:26:69:80:58:4E:94
Certificate issuer: /CN=90f273a63c51eaf3f9e5ae7b9faafdb2931340df
Certificate serial: 018CC94E27EE86F83A2F8AC1B596FDA6C7D7
Authority key identifier: 90:F2:73:A6:3C:51:EA:F3:F9:E5:AE:7B:9F:AA:FD:B2:93:13:40:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPJzpjxR6vP55a57n6r9spMTQN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/UIsaIlZSTz4fxX_IN1UmaYBYTpQ.roa
Signing time: Tue 02 Jan 2024 08:33:11 +0000
ROA not before: Tue 02 Jan 2024 08:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203339
IP address blocks: 185.220.118.0/24 maxlen: 24
185.220.116.0/24 maxlen: 24
185.220.117.0/24 maxlen: 24
84.38.128.0/24 maxlen: 24
2a0b:f6c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/kPJzpjxR6vP55a57n6r9spMTQN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/kPJzpjxR6vP55a57n6r9spMTQN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/kPJzpjxR6vP55a57n6r9spMTQN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:27:ee:86:f8:3a:2f:8a:c1:b5:96:fd:a6:c7:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90f273a63c51eaf3f9e5ae7b9faafdb2931340df
Validity
Not Before: Jan 2 08:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=508b1a2256524f3e1fc57fc83755266980584e94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a0:b2:11:4a:7d:15:3c:ae:62:43:79:93:9d:
14:57:58:1d:21:15:c8:04:3e:2c:31:7c:87:3c:ff:
70:ed:f5:d9:c3:e5:f0:88:49:0a:ac:73:4d:2a:5d:
d0:be:73:c6:f1:48:8b:ae:01:25:57:1a:b5:94:bd:
47:72:82:3b:25:d5:74:56:11:e0:2d:fb:20:e1:5c:
42:d0:8f:ba:22:28:45:c7:8a:b1:45:c8:97:3d:94:
b5:cf:8b:8f:3b:d2:f9:94:30:d3:9d:74:f6:c3:3d:
03:a6:98:58:37:76:eb:f8:ab:34:02:36:dc:00:4c:
d0:49:aa:c3:69:43:a6:41:7f:78:38:d1:3c:98:9d:
79:74:88:d2:c6:4d:9a:5f:92:a7:db:9f:3a:c3:1d:
24:2c:07:36:52:fe:0e:2b:7c:93:df:e5:9a:c9:b1:
bf:e6:5f:1a:b7:5b:0c:b4:57:d4:a6:9a:fe:9e:07:
61:1d:c2:a5:08:47:6c:d9:a4:0e:ae:de:a9:0a:66:
93:3d:09:75:1b:3d:b8:b6:1a:16:0c:fb:82:4d:63:
cb:82:6a:0e:81:df:a3:dd:db:60:ca:37:2e:2f:c4:
9f:e2:bf:e1:b6:d0:c0:f1:81:1e:9b:86:14:e5:b2:
1e:2c:a3:36:a1:82:b6:14:90:b6:17:0c:00:f1:1d:
b6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:8B:1A:22:56:52:4F:3E:1F:C5:7F:C8:37:55:26:69:80:58:4E:94
X509v3 Authority Key Identifier:
keyid:90:F2:73:A6:3C:51:EA:F3:F9:E5:AE:7B:9F:AA:FD:B2:93:13:40:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPJzpjxR6vP55a57n6r9spMTQN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/UIsaIlZSTz4fxX_IN1UmaYBYTpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/kPJzpjxR6vP55a57n6r9spMTQN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.128.0/24
185.220.116.0-185.220.118.255
IPv6:
2a0b:f6c0::/48
Signature Algorithm: sha256WithRSAEncryption
96:e6:0d:59:12:87:0e:60:9a:d8:fa:a5:d3:f4:70:6a:bf:d8:
80:4e:88:83:92:8e:ce:88:13:46:89:6c:e3:95:ee:93:ca:a6:
8b:be:1f:db:fc:b3:68:5a:09:8f:c5:c7:8f:fa:ef:c1:51:83:
2a:fc:1b:04:ed:d2:b8:f0:5c:4a:a6:5f:d4:c2:ec:81:c7:c9:
7f:6d:f0:0c:56:77:59:51:de:84:53:9e:8c:f4:0e:28:0d:d9:
70:1c:98:a4:27:76:74:e9:73:f0:91:61:20:ac:fe:98:2d:17:
58:15:5e:0e:f3:da:ef:2b:17:fc:b4:d4:1a:12:81:09:09:9f:
6a:a3:c2:f6:7e:5f:7d:d0:d3:de:1a:bc:6a:ab:69:b4:08:7b:
91:8f:de:0a:c3:1f:e1:74:36:f8:2e:bc:8d:ba:17:13:76:40:
6a:e8:f1:d0:9a:50:85:7d:5f:ec:c8:62:83:f0:64:83:8d:23:
89:68:6d:d3:20:28:e5:2b:4b:a1:83:94:77:8f:94:3e:f3:ab:
61:28:52:91:03:8e:39:a7:fb:e5:a6:a9:5a:ec:d2:b6:ad:d1:
1d:58:37:14:50:69:65:75:ad:31:c7:33:e7:28:a9:fa:8a:e6:
76:53:c7:e4:27:52:25:64:41:8d:ff:cb:9f:ea:18:f4:5f:0a:
36:55:50:b2
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzJTifuhvg6L4rBtZb9psfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZjI3M2E2M2M1MWVhZjNmOWU1YWU3YjlmYWFmZGIyOTMx
MzQwZGYwHhcNMjQwMTAyMDgzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDhiMWEyMjU2NTI0ZjNlMWZjNTdmYzgzNzU1MjY2OTgwNTg0ZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqCyEUp9FTyuYkN5k50UV1gdIRXI
BD4sMXyHPP9w7fXZw+XwiEkKrHNNKl3QvnPG8UiLrgElVxq1lL1HcoI7JdV0VhHg
Lfsg4VxC0I+6IihFx4qxRciXPZS1z4uPO9L5lDDTnXT2wz0DpphYN3br+Ks0Ajbc
AEzQSarDaUOmQX94ONE8mJ15dIjSxk2aX5Kn2586wx0kLAc2Uv4OK3yT3+WaybG/
5l8at1sMtFfUppr+ngdhHcKlCEds2aQOrt6pCmaTPQl1Gz24thoWDPuCTWPLgmoO
gd+j3dtgyjcuL8Sf4r/httDA8YEem4YU5bIeLKM2oYK2FJC2FwwA8R22GwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFFCLGiJWUk8+H8V/yDdVJmmAWE6UMB8GA1UdIwQY
MBaAFJDyc6Y8Uerz+eWue5+q/bKTE0DfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1BKenBqeFI2dlA1NWE1N242cjlzcE1UUU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9iYzY3NmItYzBiNi00ZmJiLTkzM2Yt
NTA4MmMyOGI3MTVmLzEvVUlzYUlsWlNUejRmeFhfSU4xVW1hWUJZVHBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9iYzY3NmItYzBiNi00ZmJiLTkzM2YtNTA4MmMyOGI3MTVm
LzEva1BKenBqeFI2dlA1NWE1N242cjlzcE1UUU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQAVCaAMAwD
BAK53HQDBAC53HYwDwQCAAIwCQMHACoL9sAAADANBgkqhkiG9w0BAQsFAAOCAQEA
luYNWRKHDmCa2Pql0/Rwar/YgE6Ig5KOzogTRols45Xuk8qmi74f2/yzaFoJj8XH
j/rvwVGDKvwbBO3SuPBcSqZf1MLsgcfJf23wDFZ3WVHehFOejPQOKA3ZcByYpCd2
dOlz8JFhIKz+mC0XWBVeDvPa7ysX/LTUGhKBCQmfaqPC9n5ffdDT3hq8aqtptAh7
kY/eCsMf4XQ2+C68jboXE3ZAaujx0JpQhX1f7Mhig/Bkg40jiWht0yAo5StLoYOU
d4+UPvOrYShSkQOOOaf75aapWuzStq3RHVg3FFBpZXWtMccz5yip+ormdlPH5CdS
JWRBjf/Ln+oY9F8KNlVQsg==
-----END CERTIFICATE-----
Generated at Wed Jun 26 00:03:27 2024 by rpki-client on console-ams.rpki-client.org