Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/bfe262-877b-4045-b684-e0f078e7643d/1/U2z0oCHvH_UMT4QneFHXpQ1Ogfw.roa
File: U2z0oCHvH_UMT4QneFHXpQ1Ogfw.roa (raw, json)
Hash identifier: 3qc5HI1mbTeYxFW2TiaDiZvLP51sSLKwzl5BLFSj5QM=
Subject key identifier: 53:6C:F4:A0:21:EF:1F:F5:0C:4F:84:27:78:51:D7:A5:0D:4E:81:FC
Certificate issuer: /CN=e34a17c35dc17e43e774f82375afd50f33c536a4
Certificate serial: 018CC26D6EA2D11F61054383C767A9E8603C
Authority key identifier: E3:4A:17:C3:5D:C1:7E:43:E7:74:F8:23:75:AF:D5:0F:33:C5:36:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/40oXw13BfkPndPgjda_VDzPFNqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/bfe262-877b-4045-b684-e0f078e7643d/1/U2z0oCHvH_UMT4QneFHXpQ1Ogfw.roa
Signing time: Mon 01 Jan 2024 00:30:00 +0000
ROA not before: Mon 01 Jan 2024 00:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20719
IP address blocks: 176.119.253.0/24 maxlen: 24
176.119.252.0/22 maxlen: 22
176.119.248.0/22 maxlen: 22
176.119.251.0/24 maxlen: 24
176.119.248.0/21 maxlen: 21
176.119.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/bfe262-877b-4045-b684-e0f078e7643d/1/40oXw13BfkPndPgjda_VDzPFNqQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/bfe262-877b-4045-b684-e0f078e7643d/1/40oXw13BfkPndPgjda_VDzPFNqQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/40oXw13BfkPndPgjda_VDzPFNqQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 22:03:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:6e:a2:d1:1f:61:05:43:83:c7:67:a9:e8:60:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e34a17c35dc17e43e774f82375afd50f33c536a4
Validity
Not Before: Jan 1 00:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=536cf4a021ef1ff50c4f84277851d7a50d4e81fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8c:13:c9:b4:3e:35:af:3b:8f:c1:73:08:ee:
19:d8:4a:26:15:60:34:ad:37:1e:9e:22:c7:94:bb:
06:4c:d8:52:84:6d:10:fa:01:b0:af:f7:1e:dc:59:
8d:fb:f1:83:cc:a1:aa:3d:3b:19:b5:fa:63:24:79:
75:0e:f0:f6:9d:65:47:2d:23:75:3f:34:58:c5:75:
eb:1f:b6:54:95:83:80:e5:78:aa:cc:3e:17:48:94:
1f:33:5e:08:48:e3:a0:07:4d:a0:5c:c9:a0:17:a5:
bd:fe:74:5c:9b:70:1f:3b:a3:53:2f:56:f9:6d:42:
dc:f7:71:16:80:38:f6:87:4a:e5:31:2d:b7:6d:21:
c3:ca:3b:46:f3:14:cd:ff:fe:2d:1a:27:a8:6e:32:
c7:b0:06:ed:0b:13:fa:a6:08:56:d8:82:71:57:f8:
32:f0:5f:60:e9:38:e6:fe:15:63:68:53:09:49:b5:
d0:9d:cb:00:28:c3:5c:7e:fa:12:0e:9e:27:63:b3:
bd:46:97:fc:10:96:e2:90:09:00:f5:4e:cf:76:a2:
a4:46:73:27:ff:21:73:54:da:9a:79:e6:79:d3:87:
6d:8a:53:ab:b6:fc:7f:05:b8:fb:fa:d5:6e:dd:de:
fc:ef:31:03:25:f7:6e:31:39:04:e1:ef:c6:b2:73:
72:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:6C:F4:A0:21:EF:1F:F5:0C:4F:84:27:78:51:D7:A5:0D:4E:81:FC
X509v3 Authority Key Identifier:
keyid:E3:4A:17:C3:5D:C1:7E:43:E7:74:F8:23:75:AF:D5:0F:33:C5:36:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/40oXw13BfkPndPgjda_VDzPFNqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bfe262-877b-4045-b684-e0f078e7643d/1/U2z0oCHvH_UMT4QneFHXpQ1Ogfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bfe262-877b-4045-b684-e0f078e7643d/1/40oXw13BfkPndPgjda_VDzPFNqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.248.0/21
Signature Algorithm: sha256WithRSAEncryption
10:d5:9b:35:7b:26:0f:37:bc:e5:20:8f:50:67:f3:a8:a9:10:
93:8d:f5:50:4f:0c:68:7b:ad:c1:1f:27:f8:3c:a2:ee:ef:c4:
6e:e3:8e:f5:72:c1:6a:8c:ca:15:84:a0:be:5d:70:af:0b:24:
21:97:4a:8a:eb:88:6a:41:cd:28:53:55:23:99:a2:e7:62:d9:
f6:40:f3:eb:0b:35:a5:9c:24:12:14:5e:5c:08:17:2a:3c:93:
01:37:35:a4:53:df:1c:4d:ba:b6:40:1c:e4:33:47:28:c7:fd:
6a:16:78:b7:78:ad:11:0b:7a:a7:ab:ed:8e:3d:c3:91:d1:20:
48:fc:85:12:d9:2b:14:15:eb:81:be:45:50:5c:1c:f4:2a:96:
d0:70:80:19:9c:ff:b9:3a:fc:0a:8c:3c:71:60:78:5c:d5:02:
c7:21:04:70:3a:2a:1a:95:6c:07:c6:1c:30:fe:51:32:1c:21:
9e:7b:88:5e:17:5a:6f:04:52:e1:70:6f:11:a3:19:eb:46:5d:
a1:27:b4:55:05:4d:21:74:01:a9:ff:9b:20:fb:65:28:ca:6c:
86:29:80:25:56:ed:51:00:19:15:44:97:68:ef:d5:be:58:95:
b2:0d:9f:eb:f7:33:f7:fe:6d:48:1d:4c:6e:45:f6:00:08:de:
95:6b:a4:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbW6i0R9hBUODx2ep6GA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzNGExN2MzNWRjMTdlNDNlNzc0ZjgyMzc1YWZkNTBmMzNj
NTM2YTQwHhcNMjQwMTAxMDAzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzZjZjRhMDIxZWYxZmY1MGM0Zjg0Mjc3ODUxZDdhNTBkNGU4MWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIwTybQ+Na87j8FzCO4Z2EomFWA0
rTceniLHlLsGTNhShG0Q+gGwr/ce3FmN+/GDzKGqPTsZtfpjJHl1DvD2nWVHLSN1
PzRYxXXrH7ZUlYOA5XiqzD4XSJQfM14ISOOgB02gXMmgF6W9/nRcm3AfO6NTL1b5
bULc93EWgDj2h0rlMS23bSHDyjtG8xTN//4tGieobjLHsAbtCxP6pghW2IJxV/gy
8F9g6Tjm/hVjaFMJSbXQncsAKMNcfvoSDp4nY7O9Rpf8EJbikAkA9U7PdqKkRnMn
/yFzVNqaeeZ504dtilOrtvx/Bbj7+tVu3d787zEDJfduMTkE4e/GsnNy1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFNs9KAh7x/1DE+EJ3hR16UNToH8MB8GA1UdIwQY
MBaAFONKF8NdwX5D53T4I3Wv1Q8zxTakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDBvWHcxM0Jma1BuZFBnamRhX1ZEelBGTnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iZmUyNjItODc3Yi00MDQ1LWI2ODQt
ZTBmMDc4ZTc2NDNkLzEvVTJ6MG9DSHZIX1VNVDRRbmVGSFhwUTFPZ2Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iZmUyNjItODc3Yi00MDQ1LWI2ODQtZTBmMDc4ZTc2NDNk
LzEvNDBvWHcxM0Jma1BuZFBnamRhX1ZEelBGTnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsHf4MA0G
CSqGSIb3DQEBCwUAA4IBAQAQ1Zs1eyYPN7zlII9QZ/OoqRCTjfVQTwxoe63BHyf4
PKLu78Ru4471csFqjMoVhKC+XXCvCyQhl0qK64hqQc0oU1UjmaLnYtn2QPPrCzWl
nCQSFF5cCBcqPJMBNzWkU98cTbq2QBzkM0cox/1qFni3eK0RC3qnq+2OPcOR0SBI
/IUS2SsUFeuBvkVQXBz0KpbQcIAZnP+5OvwKjDxxYHhc1QLHIQRwOioalWwHxhww
/lEyHCGee4heF1pvBFLhcG8RoxnrRl2hJ7RVBU0hdAGp/5sg+2UoymyGKYAlVu1R
ABkVRJdo79W+WJWyDZ/r9zP3/m1IHUxuRfYACN6Va6RB
-----END CERTIFICATE-----
Generated at Thu May 23 00:40:35 2024 by rpki-client on console-fra.rpki-client.org