Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/UipgvSFzVASoHxZgVrnk27ND5xo.roa
File: UipgvSFzVASoHxZgVrnk27ND5xo.roa (raw, json)
Hash identifier: NhDvt1UPiegHilyrjvRA3Mmf/E+MEk+I0EChb5p65Ms=
Subject key identifier: 52:2A:60:BD:21:73:54:04:A8:1F:16:60:56:B9:E4:DB:B3:43:E7:1A
Certificate issuer: /CN=5e8cb6da358a8d2d270c305f8b61f3c990d5766e
Certificate serial: 01922E46648C8CE87BACB48C13ED4878C341
Authority key identifier: 5E:8C:B6:DA:35:8A:8D:2D:27:0C:30:5F:8B:61:F3:C9:90:D5:76:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xoy22jWKjS0nDDBfi2HzyZDVdm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/UipgvSFzVASoHxZgVrnk27ND5xo.roa
Signing time: Thu 26 Sep 2024 12:20:18 +0000
ROA not before: Thu 26 Sep 2024 12:20:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28876
IP address blocks: 81.89.160.0/20 maxlen: 20
217.24.48.0/20 maxlen: 20
217.24.48.0/21 maxlen: 21
217.24.56.0/21 maxlen: 21
2a00:9d80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/Xoy22jWKjS0nDDBfi2HzyZDVdm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/Xoy22jWKjS0nDDBfi2HzyZDVdm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xoy22jWKjS0nDDBfi2HzyZDVdm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2e:46:64:8c:8c:e8:7b:ac:b4:8c:13:ed:48:78:c3:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8cb6da358a8d2d270c305f8b61f3c990d5766e
Validity
Not Before: Sep 26 12:20:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=522a60bd21735404a81f166056b9e4dbb343e71a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:bf:af:eb:0f:37:d7:e9:fc:ea:06:f0:d3:a4:
64:81:a3:e7:9a:9f:a3:4b:1e:95:ba:ce:db:c1:a2:
90:8f:f2:27:ae:29:d7:8d:81:87:e3:0f:2d:f3:51:
3b:d2:38:1d:c9:3f:d9:ef:4c:18:05:61:5b:29:77:
d1:d3:bf:1f:ba:2b:35:07:c7:9c:8f:93:fa:18:dd:
81:f1:26:df:73:66:42:f1:14:74:a9:08:eb:0e:bf:
c9:ed:b4:ae:25:92:23:2e:98:a3:eb:02:04:c1:13:
1b:ce:92:b1:de:a8:33:4a:58:89:d4:7b:b1:57:03:
4f:b6:c9:9c:f2:f0:7e:a5:8e:94:18:63:bd:f7:e0:
ac:b1:bc:f1:25:84:a4:0e:5d:29:f6:60:d6:6d:94:
61:3d:b5:09:d5:ac:df:08:ad:25:92:33:9d:51:ed:
83:16:b7:08:11:a5:16:9b:9b:7d:1a:29:eb:30:3a:
54:8a:ed:07:63:a5:ba:e9:89:f7:a2:f8:36:6a:e7:
af:5b:47:61:be:0f:14:de:43:49:09:7b:2d:66:fb:
07:b6:f5:4d:0b:f6:2c:c8:52:e4:d0:77:78:a6:64:
cd:4e:51:27:96:5f:c8:f5:a4:b3:5d:f0:bc:98:60:
9e:88:d6:68:df:bb:92:ed:8c:11:c3:80:f6:ee:01:
bf:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:2A:60:BD:21:73:54:04:A8:1F:16:60:56:B9:E4:DB:B3:43:E7:1A
X509v3 Authority Key Identifier:
keyid:5E:8C:B6:DA:35:8A:8D:2D:27:0C:30:5F:8B:61:F3:C9:90:D5:76:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xoy22jWKjS0nDDBfi2HzyZDVdm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/UipgvSFzVASoHxZgVrnk27ND5xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/Xoy22jWKjS0nDDBfi2HzyZDVdm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.89.160.0/20
217.24.48.0/20
IPv6:
2a00:9d80::/32
Signature Algorithm: sha256WithRSAEncryption
3b:5c:3b:72:f2:3b:01:23:24:7b:86:3b:7d:6a:56:0f:12:1f:
d2:f5:b8:8b:7a:cb:1e:0f:ec:26:f3:22:a8:1b:dc:2f:ec:2b:
b9:7e:fc:44:46:c3:87:cc:5e:8b:af:2d:96:cd:07:f2:f8:31:
4b:64:a3:6b:68:8e:53:b7:6a:62:43:01:df:86:50:e8:43:f8:
80:82:d7:4a:89:f0:89:ae:4c:25:c0:eb:49:78:ba:7b:b5:a6:
86:99:59:1b:bd:38:ef:ff:40:41:ba:a3:69:f8:41:4c:19:b1:
1f:ef:47:9a:55:66:ae:7a:9c:d5:47:2e:ec:62:c5:44:f2:ae:
c9:dd:53:7f:8f:da:8c:9a:be:66:cb:71:2e:72:15:c1:57:3a:
1c:81:ca:31:ec:0c:38:7e:be:75:0a:33:70:eb:a1:8c:0c:28:
93:4d:85:5c:63:0e:4c:ae:9d:69:ce:b8:69:c4:69:a0:07:a0:
8c:2e:a6:e8:e7:cb:2c:14:11:65:6c:ad:6a:96:54:e0:40:d7:
6e:a5:94:0c:3a:1f:18:b0:c2:96:57:06:bf:42:5d:e9:5d:ce:
c6:b6:f8:34:f4:ec:58:d5:78:52:81:c5:2c:b8:c1:a4:a1:24:
42:29:45:73:4f:b4:67:ab:7e:38:6c:5f:60:73:65:cf:65:6e:
77:8e:32:ae
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZIuRmSMjOh7rLSME+1IeMNBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOGNiNmRhMzU4YThkMmQyNzBjMzA1ZjhiNjFmM2M5OTBk
NTc2NmUwHhcNMjQwOTI2MTIyMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjJhNjBiZDIxNzM1NDA0YTgxZjE2NjA1NmI5ZTRkYmIzNDNlNzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2L+v6w831+n86gbw06RkgaPnmp+j
Sx6Vus7bwaKQj/InrinXjYGH4w8t81E70jgdyT/Z70wYBWFbKXfR078fuis1B8ec
j5P6GN2B8Sbfc2ZC8RR0qQjrDr/J7bSuJZIjLpij6wIEwRMbzpKx3qgzSliJ1Hux
VwNPtsmc8vB+pY6UGGO99+CssbzxJYSkDl0p9mDWbZRhPbUJ1azfCK0lkjOdUe2D
FrcIEaUWm5t9GinrMDpUiu0HY6W66Yn3ovg2auevW0dhvg8U3kNJCXstZvsHtvVN
C/YsyFLk0Hd4pmTNTlEnll/I9aSzXfC8mGCeiNZo37uS7YwRw4D27gG/hwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFIqYL0hc1QEqB8WYFa55NuzQ+caMB8GA1UdIwQY
MBaAFF6Mtto1io0tJwwwX4th88mQ1XZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG95MjJqV0tqUzBuRERCZmkySHp5WkRWZG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mMDI2NjEtYjU5MS00ZjVlLWIzNjkt
Zjc0YTVmMmJjYjQ3LzEvVWlwZ3ZTRnpWQVNvSHhaZ1ZybmsyN05ENXhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9mMDI2NjEtYjU5MS00ZjVlLWIzNjktZjc0YTVmMmJjYjQ3
LzEvWG95MjJqV0tqUzBuRERCZmkySHp5WkRWZG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUVmgAwQE
2RgwMA0EAgACMAcDBQAqAJ2AMA0GCSqGSIb3DQEBCwUAA4IBAQA7XDty8jsBIyR7
hjt9alYPEh/S9biLesseD+wm8yKoG9wv7Cu5fvxERsOHzF6Lry2WzQfy+DFLZKNr
aI5Tt2piQwHfhlDoQ/iAgtdKifCJrkwlwOtJeLp7taaGmVkbvTjv/0BBuqNp+EFM
GbEf70eaVWauepzVRy7sYsVE8q7J3VN/j9qMmr5my3EuchXBVzocgcox7Aw4fr51
CjNw66GMDCiTTYVcYw5Mrp1pzrhpxGmgB6CMLqbo58ssFBFlbK1qllTgQNdupZQM
Oh8YsMKWVwa/Ql3pXc7Gtvg09OxY1XhSgcUsuMGkoSRCKUVzT7Rnq344bF9gc2XP
ZW53jjKu
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:36:24 2024 by rpki-client on console-ams.rpki-client.org