Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/UGDcdhlQdmSMpt3cKA7A0SaXC2M.roa
File: UGDcdhlQdmSMpt3cKA7A0SaXC2M.roa (raw, json)
Hash identifier: +fDW5zJ8YBpIkgkJoYpGx5ezxXRQ0FVKSAMZg7FFK9g=
Subject key identifier: 50:60:DC:76:19:50:76:64:8C:A6:DD:DC:28:0E:C0:D1:26:97:0B:63
Certificate issuer: /CN=af3038a717b154e1cfa47116832da26f28b2a304
Certificate serial: 018CC7261131199931297C546EC4BC0A7DDF
Authority key identifier: AF:30:38:A7:17:B1:54:E1:CF:A4:71:16:83:2D:A2:6F:28:B2:A3:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rzA4pxexVOHPpHEWgy2ibyiyowQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/UGDcdhlQdmSMpt3cKA7A0SaXC2M.roa
Signing time: Mon 01 Jan 2024 22:30:09 +0000
ROA not before: Mon 01 Jan 2024 22:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49214
IP address blocks: 217.22.32.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/rzA4pxexVOHPpHEWgy2ibyiyowQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/rzA4pxexVOHPpHEWgy2ibyiyowQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/rzA4pxexVOHPpHEWgy2ibyiyowQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:11:31:19:99:31:29:7c:54:6e:c4:bc:0a:7d:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af3038a717b154e1cfa47116832da26f28b2a304
Validity
Not Before: Jan 1 22:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5060dc76195076648ca6dddc280ec0d126970b63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:80:14:81:2c:d2:5a:7f:dd:8a:84:3d:d7:62:
f3:5d:e7:a0:25:8d:0f:63:dc:cb:12:64:93:4f:03:
67:43:1a:d8:7e:6d:f5:d3:a0:10:52:f8:8c:32:e3:
60:01:f2:84:e6:34:94:14:90:67:7a:c9:13:88:7d:
77:41:7f:4b:a8:13:09:6b:bd:eb:06:1e:18:73:64:
f7:c0:bb:16:55:e0:3c:b4:3a:bd:92:c5:21:32:02:
2f:b6:39:27:11:08:35:55:e0:c7:f8:1c:af:ab:47:
96:d5:a0:95:c2:0e:d4:01:e1:64:d8:1f:84:82:50:
84:27:f8:cd:4d:98:72:96:7f:b2:e6:bb:02:c9:83:
55:f3:58:e7:04:bd:e8:d5:fa:25:6d:b5:24:4b:5c:
d1:07:24:e0:c1:00:82:27:9b:9e:d3:b1:b5:2d:ab:
5c:02:b2:2c:2c:da:d9:8a:32:fc:02:49:16:d9:e1:
df:41:3d:15:06:5f:56:24:e8:0f:b8:8f:1b:d8:05:
e6:05:9a:46:d8:eb:b6:a8:c7:e7:05:a0:18:2e:a3:
93:5f:e3:eb:0e:b1:c2:be:a5:82:7d:06:3e:7e:37:
8a:98:36:5f:72:1f:f6:84:d7:41:6c:82:b6:29:60:
41:2d:4e:23:54:4a:da:f2:3d:f0:6b:3e:45:20:5d:
5f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:60:DC:76:19:50:76:64:8C:A6:DD:DC:28:0E:C0:D1:26:97:0B:63
X509v3 Authority Key Identifier:
keyid:AF:30:38:A7:17:B1:54:E1:CF:A4:71:16:83:2D:A2:6F:28:B2:A3:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rzA4pxexVOHPpHEWgy2ibyiyowQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/UGDcdhlQdmSMpt3cKA7A0SaXC2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/rzA4pxexVOHPpHEWgy2ibyiyowQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.22.32.0/20
Signature Algorithm: sha256WithRSAEncryption
40:aa:2e:12:84:a6:46:bc:29:36:b3:8d:e6:3a:c9:55:c6:ba:
2c:93:83:c7:5e:cb:a7:40:2a:f0:e8:ca:7d:da:be:0c:4f:e7:
b1:8d:0a:03:dc:14:87:58:6d:d6:fe:28:ff:47:65:68:07:39:
f3:f8:7d:8c:bc:3b:8e:90:e0:e1:d1:ef:22:f5:7f:72:a3:2c:
a6:5b:93:0a:c9:f1:d3:84:38:45:aa:5b:97:b1:59:c8:b3:d3:
2a:81:8f:5a:a2:b5:c1:1a:f1:9e:62:65:e2:a4:98:56:42:a3:
bd:0e:9e:e6:8f:0a:d2:9f:e3:cc:d6:bf:f7:62:f0:49:b3:3f:
82:51:09:ad:23:9f:21:20:d2:46:f0:18:51:90:83:e0:ee:e3:
84:7d:1c:8d:54:6b:f7:8e:2c:01:70:ca:c7:8e:f1:49:c2:0e:
f0:3a:3f:dd:fe:6e:40:3c:45:4f:e0:23:7b:04:6b:66:4c:70:
f9:1e:44:11:2e:48:dd:18:2c:db:0d:a1:3d:f5:00:b0:92:ca:
ca:f1:a1:68:5c:f6:50:75:bc:55:79:4b:66:64:27:51:21:92:
b7:6f:cd:b3:31:c4:11:af:0e:3f:e3:66:bb:be:d3:a6:a2:50:
b9:95:11:33:cf:3b:5a:0c:84:65:1c:a3:66:19:24:fd:0c:3b:
3f:6c:47:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJhExGZkxKXxUbsS8Cn3fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMzAzOGE3MTdiMTU0ZTFjZmE0NzExNjgzMmRhMjZmMjhi
MmEzMDQwHhcNMjQwMTAxMjIzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDYwZGM3NjE5NTA3NjY0OGNhNmRkZGMyODBlYzBkMTI2OTcwYjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYAUgSzSWn/dioQ912LzXeegJY0P
Y9zLEmSTTwNnQxrYfm3106AQUviMMuNgAfKE5jSUFJBneskTiH13QX9LqBMJa73r
Bh4Yc2T3wLsWVeA8tDq9ksUhMgIvtjknEQg1VeDH+Byvq0eW1aCVwg7UAeFk2B+E
glCEJ/jNTZhyln+y5rsCyYNV81jnBL3o1folbbUkS1zRByTgwQCCJ5ue07G1Latc
ArIsLNrZijL8AkkW2eHfQT0VBl9WJOgPuI8b2AXmBZpG2Ou2qMfnBaAYLqOTX+Pr
DrHCvqWCfQY+fjeKmDZfch/2hNdBbIK2KWBBLU4jVEra8j3waz5FIF1ftwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFBg3HYZUHZkjKbd3CgOwNEmlwtjMB8GA1UdIwQY
MBaAFK8wOKcXsVThz6RxFoMtom8osqMEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnpBNHB4ZXhWT0hQcEhFV2d5MmlieWl5b3dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82Y2ZiNzgtNjNiYy00ODIwLWI5MDMt
ODYwYzQ5ZDBlYjZhLzEvVUdEY2RobFFkbVNNcHQzY0tBN0EwU2FYQzJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82Y2ZiNzgtNjNiYy00ODIwLWI5MDMtODYwYzQ5ZDBlYjZh
LzEvcnpBNHB4ZXhWT0hQcEhFV2d5MmlieWl5b3dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2RYgMA0G
CSqGSIb3DQEBCwUAA4IBAQBAqi4ShKZGvCk2s43mOslVxrosk4PHXsunQCrw6Mp9
2r4MT+exjQoD3BSHWG3W/ij/R2VoBznz+H2MvDuOkODh0e8i9X9yoyymW5MKyfHT
hDhFqluXsVnIs9MqgY9aorXBGvGeYmXipJhWQqO9Dp7mjwrSn+PM1r/3YvBJsz+C
UQmtI58hINJG8BhRkIPg7uOEfRyNVGv3jiwBcMrHjvFJwg7wOj/d/m5APEVP4CN7
BGtmTHD5HkQRLkjdGCzbDaE99QCwksrK8aFoXPZQdbxVeUtmZCdRIZK3b82zMcQR
rw4/42a7vtOmolC5lREzzztaDIRlHKNmGST9DDs/bEd4
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:17:13 2024 by rpki-client on console-fra.rpki-client.org