Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/ufM4uDE1WgnaS4kBEdVjCdTVOMQ.roa
File: ufM4uDE1WgnaS4kBEdVjCdTVOMQ.roa (raw, json)
Hash identifier: H6IPGhC+sx8pX0bzqUL7+gdcT0D0s1XB5/P6g72mXkA=
Subject key identifier: B9:F3:38:B8:31:35:5A:09:DA:4B:89:01:11:D5:63:09:D4:D5:38:C4
Certificate issuer: /CN=dbbf37909ce17ba53ad90a8632377a5d938743e5
Certificate serial: 019173D54623012D9B8C0F4A0007EB9A7D0B
Authority key identifier: DB:BF:37:90:9C:E1:7B:A5:3A:D9:0A:86:32:37:7A:5D:93:87:43:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2783kJzhe6U62QqGMjd6XZOHQ-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/ufM4uDE1WgnaS4kBEdVjCdTVOMQ.roa
Signing time: Wed 21 Aug 2024 07:27:22 +0000
ROA not before: Wed 21 Aug 2024 07:27:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 267809
IP address blocks: 82.86.112.0/20 maxlen: 20
82.86.112.0/21 maxlen: 21
82.86.112.0/22 maxlen: 22
82.86.112.0/23 maxlen: 23
82.86.112.0/24 maxlen: 24
82.86.113.0/24 maxlen: 24
82.86.114.0/23 maxlen: 23
82.86.114.0/24 maxlen: 24
82.86.115.0/24 maxlen: 24
82.86.116.0/22 maxlen: 22
82.86.116.0/23 maxlen: 23
82.86.116.0/24 maxlen: 24
82.86.117.0/24 maxlen: 24
82.86.118.0/23 maxlen: 23
82.86.118.0/24 maxlen: 24
82.86.119.0/24 maxlen: 24
82.86.120.0/21 maxlen: 21
82.86.120.0/22 maxlen: 22
82.86.120.0/23 maxlen: 23
82.86.120.0/24 maxlen: 24
82.86.121.0/24 maxlen: 24
82.86.122.0/23 maxlen: 23
82.86.122.0/24 maxlen: 24
82.86.123.0/24 maxlen: 24
82.86.124.0/22 maxlen: 22
82.86.124.0/23 maxlen: 23
82.86.124.0/24 maxlen: 24
82.86.125.0/24 maxlen: 24
82.86.126.0/23 maxlen: 23
82.86.126.0/24 maxlen: 24
82.86.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/2783kJzhe6U62QqGMjd6XZOHQ-U.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/2783kJzhe6U62QqGMjd6XZOHQ-U.mft
rsync://rpki.ripe.net/repository/DEFAULT/2783kJzhe6U62QqGMjd6XZOHQ-U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:73:d5:46:23:01:2d:9b:8c:0f:4a:00:07:eb:9a:7d:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbbf37909ce17ba53ad90a8632377a5d938743e5
Validity
Not Before: Aug 21 07:27:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9f338b831355a09da4b890111d56309d4d538c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b5:3e:b4:f0:a0:6e:fe:58:7f:3c:b4:40:a4:
03:92:ab:a6:26:db:2c:b0:4b:83:b7:f0:2f:62:53:
b3:08:a5:88:38:65:b5:15:51:ac:a3:e4:4a:66:76:
c7:48:bd:be:5d:d9:d9:1c:07:78:56:a4:09:aa:ba:
0b:ed:a6:19:e4:27:03:4a:c9:bd:2e:58:72:df:56:
d7:ad:64:61:3f:ce:0e:36:a3:1d:27:32:4a:f6:3f:
1f:8e:28:a7:e0:db:a7:90:bf:2e:f6:bf:3b:9b:86:
d8:da:20:dd:a8:bd:48:11:aa:27:b5:1b:90:28:77:
af:f5:4f:1f:0f:8c:6f:8d:e8:e5:ae:e1:f8:89:77:
04:8e:7c:79:80:0c:3e:c3:74:93:ff:e7:7a:0a:05:
64:ca:0a:ff:f2:42:f5:69:7c:fb:ef:99:74:4c:de:
dd:41:13:6d:69:60:84:ca:36:ad:f6:2f:8e:9f:8c:
c1:99:cc:16:bf:33:73:d6:53:d9:92:2d:b1:bd:e8:
81:4c:78:df:ea:29:fe:2f:9d:ee:96:d4:00:db:2d:
03:d0:b1:12:f1:66:a7:6c:ca:53:03:32:19:df:30:
5c:c9:fc:ef:4d:01:fe:10:bd:ee:f4:f6:56:04:6e:
e8:34:73:f4:f6:15:8e:e0:d4:dc:c8:ea:b1:34:ba:
8b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:F3:38:B8:31:35:5A:09:DA:4B:89:01:11:D5:63:09:D4:D5:38:C4
X509v3 Authority Key Identifier:
keyid:DB:BF:37:90:9C:E1:7B:A5:3A:D9:0A:86:32:37:7A:5D:93:87:43:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2783kJzhe6U62QqGMjd6XZOHQ-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/ufM4uDE1WgnaS4kBEdVjCdTVOMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/2783kJzhe6U62QqGMjd6XZOHQ-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.86.112.0/20
Signature Algorithm: sha256WithRSAEncryption
6c:ac:3b:19:2e:07:32:db:a2:99:d9:ed:b6:89:ac:52:88:26:
e9:12:4b:1b:af:f5:26:2c:69:b8:7d:67:7d:5c:b8:20:b9:db:
bf:bc:8d:ac:72:eb:b1:fb:2c:17:c9:fc:2a:30:18:7a:70:1b:
ff:20:de:13:4b:73:c0:c0:43:51:59:14:17:a9:d2:71:a7:35:
e3:93:bc:1f:ef:95:1e:85:90:10:71:5d:fd:ba:74:5f:bb:9f:
eb:6b:9d:a8:93:5c:46:41:a8:3b:4e:b7:7c:82:51:8d:00:1a:
d7:96:bf:61:58:38:b1:d3:65:37:5b:c4:12:dd:ac:71:02:4d:
f7:68:fc:18:40:fd:27:0b:1d:57:7d:10:35:7d:bc:6f:2c:71:
00:86:a7:49:62:82:23:aa:15:af:74:0b:a1:bf:ff:e2:80:83:
3a:99:07:40:6b:a8:aa:0b:5e:c2:68:87:c3:df:6a:a7:ed:76:
79:26:d4:77:09:fd:b5:42:30:2d:06:19:6e:83:96:9f:cc:80:
ee:91:b2:a1:1c:88:f0:6d:e6:6b:a5:76:f4:6e:e9:78:86:bc:
aa:06:8b:d6:65:bd:da:38:52:55:1a:a7:a4:01:fa:79:de:a6:
9a:fc:8a:8f:cb:8e:a0:b6:b0:6b:25:58:c0:1c:09:74:7c:86:
1c:c1:a0:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFz1UYjAS2bjA9KAAfrmn0LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYmYzNzkwOWNlMTdiYTUzYWQ5MGE4NjMyMzc3YTVkOTM4
NzQzZTUwHhcNMjQwODIxMDcyNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWYzMzhiODMxMzU1YTA5ZGE0Yjg5MDExMWQ1NjMwOWQ0ZDUzOGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7U+tPCgbv5Yfzy0QKQDkqumJtss
sEuDt/AvYlOzCKWIOGW1FVGso+RKZnbHSL2+XdnZHAd4VqQJqroL7aYZ5CcDSsm9
Llhy31bXrWRhP84ONqMdJzJK9j8fjiin4NunkL8u9r87m4bY2iDdqL1IEaontRuQ
KHev9U8fD4xvjejlruH4iXcEjnx5gAw+w3ST/+d6CgVkygr/8kL1aXz775l0TN7d
QRNtaWCEyjat9i+On4zBmcwWvzNz1lPZki2xveiBTHjf6in+L53ultQA2y0D0LES
8WanbMpTAzIZ3zBcyfzvTQH+EL3u9PZWBG7oNHP09hWO4NTcyOqxNLqLVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLnzOLgxNVoJ2kuJARHVYwnU1TjEMB8GA1UdIwQY
MBaAFNu/N5Cc4XulOtkKhjI3el2Th0PlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjc4M2tKemhlNlU2MlFxR01qZDZYWk9IUS1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xMzczYTAtOGMzZC00MjgzLWE1Y2Ut
ODIyZWE0M2RjMThkLzEvdWZNNHVERTFXZ25hUzRrQkVkVmpDZFRWT01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xMzczYTAtOGMzZC00MjgzLWE1Y2UtODIyZWE0M2RjMThk
LzEvMjc4M2tKemhlNlU2MlFxR01qZDZYWk9IUS1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUlZwMA0G
CSqGSIb3DQEBCwUAA4IBAQBsrDsZLgcy26KZ2e22iaxSiCbpEksbr/UmLGm4fWd9
XLggudu/vI2scuux+ywXyfwqMBh6cBv/IN4TS3PAwENRWRQXqdJxpzXjk7wf75Ue
hZAQcV39unRfu5/ra52ok1xGQag7Trd8glGNABrXlr9hWDix02U3W8QS3axxAk33
aPwYQP0nCx1XfRA1fbxvLHEAhqdJYoIjqhWvdAuhv//igIM6mQdAa6iqC17CaIfD
32qn7XZ5JtR3Cf21QjAtBhlug5afzIDukbKhHIjwbeZrpXb0bul4hryqBovWZb3a
OFJVGqekAfp53qaa/IqPy46gtrBrJVjAHAl0fIYcwaCe
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:10:54 2024 by rpki-client on console-ams.rpki-client.org