Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/uDF7cF0FKP8Pq_OVmSawioGZVSM.roa
File: uDF7cF0FKP8Pq_OVmSawioGZVSM.roa (raw, json)
Hash identifier: oo6Q1df3OkUdxk2nXw6XvwREhhLeWN/c8RFmvIUKpLI=
Subject key identifier: B8:31:7B:70:5D:05:28:FF:0F:AB:F3:95:99:26:B0:8A:81:99:55:23
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 018CC94E6A33923C593F470A6A38EC3110EC
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/uDF7cF0FKP8Pq_OVmSawioGZVSM.roa
Signing time: Tue 02 Jan 2024 08:33:28 +0000
ROA not before: Tue 02 Jan 2024 08:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52000
IP address blocks: 85.239.36.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:6a:33:92:3c:59:3f:47:0a:6a:38:ec:31:10:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jan 2 08:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8317b705d0528ff0fabf3959926b08a81995523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:51:a2:41:75:a7:32:06:5f:2d:2d:f9:5d:06:
00:0d:76:9e:67:63:7d:5d:d2:3d:2b:63:48:a7:28:
c4:85:0a:5a:87:ea:83:cf:76:ab:e8:b8:74:9a:d5:
5d:fa:4d:ca:5d:f1:4e:56:75:08:2d:02:d0:81:73:
6e:ec:c9:e7:da:83:88:c9:56:08:83:e9:a6:c8:cf:
a4:40:00:ea:a1:e6:d0:d9:a4:9a:0e:c4:92:25:10:
d2:97:4d:8c:3e:64:f8:7e:9f:ff:ab:0a:66:7d:15:
72:b2:e9:31:6c:fe:f3:b2:10:2f:8c:ef:f8:2a:18:
83:ed:fd:74:ac:71:94:4e:e8:23:fd:bb:bd:7b:cd:
49:a6:12:f3:06:6c:82:66:ca:49:1a:f3:e0:f6:e3:
e2:d1:1f:ee:44:b4:f0:43:b3:f5:2b:43:2a:06:5b:
84:3d:7d:6f:17:85:f1:cb:c3:24:94:b4:a2:8f:53:
5b:4c:f6:51:db:ec:f9:85:3a:0d:35:70:2a:0c:bc:
ba:61:22:9a:b6:56:4a:56:c3:26:fd:b3:3b:87:70:
16:3e:b3:76:65:0e:04:68:d2:39:12:e7:c1:af:51:
3f:12:4a:a9:9e:28:8f:f7:6a:12:44:f0:74:3a:f3:
19:c6:05:17:3e:2b:dd:b4:91:40:53:7a:ad:2c:82:
e6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:31:7B:70:5D:05:28:FF:0F:AB:F3:95:99:26:B0:8A:81:99:55:23
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/uDF7cF0FKP8Pq_OVmSawioGZVSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.36.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:67:4f:d8:f7:ae:93:8f:8d:66:bf:98:31:45:7a:51:ff:ba:
82:50:f1:f3:65:32:b6:02:9a:d9:89:4f:a7:0c:d6:fa:a8:71:
78:c5:f7:7c:93:e3:cd:7e:ef:3f:20:c5:82:33:e1:31:32:78:
d1:1f:d2:7f:03:63:1d:11:e3:c7:26:ff:77:2e:d7:5e:8d:e6:
30:53:0c:c7:d1:e2:4a:2a:0f:e3:eb:08:2e:a1:3c:d0:d4:40:
2c:73:c5:0a:4f:e0:4c:7b:84:b4:fe:f1:31:c5:83:e7:c5:85:
d1:d0:b8:10:79:84:59:ef:7e:68:0d:1d:f0:09:bb:e0:73:f1:
b5:42:1c:5e:0b:81:b4:8e:82:25:fe:41:ad:0a:9c:34:54:3f:
46:93:90:33:67:49:a8:2f:ac:cb:43:fb:bd:6b:59:f6:8a:08:
3b:fb:e0:a4:a1:81:55:88:21:c9:b3:5d:47:f8:f6:96:bd:8b:
bc:ee:c0:b8:a0:b7:85:54:b9:b0:ca:6e:76:2a:34:b5:b7:05:
0d:41:a2:76:63:b7:a1:4e:e6:b2:54:e5:e7:ee:86:19:9b:dc:
c7:0e:af:1a:8d:3f:20:09:52:5b:bf:b9:ea:5f:d8:9d:56:01:
79:c8:0e:ef:76:12:47:fe:d3:bb:c4:c3:43:1f:69:1d:a6:e1:
1c:1f:8f:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTmozkjxZP0cKajjsMRDsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjQwMTAyMDgzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODMxN2I3MDVkMDUyOGZmMGZhYmYzOTU5OTI2YjA4YTgxOTk1NTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1GiQXWnMgZfLS35XQYADXaeZ2N9
XdI9K2NIpyjEhQpah+qDz3ar6Lh0mtVd+k3KXfFOVnUILQLQgXNu7Mnn2oOIyVYI
g+mmyM+kQADqoebQ2aSaDsSSJRDSl02MPmT4fp//qwpmfRVysukxbP7zshAvjO/4
KhiD7f10rHGUTugj/bu9e81JphLzBmyCZspJGvPg9uPi0R/uRLTwQ7P1K0MqBluE
PX1vF4Xxy8MklLSij1NbTPZR2+z5hToNNXAqDLy6YSKatlZKVsMm/bM7h3AWPrN2
ZQ4EaNI5EufBr1E/EkqpniiP92oSRPB0OvMZxgUXPivdtJFAU3qtLILmqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLgxe3BdBSj/D6vzlZkmsIqBmVUjMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvdURGN2NGMEZLUDhQcV9PVm1TYXdpb0daVlNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVe8kMA0G
CSqGSIb3DQEBCwUAA4IBAQALZ0/Y966Tj41mv5gxRXpR/7qCUPHzZTK2AprZiU+n
DNb6qHF4xfd8k+PNfu8/IMWCM+ExMnjRH9J/A2MdEePHJv93LtdejeYwUwzH0eJK
Kg/j6wguoTzQ1EAsc8UKT+BMe4S0/vExxYPnxYXR0LgQeYRZ735oDR3wCbvgc/G1
QhxeC4G0joIl/kGtCpw0VD9Gk5AzZ0moL6zLQ/u9a1n2igg7++CkoYFViCHJs11H
+PaWvYu87sC4oLeFVLmwym52KjS1twUNQaJ2Y7ehTuayVOXn7oYZm9zHDq8ajT8g
CVJbv7nqX9idVgF5yA7vdhJH/tO7xMNDH2kdpuEcH4/K
-----END CERTIFICATE-----
Generated at Tue May 7 15:29:12 2024 by rpki-client on console-ams.rpki-client.org