Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/UDSPZJoIjLRczSAzjq-dS4TDOqw.roa
File: UDSPZJoIjLRczSAzjq-dS4TDOqw.roa (raw, json)
Hash identifier: bqFG7AR+ednRnhbqy/knPYf9kWZPrXkG6ii9ru3Sgb4=
Subject key identifier: 50:34:8F:64:9A:08:8C:B4:5C:CD:20:33:8E:AF:9D:4B:84:C3:3A:AC
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EC7F5004802D2170313EECFCAE691FCC4
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/UDSPZJoIjLRczSAzjq-dS4TDOqw.roa
Signing time: Wed 10 Apr 2024 12:21:46 +0000
ROA not before: Wed 10 Apr 2024 12:21:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21378
IP address blocks: 80.246.64.0/19 maxlen: 19
80.246.64.0/21 maxlen: 21
84.42.0.0/19 maxlen: 19
84.42.0.0/21 maxlen: 21
84.42.8.0/21 maxlen: 21
84.42.16.0/21 maxlen: 21
84.42.24.0/21 maxlen: 21
2a02:2708::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c7:f5:00:48:02:d2:17:03:13:ee:cf:ca:e6:91:fc:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 10 12:21:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50348f649a088cb45ccd20338eaf9d4b84c33aac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:17:35:ce:38:94:1c:37:5a:91:8b:8d:bf:cd:
31:51:90:de:4b:02:16:94:6c:63:4b:42:3f:54:41:
2a:3d:87:56:a6:b6:64:7d:59:dc:61:12:d7:7c:6c:
a1:bb:55:39:a5:d2:51:a3:bf:00:ae:95:b5:1e:a8:
46:8c:94:22:6c:7b:06:7e:e2:80:7a:ba:14:78:d0:
12:d6:90:87:2b:a9:1e:c2:68:7a:f8:9c:c0:68:db:
92:e3:48:0c:e6:8c:69:bd:0e:68:50:8f:06:bd:4f:
97:75:52:23:db:0a:21:f1:6a:96:08:7e:c6:8b:48:
ee:d8:45:85:6d:20:b6:08:aa:33:ff:8f:c7:f9:60:
a9:2a:d4:14:d9:18:37:a9:14:2b:d3:f9:b9:da:17:
07:36:bd:ad:15:b1:a7:56:53:d6:8f:87:e9:70:91:
e3:a9:f1:69:87:c0:bb:08:a9:a1:14:af:55:3f:02:
83:1e:a7:52:a1:d3:d6:ff:e6:fb:09:ae:d8:f4:ec:
c8:29:c7:eb:ca:6d:37:2b:fe:c3:4c:34:f8:60:de:
8f:89:cc:44:57:0c:0d:60:ff:dd:bf:b7:01:29:c9:
60:6d:48:76:bf:2b:1f:5b:2d:11:1d:81:61:03:2d:
21:f9:b8:c5:ff:bc:95:0b:1e:8e:3a:19:4b:e4:27:
c3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:34:8F:64:9A:08:8C:B4:5C:CD:20:33:8E:AF:9D:4B:84:C3:3A:AC
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/UDSPZJoIjLRczSAzjq-dS4TDOqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.246.64.0/19
84.42.0.0/19
IPv6:
2a02:2708::/32
Signature Algorithm: sha256WithRSAEncryption
06:f6:de:86:2a:80:d8:41:7b:a4:ca:bf:73:53:a1:2d:05:df:
81:ef:af:ce:0c:be:ae:70:3e:ad:1b:04:e4:80:a3:0b:37:98:
c4:ec:e2:bb:20:00:f7:83:10:b7:a5:89:8e:0b:16:57:5a:e0:
ac:fa:c3:31:5f:a2:e0:4a:70:91:de:f9:22:9d:93:ea:47:2a:
37:cf:ba:48:25:4b:36:37:89:23:91:4c:cc:5e:d0:fa:ae:e9:
ac:be:3c:21:ee:9b:5e:87:e3:a4:83:95:3f:73:1c:7d:7e:a5:
ad:ac:ed:ed:70:b1:95:1b:b7:62:20:39:73:6f:5c:4f:bc:3b:
42:87:a1:e5:1a:fd:ba:ae:89:0b:08:dd:d1:8d:91:b5:9c:f5:
58:e3:f8:48:78:05:6e:85:39:22:1d:d2:f0:2f:e3:4e:54:0d:
83:f6:e9:25:46:82:a6:e8:29:fc:fd:51:fb:af:65:78:04:46:
67:97:3b:07:c3:8f:c5:c7:20:02:71:fb:0f:db:34:84:31:59:
83:59:64:20:c5:2f:74:ca:b0:b8:de:e0:f5:34:4a:f8:a7:dc:
2c:d9:95:5f:91:a8:6d:bc:7c:0a:f3:7d:30:b4:b6:da:cf:4f:
46:52:99:ba:e9:7c:bb:9b:5a:1d:5d:0c:44:3d:22:71:3d:02:
07:20:44:f7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY7H9QBIAtIXAxPuz8rmkfzEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDEwMTIyMTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDM0OGY2NDlhMDg4Y2I0NWNjZDIwMzM4ZWFmOWQ0Yjg0YzMzYWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRc1zjiUHDdakYuNv80xUZDeSwIW
lGxjS0I/VEEqPYdWprZkfVncYRLXfGyhu1U5pdJRo78ArpW1HqhGjJQibHsGfuKA
eroUeNAS1pCHK6kewmh6+JzAaNuS40gM5oxpvQ5oUI8GvU+XdVIj2woh8WqWCH7G
i0ju2EWFbSC2CKoz/4/H+WCpKtQU2Rg3qRQr0/m52hcHNr2tFbGnVlPWj4fpcJHj
qfFph8C7CKmhFK9VPwKDHqdSodPW/+b7Ca7Y9OzIKcfrym03K/7DTDT4YN6PicxE
VwwNYP/dv7cBKclgbUh2vysfWy0RHYFhAy0h+bjF/7yVCx6OOhlL5CfD8wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFA0j2SaCIy0XM0gM46vnUuEwzqsMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvVURTUFpKb0lqTFJjelNBempxLWRTNFRET3F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFUPZAAwQF
VCoAMA0EAgACMAcDBQAqAicIMA0GCSqGSIb3DQEBCwUAA4IBAQAG9t6GKoDYQXuk
yr9zU6EtBd+B76/ODL6ucD6tGwTkgKMLN5jE7OK7IAD3gxC3pYmOCxZXWuCs+sMx
X6LgSnCR3vkinZPqRyo3z7pIJUs2N4kjkUzMXtD6rumsvjwh7pteh+Okg5U/cxx9
fqWtrO3tcLGVG7diIDlzb1xPvDtCh6HlGv26rokLCN3RjZG1nPVY4/hIeAVuhTki
HdLwL+NOVA2D9uklRoKm6Cn8/VH7r2V4BEZnlzsHw4/FxyACcfsP2zSEMVmDWWQg
xS90yrC43uD1NEr4p9ws2ZVfkahtvHwK830wtLbaz09GUpm66Xy7m1odXQxEPSJx
PQIHIET3
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:49:03 2024 by rpki-client on console-fra.rpki-client.org