Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/8f7148-236d-4088-89e6-665995c62838/1/u7FqIlCAINWxXXzpugEWtYcs7PM.roa
File: u7FqIlCAINWxXXzpugEWtYcs7PM.roa (raw, json)
Hash identifier: pID3qvumI2k2tsC4pCbSQxo2PbKYj+c3yog3i1zTsDQ=
Subject key identifier: BB:B1:6A:22:50:80:20:D5:B1:5D:7C:E9:BA:01:16:B5:87:2C:EC:F3
Certificate issuer: /CN=53153003737d78f722db9a28e22043e35d8d871e
Certificate serial: 018CCA997E5E8D957EEFB5C4428FCCBD8F0A
Authority key identifier: 53:15:30:03:73:7D:78:F7:22:DB:9A:28:E2:20:43:E3:5D:8D:87:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UxUwA3N9ePci25oo4iBD412Nhx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/8f7148-236d-4088-89e6-665995c62838/1/u7FqIlCAINWxXXzpugEWtYcs7PM.roa
Signing time: Tue 02 Jan 2024 14:35:06 +0000
ROA not before: Tue 02 Jan 2024 14:35:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 559
IP address blocks: 192.47.244.0/22 maxlen: 22
192.47.248.0/23 maxlen: 23
134.21.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/8f7148-236d-4088-89e6-665995c62838/1/UxUwA3N9ePci25oo4iBD412Nhx4.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/8f7148-236d-4088-89e6-665995c62838/1/UxUwA3N9ePci25oo4iBD412Nhx4.mft
rsync://rpki.ripe.net/repository/DEFAULT/UxUwA3N9ePci25oo4iBD412Nhx4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:7e:5e:8d:95:7e:ef:b5:c4:42:8f:cc:bd:8f:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53153003737d78f722db9a28e22043e35d8d871e
Validity
Not Before: Jan 2 14:35:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbb16a22508020d5b15d7ce9ba0116b5872cecf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a5:2c:4a:3c:8b:22:6e:16:5f:50:2c:14:46:
92:8a:b1:e5:8a:51:b3:69:d1:0c:2d:cf:4b:38:5d:
8d:0e:dc:80:d4:a8:42:2b:46:83:dd:22:63:8f:03:
1c:1c:d6:41:6b:bc:a7:3f:8c:16:13:90:fb:a5:e0:
52:a5:18:71:9f:95:13:d6:59:c9:e7:a0:d4:cc:0d:
90:08:ec:b0:87:61:b3:1e:54:c7:52:c1:db:15:05:
3e:38:83:59:33:f4:8c:a8:e4:b8:ca:60:d4:98:b1:
34:89:ea:bd:10:c2:16:bf:ad:f0:91:84:b9:80:cc:
25:57:1b:f5:cf:5b:f0:d6:ba:ff:9e:12:1e:af:be:
e4:82:04:1e:41:23:b4:05:73:be:0d:9f:3d:06:5c:
61:e3:fb:d8:fc:a1:6c:d8:06:e6:f4:c1:0f:3c:25:
07:3b:90:73:58:03:f3:36:9e:56:bd:6e:2c:b1:d3:
41:f3:a3:c9:3c:4c:fb:2f:84:47:e3:d6:34:e2:5c:
bf:f0:77:2b:58:49:42:09:ba:af:d0:be:7b:01:93:
bf:a0:b3:68:bf:df:55:77:f4:7b:73:c0:b4:24:6f:
39:4e:72:34:4d:c5:f5:ab:3b:ce:5b:23:71:5e:75:
7a:73:c3:44:47:f5:9d:0f:99:60:06:03:f2:d1:cb:
4f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B1:6A:22:50:80:20:D5:B1:5D:7C:E9:BA:01:16:B5:87:2C:EC:F3
X509v3 Authority Key Identifier:
keyid:53:15:30:03:73:7D:78:F7:22:DB:9A:28:E2:20:43:E3:5D:8D:87:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UxUwA3N9ePci25oo4iBD412Nhx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/8f7148-236d-4088-89e6-665995c62838/1/u7FqIlCAINWxXXzpugEWtYcs7PM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/8f7148-236d-4088-89e6-665995c62838/1/UxUwA3N9ePci25oo4iBD412Nhx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.21.0.0/16
192.47.244.0-192.47.249.255
Signature Algorithm: sha256WithRSAEncryption
5c:e2:c6:95:c7:62:83:4f:82:f1:05:c2:c2:aa:17:24:c6:98:
54:a6:77:36:c8:c6:6a:30:c8:42:81:17:fc:af:00:36:92:19:
1a:bc:fd:5d:7e:a0:c8:6d:65:94:16:25:12:4c:2d:c5:59:ba:
da:65:4f:33:b5:c4:70:a6:30:7c:85:6a:06:ac:a7:70:41:37:
e2:30:ea:26:1e:a8:d2:b5:4b:17:f9:c1:5a:69:d8:5c:39:19:
36:8f:ef:48:95:ca:27:ed:f8:09:e8:82:b0:50:dd:56:0a:06:
95:03:83:f8:a7:fd:3c:8e:90:e4:f5:94:b7:cd:2b:d0:72:85:
5c:54:dd:98:a3:36:22:ae:b7:79:c1:48:7f:2d:c7:c6:6f:73:
98:f0:a6:a1:6c:f0:0d:26:5e:77:88:48:e5:b0:9a:5b:55:fb:
b7:33:bf:47:6c:11:8a:81:81:ed:00:f1:cd:5b:db:64:e1:09:
f7:c5:cb:fa:60:eb:28:1e:a7:ff:4a:94:5d:ef:18:32:9c:25:
d8:54:e9:79:e4:4b:74:8c:12:61:01:76:c8:a2:16:ae:7c:38:
6c:67:d2:53:e0:f1:c8:49:b2:eb:89:f4:f5:3e:67:2e:14:fa:
e6:6c:21:25:b9:0b:9c:9e:62:c5:f5:dc:5c:f2:fc:04:2d:80:
fe:b1:a9:ef
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYzKmX5ejZV+77XEQo/MvY8KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMTUzMDAzNzM3ZDc4ZjcyMmRiOWEyOGUyMjA0M2UzNWQ4
ZDg3MWUwHhcNMjQwMTAyMTQzNTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmIxNmEyMjUwODAyMGQ1YjE1ZDdjZTliYTAxMTZiNTg3MmNlY2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqUsSjyLIm4WX1AsFEaSirHlilGz
adEMLc9LOF2NDtyA1KhCK0aD3SJjjwMcHNZBa7ynP4wWE5D7peBSpRhxn5UT1lnJ
56DUzA2QCOywh2GzHlTHUsHbFQU+OINZM/SMqOS4ymDUmLE0ieq9EMIWv63wkYS5
gMwlVxv1z1vw1rr/nhIer77kggQeQSO0BXO+DZ89Blxh4/vY/KFs2Abm9MEPPCUH
O5BzWAPzNp5WvW4ssdNB86PJPEz7L4RH49Y04ly/8HcrWElCCbqv0L57AZO/oLNo
v99Vd/R7c8C0JG85TnI0TcX1qzvOWyNxXnV6c8NER/WdD5lgBgPy0ctPBQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLuxaiJQgCDVsV186boBFrWHLOzzMB8GA1UdIwQY
MBaAFFMVMANzfXj3ItuaKOIgQ+NdjYceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXhVd0EzTjllUGNpMjVvbzRpQkQ0MTJOaHg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS84ZjcxNDgtMjM2ZC00MDg4LTg5ZTYt
NjY1OTk1YzYyODM4LzEvdTdGcUlsQ0FJTld4WFh6cHVnRVd0WWNzN1BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS84ZjcxNDgtMjM2ZC00MDg4LTg5ZTYtNjY1OTk1YzYyODM4
LzEvVXhVd0EzTjllUGNpMjVvbzRpQkQ0MTJOaHg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwMAhhUwDAME
AsAv9AMEAcAv+DANBgkqhkiG9w0BAQsFAAOCAQEAXOLGlcdig0+C8QXCwqoXJMaY
VKZ3NsjGajDIQoEX/K8ANpIZGrz9XX6gyG1llBYlEkwtxVm62mVPM7XEcKYwfIVq
BqyncEE34jDqJh6o0rVLF/nBWmnYXDkZNo/vSJXKJ+34CeiCsFDdVgoGlQOD+Kf9
PI6Q5PWUt80r0HKFXFTdmKM2Iq63ecFIfy3Hxm9zmPCmoWzwDSZed4hI5bCaW1X7
tzO/R2wRioGB7QDxzVvbZOEJ98XL+mDrKB6n/0qUXe8YMpwl2FTpeeRLdIwSYQF2
yKIWrnw4bGfSU+DxyEmy64n09T5nLhT65mwhJbkLnJ5ixfXcXPL8BC2A/rGp7w==
-----END CERTIFICATE-----
Generated at Fri Jun 7 21:49:38 2024 by rpki-client on console-fra.rpki-client.org