Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CUuZw-8kjrJUF2TJI7LktzKwqLY.roa
File: CUuZw-8kjrJUF2TJI7LktzKwqLY.roa (raw, json)
Hash identifier: ijwFkpVkCVJxmsdFGUwJ/WyOjwo7er0RSk+LalB5R9Q=
Subject key identifier: 09:4B:99:C3:EF:24:8E:B2:54:17:64:C9:23:B2:E4:B7:32:B0:A8:B6
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018F29CF87D4306389E5FE49D7E6A089BF84
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CUuZw-8kjrJUF2TJI7LktzKwqLY.roa
Signing time: Mon 29 Apr 2024 12:23:37 +0000
ROA not before: Mon 29 Apr 2024 12:23:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 85.254.29.0/24 maxlen: 24
85.254.178.0/23 maxlen: 23
159.148.131.0/24 maxlen: 24
159.148.169.0/24 maxlen: 24
159.148.177.0/24 maxlen: 24
185.27.92.0/24 maxlen: 24
185.27.93.0/24 maxlen: 24
185.27.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:29:cf:87:d4:30:63:89:e5:fe:49:d7:e6:a0:89:bf:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Apr 29 12:23:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=094b99c3ef248eb2541764c923b2e4b732b0a8b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e5:2a:ae:88:da:19:7b:5d:c6:51:82:94:92:
40:5f:32:62:53:c7:0d:b0:67:9d:03:65:b0:96:23:
8e:87:11:49:2a:94:d2:8e:52:19:1f:58:a1:47:c7:
51:51:ef:a1:8a:b4:6a:0a:29:15:2a:47:8b:20:60:
0b:48:c1:e5:d5:89:95:65:1c:34:ca:08:03:53:50:
b1:b9:4c:cd:ff:5d:6a:68:7f:23:fc:b7:eb:90:bf:
9d:06:7c:e7:e6:ac:6f:32:3f:97:f4:53:97:52:98:
d1:86:6e:12:3b:b6:b8:67:35:8d:54:c3:23:73:93:
53:06:17:cd:a8:b1:0e:04:93:a5:e3:b9:73:c3:57:
8c:09:d8:b9:0b:31:1b:8d:71:a1:cd:09:64:54:00:
aa:71:dc:5c:32:ff:03:5a:ec:1c:09:27:8d:b7:5a:
af:44:b8:ea:47:8d:95:ae:1e:3f:09:08:93:f6:c5:
ec:03:6a:de:68:5f:a1:c7:cc:8b:ff:27:c2:77:1b:
1e:96:33:6a:1e:ee:71:bc:e4:46:cb:7b:78:6a:25:
03:b8:86:67:2f:19:49:20:93:eb:11:c0:97:c6:1c:
a2:13:2f:d2:2c:7a:91:e1:eb:4c:13:93:33:18:3c:
fe:af:c3:df:05:ef:d0:70:e8:d2:20:d5:ca:77:15:
93:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:4B:99:C3:EF:24:8E:B2:54:17:64:C9:23:B2:E4:B7:32:B0:A8:B6
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CUuZw-8kjrJUF2TJI7LktzKwqLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.29.0/24
85.254.178.0/23
159.148.131.0/24
159.148.169.0/24
159.148.177.0/24
185.27.92.0/23
185.27.95.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:97:d9:7e:13:61:ad:e5:0f:3c:c1:92:18:f4:2d:ff:2b:b5:
c0:69:e6:d0:4b:25:05:9a:3f:65:a5:0b:3d:66:74:4d:17:4c:
0c:e7:44:c9:36:75:a1:3e:6a:ad:35:43:26:12:2a:de:42:43:
fc:6c:52:e6:d2:9a:13:f6:2a:52:df:dd:01:ee:ac:d1:dc:85:
aa:8b:90:c4:a2:92:e6:56:5d:6b:46:a8:33:25:53:81:16:56:
7e:0a:f5:e1:31:8d:c5:7b:bc:92:f2:13:ea:39:f9:7f:ff:20:
9c:f0:65:cb:2a:34:f7:17:6d:68:22:0e:34:47:ac:29:7b:46:
97:f0:f0:7e:c6:0d:48:82:45:5d:52:42:71:33:f4:f8:4e:fe:
81:a5:91:4f:33:de:79:31:c3:2a:ed:17:6d:92:91:66:4d:42:
c4:67:7c:60:82:ff:36:7b:25:9d:5b:47:2a:f3:3d:c1:1c:c6:
54:d7:9d:b4:59:52:b6:b4:f6:61:57:ba:d8:db:c0:78:18:1b:
65:28:30:91:54:0a:3d:b1:07:e0:19:84:10:50:68:87:a1:f1:
4d:be:6d:49:6c:9c:f9:a6:31:3b:0b:d9:07:79:17:6d:2d:c6:
66:e5:33:97:37:a3:16:f1:48:bb:da:a6:80:97:92:5d:f8:7e:
5e:5d:4d:3e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY8pz4fUMGOJ5f5J1+agib+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwNDI5MTIyMzM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTRiOTljM2VmMjQ4ZWIyNTQxNzY0YzkyM2IyZTRiNzMyYjBhOGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+UqrojaGXtdxlGClJJAXzJiU8cN
sGedA2WwliOOhxFJKpTSjlIZH1ihR8dRUe+hirRqCikVKkeLIGALSMHl1YmVZRw0
yggDU1CxuUzN/11qaH8j/LfrkL+dBnzn5qxvMj+X9FOXUpjRhm4SO7a4ZzWNVMMj
c5NTBhfNqLEOBJOl47lzw1eMCdi5CzEbjXGhzQlkVACqcdxcMv8DWuwcCSeNt1qv
RLjqR42Vrh4/CQiT9sXsA2reaF+hx8yL/yfCdxseljNqHu5xvORGy3t4aiUDuIZn
LxlJIJPrEcCXxhyiEy/SLHqR4etME5MzGDz+r8PfBe/QcOjSINXKdxWTLwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAlLmcPvJI6yVBdkySOy5LcysKi2MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvQ1V1WnctOGtqckpVRjJUSkk3TGt0ekt3cUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVf4dAwQB
Vf6yAwQAn5SDAwQAn5SpAwQAn5SxAwQBuRtcAwQAuRtfMA0GCSqGSIb3DQEBCwUA
A4IBAQBMl9l+E2Gt5Q88wZIY9C3/K7XAaebQSyUFmj9lpQs9ZnRNF0wM50TJNnWh
PmqtNUMmEireQkP8bFLm0poT9ipS390B7qzR3IWqi5DEopLmVl1rRqgzJVOBFlZ+
CvXhMY3Fe7yS8hPqOfl//yCc8GXLKjT3F21oIg40R6wpe0aX8PB+xg1IgkVdUkJx
M/T4Tv6BpZFPM955McMq7RdtkpFmTULEZ3xggv82eyWdW0cq8z3BHMZU1520WVK2
tPZhV7rY28B4GBtlKDCRVAo9sQfgGYQQUGiHofFNvm1JbJz5pjE7C9kHeRdtLcZm
5TOXN6MW8Ui72qaAl5Jd+H5eXU0+
-----END CERTIFICATE-----
Generated at Sun Jun 2 09:23:51 2024 by rpki-client on console-ams.rpki-client.org