Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/ULJtMRgDd-oHJH-f_0FYyTlOkug.roa
File: ULJtMRgDd-oHJH-f_0FYyTlOkug.roa (raw, json)
Hash identifier: NFdy1s4+ciPhgw3NjEEdQN8tNw5qVvcp9aCxpkcXs8Y=
Subject key identifier: 50:B2:6D:31:18:03:77:EA:07:24:7F:9F:FF:41:58:C9:39:4E:92:E8
Certificate issuer: /CN=aedc8f327a461964c0a87a9c7809401c57c86d41
Certificate serial: 0190589FAF3C9E7189B271D00B6D4B018D1A
Authority key identifier: AE:DC:8F:32:7A:46:19:64:C0:A8:7A:9C:78:09:40:1C:57:C8:6D:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtyPMnpGGWTAqHqceAlAHFfIbUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/ULJtMRgDd-oHJH-f_0FYyTlOkug.roa
Signing time: Thu 27 Jun 2024 07:36:18 +0000
ROA not before: Thu 27 Jun 2024 07:36:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61189
IP address blocks: 85.194.200.0/22 maxlen: 22
85.194.201.0/24 maxlen: 24
185.7.252.0/22 maxlen: 22
185.7.252.0/23 maxlen: 23
185.7.254.0/23 maxlen: 23
2a03:29c0::/32 maxlen: 32
2a03:29c0:1000::/36 maxlen: 36
2a03:29c0:2000::/36 maxlen: 36
2a03:29c0:8000::/33 maxlen: 33
2a03:29c0:a000::/35 maxlen: 35
2a03:29c0:f1ff::/48 maxlen: 48
2a03:29c0:fffe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/rtyPMnpGGWTAqHqceAlAHFfIbUE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/rtyPMnpGGWTAqHqceAlAHFfIbUE.mft
rsync://rpki.ripe.net/repository/DEFAULT/rtyPMnpGGWTAqHqceAlAHFfIbUE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 07:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:58:9f:af:3c:9e:71:89:b2:71:d0:0b:6d:4b:01:8d:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aedc8f327a461964c0a87a9c7809401c57c86d41
Validity
Not Before: Jun 27 07:36:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50b26d31180377ea07247f9fff4158c9394e92e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a7:cf:7f:7c:45:09:44:56:ea:ff:e1:b3:61:
85:4c:99:a8:2a:0e:5e:58:49:9d:e9:0a:0b:2d:93:
61:17:87:b9:27:1b:49:f3:ec:05:65:b6:db:e1:8c:
b3:2b:77:08:97:9d:f4:f4:f8:03:ec:6a:f7:c1:da:
62:e5:18:28:2c:4c:ad:69:e6:f7:c9:26:38:1a:12:
12:6b:60:33:ff:c0:e6:1f:4b:79:dd:fe:2b:a6:53:
32:e8:75:43:7a:19:f0:1f:91:ab:da:cc:38:97:2f:
d2:62:1c:06:40:20:d8:c9:78:24:e6:9a:6d:ce:05:
aa:17:8d:b2:78:51:c2:94:28:20:4f:f1:d2:02:80:
70:99:7b:ca:a4:44:3a:9f:88:fe:a5:e1:83:20:1f:
b0:06:7f:78:9f:b4:38:8e:a8:ae:87:54:5c:46:c7:
15:32:cd:07:b7:ea:b4:98:10:91:68:93:29:7f:4e:
93:2d:69:b8:5f:21:3a:d1:91:fc:a1:b0:b4:8d:0e:
00:0c:eb:fa:5f:2a:14:bb:54:73:5b:f1:07:c4:cd:
07:25:dc:d0:87:24:86:3b:f9:a6:8d:e3:ce:7e:d7:
97:90:94:2e:bd:96:89:4d:b7:ee:d1:ff:ca:99:7a:
ae:64:87:ee:ef:74:f5:50:b0:0d:f9:94:78:50:c5:
11:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:B2:6D:31:18:03:77:EA:07:24:7F:9F:FF:41:58:C9:39:4E:92:E8
X509v3 Authority Key Identifier:
keyid:AE:DC:8F:32:7A:46:19:64:C0:A8:7A:9C:78:09:40:1C:57:C8:6D:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtyPMnpGGWTAqHqceAlAHFfIbUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/ULJtMRgDd-oHJH-f_0FYyTlOkug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/rtyPMnpGGWTAqHqceAlAHFfIbUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.194.200.0/22
185.7.252.0/22
IPv6:
2a03:29c0::/32
Signature Algorithm: sha256WithRSAEncryption
66:60:d8:85:d0:39:40:e6:cf:0b:4d:b9:8c:df:2f:43:2e:af:
bb:10:a2:d3:80:52:83:22:86:ce:e4:54:fb:13:1c:89:c8:81:
77:f9:69:25:6f:de:e3:c8:8d:44:5e:b7:90:87:ea:66:ff:aa:
b9:9b:be:c7:5b:51:df:e7:9f:77:84:72:08:67:dc:2b:70:fe:
c6:5e:e6:73:ce:37:e5:d7:c9:13:22:bf:aa:51:43:a7:a9:53:
77:24:36:33:f5:ef:86:96:12:4d:2d:6b:b3:76:a4:1d:97:a4:
60:c8:e2:49:d5:07:88:ce:26:4f:18:b1:f0:a2:ee:e9:ab:1a:
55:63:c5:c7:fb:6b:d4:b3:b0:8a:c0:a4:b4:19:49:7a:a9:96:
7d:fa:57:05:cb:ad:8c:8c:ce:20:ea:e0:f0:4b:db:6b:7e:3e:
5c:82:cd:6e:b0:fe:d6:1c:7d:f5:31:7b:52:ab:88:45:b8:9e:
49:09:47:f3:69:79:3c:db:f5:57:0e:58:2b:f3:61:e3:99:d3:
63:00:04:d9:9d:fe:8a:1d:ae:40:52:7a:54:72:a1:58:35:c0:
88:28:83:fa:f5:f0:92:88:84:83:e8:c8:1b:fc:43:04:ec:10:
f1:30:ae:40:fe:db:05:6c:cf:92:e2:e1:b2:3d:fb:1b:5c:49:
ac:7f:1b:05
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZBYn688nnGJsnHQC21LAY0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZGM4ZjMyN2E0NjE5NjRjMGE4N2E5Yzc4MDk0MDFjNTdj
ODZkNDEwHhcNMjQwNjI3MDczNjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGIyNmQzMTE4MDM3N2VhMDcyNDdmOWZmZjQxNThjOTM5NGU5MmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6fPf3xFCURW6v/hs2GFTJmoKg5e
WEmd6QoLLZNhF4e5JxtJ8+wFZbbb4YyzK3cIl5309PgD7Gr3wdpi5RgoLEytaeb3
ySY4GhISa2Az/8DmH0t53f4rplMy6HVDehnwH5Gr2sw4ly/SYhwGQCDYyXgk5ppt
zgWqF42yeFHClCggT/HSAoBwmXvKpEQ6n4j+peGDIB+wBn94n7Q4jqiuh1RcRscV
Ms0Ht+q0mBCRaJMpf06TLWm4XyE60ZH8obC0jQ4ADOv6XyoUu1RzW/EHxM0HJdzQ
hySGO/mmjePOfteXkJQuvZaJTbfu0f/KmXquZIfu73T1ULAN+ZR4UMURtQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFCybTEYA3fqByR/n/9BWMk5TpLoMB8GA1UdIwQY
MBaAFK7cjzJ6RhlkwKh6nHgJQBxXyG1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnR5UE1ucEdHV1RBcUhxY2VBbEFIRmZJYlVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iMGRjNTItNDE2ZS00YTAyLTg5OTMt
ZmJjNWExZTM4MmM1LzEvVUxKdE1SZ0RkLW9ISkgtZl8wRll5VGxPa3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iMGRjNTItNDE2ZS00YTAyLTg5OTMtZmJjNWExZTM4MmM1
LzEvcnR5UE1ucEdHV1RBcUhxY2VBbEFIRmZJYlVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCVcLIAwQC
uQf8MA0EAgACMAcDBQAqAynAMA0GCSqGSIb3DQEBCwUAA4IBAQBmYNiF0DlA5s8L
TbmM3y9DLq+7EKLTgFKDIobO5FT7ExyJyIF3+Wklb97jyI1EXreQh+pm/6q5m77H
W1Hf5593hHIIZ9wrcP7GXuZzzjfl18kTIr+qUUOnqVN3JDYz9e+GlhJNLWuzdqQd
l6RgyOJJ1QeIziZPGLHwou7pqxpVY8XH+2vUs7CKwKS0GUl6qZZ9+lcFy62MjM4g
6uDwS9trfj5cgs1usP7WHH31MXtSq4hFuJ5JCUfzaXk82/VXDlgr82HjmdNjAATZ
nf6KHa5AUnpUcqFYNcCIKIP69fCSiISD6Mgb/EME7BDxMK5A/tsFbM+S4uGyPfsb
XEmsfxsF
-----END CERTIFICATE-----
Generated at Sun Jun 30 16:57:09 2024 by rpki-client on console-ams.rpki-client.org