Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/UDqj8Thysh7eCzxoFGEllmHJBUk.roa
File: UDqj8Thysh7eCzxoFGEllmHJBUk.roa (raw, json)
Hash identifier: O0vl8f1twjJFL1eKKqgofeMh1Q+QjdS5Z9DrWAxk+GE=
Subject key identifier: 50:3A:A3:F1:38:72:B2:1E:DE:0B:3C:68:14:61:25:96:61:C9:05:49
Certificate issuer: /CN=83d829263b3c5f63968037f9e863fd0fd01e7869
Certificate serial: 018CC94C9BEDE131526C55D6BEF7358B04A6
Authority key identifier: 83:D8:29:26:3B:3C:5F:63:96:80:37:F9:E8:63:FD:0F:D0:1E:78:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g9gpJjs8X2OWgDf56GP9D9AeeGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/UDqj8Thysh7eCzxoFGEllmHJBUk.roa
Signing time: Tue 02 Jan 2024 08:31:30 +0000
ROA not before: Tue 02 Jan 2024 08:31:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13274
IP address blocks: 195.42.249.0/24 maxlen: 24
185.210.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/g9gpJjs8X2OWgDf56GP9D9AeeGk.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/g9gpJjs8X2OWgDf56GP9D9AeeGk.mft
rsync://rpki.ripe.net/repository/DEFAULT/g9gpJjs8X2OWgDf56GP9D9AeeGk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 14:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:9b:ed:e1:31:52:6c:55:d6:be:f7:35:8b:04:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83d829263b3c5f63968037f9e863fd0fd01e7869
Validity
Not Before: Jan 2 08:31:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=503aa3f13872b21ede0b3c681461259661c90549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:81:99:63:2d:b7:94:f2:bd:e6:8d:a5:7f:02:
85:a3:3d:cd:01:54:d4:66:f8:27:07:d4:6f:2b:15:
2f:1e:0e:df:a6:74:2d:2c:67:94:e4:42:a5:2c:ec:
b3:f0:f6:f3:3e:80:ec:96:f4:29:1a:05:73:05:a0:
d0:76:44:a3:9e:5e:0a:26:e6:27:dd:94:27:b1:8b:
99:07:53:47:8a:18:2d:2c:7f:01:5d:e2:5e:03:35:
cf:f0:fc:f6:d8:fa:91:e0:eb:72:56:7f:bd:cf:c3:
11:90:eb:7a:c9:1d:ae:37:f6:29:71:75:d6:fa:a6:
9b:83:37:d4:af:2b:cd:29:5a:e7:d9:61:e0:02:d2:
03:41:de:ee:9e:dc:3e:78:43:da:02:ed:80:b3:0b:
d4:d1:16:ec:c8:52:b6:71:51:84:55:90:85:23:53:
6a:52:6a:e6:31:0f:b7:82:45:0d:07:97:10:eb:59:
a7:7b:32:e6:13:7b:4a:f5:4e:34:bf:cb:08:8b:7a:
99:2c:a5:27:3e:ae:64:5c:83:bd:8c:b0:7e:e7:a5:
19:5d:51:eb:0c:cc:f4:1a:2e:d7:97:fc:25:63:d2:
cc:be:ed:ac:c7:f2:b4:3c:9a:f0:15:62:2c:0a:05:
f7:d7:51:53:1a:f7:58:06:7b:d3:b7:7c:57:8a:e0:
50:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:3A:A3:F1:38:72:B2:1E:DE:0B:3C:68:14:61:25:96:61:C9:05:49
X509v3 Authority Key Identifier:
keyid:83:D8:29:26:3B:3C:5F:63:96:80:37:F9:E8:63:FD:0F:D0:1E:78:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g9gpJjs8X2OWgDf56GP9D9AeeGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/UDqj8Thysh7eCzxoFGEllmHJBUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/g9gpJjs8X2OWgDf56GP9D9AeeGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.158.0/24
195.42.249.0/24
Signature Algorithm: sha256WithRSAEncryption
54:2b:94:5b:2b:43:68:63:c4:60:85:65:19:c5:c3:b6:70:b4:
0e:16:2f:db:3e:d3:9d:04:b9:28:5c:f3:94:18:70:c2:37:2b:
e4:ad:4c:56:8c:3f:96:42:56:58:a0:82:4a:04:f6:ed:74:ba:
a5:0d:e6:81:30:32:48:95:4e:e5:bb:68:60:6b:79:cb:71:7c:
2b:0c:f0:e0:0f:0e:6a:91:6a:3e:43:7d:55:8e:48:43:50:fc:
cd:cb:6c:69:8b:a5:3b:4b:28:c3:7e:b5:7d:6c:c8:89:0a:9e:
e1:f9:68:02:e4:25:8c:bb:00:a2:f4:43:47:32:19:66:b0:16:
3a:a0:cb:00:57:c3:2f:fe:d5:19:25:9d:b9:87:e8:aa:68:ed:
17:d5:6b:c1:04:4c:b8:e1:3e:90:c9:f1:9f:17:ac:45:bd:5e:
9e:30:a0:5f:b8:06:0b:80:1d:ce:ac:4d:aa:7c:3a:21:00:d8:
df:d2:f3:fc:63:aa:71:99:53:37:42:2e:26:2f:95:ee:3b:b1:
9e:8e:0d:8a:37:76:b2:f7:a5:01:4f:78:9d:70:b0:ff:78:48:
c4:dd:67:57:b4:ce:9a:d4:d6:da:c1:cf:44:ea:c0:a1:f2:27:
38:d4:85:40:e8:65:ed:d1:75:cd:13:81:55:0c:b3:2e:84:84:
27:3b:df:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTJvt4TFSbFXWvvc1iwSmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZDgyOTI2M2IzYzVmNjM5NjgwMzdmOWU4NjNmZDBmZDAx
ZTc4NjkwHhcNMjQwMTAyMDgzMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDNhYTNmMTM4NzJiMjFlZGUwYjNjNjgxNDYxMjU5NjYxYzkwNTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4GZYy23lPK95o2lfwKFoz3NAVTU
ZvgnB9RvKxUvHg7fpnQtLGeU5EKlLOyz8PbzPoDslvQpGgVzBaDQdkSjnl4KJuYn
3ZQnsYuZB1NHihgtLH8BXeJeAzXP8Pz22PqR4OtyVn+9z8MRkOt6yR2uN/YpcXXW
+qabgzfUryvNKVrn2WHgAtIDQd7untw+eEPaAu2AswvU0RbsyFK2cVGEVZCFI1Nq
UmrmMQ+3gkUNB5cQ61mnezLmE3tK9U40v8sIi3qZLKUnPq5kXIO9jLB+56UZXVHr
DMz0Gi7Xl/wlY9LMvu2sx/K0PJrwFWIsCgX311FTGvdYBnvTt3xXiuBQcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFA6o/E4crIe3gs8aBRhJZZhyQVJMB8GA1UdIwQY
MBaAFIPYKSY7PF9jloA3+ehj/Q/QHnhpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzlncEpqczhYMk9XZ0RmNTZHUDlEOUFlZUdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hMzZhMjItNDk1NS00MDkwLTk3ZDYt
M2MzNGE4YzI4Y2ExLzEvVURxajhUaHlzaDdlQ3p4b0ZHRWxsbUhKQlVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hMzZhMjItNDk1NS00MDkwLTk3ZDYtM2MzNGE4YzI4Y2Ex
LzEvZzlncEpqczhYMk9XZ0RmNTZHUDlEOUFlZUdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudKeAwQA
wyr5MA0GCSqGSIb3DQEBCwUAA4IBAQBUK5RbK0NoY8RghWUZxcO2cLQOFi/bPtOd
BLkoXPOUGHDCNyvkrUxWjD+WQlZYoIJKBPbtdLqlDeaBMDJIlU7lu2hga3nLcXwr
DPDgDw5qkWo+Q31VjkhDUPzNy2xpi6U7SyjDfrV9bMiJCp7h+WgC5CWMuwCi9ENH
MhlmsBY6oMsAV8Mv/tUZJZ25h+iqaO0X1WvBBEy44T6QyfGfF6xFvV6eMKBfuAYL
gB3OrE2qfDohANjf0vP8Y6pxmVM3Qi4mL5XuO7Gejg2KN3ay96UBT3idcLD/eEjE
3WdXtM6a1Nbawc9E6sCh8ic41IVA6GXt0XXNE4FVDLMuhIQnO99M
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:08:55 2024 by rpki-client on console-ams.rpki-client.org