Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/Uq1ok9LYmA4NnElZMshQiuKoyws.roa
File: Uq1ok9LYmA4NnElZMshQiuKoyws.roa (raw, json)
Hash identifier: VngKxDpG8U+e5Kj2jV3S6RjmGvGG9Ael7AsI/zgum14=
Subject key identifier: 52:AD:68:93:D2:D8:98:0E:0D:9C:49:59:32:C8:50:8A:E2:A8:CB:0B
Certificate issuer: /CN=8dff1b0ce9f486a67e63d3f0d0e688a24f700c7c
Certificate serial: 018F531B6A8A955745F5728FF32C73D70DF9
Authority key identifier: 8D:FF:1B:0C:E9:F4:86:A6:7E:63:D3:F0:D0:E6:88:A2:4F:70:0C:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/Uq1ok9LYmA4NnElZMshQiuKoyws.roa
Signing time: Tue 07 May 2024 12:50:56 +0000
ROA not before: Tue 07 May 2024 12:50:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 91.209.254.0/24 maxlen: 24
91.221.58.0/24 maxlen: 24
91.221.59.0/24 maxlen: 24
185.156.84.0/24 maxlen: 24
185.156.85.0/24 maxlen: 24
185.156.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 09:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:53:1b:6a:8a:95:57:45:f5:72:8f:f3:2c:73:d7:0d:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dff1b0ce9f486a67e63d3f0d0e688a24f700c7c
Validity
Not Before: May 7 12:50:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52ad6893d2d8980e0d9c495932c8508ae2a8cb0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4b:57:66:14:0f:f8:11:0f:c5:9b:ee:42:3d:
69:ae:97:d1:54:51:a9:27:d1:6a:0b:ba:87:dc:23:
98:ed:06:63:e6:35:07:51:4e:20:01:57:d3:a4:f9:
0b:f8:38:0e:53:79:a0:27:cf:a2:6f:3d:85:68:c0:
63:90:83:a8:ca:49:4a:96:ea:1a:6f:59:27:3a:62:
3b:c1:77:3d:ca:98:f9:79:ed:69:8f:74:80:b7:70:
a3:84:3f:9a:63:e9:9f:7b:5e:41:b8:79:61:0b:16:
d0:cb:18:a1:fe:46:b6:59:39:fa:ec:a3:db:a7:c7:
e2:7b:15:2e:27:c8:38:b1:b8:c3:af:15:eb:79:62:
75:cf:cc:d7:c9:67:f4:10:0f:d7:f5:b0:8a:22:1d:
dd:17:36:f6:3b:bb:e7:39:bf:d4:1d:b4:2e:12:1b:
7e:57:41:0b:06:48:77:b2:79:38:dc:4f:2d:ab:2d:
17:d0:ec:08:ae:54:9c:c4:7f:2b:21:70:19:13:22:
97:c7:9c:10:f3:45:aa:f8:44:f0:79:a7:fe:ac:e8:
94:aa:35:e7:f7:1f:96:d1:a7:75:d2:58:09:60:0c:
94:65:db:7a:41:20:58:95:7e:75:eb:f4:6b:a7:f5:
a0:c4:4e:27:1e:9d:86:d8:9f:72:ad:97:d7:07:f7:
8f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:AD:68:93:D2:D8:98:0E:0D:9C:49:59:32:C8:50:8A:E2:A8:CB:0B
X509v3 Authority Key Identifier:
keyid:8D:FF:1B:0C:E9:F4:86:A6:7E:63:D3:F0:D0:E6:88:A2:4F:70:0C:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/Uq1ok9LYmA4NnElZMshQiuKoyws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.254.0/24
91.221.58.0/23
185.156.84.0-185.156.86.255
Signature Algorithm: sha256WithRSAEncryption
21:e7:2b:98:72:fa:74:9e:96:3a:3d:77:c5:79:be:ae:04:87:
a8:8e:40:cf:d3:63:1b:80:91:b7:78:56:97:d4:5e:f6:2c:98:
75:87:e2:1f:21:12:3c:96:51:35:10:20:61:d4:1b:d9:9e:fc:
d6:51:80:54:50:43:18:d0:03:96:64:c2:14:d3:e4:f3:92:0f:
ad:db:99:a5:e2:7c:d0:33:c9:0c:fc:bf:bb:9d:21:61:17:d1:
f5:ac:d5:f4:1c:b5:96:8d:d6:b1:5e:13:7a:3b:65:cc:f0:05:
b7:07:2a:48:0e:75:68:b9:2b:8f:9b:ae:83:4a:2d:38:4d:fc:
3a:63:31:b1:27:6c:f9:a8:04:04:c5:97:9d:53:ad:ec:c5:47:
e9:9b:95:10:3d:2c:cb:8b:55:40:7f:3c:2d:67:3c:7c:45:70:
56:9d:a6:fa:df:32:ec:b3:29:5e:2d:56:9d:94:4f:0c:c2:f8:
35:88:00:a9:ef:0e:b7:41:4c:3e:99:7d:ba:51:b8:d1:6d:60:
b3:c3:80:bd:d8:21:9a:48:fd:fd:31:bb:66:fc:9a:00:90:97:
4f:cd:bb:c1:20:b9:07:d1:df:67:1c:d6:5c:66:ba:83:af:f6:
66:37:35:00:88:5c:58:30:68:01:67:ff:77:3d:1f:e9:9a:63:
93:df:dc:e5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY9TG2qKlVdF9XKP8yxz1w35MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkZmYxYjBjZTlmNDg2YTY3ZTYzZDNmMGQwZTY4OGEyNGY3
MDBjN2MwHhcNMjQwNTA3MTI1MDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmFkNjg5M2QyZDg5ODBlMGQ5YzQ5NTkzMmM4NTA4YWUyYThjYjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEtXZhQP+BEPxZvuQj1prpfRVFGp
J9FqC7qH3COY7QZj5jUHUU4gAVfTpPkL+DgOU3mgJ8+ibz2FaMBjkIOoyklKluoa
b1knOmI7wXc9ypj5ee1pj3SAt3CjhD+aY+mfe15BuHlhCxbQyxih/ka2WTn67KPb
p8fiexUuJ8g4sbjDrxXreWJ1z8zXyWf0EA/X9bCKIh3dFzb2O7vnOb/UHbQuEht+
V0ELBkh3snk43E8tqy0X0OwIrlScxH8rIXAZEyKXx5wQ80Wq+ETweaf+rOiUqjXn
9x+W0ad10lgJYAyUZdt6QSBYlX516/Rrp/WgxE4nHp2G2J9yrZfXB/ePPQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFKtaJPS2JgODZxJWTLIUIriqMsLMB8GA1UdIwQY
MBaAFI3/Gwzp9IamfmPT8NDmiKJPcAx8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamY4YkRPbjBocVotWTlQdzBPYUlvazl3REh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80YWY2NGEtNTdmOC00NjQzLTg3YmEt
ZDg3YjcwMjZhM2ZmLzEvVXExb2s5TFltQTRObkVsWk1zaFFpdUtveXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80YWY2NGEtNTdmOC00NjQzLTg3YmEtZDg3YjcwMjZhM2Zm
LzEvamY4YkRPbjBocVotWTlQdzBPYUlvazl3REh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW9H+AwQB
W906MAwDBAK5nFQDBAC5nFYwDQYJKoZIhvcNAQELBQADggEBACHnK5hy+nSeljo9
d8V5vq4Eh6iOQM/TYxuAkbd4VpfUXvYsmHWH4h8hEjyWUTUQIGHUG9me/NZRgFRQ
QxjQA5ZkwhTT5POSD63bmaXifNAzyQz8v7udIWEX0fWs1fQctZaN1rFeE3o7Zczw
BbcHKkgOdWi5K4+broNKLThN/DpjMbEnbPmoBATFl51TrezFR+mblRA9LMuLVUB/
PC1nPHxFcFadpvrfMuyzKV4tVp2UTwzC+DWIAKnvDrdBTD6ZfbpRuNFtYLPDgL3Y
IZpI/f0xu2b8mgCQl0/Nu8EguQfR32cc1lxmuoOv9mY3NQCIXFgwaAFn/3c9H+ma
Y5Pf3OU=
-----END CERTIFICATE-----
Generated at Sun Jun 23 19:10:21 2024 by rpki-client on console-fra.rpki-client.org