Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/cd90b9-fa88-4bd9-a7d5-22118b361490/1/U0ruj_EH38jOk5YCZgzjDARh5OI.roa
File: U0ruj_EH38jOk5YCZgzjDARh5OI.roa (raw, json)
Hash identifier: VO/D9+KHfDxStj69O4QIDtrXCYO6K9230fYfy19st5A=
Subject key identifier: 53:4A:EE:8F:F1:07:DF:C8:CE:93:96:02:66:0C:E3:0C:04:61:E4:E2
Certificate issuer: /CN=3ffc412721c0c6e7a4c5767ae98c4521def51501
Certificate serial: 018CC726F08150891830ED2B3F0A04993CB1
Authority key identifier: 3F:FC:41:27:21:C0:C6:E7:A4:C5:76:7A:E9:8C:45:21:DE:F5:15:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P_xBJyHAxuekxXZ66YxFId71FQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/cd90b9-fa88-4bd9-a7d5-22118b361490/1/U0ruj_EH38jOk5YCZgzjDARh5OI.roa
Signing time: Mon 01 Jan 2024 22:31:07 +0000
ROA not before: Mon 01 Jan 2024 22:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207307
IP address blocks: 91.205.159.0/24 maxlen: 24
2a05:b380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/cd90b9-fa88-4bd9-a7d5-22118b361490/1/P_xBJyHAxuekxXZ66YxFId71FQE.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/cd90b9-fa88-4bd9-a7d5-22118b361490/1/P_xBJyHAxuekxXZ66YxFId71FQE.mft
rsync://rpki.ripe.net/repository/DEFAULT/P_xBJyHAxuekxXZ66YxFId71FQE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 02:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:f0:81:50:89:18:30:ed:2b:3f:0a:04:99:3c:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ffc412721c0c6e7a4c5767ae98c4521def51501
Validity
Not Before: Jan 1 22:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=534aee8ff107dfc8ce939602660ce30c0461e4e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c6:55:e1:b2:7c:0a:81:66:19:44:37:5b:ab:
94:49:94:9d:6d:e9:87:3e:fb:ac:1f:1a:d3:24:7a:
ae:60:73:e6:51:4b:7d:be:95:32:ee:f0:87:da:58:
11:c2:15:e7:46:1c:90:63:b0:c8:4d:1c:39:ae:67:
93:9e:08:6d:a5:f9:88:57:a4:c1:30:07:f7:f0:fc:
e3:0b:23:44:29:b1:1e:b3:17:5c:21:05:17:5a:13:
8a:8b:53:b0:0b:ed:b3:0b:8a:83:b9:f8:9e:50:02:
91:7e:56:5a:d5:88:9a:b3:d2:f9:fc:e0:95:f5:28:
26:a9:9a:6b:f4:7c:4c:be:74:b7:b9:2c:67:df:0b:
00:8c:4b:ae:c1:a6:7d:51:46:f2:61:82:4e:ba:8d:
74:3f:f1:a0:49:26:c6:b0:c0:ab:a1:4d:27:cc:8b:
3d:af:7e:d1:1b:b4:e4:a5:4f:46:3d:6a:15:d8:80:
53:38:c3:98:a5:02:74:3c:68:f7:31:a4:28:ff:33:
5d:d7:54:8e:e7:08:70:10:33:0c:9a:25:04:f3:a7:
2a:b1:92:37:05:b3:69:7a:45:58:4c:98:59:cd:ed:
04:b4:fa:ad:58:49:9f:5d:63:05:e8:ab:16:63:dd:
b6:4c:4f:ce:17:3e:e2:c8:02:69:0f:da:47:4f:fc:
22:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:4A:EE:8F:F1:07:DF:C8:CE:93:96:02:66:0C:E3:0C:04:61:E4:E2
X509v3 Authority Key Identifier:
keyid:3F:FC:41:27:21:C0:C6:E7:A4:C5:76:7A:E9:8C:45:21:DE:F5:15:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P_xBJyHAxuekxXZ66YxFId71FQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cd90b9-fa88-4bd9-a7d5-22118b361490/1/U0ruj_EH38jOk5YCZgzjDARh5OI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cd90b9-fa88-4bd9-a7d5-22118b361490/1/P_xBJyHAxuekxXZ66YxFId71FQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.159.0/24
IPv6:
2a05:b380::/29
Signature Algorithm: sha256WithRSAEncryption
8b:06:4f:6b:e9:74:ce:c7:31:d1:29:8b:34:96:f3:b1:aa:af:
d7:c0:60:eb:75:fb:15:df:e5:8a:92:65:c1:7e:b4:c7:f7:63:
56:e2:5c:c1:c6:5b:ce:9c:c9:8b:eb:2e:a8:c5:51:b7:bb:d3:
04:bc:0a:f3:46:61:be:79:12:5e:c1:eb:1e:d1:a9:42:d5:a8:
97:47:7a:47:7a:63:f4:8e:57:d9:0a:24:f0:22:ef:51:0a:4c:
4d:0e:cc:5a:12:28:55:83:75:5d:bb:50:cf:ae:38:cb:98:37:
ef:17:63:07:00:38:a2:b4:5e:85:8d:7d:14:da:ed:9e:e0:41:
ad:95:a3:d6:6e:1a:20:64:6c:11:be:27:37:eb:fe:59:d4:13:
ec:e3:d7:e1:9c:89:3b:b0:b0:4f:8a:61:c0:ed:b8:f9:f8:c8:
98:0b:33:84:ce:67:5c:7a:ca:2e:12:6b:70:d1:ab:40:d3:86:
1e:69:ce:0a:a5:a8:ae:92:18:fd:e8:de:c1:a3:c3:e5:29:02:
7b:03:fc:3a:af:0f:28:6f:30:61:ed:23:8f:0d:24:65:b2:5b:
53:4b:6e:46:9f:17:ad:ea:a2:09:d9:3b:07:38:87:96:d2:5e:
c4:2a:b3:a0:32:c1:92:8b:83:45:86:8f:d4:fe:74:12:71:63:
31:10:75:a0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJvCBUIkYMO0rPwoEmTyxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZmM0MTI3MjFjMGM2ZTdhNGM1NzY3YWU5OGM0NTIxZGVm
NTE1MDEwHhcNMjQwMTAxMjIzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzRhZWU4ZmYxMDdkZmM4Y2U5Mzk2MDI2NjBjZTMwYzA0NjFlNGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8ZV4bJ8CoFmGUQ3W6uUSZSdbemH
PvusHxrTJHquYHPmUUt9vpUy7vCH2lgRwhXnRhyQY7DITRw5rmeTnghtpfmIV6TB
MAf38PzjCyNEKbEesxdcIQUXWhOKi1OwC+2zC4qDufieUAKRflZa1Yias9L5/OCV
9SgmqZpr9HxMvnS3uSxn3wsAjEuuwaZ9UUbyYYJOuo10P/GgSSbGsMCroU0nzIs9
r37RG7TkpU9GPWoV2IBTOMOYpQJ0PGj3MaQo/zNd11SO5whwEDMMmiUE86cqsZI3
BbNpekVYTJhZze0EtPqtWEmfXWMF6KsWY922TE/OFz7iyAJpD9pHT/wi8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFNK7o/xB9/IzpOWAmYM4wwEYeTiMB8GA1UdIwQY
MBaAFD/8QSchwMbnpMV2eumMRSHe9RUBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUF94Qkp5SEF4dWVreFhaNjZZeEZJZDcxRlFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jZDkwYjktZmE4OC00YmQ5LWE3ZDUt
MjIxMThiMzYxNDkwLzEvVTBydWpfRUgzOGpPazVZQ1pnempEQVJoNU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jZDkwYjktZmE4OC00YmQ5LWE3ZDUtMjIxMThiMzYxNDkw
LzEvUF94Qkp5SEF4dWVreFhaNjZZeEZJZDcxRlFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW82fMA0E
AgACMAcDBQMqBbOAMA0GCSqGSIb3DQEBCwUAA4IBAQCLBk9r6XTOxzHRKYs0lvOx
qq/XwGDrdfsV3+WKkmXBfrTH92NW4lzBxlvOnMmL6y6oxVG3u9MEvArzRmG+eRJe
wese0alC1aiXR3pHemP0jlfZCiTwIu9RCkxNDsxaEihVg3Vdu1DPrjjLmDfvF2MH
ADiitF6FjX0U2u2e4EGtlaPWbhogZGwRvic36/5Z1BPs49fhnIk7sLBPimHA7bj5
+MiYCzOEzmdcesouEmtw0atA04Yeac4Kpaiukhj96N7Bo8PlKQJ7A/w6rw8obzBh
7SOPDSRlsltTS25Gnxet6qIJ2TsHOIeW0l7EKrOgMsGSi4NFho/U/nQScWMxEHWg
-----END CERTIFICATE-----
Generated at Mon Jun 17 07:40:16 2024 by rpki-client on console-fra.rpki-client.org