Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UlWcqtwHjVJlKzpgtEMJfJ8dxfY.roa
File: UlWcqtwHjVJlKzpgtEMJfJ8dxfY.roa (raw, json)
Hash identifier: 1oYt+/TQSZW+8/et4jmQKF8aXRfTMIFcr0fGf/odm6E=
Subject key identifier: 52:55:9C:AA:DC:07:8D:52:65:2B:3A:60:B4:43:09:7C:9F:1D:C5:F6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0192015743732EDC69CC5803306FDE1313A9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UlWcqtwHjVJlKzpgtEMJfJ8dxfY.roa
Signing time: Tue 17 Sep 2024 18:55:49 +0000
ROA not before: Tue 17 Sep 2024 18:55:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 193.124.203.0/24 maxlen: 24
194.87.29.0/24 maxlen: 24
194.87.77.0/24 maxlen: 24
194.87.85.0/24 maxlen: 24
194.87.189.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.26.0/24 maxlen: 24
195.133.28.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:01:57:43:73:2e:dc:69:cc:58:03:30:6f:de:13:13:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 17 18:55:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52559caadc078d52652b3a60b443097c9f1dc5f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:00:76:9f:bc:4a:ea:dd:c1:88:c5:18:bc:cd:
92:0a:3c:a4:c6:e5:10:4e:bc:b8:bb:99:18:4e:a5:
61:47:56:3e:84:59:d3:18:18:4d:97:7a:ee:39:77:
0f:1d:81:f3:55:89:4f:c7:86:48:b7:4c:0d:a3:e3:
d9:f0:68:ec:3d:0f:73:68:2f:8d:30:fc:e3:eb:cb:
70:93:ea:90:6c:55:7d:7a:06:94:b1:31:f2:08:4a:
aa:53:eb:e2:bd:ab:9c:1b:27:04:35:ff:7e:b0:44:
09:46:96:41:d7:02:3d:1f:b4:e3:be:e8:f8:73:ae:
5d:49:4c:71:37:a3:1e:fd:e8:76:94:6e:bf:56:5e:
94:f8:e6:b0:73:c6:3c:d1:1b:3d:8d:ed:43:86:06:
86:3f:2e:61:bd:c9:98:74:d5:b4:59:71:c0:d2:74:
9a:7a:e7:57:04:96:77:93:59:49:ee:a9:8d:84:22:
3c:b4:95:07:36:af:46:c4:e6:d7:52:27:22:97:91:
d9:3c:93:6e:3f:21:3c:7f:30:c2:35:89:2e:0e:31:
14:9a:43:d0:10:ab:c4:b3:ac:63:c1:1c:9e:a5:56:
6e:00:2f:0f:69:48:71:2e:e8:3a:25:c4:4a:70:56:
cb:b6:8e:c7:42:7b:c7:eb:42:4c:30:d6:eb:82:75:
d9:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:55:9C:AA:DC:07:8D:52:65:2B:3A:60:B4:43:09:7C:9F:1D:C5:F6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UlWcqtwHjVJlKzpgtEMJfJ8dxfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.203.0/24
194.87.29.0/24
194.87.77.0/24
194.87.85.0/24
194.87.189.0/24
195.133.2.0/24
195.133.18.0/24
195.133.26.0/24
195.133.28.0/24
212.192.246.0/24
212.192.248.0/24
Signature Algorithm: sha256WithRSAEncryption
57:a3:a9:9a:05:42:a1:bb:6c:f1:ef:2d:ed:19:8e:a1:76:09:
17:2e:47:ca:df:21:98:a2:c4:37:6b:83:a9:98:33:ce:fa:e3:
b4:97:60:0f:ed:c0:8e:59:6b:2c:f4:da:36:90:b5:b7:f1:19:
ba:bb:79:68:45:1d:64:fc:a5:e6:7a:3a:3b:8d:1c:df:0f:f6:
a5:be:31:83:ff:87:45:6d:8d:a5:3c:42:b4:ce:94:3d:6e:ee:
eb:04:52:7b:41:32:6c:46:86:37:62:7b:cf:55:c3:66:ea:76:
e3:6e:8e:42:80:c0:e3:45:b6:bf:7f:bf:0b:85:5c:70:cf:a2:
b9:a1:c0:45:19:3e:81:2d:fc:fe:a8:8f:5f:f4:e2:fc:83:af:
16:a0:47:1f:a0:91:c2:6a:fa:7a:42:51:bf:1f:25:30:67:28:
ef:34:fb:ab:e2:d5:05:fd:0b:dd:8c:a3:d4:7f:d9:a7:68:a3:
c9:54:88:43:b7:90:db:db:b4:27:e4:a4:5f:2a:99:97:bf:c9:
74:0b:62:33:0a:ab:9f:27:9b:41:15:56:8d:8f:1f:fc:4a:16:
3f:65:39:11:f4:02:f8:e5:40:a5:41:b0:bb:a0:7e:a8:8f:22:
e1:e3:1e:c5:e0:fc:be:7b:5e:f9:b9:10:4c:86:98:9a:67:ad:
9e:75:f3:ef
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZIBV0NzLtxpzFgDMG/eExOpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwOTE3MTg1NTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjU1OWNhYWRjMDc4ZDUyNjUyYjNhNjBiNDQzMDk3YzlmMWRjNWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAB2n7xK6t3BiMUYvM2SCjykxuUQ
Try4u5kYTqVhR1Y+hFnTGBhNl3ruOXcPHYHzVYlPx4ZIt0wNo+PZ8GjsPQ9zaC+N
MPzj68twk+qQbFV9egaUsTHyCEqqU+vivaucGycENf9+sEQJRpZB1wI9H7Tjvuj4
c65dSUxxN6Me/eh2lG6/Vl6U+Oawc8Y80Rs9je1DhgaGPy5hvcmYdNW0WXHA0nSa
eudXBJZ3k1lJ7qmNhCI8tJUHNq9GxObXUicil5HZPJNuPyE8fzDCNYkuDjEUmkPQ
EKvEs6xjwRyepVZuAC8PaUhxLug6JcRKcFbLto7HQnvH60JMMNbrgnXZOQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFFJVnKrcB41SZSs6YLRDCXyfHcX2MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVWxXY3F0d0hqVkpsS3pwZ3RFTUpmSjhkeGZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwXzLAwQA
wlcdAwQAwldNAwQAwldVAwQAwle9AwQAw4UCAwQAw4USAwQAw4UaAwQAw4UcAwQA
1MD2AwQA1MD4MA0GCSqGSIb3DQEBCwUAA4IBAQBXo6maBUKhu2zx7y3tGY6hdgkX
LkfK3yGYosQ3a4OpmDPO+uO0l2AP7cCOWWss9No2kLW38Rm6u3loRR1k/KXmejo7
jRzfD/alvjGD/4dFbY2lPEK0zpQ9bu7rBFJ7QTJsRoY3YnvPVcNm6nbjbo5CgMDj
Rba/f78LhVxwz6K5ocBFGT6BLfz+qI9f9OL8g68WoEcfoJHCavp6QlG/HyUwZyjv
NPur4tUF/QvdjKPUf9mnaKPJVIhDt5Db27Qn5KRfKpmXv8l0C2IzCqufJ5tBFVaN
jx/8ShY/ZTkR9AL45UClQbC7oH6ojyLh4x7F4Py+e175uRBMhpiaZ62edfPv
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:51:55 2024 by rpki-client on console-ams.rpki-client.org