Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2d0dae-d2bc-49d1-8115-34cb9d5c9432/1/U_qgnWi0VUCz5GmppvQTTylRtu8.roa
File: U_qgnWi0VUCz5GmppvQTTylRtu8.roa (raw, json)
Hash identifier: vxJDE0h3cQr1TLK854RcqGpp8APLWKJupNhLnvlHwtM=
Subject key identifier: 53:FA:A0:9D:68:B4:55:40:B3:E4:69:A9:A6:F4:13:4F:29:51:B6:EF
Certificate issuer: /CN=1151a4811148f7d0598f5ff021dadd3a10e5f29c
Certificate serial: 018CCA99525FA2A8C1A46F6028695E0BA426
Authority key identifier: 11:51:A4:81:11:48:F7:D0:59:8F:5F:F0:21:DA:DD:3A:10:E5:F2:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EVGkgRFI99BZj1_wIdrdOhDl8pw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/2d0dae-d2bc-49d1-8115-34cb9d5c9432/1/U_qgnWi0VUCz5GmppvQTTylRtu8.roa
Signing time: Tue 02 Jan 2024 14:34:54 +0000
ROA not before: Tue 02 Jan 2024 14:34:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207593
IP address blocks: 194.36.120.0/24 maxlen: 24
194.36.19.0/24 maxlen: 24
194.35.187.0/24 maxlen: 24
194.36.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/2d0dae-d2bc-49d1-8115-34cb9d5c9432/1/EVGkgRFI99BZj1_wIdrdOhDl8pw.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/2d0dae-d2bc-49d1-8115-34cb9d5c9432/1/EVGkgRFI99BZj1_wIdrdOhDl8pw.mft
rsync://rpki.ripe.net/repository/DEFAULT/EVGkgRFI99BZj1_wIdrdOhDl8pw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:52:5f:a2:a8:c1:a4:6f:60:28:69:5e:0b:a4:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1151a4811148f7d0598f5ff021dadd3a10e5f29c
Validity
Not Before: Jan 2 14:34:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53faa09d68b45540b3e469a9a6f4134f2951b6ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:45:ee:a5:4b:0d:25:64:d5:22:14:07:be:83:
c9:fa:3d:ce:cb:c8:7f:e2:8b:1e:45:20:9f:91:cd:
43:b6:7e:b8:ec:48:7f:af:29:fb:1d:53:ce:35:34:
7b:41:c3:96:24:88:c3:17:fa:f1:d9:bd:e3:a4:4f:
ed:39:4d:4b:46:91:ba:0b:7b:ad:89:41:d3:9a:63:
a2:b8:30:30:1e:be:5c:1c:30:81:d1:b8:c0:1e:fd:
dd:55:2c:59:fd:a4:bf:4a:ed:08:95:90:68:b3:7e:
91:53:6e:0f:3c:42:23:38:3c:65:78:ec:13:76:66:
98:e9:60:e4:52:d7:d2:49:a3:9d:89:14:6d:0b:1a:
b1:4a:48:35:ed:7b:3a:ac:19:6d:94:f5:6a:71:3f:
ca:ae:ae:be:bb:8a:e7:66:99:cd:b3:2b:0d:de:bc:
32:a2:31:00:52:49:3f:d3:d4:29:92:86:b6:de:cd:
ec:2d:e4:cf:b2:66:8f:6d:cf:c9:2b:45:66:df:74:
3c:04:be:ae:ff:6f:70:70:ae:96:d6:63:cb:bd:78:
c9:a8:cf:4f:8a:44:22:c5:d0:69:84:db:20:c0:38:
81:c1:8a:c2:53:ca:6d:40:f5:5c:d5:d0:17:31:d9:
ca:5b:c7:91:33:7b:d1:07:a4:72:9d:91:60:a0:2c:
a9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:FA:A0:9D:68:B4:55:40:B3:E4:69:A9:A6:F4:13:4F:29:51:B6:EF
X509v3 Authority Key Identifier:
keyid:11:51:A4:81:11:48:F7:D0:59:8F:5F:F0:21:DA:DD:3A:10:E5:F2:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EVGkgRFI99BZj1_wIdrdOhDl8pw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2d0dae-d2bc-49d1-8115-34cb9d5c9432/1/U_qgnWi0VUCz5GmppvQTTylRtu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2d0dae-d2bc-49d1-8115-34cb9d5c9432/1/EVGkgRFI99BZj1_wIdrdOhDl8pw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.187.0/24
194.36.19.0/24
194.36.83.0/24
194.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:02:8d:bc:c0:ff:0e:fb:7a:b3:d7:05:b2:0d:b8:05:e8:2f:
17:93:70:c3:fd:0c:71:b0:84:15:81:0b:aa:ac:c0:7e:06:5c:
bb:14:0b:75:04:e7:54:4c:72:b6:39:64:6f:b3:60:6c:74:6a:
b3:d0:a3:4c:1e:bb:ab:4c:2e:91:be:b5:9f:4d:e9:fb:43:97:
08:ee:02:30:d2:99:6a:80:32:e9:78:46:9d:9a:48:3e:f6:53:
27:6c:bb:94:42:39:23:68:2d:9d:db:20:c7:64:e1:f0:3f:89:
62:6d:1a:70:dc:a1:e7:f1:1e:1d:a0:3d:de:f2:86:fc:b1:10:
1c:5f:07:83:1e:66:3f:20:52:eb:4c:e0:a1:c2:6c:df:fb:8d:
48:a3:9d:2e:a3:e1:74:9e:d6:04:ce:db:d1:90:41:e4:70:cd:
eb:8c:8e:6c:dc:d4:43:64:9c:5c:a3:ae:71:6c:77:0e:b3:7d:
50:c4:03:ec:d9:6c:ef:fc:07:34:d2:32:01:ea:a4:ca:44:a3:
8a:1a:77:f6:71:e9:42:62:0c:12:a9:51:87:9b:95:41:d2:aa:
c6:c9:22:90:79:1e:93:c9:96:ff:e7:e5:11:dc:23:17:bf:15:
36:76:6b:85:80:1a:e5:39:f4:60:de:fa:25:be:6e:eb:e4:eb:
28:d6:72:54
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKmVJfoqjBpG9gKGleC6QmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNTFhNDgxMTE0OGY3ZDA1OThmNWZmMDIxZGFkZDNhMTBl
NWYyOWMwHhcNMjQwMTAyMTQzNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2ZhYTA5ZDY4YjQ1NTQwYjNlNDY5YTlhNmY0MTM0ZjI5NTFiNmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkXupUsNJWTVIhQHvoPJ+j3Oy8h/
4oseRSCfkc1Dtn647Eh/ryn7HVPONTR7QcOWJIjDF/rx2b3jpE/tOU1LRpG6C3ut
iUHTmmOiuDAwHr5cHDCB0bjAHv3dVSxZ/aS/Su0IlZBos36RU24PPEIjODxleOwT
dmaY6WDkUtfSSaOdiRRtCxqxSkg17Xs6rBltlPVqcT/Krq6+u4rnZpnNsysN3rwy
ojEAUkk/09Qpkoa23s3sLeTPsmaPbc/JK0Vm33Q8BL6u/29wcK6W1mPLvXjJqM9P
ikQixdBphNsgwDiBwYrCU8ptQPVc1dAXMdnKW8eRM3vRB6RynZFgoCypEwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFP6oJ1otFVAs+Rpqab0E08pUbbvMB8GA1UdIwQY
MBaAFBFRpIERSPfQWY9f8CHa3ToQ5fKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVZHa2dSRkk5OUJaajFfd0lkcmRPaERsOHB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZDBkYWUtZDJiYy00OWQxLTgxMTUt
MzRjYjlkNWM5NDMyLzEvVV9xZ25XaTBWVUN6NUdtcHB2UVRUeWxSdHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZDBkYWUtZDJiYy00OWQxLTgxMTUtMzRjYjlkNWM5NDMy
LzEvRVZHa2dSRkk5OUJaajFfd0lkcmRPaERsOHB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwiO7AwQA
wiQTAwQAwiRTAwQAwiR4MA0GCSqGSIb3DQEBCwUAA4IBAQC0Ao28wP8O+3qz1wWy
DbgF6C8Xk3DD/QxxsIQVgQuqrMB+Bly7FAt1BOdUTHK2OWRvs2BsdGqz0KNMHrur
TC6RvrWfTen7Q5cI7gIw0plqgDLpeEadmkg+9lMnbLuUQjkjaC2d2yDHZOHwP4li
bRpw3KHn8R4doD3e8ob8sRAcXweDHmY/IFLrTOChwmzf+41Io50uo+F0ntYEztvR
kEHkcM3rjI5s3NRDZJxco65xbHcOs31QxAPs2Wzv/Ac00jIB6qTKRKOKGnf2celC
YgwSqVGHm5VB0qrGySKQeR6TyZb/5+UR3CMXvxU2dmuFgBrlOfRg3volvm7r5Oso
1nJU
-----END CERTIFICATE-----
Generated at Sat May 11 07:55:21 2024 by rpki-client on console-ams.rpki-client.org