Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/0a0078-648f-4360-94c7-0d6dcb0ecfcf/1/UOnU-Cf6uXbk45GlxOlIKdrTKEw.roa
File: UOnU-Cf6uXbk45GlxOlIKdrTKEw.roa (raw, json)
Hash identifier: /EXEuTDjFi7u17kQJp9sTuC+nJPnox7JaZc3e3Zt8FM=
Subject key identifier: 50:E9:D4:F8:27:FA:B9:76:E4:E3:91:A5:C4:E9:48:29:DA:D3:28:4C
Certificate issuer: /CN=403c7e85de49d7924ce50d3d6a9e52e9e9c2e312
Certificate serial: 018CC9BC2D9EB1F52D0CB5AFC974299530EA
Authority key identifier: 40:3C:7E:85:DE:49:D7:92:4C:E5:0D:3D:6A:9E:52:E9:E9:C2:E3:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QDx-hd5J15JM5Q09ap5S6enC4xI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/0a0078-648f-4360-94c7-0d6dcb0ecfcf/1/UOnU-Cf6uXbk45GlxOlIKdrTKEw.roa
Signing time: Tue 02 Jan 2024 10:33:21 +0000
ROA not before: Tue 02 Jan 2024 10:33:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58150
IP address blocks: 185.56.0.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/0a0078-648f-4360-94c7-0d6dcb0ecfcf/1/QDx-hd5J15JM5Q09ap5S6enC4xI.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/0a0078-648f-4360-94c7-0d6dcb0ecfcf/1/QDx-hd5J15JM5Q09ap5S6enC4xI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QDx-hd5J15JM5Q09ap5S6enC4xI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:2d:9e:b1:f5:2d:0c:b5:af:c9:74:29:95:30:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=403c7e85de49d7924ce50d3d6a9e52e9e9c2e312
Validity
Not Before: Jan 2 10:33:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50e9d4f827fab976e4e391a5c4e94829dad3284c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:84:12:e0:cf:a0:cf:f3:3c:dd:fa:0b:f6:48:
81:f8:27:02:7c:c7:8a:b7:9e:33:97:b6:01:09:76:
c3:38:6c:f5:1f:0a:4a:3d:33:87:a8:48:79:42:a8:
f0:b3:83:ed:b1:be:36:b4:da:f1:ac:47:42:b3:70:
cc:e8:f8:ab:c6:2e:19:60:ee:c9:71:34:bf:34:cb:
95:2d:d5:2a:d0:b5:57:23:0a:91:a1:f7:89:03:3f:
1a:6e:38:f3:bc:9c:ff:21:2d:64:2a:8f:8b:2c:65:
13:b6:5b:81:ec:41:d5:d2:d5:aa:61:cd:3a:d7:5a:
6e:0c:39:1e:78:ee:4e:52:18:ed:b3:59:d6:65:1c:
45:79:2f:78:7e:96:85:0a:e7:5e:eb:72:1d:20:09:
f5:d6:7e:7e:c9:6d:31:0c:8a:75:22:db:52:b1:d1:
7b:0c:67:5f:c6:19:b1:09:6b:8b:01:16:3c:1a:ab:
10:b9:92:64:e5:85:e7:8a:a0:57:01:75:ba:94:6f:
a1:df:92:03:70:7c:92:78:a4:1b:29:93:ca:0b:51:
36:82:35:84:7f:bd:53:55:56:08:19:df:fe:a8:b4:
c8:3f:00:fa:de:10:c8:1e:ab:29:c1:77:74:e6:48:
64:42:8c:be:3c:89:c8:e0:5a:8f:6c:10:57:51:a0:
70:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:E9:D4:F8:27:FA:B9:76:E4:E3:91:A5:C4:E9:48:29:DA:D3:28:4C
X509v3 Authority Key Identifier:
keyid:40:3C:7E:85:DE:49:D7:92:4C:E5:0D:3D:6A:9E:52:E9:E9:C2:E3:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QDx-hd5J15JM5Q09ap5S6enC4xI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/0a0078-648f-4360-94c7-0d6dcb0ecfcf/1/UOnU-Cf6uXbk45GlxOlIKdrTKEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/0a0078-648f-4360-94c7-0d6dcb0ecfcf/1/QDx-hd5J15JM5Q09ap5S6enC4xI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.0.0/22
Signature Algorithm: sha256WithRSAEncryption
47:13:59:2d:54:43:85:09:da:05:be:94:55:d2:4b:66:2c:67:
b4:b7:d9:c0:78:35:53:50:bf:48:c7:63:07:47:45:74:62:aa:
c4:0a:b2:d2:65:53:21:30:c0:4f:d2:45:b8:0a:d3:33:a9:29:
58:ba:dc:e9:8d:bb:ce:e9:37:eb:d7:8b:01:bd:63:d2:16:63:
44:02:52:84:6f:99:f2:96:06:b7:f0:bb:a6:c0:6d:7e:3e:2f:
55:67:84:7e:8b:89:3d:87:a8:cd:6e:aa:6a:60:9e:4e:13:e5:
23:83:45:f9:08:c9:93:c6:96:94:92:5c:b4:ca:a8:4f:42:96:
98:25:51:f9:52:60:e1:c6:8e:56:02:ac:cd:77:38:f9:dd:20:
da:83:74:a9:a5:d3:a9:79:44:47:3b:63:07:e5:d3:6d:55:f4:
b0:ea:d2:10:70:25:54:d7:0b:49:ba:4a:51:e9:12:4a:12:b3:
f8:e5:de:00:c8:f9:72:1b:40:81:93:d0:af:6c:3a:91:85:83:
94:42:f6:80:e3:8b:89:e7:72:40:f1:d5:49:7c:e5:3c:b4:5c:
97:ff:fd:d6:3e:39:4c:ed:63:6f:dc:16:aa:d0:a1:c2:8f:7f:
45:bc:c9:61:e3:4f:69:de:a2:c0:af:b4:f2:30:b2:20:a3:bf:
66:34:74:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvC2esfUtDLWvyXQplTDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwM2M3ZTg1ZGU0OWQ3OTI0Y2U1MGQzZDZhOWU1MmU5ZTlj
MmUzMTIwHhcNMjQwMTAyMTAzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGU5ZDRmODI3ZmFiOTc2ZTRlMzkxYTVjNGU5NDgyOWRhZDMyODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoQS4M+gz/M83foL9kiB+CcCfMeK
t54zl7YBCXbDOGz1HwpKPTOHqEh5Qqjws4Ptsb42tNrxrEdCs3DM6Pirxi4ZYO7J
cTS/NMuVLdUq0LVXIwqRofeJAz8abjjzvJz/IS1kKo+LLGUTtluB7EHV0tWqYc06
11puDDkeeO5OUhjts1nWZRxFeS94fpaFCude63IdIAn11n5+yW0xDIp1IttSsdF7
DGdfxhmxCWuLARY8GqsQuZJk5YXniqBXAXW6lG+h35IDcHySeKQbKZPKC1E2gjWE
f71TVVYIGd/+qLTIPwD63hDIHqspwXd05khkQoy+PInI4FqPbBBXUaBweQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFDp1Pgn+rl25OORpcTpSCna0yhMMB8GA1UdIwQY
MBaAFEA8foXeSdeSTOUNPWqeUunpwuMSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUR4LWhkNUoxNUpNNVEwOWFwNVM2ZW5DNHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8wYTAwNzgtNjQ4Zi00MzYwLTk0Yzct
MGQ2ZGNiMGVjZmNmLzEvVU9uVS1DZjZ1WGJrNDVHbHhPbElLZHJUS0V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8wYTAwNzgtNjQ4Zi00MzYwLTk0YzctMGQ2ZGNiMGVjZmNm
LzEvUUR4LWhkNUoxNUpNNVEwOWFwNVM2ZW5DNHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTgAMA0G
CSqGSIb3DQEBCwUAA4IBAQBHE1ktVEOFCdoFvpRV0ktmLGe0t9nAeDVTUL9Ix2MH
R0V0YqrECrLSZVMhMMBP0kW4CtMzqSlYutzpjbvO6Tfr14sBvWPSFmNEAlKEb5ny
lga38LumwG1+Pi9VZ4R+i4k9h6jNbqpqYJ5OE+Ujg0X5CMmTxpaUkly0yqhPQpaY
JVH5UmDhxo5WAqzNdzj53SDag3SppdOpeURHO2MH5dNtVfSw6tIQcCVU1wtJukpR
6RJKErP45d4AyPlyG0CBk9CvbDqRhYOUQvaA44uJ53JA8dVJfOU8tFyX//3WPjlM
7WNv3Baq0KHCj39FvMlh409p3qLAr7TyMLIgo79mNHQg
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:43:43 2024 by rpki-client on console-fra.rpki-client.org