Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d95566-c6ff-4cc5-b93c-6417707517d6/1/UGjGolH12_x3cCDDDs-wfhhaN4U.roa
File: UGjGolH12_x3cCDDDs-wfhhaN4U.roa (raw, json)
Hash identifier: FV6D5mk0nwiH6BRySmQ169aN1Z1SEVl4Kc/yfJEULos=
Subject key identifier: 50:68:C6:A2:51:F5:DB:FC:77:70:20:C3:0E:CF:B0:7E:18:5A:37:85
Certificate issuer: /CN=60e10a1c66a0e60024abab62d332682c713aa347
Certificate serial: 0194975AA08E82FCFC19BDAA6A12BA2902E2
Authority key identifier: 60:E1:0A:1C:66:A0:E6:00:24:AB:AB:62:D3:32:68:2C:71:3A:A3:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOEKHGag5gAkq6ti0zJoLHE6o0c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d95566-c6ff-4cc5-b93c-6417707517d6/1/UGjGolH12_x3cCDDDs-wfhhaN4U.roa
Signing time: Fri 24 Jan 2025 08:08:06 +0000
ROA not before: Fri 24 Jan 2025 08:08:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41454
IP address blocks: 89.18.32.0/23 maxlen: 23
89.18.34.0/24 maxlen: 24
89.18.35.0/24 maxlen: 24
89.18.36.0/22 maxlen: 22
89.18.40.0/23 maxlen: 23
89.18.42.0/24 maxlen: 24
89.18.43.0/24 maxlen: 24
89.18.44.0/22 maxlen: 22
89.18.48.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/d95566-c6ff-4cc5-b93c-6417707517d6/1/YOEKHGag5gAkq6ti0zJoLHE6o0c.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/d95566-c6ff-4cc5-b93c-6417707517d6/1/YOEKHGag5gAkq6ti0zJoLHE6o0c.mft
rsync://rpki.ripe.net/repository/DEFAULT/YOEKHGag5gAkq6ti0zJoLHE6o0c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:97:5a:a0:8e:82:fc:fc:19:bd:aa:6a:12:ba:29:02:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60e10a1c66a0e60024abab62d332682c713aa347
Validity
Not Before: Jan 24 08:08:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5068c6a251f5dbfc777020c30ecfb07e185a3785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:bd:c4:22:9e:61:00:51:ad:16:3a:c4:87:a7:
b7:ba:70:e5:65:96:b3:5e:22:dd:b9:66:50:25:5f:
f4:6e:3e:15:dc:48:75:74:59:f0:b7:8c:26:05:17:
bf:36:88:ac:80:06:52:9c:12:b9:0d:d2:8f:3f:bc:
e6:fa:7d:3d:f1:a2:c8:1e:9d:58:41:2c:86:b9:83:
98:47:aa:8e:30:80:9b:3c:c3:72:f3:20:5a:93:4b:
71:60:b3:0d:7e:42:bf:96:c9:5b:e2:24:5d:9a:cc:
a8:f8:dc:99:2d:72:80:3d:ff:20:11:d2:40:95:4a:
2c:4d:6c:6f:7e:ab:fd:a1:08:f7:4b:66:4b:d7:01:
22:6e:80:67:60:c6:d8:b4:3e:16:82:bc:97:72:6c:
e7:dc:be:7b:f4:8e:58:f3:6b:7d:75:82:74:28:f0:
79:f6:95:80:42:f6:ea:4d:b3:98:3d:51:fb:43:4c:
dc:61:3e:ba:be:b2:92:6c:7a:98:63:34:44:47:02:
53:1e:0c:c3:0e:06:ea:80:68:29:81:25:78:bc:9b:
86:ec:fe:e0:0f:66:fd:10:0f:6d:01:a2:b2:ce:28:
2b:e4:f5:da:b4:5d:ff:9c:c5:2c:4f:56:a3:33:73:
e7:a7:50:43:6d:67:5c:82:c6:f3:24:41:6e:e6:d8:
3a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:68:C6:A2:51:F5:DB:FC:77:70:20:C3:0E:CF:B0:7E:18:5A:37:85
X509v3 Authority Key Identifier:
keyid:60:E1:0A:1C:66:A0:E6:00:24:AB:AB:62:D3:32:68:2C:71:3A:A3:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOEKHGag5gAkq6ti0zJoLHE6o0c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d95566-c6ff-4cc5-b93c-6417707517d6/1/UGjGolH12_x3cCDDDs-wfhhaN4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d95566-c6ff-4cc5-b93c-6417707517d6/1/YOEKHGag5gAkq6ti0zJoLHE6o0c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.18.32.0-89.18.51.255
Signature Algorithm: sha256WithRSAEncryption
1a:e6:ec:b9:3a:1e:71:61:ad:2c:10:dc:27:7e:3e:43:51:72:
a5:f0:d5:e7:a5:77:69:1d:a9:80:30:18:5d:e1:56:3d:35:35:
b0:1f:9a:ea:1e:14:27:bf:5c:8f:6f:d8:ec:a2:fa:0f:af:fb:
ac:6a:44:1a:5c:83:22:da:7f:66:b3:3b:85:de:1a:79:8f:e5:
3c:47:07:19:6f:1c:dd:d2:6c:1e:5d:1b:6a:f5:ea:f1:39:fc:
4b:7d:70:75:2f:e4:24:7e:cf:ce:1a:74:c4:c5:98:c7:50:f9:
36:57:dd:04:01:2d:6c:26:9f:a0:fb:a0:fa:67:2a:57:aa:7b:
69:9f:22:cf:9b:3a:86:3d:9d:f8:94:5b:b8:39:bf:96:0f:f8:
fe:f3:b9:77:24:73:74:ed:ef:dd:17:df:d7:c7:4d:49:6f:a9:
5f:b1:96:81:b5:ca:d5:3e:49:29:1f:7b:dd:b1:2a:61:34:00:
aa:e0:b0:89:77:b4:68:8c:b6:5d:53:fe:b7:e1:22:5c:bc:a6:
51:6c:72:f0:e7:ef:17:e8:71:83:c3:af:45:e8:2e:07:31:c5:
ca:b6:ab:3b:55:fb:62:3a:23:6c:b6:30:79:ad:c7:97:80:1d:
0f:e9:f0:3a:a9:0a:ba:34:0e:f2:da:40:20:ba:8b:85:d4:72:
b1:bb:aa:11
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZSXWqCOgvz8Gb2qahK6KQLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZTEwYTFjNjZhMGU2MDAyNGFiYWI2MmQzMzI2ODJjNzEz
YWEzNDcwHhcNMjUwMTI0MDgwODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDY4YzZhMjUxZjVkYmZjNzc3MDIwYzMwZWNmYjA3ZTE4NWEzNzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8b3EIp5hAFGtFjrEh6e3unDlZZaz
XiLduWZQJV/0bj4V3Eh1dFnwt4wmBRe/NoisgAZSnBK5DdKPP7zm+n098aLIHp1Y
QSyGuYOYR6qOMICbPMNy8yBak0txYLMNfkK/lslb4iRdmsyo+NyZLXKAPf8gEdJA
lUosTWxvfqv9oQj3S2ZL1wEiboBnYMbYtD4WgryXcmzn3L579I5Y82t9dYJ0KPB5
9pWAQvbqTbOYPVH7Q0zcYT66vrKSbHqYYzRERwJTHgzDDgbqgGgpgSV4vJuG7P7g
D2b9EA9tAaKyzigr5PXatF3/nMUsT1ajM3Pnp1BDbWdcgsbzJEFu5tg6qwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFBoxqJR9dv8d3Agww7PsH4YWjeFMB8GA1UdIwQY
MBaAFGDhChxmoOYAJKurYtMyaCxxOqNHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU9FS0hHYWc1Z0FrcTZ0aTB6Sm9MSEU2bzBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9kOTU1NjYtYzZmZi00Y2M1LWI5M2Mt
NjQxNzcwNzUxN2Q2LzEvVUdqR29sSDEyX3gzY0NERERzLXdmaGhhTjRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9kOTU1NjYtYzZmZi00Y2M1LWI5M2MtNjQxNzcwNzUxN2Q2
LzEvWU9FS0hHYWc1Z0FrcTZ0aTB6Sm9MSEU2bzBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVZEiAD
BAJZEjAwDQYJKoZIhvcNAQELBQADggEBABrm7Lk6HnFhrSwQ3Cd+PkNRcqXw1eel
d2kdqYAwGF3hVj01NbAfmuoeFCe/XI9v2Oyi+g+v+6xqRBpcgyLaf2azO4XeGnmP
5TxHBxlvHN3SbB5dG2r16vE5/Et9cHUv5CR+z84adMTFmMdQ+TZX3QQBLWwmn6D7
oPpnKleqe2mfIs+bOoY9nfiUW7g5v5YP+P7zuXckc3Tt790X39fHTUlvqV+xloG1
ytU+SSkfe92xKmE0AKrgsIl3tGiMtl1T/rfhIly8plFscvDn7xfocYPDr0XoLgcx
xcq2qztV+2I6I2y2MHmtx5eAHQ/p8DqpCro0DvLaQCC6i4XUcrG7qhE=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:06:59 2025 by rpki-client