Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/iUMLmj6hG_R8J-yMSdy_xDCJ2IA.roa
File: iUMLmj6hG_R8J-yMSdy_xDCJ2IA.roa (raw, json)
Hash identifier: qqMr0tQqmXPeASiTRsyS9v/BFkQBcoXOm8N61NI6rPc=
Subject key identifier: 89:43:0B:9A:3E:A1:1B:F4:7C:27:EC:8C:49:DC:BF:C4:30:89:D8:80
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 018CC649E4E66DA0FC5767B5C374E16D9539
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/iUMLmj6hG_R8J-yMSdy_xDCJ2IA.roa
Signing time: Mon 01 Jan 2024 18:29:40 +0000
ROA not before: Mon 01 Jan 2024 18:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197050
IP address blocks: 151.251.56.0/22 maxlen: 22
85.118.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:e4:e6:6d:a0:fc:57:67:b5:c3:74:e1:6d:95:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 1 18:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89430b9a3ea11bf47c27ec8c49dcbfc43089d880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:31:0c:d3:bf:c8:a9:fd:d3:87:20:e0:e9:49:
b3:40:83:c9:ad:59:1c:41:95:1a:7c:e4:d0:17:06:
62:21:9d:49:2c:c2:cd:0b:d1:03:ca:63:dd:80:2d:
d3:46:6c:85:f3:e8:2e:30:48:32:b1:46:6e:4f:df:
67:8c:69:fd:48:4d:0c:aa:68:b3:f0:40:92:e8:5e:
40:a1:e7:fd:cd:e9:12:3c:ec:d1:0a:4f:36:0d:c8:
70:46:5a:f8:4d:5e:20:28:03:b6:2c:97:a5:19:6c:
88:dd:9e:43:94:27:e2:e0:43:2a:1f:f3:13:a9:89:
68:d3:92:9e:45:3b:eb:4b:25:9d:e0:bd:5f:89:52:
22:44:54:18:9a:44:8c:1a:27:0f:1a:b1:7b:f1:ed:
ff:a3:c1:fa:85:c8:7a:26:84:02:e7:92:bb:0c:79:
c8:a7:df:97:cd:c0:6d:e6:0f:c7:81:dc:be:68:e0:
da:0f:6a:6a:3f:11:91:f2:e5:ec:4b:e0:5f:57:94:
72:58:db:00:41:ae:59:05:24:c4:17:ba:4a:d8:44:
39:5f:f1:5c:6d:6d:f1:93:d5:59:17:0a:eb:a6:c5:
d8:21:fe:28:ad:84:5b:b1:be:d8:f8:58:ca:55:f1:
55:2c:de:d7:4d:0b:a7:0a:ca:de:31:20:49:c4:30:
83:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:43:0B:9A:3E:A1:1B:F4:7C:27:EC:8C:49:DC:BF:C4:30:89:D8:80
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/iUMLmj6hG_R8J-yMSdy_xDCJ2IA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.91.0/24
151.251.56.0/22
Signature Algorithm: sha256WithRSAEncryption
20:3b:6b:86:49:5a:c7:af:67:62:37:23:db:e3:69:2b:d7:c9:
30:d0:17:94:a0:6f:9d:fc:03:aa:85:19:2e:da:be:e2:a4:00:
22:f3:2a:75:51:fe:0b:58:6b:ef:9e:25:93:dc:52:9a:95:1c:
36:9b:a3:38:75:37:05:2d:95:53:fb:5a:7c:66:0c:71:0e:d0:
3e:fd:65:c5:bf:42:e6:93:e3:e0:13:77:ab:bd:83:02:11:40:
be:81:01:e2:48:1a:37:64:b5:e1:34:44:53:cc:e3:f1:0a:4d:
7e:e0:af:99:1a:73:75:e5:ec:77:dd:75:e8:3d:46:9d:63:64:
30:ca:65:b7:c7:eb:c4:87:7f:c8:86:bd:02:88:75:38:36:a7:
eb:f4:3c:7e:df:55:f6:9e:cd:51:b2:76:69:a1:da:bd:a5:bd:
51:af:f1:55:53:1f:2b:af:21:1b:28:d7:fa:f1:53:66:24:72:
90:82:3c:b6:53:03:37:99:9d:18:53:7c:cf:19:86:48:24:ff:
4a:f9:fa:73:fb:93:3a:0d:6c:20:fc:ba:1b:c6:7d:44:1a:11:
db:27:d9:fd:fa:de:07:00:0d:ac:8d:0b:21:85:ab:08:63:21:
72:04:58:47:2f:18:8e:b3:69:a4:6d:91:a0:16:a4:95:47:c6:
fa:da:fe:44
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGSeTmbaD8V2e1w3ThbZU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjQwMTAxMTgyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTQzMGI5YTNlYTExYmY0N2MyN2VjOGM0OWRjYmZjNDMwODlkODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzEM07/Iqf3ThyDg6UmzQIPJrVkc
QZUafOTQFwZiIZ1JLMLNC9EDymPdgC3TRmyF8+guMEgysUZuT99njGn9SE0Mqmiz
8ECS6F5Aoef9zekSPOzRCk82DchwRlr4TV4gKAO2LJelGWyI3Z5DlCfi4EMqH/MT
qYlo05KeRTvrSyWd4L1fiVIiRFQYmkSMGicPGrF78e3/o8H6hch6JoQC55K7DHnI
p9+XzcBt5g/Hgdy+aODaD2pqPxGR8uXsS+BfV5RyWNsAQa5ZBSTEF7pK2EQ5X/Fc
bW3xk9VZFwrrpsXYIf4orYRbsb7Y+FjKVfFVLN7XTQunCsreMSBJxDCDXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIlDC5o+oRv0fCfsjEncv8QwidiAMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvaVVNTG1qNmhHX1I4Si15TVNkeV94RENKMklBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVXZbAwQC
l/s4MA0GCSqGSIb3DQEBCwUAA4IBAQAgO2uGSVrHr2diNyPb42kr18kw0BeUoG+d
/AOqhRku2r7ipAAi8yp1Uf4LWGvvniWT3FKalRw2m6M4dTcFLZVT+1p8ZgxxDtA+
/WXFv0Lmk+PgE3ervYMCEUC+gQHiSBo3ZLXhNERTzOPxCk1+4K+ZGnN15ex33XXo
PUadY2QwymW3x+vEh3/Ihr0CiHU4Nqfr9Dx+31X2ns1RsnZpodq9pb1Rr/FVUx8r
ryEbKNf68VNmJHKQgjy2UwM3mZ0YU3zPGYZIJP9K+fpz+5M6DWwg/Lobxn1EGhHb
J9n9+t4HAA2sjQshhasIYyFyBFhHLxiOs2mkbZGgFqSVR8b62v5E
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:39:05 2024 by rpki-client on console-fra.rpki-client.org