Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/c18105-d90f-442f-8b1d-c20de543c0df/1/UFre0V_mgoaojExqQJ5jLJyIG0E.roa
File: UFre0V_mgoaojExqQJ5jLJyIG0E.roa (raw, json)
Hash identifier: NajUrlThKruwlN+1sU1CPOLRek1vizaPK9Vra4UC2eU=
Subject key identifier: 50:5A:DE:D1:5F:E6:82:86:A8:8C:4C:6A:40:9E:63:2C:9C:88:1B:41
Certificate issuer: /CN=03d6a8a639f88aaf1f436d6a20b4177b38d390fc
Certificate serial: 0192B88240DCAE62C7228842872B6342766B
Authority key identifier: 03:D6:A8:A6:39:F8:8A:AF:1F:43:6D:6A:20:B4:17:7B:38:D3:90:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A9aopjn4iq8fQ21qILQXezjTkPw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/c18105-d90f-442f-8b1d-c20de543c0df/1/UFre0V_mgoaojExqQJ5jLJyIG0E.roa
Signing time: Wed 23 Oct 2024 08:33:16 +0000
ROA not before: Wed 23 Oct 2024 08:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2116
IP address blocks: 194.0.169.0/24 maxlen: 24
195.110.28.0/24 maxlen: 24
195.110.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/c18105-d90f-442f-8b1d-c20de543c0df/1/A9aopjn4iq8fQ21qILQXezjTkPw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/c18105-d90f-442f-8b1d-c20de543c0df/1/A9aopjn4iq8fQ21qILQXezjTkPw.mft
rsync://rpki.ripe.net/repository/DEFAULT/A9aopjn4iq8fQ21qILQXezjTkPw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b8:82:40:dc:ae:62:c7:22:88:42:87:2b:63:42:76:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03d6a8a639f88aaf1f436d6a20b4177b38d390fc
Validity
Not Before: Oct 23 08:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=505aded15fe68286a88c4c6a409e632c9c881b41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:cb:ef:ef:31:ab:28:91:1b:98:7a:85:6c:b9:
9c:09:cc:f7:16:57:5d:21:38:24:0a:23:17:35:fa:
38:7f:39:23:ac:d1:ef:12:8b:8c:3d:cc:5c:6f:51:
11:66:dc:d8:a7:f0:94:64:be:53:d2:c1:4e:9b:d7:
bb:d4:0d:bc:e5:e1:22:33:46:00:02:48:10:94:18:
09:cd:54:94:e2:34:ca:e3:56:95:21:90:fa:04:6c:
13:73:80:26:4b:18:29:71:3b:24:c0:d5:77:a7:29:
cb:86:6c:16:73:50:45:e2:8a:17:76:7c:11:ec:0f:
f0:5c:0e:75:a8:19:9f:a6:cf:51:94:99:02:9a:4c:
43:32:91:22:d0:b3:40:e1:0a:16:aa:f0:93:7b:30:
4b:37:90:aa:10:26:25:90:c3:f9:b5:c4:fb:4e:5d:
c5:6f:fa:ed:1a:cf:e4:81:bb:d0:9b:3d:f9:f3:0a:
12:eb:ee:7a:b0:83:82:73:b3:e9:70:6f:c3:a7:9f:
47:61:71:20:71:a8:46:5c:58:15:25:3c:0f:1f:45:
4b:56:8e:26:06:05:00:5b:c8:62:67:3b:57:93:09:
e0:7f:51:bb:8a:6a:53:55:3b:7a:cf:65:7b:1b:12:
94:9b:d1:92:39:9e:e7:b1:a7:ed:b4:c9:aa:a4:37:
72:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:5A:DE:D1:5F:E6:82:86:A8:8C:4C:6A:40:9E:63:2C:9C:88:1B:41
X509v3 Authority Key Identifier:
keyid:03:D6:A8:A6:39:F8:8A:AF:1F:43:6D:6A:20:B4:17:7B:38:D3:90:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A9aopjn4iq8fQ21qILQXezjTkPw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/c18105-d90f-442f-8b1d-c20de543c0df/1/UFre0V_mgoaojExqQJ5jLJyIG0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/c18105-d90f-442f-8b1d-c20de543c0df/1/A9aopjn4iq8fQ21qILQXezjTkPw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.169.0/24
195.110.28.0/23
Signature Algorithm: sha256WithRSAEncryption
70:ac:26:15:81:5e:da:cc:31:ec:5e:95:8f:ba:19:e3:9d:e8:
bc:ee:52:9f:57:71:8b:f9:61:86:86:81:52:ad:58:92:60:c0:
71:d1:5d:71:57:7b:cd:1f:47:fa:4e:45:19:f0:9d:fd:d9:f5:
ce:89:4b:08:8b:d0:2a:31:68:c2:11:8d:28:82:20:cc:fe:9c:
66:8b:45:78:e5:de:be:1c:1b:5e:0d:15:e3:ed:87:77:a5:48:
81:23:2b:56:c5:46:64:71:25:21:f5:3f:54:e0:69:b6:96:f5:
d9:67:da:48:e7:0b:2f:79:45:cf:4d:d9:6a:e4:9d:6c:38:37:
e2:18:f3:b0:80:30:15:3c:f6:d9:62:d3:d1:a7:8e:89:5a:79:
7a:e8:49:ab:45:b4:70:cf:c0:b7:d0:8d:61:65:53:09:ff:99:
08:42:1c:10:b6:45:c5:3d:1c:c8:c8:80:9e:fd:02:03:1f:1e:
73:16:5a:c4:22:ae:53:9c:4a:46:07:b4:79:1b:1a:1b:d9:18:
a9:4c:04:0a:d1:c2:ac:0a:b4:b5:e8:1f:fd:3b:c3:cb:53:39:
e5:70:86:ef:5f:67:59:79:ec:7f:0f:d9:af:45:da:6b:7e:40:
48:c2:4b:4a:93:bd:2e:df:97:07:fc:f0:b2:50:d1:d7:9d:05:
94:91:1d:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZK4gkDcrmLHIohChytjQnZrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZDZhOGE2MzlmODhhYWYxZjQzNmQ2YTIwYjQxNzdiMzhk
MzkwZmMwHhcNMjQxMDIzMDgzMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDVhZGVkMTVmZTY4Mjg2YTg4YzRjNmE0MDllNjMyYzljODgxYjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsvv7zGrKJEbmHqFbLmcCcz3Fldd
ITgkCiMXNfo4fzkjrNHvEouMPcxcb1ERZtzYp/CUZL5T0sFOm9e71A285eEiM0YA
AkgQlBgJzVSU4jTK41aVIZD6BGwTc4AmSxgpcTskwNV3pynLhmwWc1BF4ooXdnwR
7A/wXA51qBmfps9RlJkCmkxDMpEi0LNA4QoWqvCTezBLN5CqECYlkMP5tcT7Tl3F
b/rtGs/kgbvQmz358woS6+56sIOCc7PpcG/Dp59HYXEgcahGXFgVJTwPH0VLVo4m
BgUAW8hiZztXkwngf1G7impTVTt6z2V7GxKUm9GSOZ7nsafttMmqpDdywwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFBa3tFf5oKGqIxMakCeYyyciBtBMB8GA1UdIwQY
MBaAFAPWqKY5+IqvH0NtaiC0F3s405D8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTlhb3BqbjRpcThmUTIxcUlMUVhlempUa1B3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9jMTgxMDUtZDkwZi00NDJmLThiMWQt
YzIwZGU1NDNjMGRmLzEvVUZyZTBWX21nb2FvakV4cVFKNWpMSnlJRzBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9jMTgxMDUtZDkwZi00NDJmLThiMWQtYzIwZGU1NDNjMGRm
LzEvQTlhb3BqbjRpcThmUTIxcUlMUVhlempUa1B3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwgCpAwQB
w24cMA0GCSqGSIb3DQEBCwUAA4IBAQBwrCYVgV7azDHsXpWPuhnjnei87lKfV3GL
+WGGhoFSrViSYMBx0V1xV3vNH0f6TkUZ8J392fXOiUsIi9AqMWjCEY0ogiDM/pxm
i0V45d6+HBteDRXj7Yd3pUiBIytWxUZkcSUh9T9U4Gm2lvXZZ9pI5wsveUXPTdlq
5J1sODfiGPOwgDAVPPbZYtPRp46JWnl66EmrRbRwz8C30I1hZVMJ/5kIQhwQtkXF
PRzIyICe/QIDHx5zFlrEIq5TnEpGB7R5Gxob2RipTAQK0cKsCrS16B/9O8PLUznl
cIbvX2dZeex/D9mvRdprfkBIwktKk70u35cH/PCyUNHXnQWUkR07
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:10:20 2024 by rpki-client on console-fra.rpki-client.org