Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/fae443-198b-432e-b419-3e6fbe379e83/1/UJtvMYsRtpQs7oXJIYuG2cwbFTU.roa
File: UJtvMYsRtpQs7oXJIYuG2cwbFTU.roa (raw, json)
Hash identifier: DrfJ6s0Gv88FOIz3YFwASt4RqHXcM9t9Ycy35Y/B8lk=
Subject key identifier: 50:9B:6F:31:8B:11:B6:94:2C:EE:85:C9:21:8B:86:D9:CC:1B:15:35
Certificate issuer: /CN=e2b5b08dc433f8e9f77727cb51f6ba24bdd5f39a
Certificate serial: 018D555728C38EF38B7B60D73EAC7971539D
Authority key identifier: E2:B5:B0:8D:C4:33:F8:E9:F7:77:27:CB:51:F6:BA:24:BD:D5:F3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4rWwjcQz-On3dyfLUfa6JL3V85o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/fae443-198b-432e-b419-3e6fbe379e83/1/UJtvMYsRtpQs7oXJIYuG2cwbFTU.roa
Signing time: Mon 29 Jan 2024 13:09:51 +0000
ROA not before: Mon 29 Jan 2024 13:09:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210767
IP address blocks: 5.183.151.0/24 maxlen: 24
193.161.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/fae443-198b-432e-b419-3e6fbe379e83/1/4rWwjcQz-On3dyfLUfa6JL3V85o.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/fae443-198b-432e-b419-3e6fbe379e83/1/4rWwjcQz-On3dyfLUfa6JL3V85o.mft
rsync://rpki.ripe.net/repository/DEFAULT/4rWwjcQz-On3dyfLUfa6JL3V85o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:55:57:28:c3:8e:f3:8b:7b:60:d7:3e:ac:79:71:53:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2b5b08dc433f8e9f77727cb51f6ba24bdd5f39a
Validity
Not Before: Jan 29 13:09:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=509b6f318b11b6942cee85c9218b86d9cc1b1535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:32:40:07:ca:18:b0:5b:9f:a1:bc:74:30:b3:
fd:b5:c4:b3:30:d0:e2:66:72:b8:38:3a:ce:f2:c7:
8b:d9:96:05:24:78:a1:8f:7c:dc:c8:f0:c1:72:a9:
6d:39:9f:46:02:34:3b:3e:60:b9:30:96:85:85:2a:
bd:0e:88:ec:87:23:a3:5f:5f:a1:bf:bc:05:15:75:
46:1f:dc:3c:09:8b:1e:a9:eb:b0:71:f9:10:ec:61:
e8:74:0a:5e:eb:d9:27:7a:06:ef:d7:3e:d1:bc:0d:
c0:44:47:7b:2d:c4:ee:08:54:13:c1:3d:73:78:ef:
d0:b6:2c:b7:8e:1a:97:ea:f6:86:a7:1f:98:29:6f:
35:d2:16:1f:ab:bb:95:bf:66:b2:45:2a:0c:ca:b0:
12:50:79:1a:1b:cb:22:6c:35:64:96:7f:64:34:1a:
a5:49:b2:cf:f4:cb:7c:e3:fd:80:3a:79:db:d4:fd:
02:31:97:c4:c5:28:31:c7:2e:aa:96:31:bd:62:a7:
79:04:42:8b:1d:68:9b:30:a9:7d:da:ec:51:6f:e1:
a1:4b:13:86:da:eb:11:39:fa:2d:a9:65:0d:32:5c:
ba:ad:eb:c1:89:65:6e:cb:85:96:ce:13:ed:60:63:
1e:e2:f3:e4:6f:fb:7c:ad:1b:fc:e7:13:8e:80:66:
31:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:9B:6F:31:8B:11:B6:94:2C:EE:85:C9:21:8B:86:D9:CC:1B:15:35
X509v3 Authority Key Identifier:
keyid:E2:B5:B0:8D:C4:33:F8:E9:F7:77:27:CB:51:F6:BA:24:BD:D5:F3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4rWwjcQz-On3dyfLUfa6JL3V85o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/fae443-198b-432e-b419-3e6fbe379e83/1/UJtvMYsRtpQs7oXJIYuG2cwbFTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/fae443-198b-432e-b419-3e6fbe379e83/1/4rWwjcQz-On3dyfLUfa6JL3V85o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.151.0/24
193.161.200.0/24
Signature Algorithm: sha256WithRSAEncryption
23:c1:4a:51:2c:b5:36:22:2d:94:40:98:6e:b0:77:69:c4:05:
76:31:18:8e:75:1f:84:cd:fb:5d:a5:e8:99:8d:ba:95:92:36:
7a:a5:bd:c4:1d:05:25:4c:24:76:77:d5:0a:a7:c2:a4:65:5a:
10:10:69:f1:79:a2:e9:ad:29:91:ba:1e:9b:32:f4:d5:32:80:
44:24:22:d4:ef:44:5d:b4:6d:ea:ab:e7:34:81:9a:14:f4:38:
21:40:7c:cc:6d:ef:e3:26:c9:4a:71:49:ee:97:af:71:9a:a7:
e1:10:d3:c3:be:34:3f:7c:33:31:d2:74:3b:57:9b:9f:2b:88:
52:0e:3d:53:00:4d:7b:fa:59:dd:e8:57:8f:17:1f:98:91:d6:
f1:d8:32:25:46:0a:2d:1a:b2:fb:cc:1b:44:a3:08:95:4b:13:
6b:72:b0:f4:1c:e3:19:11:a0:88:c6:04:6c:fa:6e:69:db:16:
e5:03:84:1c:03:15:73:be:ea:e9:38:8c:e1:01:46:be:83:84:
e1:31:e6:51:e5:68:3b:b2:b9:ce:af:eb:5f:93:a4:62:35:8a:
4d:e5:28:f9:59:47:ae:ed:9a:f2:4d:19:e3:ed:28:bf:35:8a:
37:f7:93:1d:1e:84:ca:75:31:6b:61:44:d1:45:6f:8c:c9:91:
8f:44:a1:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1VVyjDjvOLe2DXPqx5cVOdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYjViMDhkYzQzM2Y4ZTlmNzc3MjdjYjUxZjZiYTI0YmRk
NWYzOWEwHhcNMjQwMTI5MTMwOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDliNmYzMThiMTFiNjk0MmNlZTg1YzkyMThiODZkOWNjMWIxNTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTJAB8oYsFufobx0MLP9tcSzMNDi
ZnK4ODrO8seL2ZYFJHihj3zcyPDBcqltOZ9GAjQ7PmC5MJaFhSq9DojshyOjX1+h
v7wFFXVGH9w8CYseqeuwcfkQ7GHodApe69knegbv1z7RvA3AREd7LcTuCFQTwT1z
eO/Qtiy3jhqX6vaGpx+YKW810hYfq7uVv2ayRSoMyrASUHkaG8sibDVkln9kNBql
SbLP9Mt84/2AOnnb1P0CMZfExSgxxy6qljG9Yqd5BEKLHWibMKl92uxRb+GhSxOG
2usROfotqWUNMly6revBiWVuy4WWzhPtYGMe4vPkb/t8rRv85xOOgGYxjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFCbbzGLEbaULO6FySGLhtnMGxU1MB8GA1UdIwQY
MBaAFOK1sI3EM/jp93cny1H2uiS91fOaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHJXd2pjUXotT24zZHlmTFVmYTZKTDNWODVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9mYWU0NDMtMTk4Yi00MzJlLWI0MTkt
M2U2ZmJlMzc5ZTgzLzEvVUp0dk1Zc1J0cFFzN29YSklZdUcyY3diRlRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9mYWU0NDMtMTk4Yi00MzJlLWI0MTktM2U2ZmJlMzc5ZTgz
LzEvNHJXd2pjUXotT24zZHlmTFVmYTZKTDNWODVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbeXAwQA
waHIMA0GCSqGSIb3DQEBCwUAA4IBAQAjwUpRLLU2Ii2UQJhusHdpxAV2MRiOdR+E
zftdpeiZjbqVkjZ6pb3EHQUlTCR2d9UKp8KkZVoQEGnxeaLprSmRuh6bMvTVMoBE
JCLU70RdtG3qq+c0gZoU9DghQHzMbe/jJslKcUnul69xmqfhENPDvjQ/fDMx0nQ7
V5ufK4hSDj1TAE17+lnd6FePFx+Ykdbx2DIlRgotGrL7zBtEowiVSxNrcrD0HOMZ
EaCIxgRs+m5p2xblA4QcAxVzvurpOIzhAUa+g4ThMeZR5Wg7srnOr+tfk6RiNYpN
5Sj5WUeu7ZryTRnj7Si/NYo395MdHoTKdTFrYUTRRW+MyZGPRKE/
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:05:26 2024 by rpki-client on console-ams.rpki-client.org