Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/18be97-df3a-4e1d-b561-53c69c1ce50c/1/UCQumuNEkRyyXmo0BGkyZps_4Z8.roa
File: UCQumuNEkRyyXmo0BGkyZps_4Z8.roa (raw, json)
Hash identifier: ZLyPk3f70lcNXW8oSjqdk6jtjbXC8rplMFDv3tr1/6g=
Subject key identifier: 50:24:2E:9A:E3:44:91:1C:B2:5E:6A:34:04:69:32:66:9B:3F:E1:9F
Certificate issuer: /CN=57be8fc79c93504fc21ff70fba469a4cbbe2f029
Certificate serial: 018CC5DBE5C619533EC0C8CDC5DF1E98681B
Authority key identifier: 57:BE:8F:C7:9C:93:50:4F:C2:1F:F7:0F:BA:46:9A:4C:BB:E2:F0:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V76Px5yTUE_CH_cPukaaTLvi8Ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/18be97-df3a-4e1d-b561-53c69c1ce50c/1/UCQumuNEkRyyXmo0BGkyZps_4Z8.roa
Signing time: Mon 01 Jan 2024 16:29:31 +0000
ROA not before: Mon 01 Jan 2024 16:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200970
IP address blocks: 185.145.16.0/22 maxlen: 22
185.145.16.0/24 maxlen: 24
185.145.17.0/24 maxlen: 24
185.145.18.0/24 maxlen: 24
185.145.19.0/24 maxlen: 24
185.89.160.0/24 maxlen: 24
185.89.161.0/24 maxlen: 24
185.89.162.0/24 maxlen: 24
185.89.160.0/22 maxlen: 22
185.89.163.0/24 maxlen: 24
2a05:d9c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/18be97-df3a-4e1d-b561-53c69c1ce50c/1/V76Px5yTUE_CH_cPukaaTLvi8Ck.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/18be97-df3a-4e1d-b561-53c69c1ce50c/1/V76Px5yTUE_CH_cPukaaTLvi8Ck.mft
rsync://rpki.ripe.net/repository/DEFAULT/V76Px5yTUE_CH_cPukaaTLvi8Ck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e5:c6:19:53:3e:c0:c8:cd:c5:df:1e:98:68:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57be8fc79c93504fc21ff70fba469a4cbbe2f029
Validity
Not Before: Jan 1 16:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50242e9ae344911cb25e6a34046932669b3fe19f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:21:4b:8a:5e:e1:82:05:0f:85:fa:59:6c:6f:
61:fc:6b:38:37:aa:4a:80:16:fc:8f:5c:4b:18:0f:
57:ea:5b:fb:a1:01:e4:33:10:68:d1:80:14:92:32:
05:f3:d5:1e:1f:76:6e:ab:3d:0c:34:09:04:24:e4:
93:66:83:2f:89:02:b6:a5:00:75:de:fd:3c:b2:cc:
96:41:79:64:9b:67:d3:a4:40:7d:43:42:ff:25:1f:
08:ee:6c:63:31:6b:b5:95:df:87:d8:02:7e:0c:fe:
00:76:0d:1f:53:c9:51:d9:55:be:11:2d:84:c7:56:
cd:4a:38:52:89:0f:c9:fb:43:d9:de:c7:36:a0:31:
a5:bc:e2:c7:d2:18:0a:57:da:d2:0e:9c:8d:15:64:
5c:8b:bc:8a:9d:e8:5c:38:4c:45:34:4f:31:c7:04:
61:29:8c:e8:cc:2b:c5:7c:75:dd:24:be:a1:96:bc:
1a:49:32:95:f9:34:f8:a0:aa:74:45:44:cd:07:b7:
32:d7:69:a6:1a:80:c4:3d:a5:2e:5d:86:a4:ac:12:
45:37:f7:ca:29:e7:9c:e1:79:cc:3c:f4:43:24:ea:
82:fb:bc:1a:21:43:8b:95:2f:dd:be:cf:27:75:82:
be:ff:73:49:3c:f5:88:9f:0a:44:09:81:b2:5d:6f:
44:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:24:2E:9A:E3:44:91:1C:B2:5E:6A:34:04:69:32:66:9B:3F:E1:9F
X509v3 Authority Key Identifier:
keyid:57:BE:8F:C7:9C:93:50:4F:C2:1F:F7:0F:BA:46:9A:4C:BB:E2:F0:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V76Px5yTUE_CH_cPukaaTLvi8Ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/18be97-df3a-4e1d-b561-53c69c1ce50c/1/UCQumuNEkRyyXmo0BGkyZps_4Z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/18be97-df3a-4e1d-b561-53c69c1ce50c/1/V76Px5yTUE_CH_cPukaaTLvi8Ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.160.0/22
185.145.16.0/22
IPv6:
2a05:d9c0::/29
Signature Algorithm: sha256WithRSAEncryption
30:70:20:76:b1:b7:20:4c:3f:59:45:e6:07:4a:71:90:39:fe:
ef:b4:4c:87:c2:e0:dc:f9:bb:d9:53:c0:11:4c:12:9a:6b:47:
68:32:de:23:2d:c4:ea:37:3e:1a:7b:ad:56:91:30:96:6a:62:
82:de:0d:66:0a:2a:77:ba:c1:c9:cb:e2:b2:98:52:72:1d:52:
9a:9d:60:53:8b:9c:a0:a9:79:b4:24:60:d1:96:98:9c:2f:39:
01:e5:66:9d:55:89:cd:79:aa:b1:c6:53:80:bb:c2:1e:11:8b:
87:23:54:46:75:47:84:44:cf:6f:ff:34:87:bd:1e:eb:dc:e0:
b8:90:d7:06:85:ea:2b:10:43:a1:a5:28:86:31:95:4b:0a:76:
a2:f3:c1:53:bd:28:4f:58:85:5e:49:ff:ec:5e:ce:7f:0c:a9:
c0:24:e6:2e:72:c8:7d:65:5b:aa:de:0f:15:a6:5d:5f:10:b3:
a4:b5:01:fd:35:d0:7d:03:27:0d:8c:2d:4b:18:7f:d4:1f:82:
2c:1a:31:b0:f9:ed:be:f1:6d:45:1d:eb:c4:bc:b0:72:bf:d5:
d1:c1:64:59:66:4e:25:c2:9a:7c:6d:b4:14:68:9b:ca:9c:9f:
55:64:33:65:c3:0d:60:bc:76:b0:21:17:0c:40:31:32:b2:ac:
d7:30:4f:11
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF2+XGGVM+wMjNxd8emGgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YmU4ZmM3OWM5MzUwNGZjMjFmZjcwZmJhNDY5YTRjYmJl
MmYwMjkwHhcNMjQwMTAxMTYyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDI0MmU5YWUzNDQ5MTFjYjI1ZTZhMzQwNDY5MzI2NjliM2ZlMTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yFLil7hggUPhfpZbG9h/Gs4N6pK
gBb8j1xLGA9X6lv7oQHkMxBo0YAUkjIF89UeH3Zuqz0MNAkEJOSTZoMviQK2pQB1
3v08ssyWQXlkm2fTpEB9Q0L/JR8I7mxjMWu1ld+H2AJ+DP4Adg0fU8lR2VW+ES2E
x1bNSjhSiQ/J+0PZ3sc2oDGlvOLH0hgKV9rSDpyNFWRci7yKnehcOExFNE8xxwRh
KYzozCvFfHXdJL6hlrwaSTKV+TT4oKp0RUTNB7cy12mmGoDEPaUuXYakrBJFN/fK
Keec4XnMPPRDJOqC+7waIUOLlS/dvs8ndYK+/3NJPPWInwpECYGyXW9EhQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFAkLprjRJEcsl5qNARpMmabP+GfMB8GA1UdIwQY
MBaAFFe+j8eck1BPwh/3D7pGmky74vApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjc2UHg1eVRVRV9DSF9jUHVrYWFUTHZpOENrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8xOGJlOTctZGYzYS00ZTFkLWI1NjEt
NTNjNjljMWNlNTBjLzEvVUNRdW11TkVrUnl5WG1vMEJHa3lacHNfNFo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8xOGJlOTctZGYzYS00ZTFkLWI1NjEtNTNjNjljMWNlNTBj
LzEvVjc2UHg1eVRVRV9DSF9jUHVrYWFUTHZpOENrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVmgAwQC
uZEQMA0EAgACMAcDBQMqBdnAMA0GCSqGSIb3DQEBCwUAA4IBAQAwcCB2sbcgTD9Z
ReYHSnGQOf7vtEyHwuDc+bvZU8ARTBKaa0doMt4jLcTqNz4ae61WkTCWamKC3g1m
Cip3usHJy+KymFJyHVKanWBTi5ygqXm0JGDRlpicLzkB5WadVYnNeaqxxlOAu8Ie
EYuHI1RGdUeERM9v/zSHvR7r3OC4kNcGheorEEOhpSiGMZVLCnai88FTvShPWIVe
Sf/sXs5/DKnAJOYucsh9ZVuq3g8Vpl1fELOktQH9NdB9AycNjC1LGH/UH4IsGjGw
+e2+8W1FHevEvLByv9XRwWRZZk4lwpp8bbQUaJvKnJ9VZDNlww1gvHawIRcMQDEy
sqzXME8R
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:41:00 2024 by rpki-client on console-fra.rpki-client.org