Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/UIhshyHc1VeJ_7E_M0zgEAzy6Do.roa
File: UIhshyHc1VeJ_7E_M0zgEAzy6Do.roa (raw, json)
Hash identifier: VWcsJTyqN1Bh0xMkW3/Pqkuo3zU1VOGAY9Ur2DyOIWs=
Subject key identifier: 50:88:6C:87:21:DC:D5:57:89:FF:B1:3F:33:4C:E0:10:0C:F2:E8:3A
Certificate issuer: /CN=22a44566764ebb511683cb6228fa91997b559379
Certificate serial: 018CC726D109A76257A7D09FDD927A992BD2
Authority key identifier: 22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/UIhshyHc1VeJ_7E_M0zgEAzy6Do.roa
Signing time: Mon 01 Jan 2024 22:30:58 +0000
ROA not before: Mon 01 Jan 2024 22:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202306
IP address blocks: 78.153.140.0/24 maxlen: 24
109.237.96.0/22 maxlen: 22
109.237.97.0/24 maxlen: 24
109.237.98.0/24 maxlen: 24
109.237.98.0/23 maxlen: 23
109.237.96.0/24 maxlen: 24
109.237.96.0/23 maxlen: 23
109.237.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 03:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:d1:09:a7:62:57:a7:d0:9f:dd:92:7a:99:2b:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a44566764ebb511683cb6228fa91997b559379
Validity
Not Before: Jan 1 22:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50886c8721dcd55789ffb13f334ce0100cf2e83a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a4:2f:d9:e4:28:c9:85:b1:00:56:1f:28:ef:
3b:8f:b9:fa:47:bb:33:9a:83:d0:f8:56:05:24:a2:
14:27:20:1a:0f:2d:64:f7:88:00:75:c6:da:cb:67:
ad:61:53:f4:fa:08:44:a6:e6:7c:2b:8f:01:18:df:
1d:92:2f:c4:47:27:f6:2e:fe:e5:b4:c4:1c:7f:7a:
80:c1:4d:05:54:ff:aa:44:8e:1a:1e:7e:d3:88:08:
5a:72:b2:2c:9c:94:0a:38:7d:1f:6a:36:6d:11:3d:
9a:c3:ee:07:5a:09:1b:fe:a2:30:d7:c9:8a:ba:73:
3c:eb:06:54:0c:aa:a7:bd:ce:2f:0d:16:29:a9:fd:
5c:e9:c8:a1:b4:77:ee:23:1c:60:a6:16:3e:8d:3e:
6b:0a:68:ef:88:78:05:6f:b8:33:a9:8d:90:1f:8a:
01:78:ba:0a:1c:81:19:d8:86:c1:d3:b3:4a:16:e7:
f6:96:f6:5f:d5:7a:81:6b:6e:4a:55:c9:7c:c4:d6:
2b:2d:4a:e3:e3:65:ef:64:b4:84:d9:d2:11:dd:7d:
e6:18:59:66:ed:f3:6f:01:a2:0a:9e:49:eb:4e:78:
e1:b2:99:a2:41:86:f7:bd:94:bc:57:e1:e7:88:02:
8d:f9:32:b8:60:ed:85:c3:21:6d:41:4f:40:38:65:
dc:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:88:6C:87:21:DC:D5:57:89:FF:B1:3F:33:4C:E0:10:0C:F2:E8:3A
X509v3 Authority Key Identifier:
keyid:22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/UIhshyHc1VeJ_7E_M0zgEAzy6Do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.153.140.0/24
109.237.96.0/22
Signature Algorithm: sha256WithRSAEncryption
36:4a:06:a9:be:9e:e7:14:95:47:96:4e:02:67:ca:5e:26:34:
d5:49:0a:f4:a8:c1:11:76:79:0d:9f:d2:d0:24:e3:29:66:ff:
94:cc:8f:4b:ba:ef:76:e4:9e:f6:3d:a2:dc:69:4b:5e:4c:58:
3b:77:f1:6d:d6:4e:86:48:ad:06:6e:7a:86:b2:00:9e:77:aa:
cb:38:03:cc:a0:18:d2:72:37:67:ea:d1:4b:2a:b4:15:c1:09:
4d:e5:33:f7:db:d8:3d:e9:d4:7d:56:20:b7:24:f6:e4:7c:f3:
d0:04:c8:3c:77:2b:14:93:b2:c6:15:58:b0:9f:14:1e:a9:4b:
9c:e2:7d:35:f7:a1:bd:43:7e:e7:7b:e7:49:95:ce:b5:a0:9c:
b4:a8:72:17:d5:33:e5:e3:0d:53:ee:53:62:65:26:7a:65:99:
19:48:74:2d:0b:46:c1:d2:2c:e2:fd:53:74:c2:e6:a3:08:ed:
08:70:92:a6:41:53:c2:5c:35:d9:64:e0:1f:a9:5e:32:3b:b6:
fc:ff:5e:ce:ee:b0:7a:e6:21:a0:fa:da:b7:31:08:66:af:7c:
91:fa:95:49:0e:24:5a:05:1b:ff:91:e8:3d:14:16:54:82:f7:
8c:7c:b2:0a:8c:81:d4:46:12:79:aa:88:be:63:86:8a:74:70:
ba:e8:31:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJtEJp2JXp9Cf3ZJ6mSvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTQ0NTY2NzY0ZWJiNTExNjgzY2I2MjI4ZmE5MTk5N2I1
NTkzNzkwHhcNMjQwMTAxMjIzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDg4NmM4NzIxZGNkNTU3ODlmZmIxM2YzMzRjZTAxMDBjZjJlODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6Qv2eQoyYWxAFYfKO87j7n6R7sz
moPQ+FYFJKIUJyAaDy1k94gAdcbay2etYVP0+ghEpuZ8K48BGN8dki/ERyf2Lv7l
tMQcf3qAwU0FVP+qRI4aHn7TiAhacrIsnJQKOH0fajZtET2aw+4HWgkb/qIw18mK
unM86wZUDKqnvc4vDRYpqf1c6cihtHfuIxxgphY+jT5rCmjviHgFb7gzqY2QH4oB
eLoKHIEZ2IbB07NKFuf2lvZf1XqBa25KVcl8xNYrLUrj42XvZLSE2dIR3X3mGFlm
7fNvAaIKnknrTnjhspmiQYb3vZS8V+HniAKN+TK4YO2FwyFtQU9AOGXc6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFCIbIch3NVXif+xPzNM4BAM8ug6MB8GA1UdIwQY
MBaAFCKkRWZ2TrtRFoPLYij6kZl7VZN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMt
MTZiODBhYTI4ZGQ2LzEvVUloc2h5SGMxVmVKXzdFX00wemdFQXp5NkRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMtMTZiODBhYTI4ZGQ2
LzEvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATpmMAwQC
be1gMA0GCSqGSIb3DQEBCwUAA4IBAQA2Sgapvp7nFJVHlk4CZ8peJjTVSQr0qMER
dnkNn9LQJOMpZv+UzI9Luu925J72PaLcaUteTFg7d/Ft1k6GSK0GbnqGsgCed6rL
OAPMoBjScjdn6tFLKrQVwQlN5TP329g96dR9ViC3JPbkfPPQBMg8dysUk7LGFViw
nxQeqUuc4n0196G9Q37ne+dJlc61oJy0qHIX1TPl4w1T7lNiZSZ6ZZkZSHQtC0bB
0izi/VN0wuajCO0IcJKmQVPCXDXZZOAfqV4yO7b8/17O7rB65iGg+tq3MQhmr3yR
+pVJDiRaBRv/keg9FBZUgveMfLIKjIHURhJ5qoi+Y4aKdHC66DE2
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:44:28 2024 by rpki-client on console-fra.rpki-client.org