Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/upJqSAoRM0K-eK9r3JzxY9AktXY.roa
File: upJqSAoRM0K-eK9r3JzxY9AktXY.roa (raw, json)
Hash identifier: g/8zTi4gPfOGWwRYDAWSEGMQsz2ZuBI9cTPM/xQcfx4=
Subject key identifier: BA:92:6A:48:0A:11:33:42:BE:78:AF:6B:DC:9C:F1:63:D0:24:B5:76
Certificate issuer: /CN=4dd1b2587490ad061cb207176bdeec81a531588c
Certificate serial: 018CC86F20C2288DF275D74A89B236FF3792
Authority key identifier: 4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/upJqSAoRM0K-eK9r3JzxY9AktXY.roa
Signing time: Tue 02 Jan 2024 04:29:35 +0000
ROA not before: Tue 02 Jan 2024 04:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28944
IP address blocks: 195.234.98.0/24 maxlen: 24
130.250.109.0/24 maxlen: 24
80.231.248.0/24 maxlen: 24
151.237.11.0/24 maxlen: 24
85.187.213.0/24 maxlen: 24
85.187.215.0/24 maxlen: 24
85.187.214.0/24 maxlen: 24
80.231.174.0/24 maxlen: 24
147.185.246.0/23 maxlen: 24
147.185.254.0/23 maxlen: 24
151.237.95.0/24 maxlen: 24
130.250.134.0/24 maxlen: 24
151.237.12.0/24 maxlen: 24
130.250.133.0/24 maxlen: 24
195.219.123.0/24 maxlen: 24
2a01:3e7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:20:c2:28:8d:f2:75:d7:4a:89:b2:36:ff:37:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd1b2587490ad061cb207176bdeec81a531588c
Validity
Not Before: Jan 2 04:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba926a480a113342be78af6bdc9cf163d024b576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1b:6e:c3:f6:24:34:a6:86:56:ec:8f:48:e6:
16:9a:a1:06:19:82:ae:1e:00:73:04:3b:50:af:7f:
bf:c9:50:b1:31:8a:b9:d8:4d:fa:75:33:7b:49:7a:
11:ea:e9:96:4b:0b:90:e7:2f:ca:88:50:c4:03:b1:
d9:c7:19:9c:ff:f6:d5:19:74:8d:a8:03:ba:b7:4a:
b1:6b:07:e4:da:56:26:f8:f3:34:fa:f0:ce:c2:bc:
b9:68:91:56:cd:ce:c6:6e:0b:65:00:6f:35:9a:19:
67:5c:9e:40:73:b5:9f:46:74:08:88:a1:4e:78:e6:
82:92:04:95:85:c3:79:a3:6e:ba:1a:36:d8:99:2a:
48:d7:ec:d2:8e:3f:de:5e:b6:2b:c5:65:4b:a8:4b:
43:e9:64:cc:0c:c6:26:78:00:2d:f6:ac:94:d7:27:
4a:6f:12:d8:72:73:fb:05:79:eb:61:4a:cb:46:64:
c2:a8:c7:b3:8b:c4:c7:fc:7b:6f:7c:5d:35:33:d3:
3e:82:7e:d6:94:c6:47:5c:84:30:04:ca:5d:3d:c3:
3f:06:ec:40:4e:e8:c7:1d:56:31:cb:7f:3d:26:95:
c4:67:c6:d0:ca:94:e8:55:bf:b5:95:32:c3:1c:61:
b8:5d:d9:0f:5e:2d:53:ae:e4:c7:1f:4e:3e:16:54:
c7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:92:6A:48:0A:11:33:42:BE:78:AF:6B:DC:9C:F1:63:D0:24:B5:76
X509v3 Authority Key Identifier:
keyid:4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/upJqSAoRM0K-eK9r3JzxY9AktXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.231.174.0/24
80.231.248.0/24
85.187.213.0-85.187.215.255
130.250.109.0/24
130.250.133.0-130.250.134.255
147.185.246.0/23
147.185.254.0/23
151.237.11.0-151.237.12.255
151.237.95.0/24
195.219.123.0/24
195.234.98.0/24
IPv6:
2a01:3e7::/32
Signature Algorithm: sha256WithRSAEncryption
29:41:8c:11:a6:51:98:7e:ee:d7:49:42:6c:01:6d:04:60:31:
1f:51:fc:22:7c:a5:0d:da:0f:49:43:9f:93:06:3b:ff:64:39:
17:df:5e:a9:f5:bd:fc:49:5e:e9:b5:81:db:63:1d:4d:f7:a8:
ad:2f:7e:dd:f2:3c:db:bb:50:13:1c:bd:e7:2a:3e:62:49:1b:
ac:59:df:91:90:f7:8a:0f:3c:bb:56:ef:80:62:f2:68:07:93:
d1:00:ef:fe:31:57:dd:99:ba:ee:45:0b:0d:a9:9f:dd:57:44:
60:97:21:ba:27:2f:fd:30:bb:4a:b3:5d:4e:7f:25:77:f0:5e:
b2:00:8c:9f:85:c3:e7:0e:a2:33:eb:e4:68:0b:ab:17:d3:39:
3f:88:2d:13:e1:f7:84:0d:c6:5a:87:8a:91:e9:39:21:6c:9d:
76:5c:c2:b4:9b:f3:de:95:c7:de:58:2f:b7:a0:3e:68:ac:f1:
45:79:a2:a0:8a:9d:11:14:b1:91:c4:60:43:61:d0:fe:3c:22:
a0:bb:31:94:c8:ab:5a:4f:7d:ba:b4:95:f7:be:f7:da:18:e7:
58:60:fe:55:5e:33:91:b3:fb:58:25:c6:a9:c2:0a:ed:95:7e:
f1:cf:b2:20:01:6e:aa:49:d0:e8:ed:8b:fc:45:e2:a3:62:3a:
45:7b:8e:5e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYzIbyDCKI3ydddKibI2/zeSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDFiMjU4NzQ5MGFkMDYxY2IyMDcxNzZiZGVlYzgxYTUz
MTU4OGMwHhcNMjQwMTAyMDQyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTkyNmE0ODBhMTEzMzQyYmU3OGFmNmJkYzljZjE2M2QwMjRiNTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghtuw/YkNKaGVuyPSOYWmqEGGYKu
HgBzBDtQr3+/yVCxMYq52E36dTN7SXoR6umWSwuQ5y/KiFDEA7HZxxmc//bVGXSN
qAO6t0qxawfk2lYm+PM0+vDOwry5aJFWzc7GbgtlAG81mhlnXJ5Ac7WfRnQIiKFO
eOaCkgSVhcN5o266GjbYmSpI1+zSjj/eXrYrxWVLqEtD6WTMDMYmeAAt9qyU1ydK
bxLYcnP7BXnrYUrLRmTCqMezi8TH/HtvfF01M9M+gn7WlMZHXIQwBMpdPcM/BuxA
TujHHVYxy389JpXEZ8bQypToVb+1lTLDHGG4XdkPXi1TruTHH04+FlTHcwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFLqSakgKETNCvniva9yc8WPQJLV2MB8GA1UdIwQY
MBaAFE3Rslh0kK0GHLIHF2ve7IGlMViMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUt
ZGI0NjNjNWZiMGI0LzEvdXBKcVNBb1JNMEstZUs5cjNKenhZOUFrdFhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUtZGI0NjNjNWZiMGI0
LzEvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAFDnrgME
AFDn+DAMAwQAVbvVAwQDVbvQAwQAgvptMAwDBACC+oUDBACC+oYDBAGTufYDBAGT
uf4wDAMEAJftCwMEAJftDAMEAJftXwMEAMPbewMEAMPqYjANBAIAAjAHAwUAKgED
5zANBgkqhkiG9w0BAQsFAAOCAQEAKUGMEaZRmH7u10lCbAFtBGAxH1H8InylDdoP
SUOfkwY7/2Q5F99eqfW9/Ele6bWB22MdTfeorS9+3fI827tQExy95yo+YkkbrFnf
kZD3ig88u1bvgGLyaAeT0QDv/jFX3Zm67kULDamf3VdEYJchuicv/TC7SrNdTn8l
d/BesgCMn4XD5w6iM+vkaAurF9M5P4gtE+H3hA3GWoeKkek5IWyddlzCtJvz3pXH
3lgvt6A+aKzxRXmioIqdERSxkcRgQ2HQ/jwioLsxlMirWk99urSV97732hjnWGD+
VV4zkbP7WCXGqcIK7ZV+8c+yIAFuqknQ6O2L/EXio2I6RXuOXg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:34:50 2024 by rpki-client on console-ams.rpki-client.org