Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/d19c2d-38c3-4526-a7cf-1d666c422c6a/1/U60Ot9PxU91b0DmIISsq3doTc7w.roa
File: U60Ot9PxU91b0DmIISsq3doTc7w.roa (raw, json)
Hash identifier: qURFYYo4tmHnK6fhZXZjIV/ZMVcSVNZZT+LrCMYiNV8=
Subject key identifier: 53:AD:0E:B7:D3:F1:53:DD:5B:D0:39:88:21:2B:2A:DD:DA:13:73:BC
Certificate issuer: /CN=e41a8c42ece89b5fbfc210dc7b554c72ea4f3544
Certificate serial: 018CCA2AA148C4E5BF0F1D4E384C1918A3DD
Authority key identifier: E4:1A:8C:42:EC:E8:9B:5F:BF:C2:10:DC:7B:55:4C:72:EA:4F:35:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5BqMQuzom1-_whDce1VMcupPNUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/d19c2d-38c3-4526-a7cf-1d666c422c6a/1/U60Ot9PxU91b0DmIISsq3doTc7w.roa
Signing time: Tue 02 Jan 2024 12:34:00 +0000
ROA not before: Tue 02 Jan 2024 12:34:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57119
IP address blocks: 149.62.152.0/21 maxlen: 21
149.62.154.0/24 maxlen: 24
185.64.148.0/22 maxlen: 22
185.64.148.0/23 maxlen: 23
185.64.151.0/24 maxlen: 24
185.64.150.0/24 maxlen: 24
2a02:7680::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/d19c2d-38c3-4526-a7cf-1d666c422c6a/1/5BqMQuzom1-_whDce1VMcupPNUQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/d19c2d-38c3-4526-a7cf-1d666c422c6a/1/5BqMQuzom1-_whDce1VMcupPNUQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/5BqMQuzom1-_whDce1VMcupPNUQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:a1:48:c4:e5:bf:0f:1d:4e:38:4c:19:18:a3:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e41a8c42ece89b5fbfc210dc7b554c72ea4f3544
Validity
Not Before: Jan 2 12:34:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53ad0eb7d3f153dd5bd03988212b2addda1373bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:04:56:dd:10:c6:c6:8d:fc:21:10:7c:11:36:
78:7c:2b:cc:34:8e:cb:f1:42:45:a2:5b:cd:09:86:
0e:ce:32:7d:25:af:fc:55:bb:ff:36:d2:b1:b7:9e:
70:8f:74:93:d9:54:10:fc:e3:98:f8:6d:09:3a:8c:
f5:cf:36:83:53:48:fd:4f:43:c3:e6:22:ca:51:7e:
13:20:61:33:2f:63:44:15:a3:e8:2d:6a:b6:84:22:
1d:16:c8:3f:17:ab:4c:59:82:d5:50:37:f1:18:be:
81:dc:af:a8:15:a4:04:0d:72:db:5c:ad:74:b3:3b:
03:04:44:cf:15:1e:1c:b7:bf:75:0a:37:66:95:8d:
44:54:43:f5:21:b7:94:53:38:47:22:ac:8f:fd:c2:
30:7e:5d:19:7a:a1:4d:63:cc:78:8c:68:47:08:11:
b9:53:12:8a:3a:da:dc:de:92:87:fa:91:84:d6:d1:
66:76:b5:9c:de:2e:6c:36:7c:30:dd:07:7e:9e:af:
c3:e6:4b:57:c2:48:92:47:69:7e:01:0f:87:de:78:
9a:4f:dc:fe:36:4f:0f:b8:7e:6d:8e:a5:44:3d:ce:
f5:ee:34:af:1b:d9:36:01:20:3d:e4:3d:b1:e2:6d:
55:65:2b:32:36:8b:3d:e7:55:0a:d4:03:59:a6:aa:
94:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:AD:0E:B7:D3:F1:53:DD:5B:D0:39:88:21:2B:2A:DD:DA:13:73:BC
X509v3 Authority Key Identifier:
keyid:E4:1A:8C:42:EC:E8:9B:5F:BF:C2:10:DC:7B:55:4C:72:EA:4F:35:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5BqMQuzom1-_whDce1VMcupPNUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/d19c2d-38c3-4526-a7cf-1d666c422c6a/1/U60Ot9PxU91b0DmIISsq3doTc7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/d19c2d-38c3-4526-a7cf-1d666c422c6a/1/5BqMQuzom1-_whDce1VMcupPNUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.62.152.0/21
185.64.148.0/22
IPv6:
2a02:7680::/32
Signature Algorithm: sha256WithRSAEncryption
46:b3:36:a4:4a:08:97:7f:81:38:ae:fb:0f:26:0a:7c:ec:d1:
db:4e:d7:55:cd:e9:66:1c:1e:23:7f:e1:a4:be:56:4d:52:26:
4f:35:35:3e:7e:ee:ea:40:32:7d:3f:14:a7:ea:a4:a6:35:c5:
69:8c:03:23:61:bb:19:c6:3b:dd:9a:79:12:aa:19:aa:33:c3:
7f:40:69:e5:02:c7:6d:e5:ee:6f:38:d8:a9:ff:32:d3:aa:ad:
04:bd:89:f9:6f:7e:57:15:5d:a7:0d:56:a8:f1:79:b5:16:45:
ec:d4:98:da:79:c3:05:d9:ac:84:0e:01:5d:a0:ca:ba:b0:be:
4a:43:38:99:0d:9c:f0:ee:b1:8c:38:1c:10:cd:98:a8:a3:bf:
27:43:7a:28:4d:03:60:77:0b:44:cf:d2:a6:e0:c9:a6:9a:28:
72:71:52:6e:65:d3:f8:8b:7d:bb:96:a1:1d:2f:ed:32:17:47:
aa:d3:6d:92:2f:d7:a2:46:5f:07:32:45:c7:ee:87:22:21:4b:
46:14:77:c3:ef:06:4d:e4:7f:74:34:6d:4f:bc:e2:97:0b:76:
08:00:e2:98:86:23:fa:66:78:91:39:82:12:3a:3f:0e:9c:41:
df:0c:3b:f2:19:ae:8a:7e:7e:4d:7e:80:48:cf:3e:2f:18:ae:
d3:63:58:6d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKKqFIxOW/Dx1OOEwZGKPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MWE4YzQyZWNlODliNWZiZmMyMTBkYzdiNTU0YzcyZWE0
ZjM1NDQwHhcNMjQwMTAyMTIzNDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2FkMGViN2QzZjE1M2RkNWJkMDM5ODgyMTJiMmFkZGRhMTM3M2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnARW3RDGxo38IRB8ETZ4fCvMNI7L
8UJFolvNCYYOzjJ9Ja/8Vbv/NtKxt55wj3ST2VQQ/OOY+G0JOoz1zzaDU0j9T0PD
5iLKUX4TIGEzL2NEFaPoLWq2hCIdFsg/F6tMWYLVUDfxGL6B3K+oFaQEDXLbXK10
szsDBETPFR4ct791CjdmlY1EVEP1IbeUUzhHIqyP/cIwfl0ZeqFNY8x4jGhHCBG5
UxKKOtrc3pKH+pGE1tFmdrWc3i5sNnww3Qd+nq/D5ktXwkiSR2l+AQ+H3niaT9z+
Nk8PuH5tjqVEPc717jSvG9k2ASA95D2x4m1VZSsyNos951UK1ANZpqqU+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFOtDrfT8VPdW9A5iCErKt3aE3O8MB8GA1UdIwQY
MBaAFOQajELs6Jtfv8IQ3HtVTHLqTzVEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUJxTVF1em9tMS1fd2hEY2UxVk1jdXBQTlVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9kMTljMmQtMzhjMy00NTI2LWE3Y2Yt
MWQ2NjZjNDIyYzZhLzEvVTYwT3Q5UHhVOTFiMERtSUlTc3EzZG9UYzd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9kMTljMmQtMzhjMy00NTI2LWE3Y2YtMWQ2NjZjNDIyYzZh
LzEvNUJxTVF1em9tMS1fd2hEY2UxVk1jdXBQTlVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDlT6YAwQC
uUCUMA0EAgACMAcDBQAqAnaAMA0GCSqGSIb3DQEBCwUAA4IBAQBGszakSgiXf4E4
rvsPJgp87NHbTtdVzelmHB4jf+GkvlZNUiZPNTU+fu7qQDJ9PxSn6qSmNcVpjAMj
YbsZxjvdmnkSqhmqM8N/QGnlAsdt5e5vONip/zLTqq0EvYn5b35XFV2nDVao8Xm1
FkXs1JjaecMF2ayEDgFdoMq6sL5KQziZDZzw7rGMOBwQzZioo78nQ3ooTQNgdwtE
z9Km4MmmmihycVJuZdP4i327lqEdL+0yF0eq022SL9eiRl8HMkXH7ociIUtGFHfD
7wZN5H90NG1PvOKXC3YIAOKYhiP6ZniROYISOj8OnEHfDDvyGa6Kfn5NfoBIzz4v
GK7TY1ht
-----END CERTIFICATE-----
Generated at Fri May 17 18:24:25 2024 by rpki-client on console-fra.rpki-client.org