Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/865490-78e7-43b4-b2fd-1d0bf5208f90/1/Ul6WEgikxV-kZckZAJ5M7h-3ZYc.roa
File: Ul6WEgikxV-kZckZAJ5M7h-3ZYc.roa (raw, json)
Hash identifier: 5A+QcrHLrzZEGfjJJKje1gwlAV47CJM1731dDXHLgUg=
Subject key identifier: 52:5E:96:12:08:A4:C5:5F:A4:65:C9:19:00:9E:4C:EE:1F:B7:65:87
Certificate issuer: /CN=ab27ed1cea4321c49c3ca10f3affafdbdad532c2
Certificate serial: 018CC42474F8670F7C0195535B336B218A08
Authority key identifier: AB:27:ED:1C:EA:43:21:C4:9C:3C:A1:0F:3A:FF:AF:DB:DA:D5:32:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qyftHOpDIcScPKEPOv-v29rVMsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/865490-78e7-43b4-b2fd-1d0bf5208f90/1/Ul6WEgikxV-kZckZAJ5M7h-3ZYc.roa
Signing time: Mon 01 Jan 2024 08:29:32 +0000
ROA not before: Mon 01 Jan 2024 08:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202870
IP address blocks: 185.152.44.0/22 maxlen: 24
2a07:7e80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/865490-78e7-43b4-b2fd-1d0bf5208f90/1/qyftHOpDIcScPKEPOv-v29rVMsI.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/865490-78e7-43b4-b2fd-1d0bf5208f90/1/qyftHOpDIcScPKEPOv-v29rVMsI.mft
rsync://rpki.ripe.net/repository/DEFAULT/qyftHOpDIcScPKEPOv-v29rVMsI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:74:f8:67:0f:7c:01:95:53:5b:33:6b:21:8a:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab27ed1cea4321c49c3ca10f3affafdbdad532c2
Validity
Not Before: Jan 1 08:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=525e961208a4c55fa465c919009e4cee1fb76587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:47:80:fe:13:7b:5b:e4:f0:45:f5:8a:8d:33:
2f:b1:8a:de:8c:1d:7d:56:93:b4:af:c5:28:a9:33:
3d:c3:3f:f6:fa:ac:8a:d8:47:b3:68:43:31:55:ba:
f6:f8:13:28:44:8d:f1:16:3d:39:89:67:56:32:85:
44:88:78:62:bd:4e:c2:d1:5e:cd:65:99:be:14:2d:
24:63:fe:e5:5c:7f:07:e8:c2:d0:5f:79:99:c1:ad:
5d:6f:59:e5:7a:e3:86:31:53:8c:ae:68:53:41:25:
aa:e9:42:6c:1f:1c:85:41:84:34:fa:02:a4:d1:46:
9f:e9:24:30:f3:ac:ee:0a:cd:30:e2:fc:ca:c4:ec:
7a:8e:70:b2:85:76:2d:14:34:84:9d:e7:5f:0f:d9:
e5:5a:43:2d:e3:5a:c7:82:03:fe:f2:06:ff:a3:48:
5b:c0:2e:1e:20:c5:21:60:e9:c4:4b:6e:1b:3c:90:
ce:51:68:98:4f:b2:38:af:f0:08:2e:64:97:40:36:
c1:3b:77:05:00:64:29:91:ce:05:05:61:b7:b1:22:
93:40:c9:37:ea:2e:c3:23:75:4d:a9:2e:22:3f:1d:
61:36:e6:fc:ef:a0:81:76:1d:60:72:6b:3e:c3:e2:
e6:a6:c6:d7:28:4f:24:06:81:0f:81:b6:03:7b:e2:
da:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:5E:96:12:08:A4:C5:5F:A4:65:C9:19:00:9E:4C:EE:1F:B7:65:87
X509v3 Authority Key Identifier:
keyid:AB:27:ED:1C:EA:43:21:C4:9C:3C:A1:0F:3A:FF:AF:DB:DA:D5:32:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qyftHOpDIcScPKEPOv-v29rVMsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/865490-78e7-43b4-b2fd-1d0bf5208f90/1/Ul6WEgikxV-kZckZAJ5M7h-3ZYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/865490-78e7-43b4-b2fd-1d0bf5208f90/1/qyftHOpDIcScPKEPOv-v29rVMsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.44.0/22
IPv6:
2a07:7e80::/29
Signature Algorithm: sha256WithRSAEncryption
67:26:4f:4d:50:6e:ed:17:59:d0:02:d7:14:3a:38:b7:05:30:
09:c6:df:0b:e4:9b:99:df:49:4f:72:4c:e0:00:fd:3e:a9:67:
f9:9e:8f:47:a8:91:31:ff:78:4d:81:39:d9:47:34:2c:fd:47:
0f:c3:c8:e6:90:79:eb:31:23:18:14:25:27:c6:eb:55:11:fb:
a6:f7:4c:d4:d0:59:85:3b:a9:a4:ae:70:fc:5e:be:95:de:2f:
fa:1a:92:96:8c:bc:9b:17:40:d6:42:28:3f:e5:fe:50:db:96:
a7:26:c0:99:3f:11:71:27:72:a9:53:e9:8b:15:3c:43:22:f1:
a8:8b:fe:1c:fe:21:76:86:74:47:d3:72:bf:c5:a4:b4:ed:6a:
22:35:ad:fe:7e:74:70:c7:e6:bc:93:f5:c2:93:e1:45:a7:e8:
8e:ca:1e:a4:83:f9:e6:bd:50:28:48:e4:a5:d4:17:ec:7f:aa:
61:e6:aa:de:c4:e3:89:d1:b3:da:51:9f:ea:e9:5d:8f:42:e5:
99:97:64:14:aa:55:39:b2:f2:38:61:66:42:7a:57:76:69:d9:
0a:82:ed:97:34:03:92:d9:82:1b:7c:4d:6b:ad:53:dd:cb:ab:
3d:4b:27:a6:13:12:b1:25:92:43:b9:2f:6d:0e:1e:19:42:9d:
5f:2c:47:0d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJHT4Zw98AZVTWzNrIYoIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMjdlZDFjZWE0MzIxYzQ5YzNjYTEwZjNhZmZhZmRiZGFk
NTMyYzIwHhcNMjQwMTAxMDgyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjVlOTYxMjA4YTRjNTVmYTQ2NWM5MTkwMDllNGNlZTFmYjc2NTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUeA/hN7W+TwRfWKjTMvsYrejB19
VpO0r8UoqTM9wz/2+qyK2EezaEMxVbr2+BMoRI3xFj05iWdWMoVEiHhivU7C0V7N
ZZm+FC0kY/7lXH8H6MLQX3mZwa1db1nleuOGMVOMrmhTQSWq6UJsHxyFQYQ0+gKk
0Uaf6SQw86zuCs0w4vzKxOx6jnCyhXYtFDSEnedfD9nlWkMt41rHggP+8gb/o0hb
wC4eIMUhYOnES24bPJDOUWiYT7I4r/AILmSXQDbBO3cFAGQpkc4FBWG3sSKTQMk3
6i7DI3VNqS4iPx1hNub876CBdh1gcms+w+LmpsbXKE8kBoEPgbYDe+LajQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFJelhIIpMVfpGXJGQCeTO4ft2WHMB8GA1UdIwQY
MBaAFKsn7RzqQyHEnDyhDzr/r9va1TLCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXlmdEhPcERJY1NjUEtFUE92LXYyOXJWTXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi84NjU0OTAtNzhlNy00M2I0LWIyZmQt
MWQwYmY1MjA4ZjkwLzEvVWw2V0VnaWt4Vi1rWmNrWkFKNU03aC0zWlljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi84NjU0OTAtNzhlNy00M2I0LWIyZmQtMWQwYmY1MjA4Zjkw
LzEvcXlmdEhPcERJY1NjUEtFUE92LXYyOXJWTXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZgsMA0E
AgACMAcDBQMqB36AMA0GCSqGSIb3DQEBCwUAA4IBAQBnJk9NUG7tF1nQAtcUOji3
BTAJxt8L5JuZ30lPckzgAP0+qWf5no9HqJEx/3hNgTnZRzQs/UcPw8jmkHnrMSMY
FCUnxutVEfum90zU0FmFO6mkrnD8Xr6V3i/6GpKWjLybF0DWQig/5f5Q25anJsCZ
PxFxJ3KpU+mLFTxDIvGoi/4c/iF2hnRH03K/xaS07WoiNa3+fnRwx+a8k/XCk+FF
p+iOyh6kg/nmvVAoSOSl1Bfsf6ph5qrexOOJ0bPaUZ/q6V2PQuWZl2QUqlU5svI4
YWZCeld2adkKgu2XNAOS2YIbfE1rrVPdy6s9SyemExKxJZJDuS9tDh4ZQp1fLEcN
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:59:58 2024 by rpki-client on console-fra.rpki-client.org