Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/938722-d415-4027-a0b3-a2aa286dc448/1/CtQ_1JtqJqfs0y_BE5iIpNGAhJs.roa
File: CtQ_1JtqJqfs0y_BE5iIpNGAhJs.roa (raw, json)
Hash identifier: pSXX9weUIhgF+fJaFISNPQxa6N0uVy4ibSPelVOREls=
Subject key identifier: 0A:D4:3F:D4:9B:6A:26:A7:EC:D3:2F:C1:13:98:88:A4:D1:80:84:9B
Certificate issuer: /CN=53052009ba7898d2361ca2ee7d130124f9d25125
Certificate serial: 018CC56E0B1B96E63E46377FDAE9B79910D5
Authority key identifier: 53:05:20:09:BA:78:98:D2:36:1C:A2:EE:7D:13:01:24:F9:D2:51:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UwUgCbp4mNI2HKLufRMBJPnSUSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/938722-d415-4027-a0b3-a2aa286dc448/1/CtQ_1JtqJqfs0y_BE5iIpNGAhJs.roa
Signing time: Mon 01 Jan 2024 14:29:32 +0000
ROA not before: Mon 01 Jan 2024 14:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50881
IP address blocks: 185.94.157.0/24 maxlen: 24
185.94.158.0/24 maxlen: 24
185.94.159.0/24 maxlen: 24
185.94.156.0/24 maxlen: 24
91.228.164.0/24 maxlen: 24
91.228.165.0/24 maxlen: 24
91.228.166.0/24 maxlen: 24
91.228.167.0/24 maxlen: 24
2a05:e800::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/938722-d415-4027-a0b3-a2aa286dc448/1/UwUgCbp4mNI2HKLufRMBJPnSUSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/938722-d415-4027-a0b3-a2aa286dc448/1/UwUgCbp4mNI2HKLufRMBJPnSUSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/UwUgCbp4mNI2HKLufRMBJPnSUSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:0b:1b:96:e6:3e:46:37:7f:da:e9:b7:99:10:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53052009ba7898d2361ca2ee7d130124f9d25125
Validity
Not Before: Jan 1 14:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ad43fd49b6a26a7ecd32fc1139888a4d180849b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:63:6a:80:11:59:44:37:07:1a:17:78:2e:cb:
bd:67:37:41:e4:06:79:3e:c5:47:b2:fc:00:f7:da:
45:3b:25:65:90:9b:45:36:bd:51:2d:13:95:52:42:
81:1e:da:45:5d:15:ec:73:ca:8d:ce:00:61:58:ae:
f7:0f:bb:42:a9:59:59:19:df:d8:52:07:bf:27:30:
65:1e:5e:e5:ec:b6:5b:ed:e1:d5:2c:e7:13:73:e0:
8e:ac:3a:9d:db:8c:cb:40:5c:bd:fe:92:1a:35:38:
6c:fa:0d:bc:74:37:f2:36:ba:e0:cf:74:02:c3:01:
71:0b:a1:22:79:24:f2:e5:d1:05:b6:bf:8d:08:d3:
86:6b:f2:5e:eb:82:26:ee:ab:67:ee:e0:80:6b:da:
c1:c8:e3:48:dc:91:42:aa:8b:6d:b3:fb:0d:e4:45:
65:58:ab:2b:65:dd:f5:bf:9c:5e:3b:8c:37:2b:51:
2e:22:91:30:50:1c:4e:25:22:fe:b7:64:b1:2f:ad:
12:34:a1:51:09:32:0d:eb:55:ff:40:90:e8:e6:d4:
64:9d:22:65:70:e6:bf:f3:bc:bf:b3:fa:b3:3e:99:
a2:ea:2b:fc:be:c9:c9:09:c6:48:28:4e:9f:41:7b:
18:3d:fc:1f:7d:36:03:94:4e:7a:05:3c:30:84:b3:
c6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D4:3F:D4:9B:6A:26:A7:EC:D3:2F:C1:13:98:88:A4:D1:80:84:9B
X509v3 Authority Key Identifier:
keyid:53:05:20:09:BA:78:98:D2:36:1C:A2:EE:7D:13:01:24:F9:D2:51:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UwUgCbp4mNI2HKLufRMBJPnSUSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/938722-d415-4027-a0b3-a2aa286dc448/1/CtQ_1JtqJqfs0y_BE5iIpNGAhJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/938722-d415-4027-a0b3-a2aa286dc448/1/UwUgCbp4mNI2HKLufRMBJPnSUSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.164.0/22
185.94.156.0/22
IPv6:
2a05:e800::/29
Signature Algorithm: sha256WithRSAEncryption
b9:8c:04:70:71:a4:8a:23:62:d1:e6:a1:d0:81:f7:03:bf:7e:
04:4d:97:e1:5e:77:cb:d0:3b:5d:70:1b:c1:ad:19:cf:f0:f5:
74:55:bb:72:83:0c:0b:88:10:c5:5d:b6:bb:5d:58:0c:69:c9:
a4:dc:f6:77:85:e7:d7:07:29:0c:e4:01:6d:91:9d:29:bf:95:
2e:0a:99:56:49:2b:bf:f7:e4:96:87:ca:60:9d:17:f3:67:d3:
b0:c3:66:c1:d3:4d:44:e9:03:27:a3:98:01:ab:ea:83:df:41:
2b:94:7d:21:c5:f6:ac:f1:7a:19:81:4a:6a:25:3a:42:4d:54:
83:e5:b2:e2:a3:5e:6c:d9:34:ce:39:14:e2:ae:5b:99:3a:e8:
bb:cd:37:ff:61:23:65:cf:c7:b1:da:ea:ca:50:c1:f1:f7:a7:
b4:65:a6:58:6e:f9:65:5a:3d:06:c7:83:a3:b2:54:64:54:1a:
b7:fa:25:a3:5b:a8:56:53:ec:34:ba:f8:6b:a5:28:52:65:d5:
60:7a:a3:88:c3:03:b9:73:6d:cc:f9:10:dc:ac:86:e2:7f:09:
87:a2:9f:68:98:e9:de:c2:50:99:7f:a0:eb:17:2c:36:e8:84:
a6:6e:37:73:a1:45:11:a3:a0:c0:c5:3c:f7:34:8b:c7:b0:6a:
79:f8:d2:27
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFbgsbluY+Rjd/2um3mRDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMDUyMDA5YmE3ODk4ZDIzNjFjYTJlZTdkMTMwMTI0Zjlk
MjUxMjUwHhcNMjQwMTAxMTQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWQ0M2ZkNDliNmEyNmE3ZWNkMzJmYzExMzk4ODhhNGQxODA4NDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWNqgBFZRDcHGhd4Lsu9ZzdB5AZ5
PsVHsvwA99pFOyVlkJtFNr1RLROVUkKBHtpFXRXsc8qNzgBhWK73D7tCqVlZGd/Y
Uge/JzBlHl7l7LZb7eHVLOcTc+COrDqd24zLQFy9/pIaNThs+g28dDfyNrrgz3QC
wwFxC6EieSTy5dEFtr+NCNOGa/Je64Im7qtn7uCAa9rByONI3JFCqotts/sN5EVl
WKsrZd31v5xeO4w3K1EuIpEwUBxOJSL+t2SxL60SNKFRCTIN61X/QJDo5tRknSJl
cOa/87y/s/qzPpmi6iv8vsnJCcZIKE6fQXsYPfwffTYDlE56BTwwhLPGowIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFArUP9Sbaian7NMvwROYiKTRgISbMB8GA1UdIwQY
MBaAFFMFIAm6eJjSNhyi7n0TAST50lElMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXdVZ0NicDRtTkkySEtMdWZSTUJKUG5TVVNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC85Mzg3MjItZDQxNS00MDI3LWEwYjMt
YTJhYTI4NmRjNDQ4LzEvQ3RRXzFKdHFKcWZzMHlfQkU1aUlwTkdBaEpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC85Mzg3MjItZDQxNS00MDI3LWEwYjMtYTJhYTI4NmRjNDQ4
LzEvVXdVZ0NicDRtTkkySEtMdWZSTUJKUG5TVVNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW+SkAwQC
uV6cMA0EAgACMAcDBQMqBegAMA0GCSqGSIb3DQEBCwUAA4IBAQC5jARwcaSKI2LR
5qHQgfcDv34ETZfhXnfL0DtdcBvBrRnP8PV0VbtygwwLiBDFXba7XVgMacmk3PZ3
hefXBykM5AFtkZ0pv5UuCplWSSu/9+SWh8pgnRfzZ9Oww2bB001E6QMno5gBq+qD
30ErlH0hxfas8XoZgUpqJTpCTVSD5bLio15s2TTOORTirluZOui7zTf/YSNlz8ex
2urKUMHx96e0ZaZYbvllWj0Gx4OjslRkVBq3+iWjW6hWU+w0uvhrpShSZdVgeqOI
wwO5c23M+RDcrIbifwmHop9omOnewlCZf6DrFyw26ISmbjdzoUURo6DAxTz3NIvH
sGp5+NIn
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:22:35 2024 by rpki-client on console-ams.rpki-client.org