Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/UDqjZhAZdd2upS3TfyiyQ2Tao84.roa
File: UDqjZhAZdd2upS3TfyiyQ2Tao84.roa (raw, json)
Hash identifier: D44dzZkg46HWLfuz/pTqJDJF0ycjwlO18zbLPq9y+IU=
Subject key identifier: 50:3A:A3:66:10:19:75:DD:AE:A5:2D:D3:7F:28:B2:43:64:DA:A3:CE
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 01904E695BFE5DFE706C715A75500C5FAFD2
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/UDqjZhAZdd2upS3TfyiyQ2Tao84.roa
Signing time: Tue 25 Jun 2024 08:00:45 +0000
ROA not before: Tue 25 Jun 2024 08:00:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39519
IP address blocks: 86.105.223.0/24 maxlen: 24
152.89.92.0/22 maxlen: 24
194.107.165.0/24 maxlen: 24
195.93.242.0/23 maxlen: 24
195.191.98.0/24 maxlen: 24
2001:4ba2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4e:69:5b:fe:5d:fe:70:6c:71:5a:75:50:0c:5f:af:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jun 25 08:00:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=503aa366101975ddaea52dd37f28b24364daa3ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:77:00:cd:6d:4b:ee:14:aa:d2:a4:74:df:ef:
19:36:1e:fe:7f:36:41:42:c4:af:fe:17:9b:c6:ec:
e7:45:7e:7c:b2:ac:cf:f1:9f:fa:40:f8:22:3b:a1:
99:04:6a:0a:cb:e0:ea:06:e4:26:d8:6e:c7:d0:38:
01:e3:4c:5b:4f:22:82:e6:8e:9d:0e:44:0b:e1:da:
fb:5f:6e:17:9e:46:18:c0:64:c4:96:b4:d9:22:ce:
89:ae:d7:9c:a2:58:7a:90:6b:d8:e0:76:96:b8:83:
ed:7b:55:d6:96:8c:65:28:99:e0:57:6c:26:74:1f:
0c:35:f0:75:b2:f8:43:bb:cb:00:9a:b0:34:f7:83:
76:cc:2b:81:c9:58:a7:df:b1:aa:0d:9a:37:e3:13:
1c:50:31:f8:b2:01:1e:4c:90:5b:c1:fe:f1:20:94:
63:ff:73:d3:ae:27:4a:83:01:43:c0:72:d6:71:37:
95:74:89:18:83:20:ba:9a:59:60:f8:52:3c:77:a4:
a9:19:4d:dd:e7:b7:13:7c:ab:88:93:aa:a9:a9:1e:
1a:f7:92:b4:16:c5:26:08:02:9c:18:8a:a9:c4:db:
10:68:ae:2c:4a:dd:d1:90:50:a4:cd:97:a1:ef:48:
3b:80:a4:53:04:f7:52:fa:49:31:43:8c:29:18:e4:
fc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:3A:A3:66:10:19:75:DD:AE:A5:2D:D3:7F:28:B2:43:64:DA:A3:CE
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/UDqjZhAZdd2upS3TfyiyQ2Tao84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.223.0/24
152.89.92.0/22
194.107.165.0/24
195.93.242.0/23
195.191.98.0/24
IPv6:
2001:4ba2::/32
Signature Algorithm: sha256WithRSAEncryption
a2:49:cf:b1:45:42:4e:0d:50:2a:10:ea:e3:2a:26:c1:2c:18:
5f:f9:5d:85:b8:d6:ac:54:f5:ac:5a:2e:23:e2:7b:95:99:83:
04:24:3f:33:05:40:4b:b3:6c:8b:34:8a:c7:31:66:45:75:47:
83:ba:fb:da:60:2a:cc:35:11:f1:fb:31:1e:c8:ae:13:07:c6:
2b:b6:77:e5:8b:24:bc:b4:8f:ae:94:9e:60:4c:15:80:08:1f:
ad:95:4d:2d:b2:70:41:e0:af:e2:27:27:12:d7:29:d4:60:6b:
11:00:e2:23:94:de:a8:0c:1c:3d:45:41:ee:f1:66:d6:40:92:
ae:3f:af:0d:04:6d:63:97:08:e3:60:bc:0d:17:28:a5:ec:e8:
13:69:4a:23:82:d9:91:e0:15:4d:ef:27:11:66:f2:d3:89:09:
aa:f6:1b:da:de:c3:4f:de:2e:6d:4c:14:3e:00:c1:b8:1e:ef:
e4:74:19:dd:3b:77:8b:86:58:5e:a1:13:f1:b5:66:99:4f:2b:
dd:fc:49:97:0d:08:96:6c:53:70:fd:c9:5d:89:99:74:3e:6d:
96:c3:38:02:b0:c4:78:3e:04:73:2c:26:43:77:e3:9e:a1:7d:
63:fc:78:b3:55:f8:b1:7c:87:2f:42:b7:b3:25:d5:8f:bb:c3:
0e:13:c7:72
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZBOaVv+Xf5wbHFadVAMX6/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjQwNjI1MDgwMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDNhYTM2NjEwMTk3NWRkYWVhNTJkZDM3ZjI4YjI0MzY0ZGFhM2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvncAzW1L7hSq0qR03+8ZNh7+fzZB
QsSv/hebxuznRX58sqzP8Z/6QPgiO6GZBGoKy+DqBuQm2G7H0DgB40xbTyKC5o6d
DkQL4dr7X24XnkYYwGTElrTZIs6Jrtecolh6kGvY4HaWuIPte1XWloxlKJngV2wm
dB8MNfB1svhDu8sAmrA094N2zCuByVin37GqDZo34xMcUDH4sgEeTJBbwf7xIJRj
/3PTridKgwFDwHLWcTeVdIkYgyC6mllg+FI8d6SpGU3d57cTfKuIk6qpqR4a95K0
FsUmCAKcGIqpxNsQaK4sSt3RkFCkzZeh70g7gKRTBPdS+kkxQ4wpGOT8awIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFA6o2YQGXXdrqUt038oskNk2qPOMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvVURxalpoQVpkZDJ1cFMzVGZ5aXlRMlRhbzg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAVmnfAwQC
mFlcAwQAwmulAwQBw13yAwQAw79iMA0EAgACMAcDBQAgAUuiMA0GCSqGSIb3DQEB
CwUAA4IBAQCiSc+xRUJODVAqEOrjKibBLBhf+V2FuNasVPWsWi4j4nuVmYMEJD8z
BUBLs2yLNIrHMWZFdUeDuvvaYCrMNRHx+zEeyK4TB8YrtnfliyS8tI+ulJ5gTBWA
CB+tlU0tsnBB4K/iJycS1ynUYGsRAOIjlN6oDBw9RUHu8WbWQJKuP68NBG1jlwjj
YLwNFyil7OgTaUojgtmR4BVN7ycRZvLTiQmq9hva3sNP3i5tTBQ+AMG4Hu/kdBnd
O3eLhlheoRPxtWaZTyvd/EmXDQiWbFNw/cldiZl0Pm2WwzgCsMR4PgRzLCZDd+Oe
oX1j/HizVfixfIcvQrezJdWPu8MOE8dy
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:45:07 2024 by rpki-client on console-fra.rpki-client.org