Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/u9t-OuqsWXhikCBkvziiqjjCmSM.roa
File: u9t-OuqsWXhikCBkvziiqjjCmSM.roa (raw, json)
Hash identifier: tR/NXml1UsiKOpjSe6lkIM8sQq2+0vulyXRkFS9wMN4=
Subject key identifier: BB:DB:7E:3A:EA:AC:59:78:62:90:20:64:BF:38:A2:AA:38:C2:99:23
Certificate issuer: /CN=5336a106cecdeba92e0b80e5e9a5c789ba74c62b
Certificate serial: 018E50E36AB949778487E623CEB33181E037
Authority key identifier: 53:36:A1:06:CE:CD:EB:A9:2E:0B:80:E5:E9:A5:C7:89:BA:74:C6:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/u9t-OuqsWXhikCBkvziiqjjCmSM.roa
Signing time: Mon 18 Mar 2024 09:27:45 +0000
ROA not before: Mon 18 Mar 2024 09:27:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29244
IP address blocks: 85.118.192.0/21 maxlen: 21
85.118.192.0/24 maxlen: 24
85.118.194.0/24 maxlen: 24
85.118.196.0/24 maxlen: 24
85.118.197.0/24 maxlen: 24
91.92.8.0/24 maxlen: 24
91.92.9.0/24 maxlen: 24
91.92.10.0/24 maxlen: 24
91.92.11.0/24 maxlen: 24
91.92.12.0/24 maxlen: 24
91.92.13.0/24 maxlen: 24
91.92.14.0/24 maxlen: 24
91.92.15.0/24 maxlen: 24
93.123.88.0/21 maxlen: 24
94.156.136.0/21 maxlen: 24
149.62.192.0/18 maxlen: 18
149.62.204.0/24 maxlen: 24
149.62.205.0/24 maxlen: 24
149.62.206.0/24 maxlen: 24
149.62.207.0/24 maxlen: 24
149.62.208.0/24 maxlen: 24
149.62.209.0/24 maxlen: 24
193.193.171.0/24 maxlen: 24
193.193.182.0/24 maxlen: 24
193.194.147.0/24 maxlen: 24
193.194.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/UzahBs7N66kuC4Dl6aXHibp0xis.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/UzahBs7N66kuC4Dl6aXHibp0xis.mft
rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:50:e3:6a:b9:49:77:84:87:e6:23:ce:b3:31:81:e0:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5336a106cecdeba92e0b80e5e9a5c789ba74c62b
Validity
Not Before: Mar 18 09:27:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbdb7e3aeaac597862902064bf38a2aa38c29923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:80:d3:0f:8e:f4:32:8f:b4:43:f8:d4:00:c6:
38:58:56:ee:45:c4:8d:2d:5c:4a:25:4d:d8:b6:fd:
a3:e6:03:93:fc:96:c5:0c:f6:ad:e5:81:6e:af:44:
23:5e:37:77:1e:1b:0b:67:1a:95:d8:f8:81:62:32:
dc:99:9d:3a:34:b6:04:d4:a5:dd:68:6b:81:81:79:
39:3b:84:12:c1:f9:c5:be:53:c7:76:f4:ca:f9:07:
ac:93:d4:ee:83:a2:c4:5b:10:0c:34:32:9b:6c:62:
76:4b:64:8c:24:7e:8e:6d:c1:bf:7f:94:12:4a:17:
ab:09:98:f7:5c:5a:a6:5e:c7:59:6d:73:0e:67:7c:
36:61:f4:5d:c5:27:36:31:47:e4:16:99:4f:31:7a:
dd:3f:3b:bb:15:76:dd:e9:0b:d9:eb:6b:90:e8:1f:
06:2a:90:8e:c0:d8:6d:0b:dd:38:91:57:3a:32:61:
8c:62:6b:fb:74:12:a8:02:24:ae:a1:d3:2d:ec:8c:
5a:d7:ec:99:81:35:68:eb:89:50:c8:a5:e3:fc:58:
1c:2d:d0:f9:3f:19:c2:a1:2f:cc:a0:60:52:08:f6:
c6:8d:51:9a:1b:cf:b1:2d:76:33:76:1a:df:e0:a1:
cc:0e:f5:78:f7:f1:54:8e:62:09:7a:03:d3:a0:bf:
5f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:DB:7E:3A:EA:AC:59:78:62:90:20:64:BF:38:A2:AA:38:C2:99:23
X509v3 Authority Key Identifier:
keyid:53:36:A1:06:CE:CD:EB:A9:2E:0B:80:E5:E9:A5:C7:89:BA:74:C6:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/u9t-OuqsWXhikCBkvziiqjjCmSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/UzahBs7N66kuC4Dl6aXHibp0xis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.192.0/21
91.92.8.0/21
93.123.88.0/21
94.156.136.0/21
149.62.192.0/18
193.193.171.0/24
193.193.182.0/24
193.194.147.0/24
193.194.155.0/24
Signature Algorithm: sha256WithRSAEncryption
23:8a:1f:82:61:a0:f9:29:4f:24:70:e7:65:4a:42:30:8c:94:
7a:da:59:c8:db:bf:1c:38:28:47:4d:94:d2:bc:0c:db:48:cd:
a4:60:d6:e3:f7:9f:1a:64:2a:aa:11:6a:38:05:c7:6c:db:b2:
2b:f6:da:42:6e:80:17:33:a7:1f:97:8f:04:c5:c0:5c:57:11:
72:ee:3e:10:d8:38:b1:30:e5:e7:8e:69:cc:20:a3:df:d0:27:
0f:c2:37:5a:27:49:90:e9:7a:15:a4:d5:a7:b6:57:07:52:1a:
6d:a1:62:01:e0:77:58:da:c7:ea:7e:b6:ef:76:1c:a6:0e:b4:
05:b5:c1:83:45:f3:10:ac:4e:32:28:47:39:9f:7d:1f:12:d6:
f5:fd:65:3e:d5:3d:34:f4:74:1b:9d:31:75:c1:ba:12:6b:7f:
47:8a:69:38:85:84:7b:5b:89:ff:c0:a0:89:50:f1:ee:ee:7b:
e0:b3:49:e2:4c:b9:7f:2c:8b:29:2a:5d:f9:76:77:e6:33:5b:
62:b9:c6:18:32:7d:36:45:e4:c7:96:f9:3b:52:03:33:fd:82:
05:6b:e1:77:57:e5:43:3b:0f:be:0b:82:ea:c5:79:ee:51:55:
04:2c:48:90:5c:82:69:f0:7b:7c:af:f8:a7:56:d3:b1:2d:28:
42:9b:e4:9c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY5Q42q5SXeEh+YjzrMxgeA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMzZhMTA2Y2VjZGViYTkyZTBiODBlNWU5YTVjNzg5YmE3
NGM2MmIwHhcNMjQwMzE4MDkyNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmRiN2UzYWVhYWM1OTc4NjI5MDIwNjRiZjM4YTJhYTM4YzI5OTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4DTD470Mo+0Q/jUAMY4WFbuRcSN
LVxKJU3Ytv2j5gOT/JbFDPat5YFur0QjXjd3HhsLZxqV2PiBYjLcmZ06NLYE1KXd
aGuBgXk5O4QSwfnFvlPHdvTK+Qesk9Tug6LEWxAMNDKbbGJ2S2SMJH6ObcG/f5QS
SherCZj3XFqmXsdZbXMOZ3w2YfRdxSc2MUfkFplPMXrdPzu7FXbd6QvZ62uQ6B8G
KpCOwNhtC904kVc6MmGMYmv7dBKoAiSuodMt7Ixa1+yZgTVo64lQyKXj/FgcLdD5
PxnCoS/MoGBSCPbGjVGaG8+xLXYzdhrf4KHMDvV49/FUjmIJegPToL9fgQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLvbfjrqrFl4YpAgZL84oqo4wpkjMB8GA1UdIwQY
MBaAFFM2oQbOzeupLguA5emlx4m6dMYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXphaEJzN042Nmt1QzREbDZhWEhpYnAweGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yNjY5ZWUtNGJhNy00MTEwLTgzNzAt
ZGQ4MDNjNWI4NWRiLzEvdTl0LU91cXNXWGhpa0NCa3Z6aWlxampDbVNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yNjY5ZWUtNGJhNy00MTEwLTgzNzAtZGQ4MDNjNWI4NWRi
LzEvVXphaEJzN042Nmt1QzREbDZhWEhpYnAweGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQDVXbAAwQD
W1wIAwQDXXtYAwQDXpyIAwQGlT7AAwQAwcGrAwQAwcG2AwQAwcKTAwQAwcKbMA0G
CSqGSIb3DQEBCwUAA4IBAQAjih+CYaD5KU8kcOdlSkIwjJR62lnI278cOChHTZTS
vAzbSM2kYNbj958aZCqqEWo4Bcds27Ir9tpCboAXM6cfl48ExcBcVxFy7j4Q2Dix
MOXnjmnMIKPf0CcPwjdaJ0mQ6XoVpNWntlcHUhptoWIB4HdY2sfqfrbvdhymDrQF
tcGDRfMQrE4yKEc5n30fEtb1/WU+1T009HQbnTF1wboSa39Himk4hYR7W4n/wKCJ
UPHu7nvgs0niTLl/LIspKl35dnfmM1tiucYYMn02ReTHlvk7UgMz/YIFa+F3V+VD
Ow++C4LqxXnuUVUELEiQXIJp8Ht8r/inVtOxLShCm+Sc
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:39:50 2024 by rpki-client on console-ams.rpki-client.org