Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/eb3e03-3968-4db2-bf80-43f6ae520b1a/1/UfP1jcvhaKhZ4N9baemn739hMZw.roa
File: UfP1jcvhaKhZ4N9baemn739hMZw.roa (raw, json)
Hash identifier: MuCOcHc+mI4rgvXD4fWxcsGU3Wb/9s/pweK/wybRYGY=
Subject key identifier: 51:F3:F5:8D:CB:E1:68:A8:59:E0:DF:5B:69:E9:A7:EF:7F:61:31:9C
Certificate issuer: /CN=897c1a88c9c89ae94254e2241c788e97c1ff3e48
Certificate serial: 018CC5DC3E4DF254D92891BFF8B7C9963FBB
Authority key identifier: 89:7C:1A:88:C9:C8:9A:E9:42:54:E2:24:1C:78:8E:97:C1:FF:3E:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iXwaiMnImulCVOIkHHiOl8H_Pkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/eb3e03-3968-4db2-bf80-43f6ae520b1a/1/UfP1jcvhaKhZ4N9baemn739hMZw.roa
Signing time: Mon 01 Jan 2024 16:29:54 +0000
ROA not before: Mon 01 Jan 2024 16:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199289
IP address blocks: 185.21.233.0/24 maxlen: 24
185.21.232.0/24 maxlen: 24
185.21.234.0/24 maxlen: 24
185.21.235.0/24 maxlen: 24
2a00:5a20:5::/48 maxlen: 48
2a00:5a20::/32 maxlen: 32
2a00:5a20:3a10::/48 maxlen: 48
2a00:5a20:3::/48 maxlen: 48
2a00:5a20:9::/48 maxlen: 48
2a00:5a20:4::/48 maxlen: 48
2a00:5a20:7::/48 maxlen: 48
2a00:5a20:2::/48 maxlen: 48
2a00:5a20:8::/48 maxlen: 48
2a00:5a20:6::/48 maxlen: 48
2a00:5a20:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/eb3e03-3968-4db2-bf80-43f6ae520b1a/1/iXwaiMnImulCVOIkHHiOl8H_Pkg.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/eb3e03-3968-4db2-bf80-43f6ae520b1a/1/iXwaiMnImulCVOIkHHiOl8H_Pkg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iXwaiMnImulCVOIkHHiOl8H_Pkg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:3e:4d:f2:54:d9:28:91:bf:f8:b7:c9:96:3f:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=897c1a88c9c89ae94254e2241c788e97c1ff3e48
Validity
Not Before: Jan 1 16:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51f3f58dcbe168a859e0df5b69e9a7ef7f61319c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2d:52:8f:76:eb:41:1c:7e:ec:e1:be:cd:2f:
15:69:25:0d:8c:e0:82:37:44:c3:1f:00:89:8d:35:
d0:e9:ae:18:57:29:76:7d:62:61:55:1a:f7:f6:12:
b2:7b:af:a6:bf:6d:68:cc:d1:85:2c:89:dd:5b:e0:
1f:fc:b0:a0:97:59:a9:8c:29:34:b9:11:bf:ae:6b:
54:ba:af:04:5b:39:fc:b2:8e:83:43:f2:77:7c:8a:
a0:57:d6:93:5f:b1:e4:14:2f:23:87:a4:12:29:b4:
bd:51:86:f7:3d:8f:c5:dd:9a:4c:10:e8:d9:05:cf:
a4:24:8f:45:d7:ed:17:68:ed:96:4a:3e:e7:ef:08:
1e:38:50:fa:8a:55:86:a4:71:83:23:5e:08:86:d9:
c8:27:50:ac:1c:6c:11:7a:fe:a4:bb:78:6e:21:c1:
88:d1:28:4c:de:87:a9:69:6d:f2:54:4f:56:a3:23:
33:29:3d:c1:61:35:5f:30:4b:e0:ee:f8:4a:6e:98:
3c:8d:45:e8:b4:bf:2f:5a:39:42:58:3e:24:2a:70:
ce:ba:8b:9d:1b:0d:dc:8f:97:db:12:8c:4d:32:8b:
54:ed:f4:d5:db:d6:ee:b8:72:7f:d2:88:af:d2:1f:
65:5d:a4:21:04:23:4c:4f:8d:49:12:c3:83:6d:d7:
4f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:F3:F5:8D:CB:E1:68:A8:59:E0:DF:5B:69:E9:A7:EF:7F:61:31:9C
X509v3 Authority Key Identifier:
keyid:89:7C:1A:88:C9:C8:9A:E9:42:54:E2:24:1C:78:8E:97:C1:FF:3E:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iXwaiMnImulCVOIkHHiOl8H_Pkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/eb3e03-3968-4db2-bf80-43f6ae520b1a/1/UfP1jcvhaKhZ4N9baemn739hMZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/eb3e03-3968-4db2-bf80-43f6ae520b1a/1/iXwaiMnImulCVOIkHHiOl8H_Pkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.232.0/22
IPv6:
2a00:5a20::/32
Signature Algorithm: sha256WithRSAEncryption
51:f3:31:cf:7d:62:be:1e:0d:6c:11:be:bb:35:a4:ae:cc:30:
e4:2e:ce:e5:6c:cc:6c:96:1b:79:79:e6:56:c2:fb:d7:4e:6f:
47:27:4a:36:6c:ee:ea:04:b8:25:7b:74:7c:24:4c:26:47:1e:
b7:31:1c:bd:c6:24:7e:63:b4:63:83:a2:f2:04:40:dd:3d:28:
9c:7f:c5:dc:bf:00:28:7c:1a:55:fc:c5:eb:00:b1:87:0f:a7:
40:34:7c:6c:58:d9:d9:1a:0a:ed:e1:96:c1:cd:d6:d5:74:bb:
82:76:e1:91:e0:c5:f7:c4:94:c3:aa:16:63:e5:71:9c:0d:43:
04:63:1e:3e:fa:27:80:99:3d:77:82:ba:ca:d4:a2:9b:d7:8c:
57:5d:76:26:19:8f:03:ce:48:70:0d:e6:72:9a:53:96:81:9a:
08:3e:a5:2f:56:b5:0e:eb:e3:ae:21:6f:8d:0d:3f:fa:aa:c1:
36:46:cb:b1:c8:db:15:c0:38:6a:e5:99:a1:f8:78:3d:8c:31:
35:cc:e0:19:16:d5:16:ae:ee:2c:fd:74:51:c2:e0:e6:2a:aa:
c8:c5:af:03:8f:1b:6b:5e:57:5d:f4:61:89:2a:b2:a7:8d:b8:
67:3c:9a:8b:0d:f2:5e:36:14:6d:88:15:6e:d0:1d:38:1c:8e:
c2:f8:f7:b8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3D5N8lTZKJG/+LfJlj+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5N2MxYTg4YzljODlhZTk0MjU0ZTIyNDFjNzg4ZTk3YzFm
ZjNlNDgwHhcNMjQwMTAxMTYyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWYzZjU4ZGNiZTE2OGE4NTllMGRmNWI2OWU5YTdlZjdmNjEzMTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhS1Sj3brQRx+7OG+zS8VaSUNjOCC
N0TDHwCJjTXQ6a4YVyl2fWJhVRr39hKye6+mv21ozNGFLIndW+Af/LCgl1mpjCk0
uRG/rmtUuq8EWzn8so6DQ/J3fIqgV9aTX7HkFC8jh6QSKbS9UYb3PY/F3ZpMEOjZ
Bc+kJI9F1+0XaO2WSj7n7wgeOFD6ilWGpHGDI14IhtnIJ1CsHGwRev6ku3huIcGI
0ShM3oepaW3yVE9WoyMzKT3BYTVfMEvg7vhKbpg8jUXotL8vWjlCWD4kKnDOuoud
Gw3cj5fbEoxNMotU7fTV29buuHJ/0oiv0h9lXaQhBCNMT41JEsODbddPKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFHz9Y3L4WioWeDfW2npp+9/YTGcMB8GA1UdIwQY
MBaAFIl8GojJyJrpQlTiJBx4jpfB/z5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVh3YWlNbkltdWxDVk9Ja0hIaU9sOEhfUGtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lYjNlMDMtMzk2OC00ZGIyLWJmODAt
NDNmNmFlNTIwYjFhLzEvVWZQMWpjdmhhS2haNE45YmFlbW43MzloTVp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lYjNlMDMtMzk2OC00ZGIyLWJmODAtNDNmNmFlNTIwYjFh
LzEvaVh3YWlNbkltdWxDVk9Ja0hIaU9sOEhfUGtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRXoMA0E
AgACMAcDBQAqAFogMA0GCSqGSIb3DQEBCwUAA4IBAQBR8zHPfWK+Hg1sEb67NaSu
zDDkLs7lbMxslht5eeZWwvvXTm9HJ0o2bO7qBLgle3R8JEwmRx63MRy9xiR+Y7Rj
g6LyBEDdPSicf8XcvwAofBpV/MXrALGHD6dANHxsWNnZGgrt4ZbBzdbVdLuCduGR
4MX3xJTDqhZj5XGcDUMEYx4++ieAmT13grrK1KKb14xXXXYmGY8DzkhwDeZymlOW
gZoIPqUvVrUO6+OuIW+NDT/6qsE2RsuxyNsVwDhq5Zmh+Hg9jDE1zOAZFtUWru4s
/XRRwuDmKqrIxa8DjxtrXldd9GGJKrKnjbhnPJqLDfJeNhRtiBVu0B04HI7C+Pe4
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:58:17 2024 by rpki-client on console-fra.rpki-client.org