Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/upkCue1jQTPqazKOQdrp3mqcai0.roa
File: upkCue1jQTPqazKOQdrp3mqcai0.roa (raw, json)
Hash identifier: mN5Mm3CtwyZLSQk4+vAqHOhQ7Bw7yrm0KCN6tUonSD0=
Subject key identifier: BA:99:02:B9:ED:63:41:33:EA:6B:32:8E:41:DA:E9:DE:6A:9C:6A:2D
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 019204CC93D9FBEDF4B834977135836530EA
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/upkCue1jQTPqazKOQdrp3mqcai0.roa
Signing time: Wed 18 Sep 2024 11:02:48 +0000
ROA not before: Wed 18 Sep 2024 11:02:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 91.225.225.0/24 maxlen: 24
91.225.226.0/24 maxlen: 24
91.225.227.0/24 maxlen: 24
188.191.98.0/24 maxlen: 24
188.191.101.0/24 maxlen: 24
188.191.103.0/24 maxlen: 24
188.191.106.0/24 maxlen: 24
188.191.109.0/24 maxlen: 24
188.191.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.mft
rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:04:cc:93:d9:fb:ed:f4:b8:34:97:71:35:83:65:30:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Sep 18 11:02:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba9902b9ed634133ea6b328e41dae9de6a9c6a2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:99:c0:cf:7b:2e:5f:e6:8f:6d:4d:59:4a:b6:
9c:cf:d5:55:63:32:a3:d0:f2:54:0b:59:98:bb:ee:
da:e9:bd:70:e8:78:97:bd:6d:d3:23:63:46:cd:5a:
ba:a4:44:cd:cd:c0:20:cc:30:08:b4:3b:17:a7:d2:
78:9a:5e:cd:51:60:32:d7:f8:31:0a:e9:44:a6:74:
af:8d:75:33:64:36:16:4d:be:78:49:e1:c4:f1:fe:
2d:7e:9d:74:96:b2:6b:c7:bc:59:e1:41:8b:be:39:
ac:91:f5:b4:80:8a:0e:f8:b3:25:39:ae:c2:bb:4b:
8a:b3:24:f6:41:b3:95:18:39:af:4c:98:53:45:ed:
6b:4e:c2:f7:2f:53:29:aa:e1:25:c6:fc:fc:16:70:
0f:12:70:e0:8e:9d:c5:1d:a2:83:3c:7b:0c:f2:14:
ab:70:7d:06:d0:9e:56:e2:1e:cb:e9:04:d5:89:78:
e4:82:48:e9:c6:c1:0b:a6:f6:c7:c7:af:ff:33:29:
41:30:c7:8a:85:ac:c0:98:00:6b:00:d6:ca:fa:cf:
75:d0:ed:b7:a0:35:2d:37:2c:fe:2f:cb:3d:60:25:
80:1e:f5:be:12:34:39:db:6d:2b:d5:66:fe:d3:62:
d7:a5:53:9b:69:58:ea:60:fa:dd:33:59:fc:1f:7d:
2a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:99:02:B9:ED:63:41:33:EA:6B:32:8E:41:DA:E9:DE:6A:9C:6A:2D
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/upkCue1jQTPqazKOQdrp3mqcai0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.225.0-91.225.227.255
188.191.98.0/24
188.191.101.0/24
188.191.103.0/24
188.191.106.0/24
188.191.109.0-188.191.110.255
Signature Algorithm: sha256WithRSAEncryption
35:45:8f:f8:63:15:5f:16:7c:d7:4f:1e:23:1b:b9:eb:0c:b9:
06:c2:3f:d8:1e:dd:a5:77:11:2b:66:f9:6c:ce:ee:6f:10:10:
97:63:aa:1b:51:3d:d2:89:73:3e:dc:89:bf:31:91:3a:9f:56:
fe:f6:b6:e6:eb:b1:fa:d7:b8:a8:d5:57:25:1f:be:20:c6:46:
81:2d:e4:f7:73:ba:5f:83:38:53:a3:0b:ab:9f:70:b7:d8:5e:
b6:f8:80:3a:01:48:a4:00:2a:99:9b:0a:3d:9d:9b:57:cc:bf:
d0:09:26:91:ed:55:fe:69:76:c4:00:2e:8f:2c:25:6b:ac:87:
e2:c8:9f:98:6c:29:28:f1:ef:fb:3a:2d:e4:01:9f:c0:13:af:
b2:76:01:ae:42:3f:a1:9b:47:c7:ca:7b:4a:e6:85:b5:fa:7d:
88:8b:20:07:5a:79:47:0c:37:cb:54:9b:0d:8e:b2:8d:ea:4a:
cb:44:b3:9a:87:ed:c2:4b:a2:67:27:32:3b:a5:96:14:a6:de:
82:1e:6c:0a:90:f4:fa:96:ea:30:9c:dd:b4:8e:f6:ca:c7:27:
b4:4a:10:be:17:ef:21:d9:a1:7d:bd:87:38:c9:67:1e:34:ff:
b7:77:6f:f8:83:dc:ba:95:51:c8:dc:33:ff:ad:84:94:86:ce:
0e:0d:01:e2
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZIEzJPZ++30uDSXcTWDZTDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjQwOTE4MTEwMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTk5MDJiOWVkNjM0MTMzZWE2YjMyOGU0MWRhZTlkZTZhOWM2YTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpnAz3suX+aPbU1ZSracz9VVYzKj
0PJUC1mYu+7a6b1w6HiXvW3TI2NGzVq6pETNzcAgzDAItDsXp9J4ml7NUWAy1/gx
CulEpnSvjXUzZDYWTb54SeHE8f4tfp10lrJrx7xZ4UGLvjmskfW0gIoO+LMlOa7C
u0uKsyT2QbOVGDmvTJhTRe1rTsL3L1MpquElxvz8FnAPEnDgjp3FHaKDPHsM8hSr
cH0G0J5W4h7L6QTViXjkgkjpxsELpvbHx6//MylBMMeKhazAmABrANbK+s910O23
oDUtNyz+L8s9YCWAHvW+EjQ5220r1Wb+02LXpVObaVjqYPrdM1n8H30qGwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFLqZArntY0Ez6msyjkHa6d5qnGotMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvdXBrQ3VlMWpRVFBxYXpLT1FkcnAzbXFjYWkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBABb4eED
BAJb4eADBAC8v2IDBAC8v2UDBAC8v2cDBAC8v2owDAMEALy/bQMEALy/bjANBgkq
hkiG9w0BAQsFAAOCAQEANUWP+GMVXxZ8108eIxu56wy5BsI/2B7dpXcRK2b5bM7u
bxAQl2OqG1E90olzPtyJvzGROp9W/va25uux+te4qNVXJR++IMZGgS3k93O6X4M4
U6MLq59wt9hetviAOgFIpAAqmZsKPZ2bV8y/0Akmke1V/ml2xAAujywla6yH4sif
mGwpKPHv+zot5AGfwBOvsnYBrkI/oZtHx8p7SuaFtfp9iIsgB1p5Rww3y1SbDY6y
jepKy0SzmoftwkuiZycyO6WWFKbegh5sCpD0+pbqMJzdtI72yscntEoQvhfvIdmh
fb2HOMlnHjT/t3dv+IPcupVRyNwz/62ElIbODg0B4g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:13:19 2024 by rpki-client on console-ams.rpki-client.org