Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/U-k5Gx1S5BVVtgOTdJlMp3KcpEg.roa
File: U-k5Gx1S5BVVtgOTdJlMp3KcpEg.roa (raw, json)
Hash identifier: b+ursV0R47VSb5T8pVKFy+iYUlCiS7Yj/B7ZD7cWCAc=
Subject key identifier: 53:E9:39:1B:1D:52:E4:15:55:B6:03:93:74:99:4C:A7:72:9C:A4:48
Certificate issuer: /CN=b9df156ee18b6958d4306b6311b4a086763eff62
Certificate serial: 018CC64B88611F029D2CC8CB90E7B4737CC0
Authority key identifier: B9:DF:15:6E:E1:8B:69:58:D4:30:6B:63:11:B4:A0:86:76:3E:FF:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/U-k5Gx1S5BVVtgOTdJlMp3KcpEg.roa
Signing time: Mon 01 Jan 2024 18:31:28 +0000
ROA not before: Mon 01 Jan 2024 18:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12779
IP address blocks: 86.105.14.0/24 maxlen: 24
91.245.234.0/24 maxlen: 24
2a0c:79c0:4::/48 maxlen: 48
2a0c:79c0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/ud8VbuGLaVjUMGtjEbSghnY-_2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/ud8VbuGLaVjUMGtjEbSghnY-_2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:88:61:1f:02:9d:2c:c8:cb:90:e7:b4:73:7c:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9df156ee18b6958d4306b6311b4a086763eff62
Validity
Not Before: Jan 1 18:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53e9391b1d52e41555b6039374994ca7729ca448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6d:f3:50:c3:63:c1:f7:70:bb:96:a5:d3:33:
14:c6:85:50:e6:45:9f:1e:a2:4c:f4:f0:14:ef:84:
a1:a4:b3:d3:f9:47:a0:3f:9b:c5:fa:8b:fc:3b:96:
ff:a2:74:19:9c:58:15:41:9e:03:fd:20:c7:0b:69:
17:27:2c:05:78:a4:73:65:64:16:be:01:86:05:56:
ad:0e:06:7f:47:20:ab:44:0d:3a:d7:8a:19:4c:5e:
5e:b5:4d:62:91:53:63:34:37:56:c2:cf:46:75:0b:
f4:f2:58:21:ea:ec:69:00:2c:20:63:43:90:01:8e:
27:37:da:7a:60:f1:4f:16:97:04:00:a3:c3:85:8d:
fb:27:1d:ec:4b:7b:49:79:9e:b5:5d:42:81:93:5f:
bb:91:d0:13:e6:0d:69:fa:ac:b6:bc:55:57:43:ef:
0c:fb:93:1b:d8:dd:24:37:3f:a3:d3:cb:98:ba:2b:
cf:44:30:7d:25:e5:86:e3:63:f9:dd:71:7e:6d:ca:
ad:05:90:b2:1f:f9:0b:d9:63:7f:5e:8f:5a:d7:60:
76:9d:52:75:77:40:cd:24:7d:4c:9f:79:e0:91:86:
81:2b:87:8c:72:49:53:fe:fa:d2:b1:0d:7f:35:b4:
45:6d:87:01:df:78:51:0c:65:d3:47:e1:41:9c:10:
d8:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:E9:39:1B:1D:52:E4:15:55:B6:03:93:74:99:4C:A7:72:9C:A4:48
X509v3 Authority Key Identifier:
keyid:B9:DF:15:6E:E1:8B:69:58:D4:30:6B:63:11:B4:A0:86:76:3E:FF:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/U-k5Gx1S5BVVtgOTdJlMp3KcpEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/ud8VbuGLaVjUMGtjEbSghnY-_2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.14.0/24
91.245.234.0/24
IPv6:
2a0c:79c0:2::/48
2a0c:79c0:4::/48
Signature Algorithm: sha256WithRSAEncryption
31:d6:21:4c:b5:47:bf:27:2f:8f:da:b9:b9:de:d1:e1:c5:bc:
a5:8f:fe:2a:7c:66:8b:92:96:64:2c:fe:62:ad:95:8e:98:34:
f6:4a:e9:b3:c0:66:35:7d:c6:3c:e5:d7:aa:0b:68:8e:e6:1d:
7f:86:4c:e6:59:a1:69:0e:97:74:4a:22:8a:51:e8:31:9a:06:
cd:fa:d7:89:40:b1:f6:d2:4a:0a:94:b9:ba:4f:0c:ce:d1:ab:
e0:ba:16:18:76:90:60:9d:45:e2:69:29:65:4d:8c:7f:5b:2d:
ff:9f:2a:7a:05:66:ee:d4:21:18:ba:2c:ea:2b:43:41:37:64:
23:4d:ae:b9:1c:22:0a:d8:6c:07:a2:57:d4:45:61:4f:a3:71:
0a:c9:a9:12:ed:97:4a:ed:ed:93:3a:af:85:c4:53:52:61:06:
63:29:c8:a2:50:c8:2b:a6:2a:49:b1:28:58:5c:8d:be:e6:ec:
9f:09:a4:ac:9d:6e:27:e8:49:be:33:cc:0c:c7:1c:34:b0:13:
08:09:fd:f1:2b:68:06:e2:59:23:c6:81:df:48:14:2b:aa:cc:
7c:24:5e:31:c9:df:ef:74:0a:b7:4d:97:e1:2f:f1:20:81:39:
20:7e:6e:5d:91:4f:33:22:3b:79:41:65:75:12:e2:c7:1d:14:
2e:04:d1:83
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzGS4hhHwKdLMjLkOe0c3zAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZGYxNTZlZTE4YjY5NThkNDMwNmI2MzExYjRhMDg2NzYz
ZWZmNjIwHhcNMjQwMTAxMTgzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2U5MzkxYjFkNTJlNDE1NTViNjAzOTM3NDk5NGNhNzcyOWNhNDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm23zUMNjwfdwu5al0zMUxoVQ5kWf
HqJM9PAU74ShpLPT+UegP5vF+ov8O5b/onQZnFgVQZ4D/SDHC2kXJywFeKRzZWQW
vgGGBVatDgZ/RyCrRA0614oZTF5etU1ikVNjNDdWws9GdQv08lgh6uxpACwgY0OQ
AY4nN9p6YPFPFpcEAKPDhY37Jx3sS3tJeZ61XUKBk1+7kdAT5g1p+qy2vFVXQ+8M
+5Mb2N0kNz+j08uYuivPRDB9JeWG42P53XF+bcqtBZCyH/kL2WN/Xo9a12B2nVJ1
d0DNJH1Mn3ngkYaBK4eMcklT/vrSsQ1/NbRFbYcB33hRDGXTR+FBnBDYKwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFPpORsdUuQVVbYDk3SZTKdynKRIMB8GA1UdIwQY
MBaAFLnfFW7hi2lY1DBrYxG0oIZ2Pv9iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWQ4VmJ1R0xhVmpVTUd0akViU2doblktXzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9kNjQ2MWYtMTdlMy00OTg2LWE1ZjYt
NzJhNGIzYTliYjQ0LzEvVS1rNUd4MVM1QlZWdGdPVGRKbE1wM0tjcEVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9kNjQ2MWYtMTdlMy00OTg2LWE1ZjYtNzJhNGIzYTliYjQ0
LzEvdWQ4VmJ1R0xhVmpVTUd0akViU2doblktXzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAVmkOAwQA
W/XqMBgEAgACMBIDBwAqDHnAAAIDBwAqDHnAAAQwDQYJKoZIhvcNAQELBQADggEB
ADHWIUy1R78nL4/aubne0eHFvKWP/ip8ZouSlmQs/mKtlY6YNPZK6bPAZjV9xjzl
16oLaI7mHX+GTOZZoWkOl3RKIopR6DGaBs3614lAsfbSSgqUubpPDM7Rq+C6Fhh2
kGCdReJpKWVNjH9bLf+fKnoFZu7UIRi6LOorQ0E3ZCNNrrkcIgrYbAeiV9RFYU+j
cQrJqRLtl0rt7ZM6r4XEU1JhBmMpyKJQyCumKkmxKFhcjb7m7J8JpKydbifoSb4z
zAzHHDSwEwgJ/fEraAbiWSPGgd9IFCuqzHwkXjHJ3+90CrdNl+Ev8SCBOSB+bl2R
TzMiO3lBZXUS4scdFC4E0YM=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:21:12 2024 by rpki-client on console-fra.rpki-client.org