Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/U4JAbggjOgZxHS_LTP01V0JMnt4.roa
File: U4JAbggjOgZxHS_LTP01V0JMnt4.roa (raw, json)
Hash identifier: u3Ik8UoQCRAZ2FGxuLIWO4p1JbZUrEQZTsy2OYfF5oI=
Subject key identifier: 53:82:40:6E:08:23:3A:06:71:1D:2F:CB:4C:FD:35:57:42:4C:9E:DE
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 018CC500E1BBB1FAFAA34369F134C3156B31
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/U4JAbggjOgZxHS_LTP01V0JMnt4.roa
Signing time: Mon 01 Jan 2024 12:30:18 +0000
ROA not before: Mon 01 Jan 2024 12:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43962
IP address blocks: 185.123.162.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.mft
rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 02:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:e1:bb:b1:fa:fa:a3:43:69:f1:34:c3:15:6b:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Jan 1 12:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5382406e08233a06711d2fcb4cfd3557424c9ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9c:ab:ec:97:c2:81:fa:44:fe:9c:b1:3e:30:
b3:14:93:ed:e6:71:59:97:93:77:6a:c9:e7:09:1d:
e9:3a:56:3c:82:f9:42:c7:0b:f2:29:10:d9:77:0f:
bf:94:07:63:36:7b:27:74:ea:8e:4e:10:64:f4:15:
33:03:a5:0a:7c:cc:77:46:dc:c5:c6:2e:32:c6:54:
88:f4:5c:1f:8a:7a:48:fd:38:84:6b:35:7b:46:24:
ff:04:e2:41:65:47:27:17:42:37:82:25:a2:43:19:
88:d9:86:96:3b:76:1a:57:23:88:1b:23:7e:84:0d:
10:41:cd:32:b3:4d:61:48:ab:20:bd:28:ca:32:ca:
ea:c2:6b:f1:bc:3c:bc:1c:e3:58:8e:c8:2e:b8:f2:
fd:14:40:b7:5d:bb:fc:b7:a7:b5:11:1b:21:f4:1e:
f9:88:90:78:9f:1b:53:3b:3c:0a:50:3b:6a:a4:2c:
06:68:56:e5:87:92:e2:1b:94:7c:c7:49:c4:ce:87:
ef:92:d2:d0:5d:04:d5:e3:75:49:f9:f0:fd:b0:22:
bd:11:b4:af:be:75:a6:99:60:2c:ae:e0:4a:19:8f:
e6:05:8a:69:30:2e:25:8b:39:b4:ad:5f:92:dd:4d:
5f:ae:3e:65:4b:61:22:c3:58:2d:b1:dc:f1:ef:3e:
c9:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:82:40:6E:08:23:3A:06:71:1D:2F:CB:4C:FD:35:57:42:4C:9E:DE
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/U4JAbggjOgZxHS_LTP01V0JMnt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.162.0/23
Signature Algorithm: sha256WithRSAEncryption
48:b4:4c:72:22:f7:b3:e9:a8:98:17:74:97:2e:ca:56:8c:99:
80:54:9f:e8:44:ea:e6:f3:a2:a2:04:80:c0:8b:10:71:72:d0:
f0:63:79:a9:54:dc:dc:fb:de:7e:7f:0b:58:53:ca:96:a3:03:
37:cf:24:c8:5e:cc:0d:cc:0f:3c:bf:cd:f4:c7:6f:f0:ba:64:
df:17:4e:2b:53:48:7a:44:ab:de:39:e6:a7:c3:d2:ab:f2:fe:
30:03:4e:8d:78:97:92:d5:69:e1:cf:b5:47:ed:d5:b0:a6:a9:
d9:46:a9:dc:bc:5c:18:45:d4:8f:a3:42:49:47:aa:c3:c2:e5:
66:eb:2f:54:57:16:b6:1c:89:83:cd:27:31:0d:30:08:a2:31:
1c:2a:96:72:17:44:02:e8:2f:be:e9:a1:ec:b4:39:74:d2:fe:
55:b9:a0:da:81:10:d9:58:b3:d0:83:43:67:3f:11:42:4f:44:
9f:86:75:82:b0:45:19:24:c8:3a:3e:9e:c7:61:7f:b0:0f:e7:
2d:47:e1:d4:47:0d:8b:13:77:cb:f7:79:92:06:04:95:92:fc:
40:de:22:96:08:f0:2a:ef:b6:8e:69:24:49:57:95:c3:11:f5:
4c:3d:39:36:ba:25:c4:d0:f7:ad:65:a0:aa:ef:c2:fc:82:e2:
2d:10:00:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAOG7sfr6o0Np8TTDFWsxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw
N2IzNDMwHhcNMjQwMTAxMTIzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzgyNDA2ZTA4MjMzYTA2NzExZDJmY2I0Y2ZkMzU1NzQyNGM5ZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpyr7JfCgfpE/pyxPjCzFJPt5nFZ
l5N3asnnCR3pOlY8gvlCxwvyKRDZdw+/lAdjNnsndOqOThBk9BUzA6UKfMx3RtzF
xi4yxlSI9FwfinpI/TiEazV7RiT/BOJBZUcnF0I3giWiQxmI2YaWO3YaVyOIGyN+
hA0QQc0ys01hSKsgvSjKMsrqwmvxvDy8HONYjsguuPL9FEC3Xbv8t6e1ERsh9B75
iJB4nxtTOzwKUDtqpCwGaFblh5LiG5R8x0nEzofvktLQXQTV43VJ+fD9sCK9EbSv
vnWmmWAsruBKGY/mBYppMC4lizm0rV+S3U1frj5lS2Eiw1gtsdzx7z7JtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFOCQG4IIzoGcR0vy0z9NVdCTJ7eMB8GA1UdIwQY
MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt
Mjk3ZTI4MmQ2NmE4LzEvVTRKQWJnZ2pPZ1p4SFNfTFRQMDFWMEpNbnQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4
LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuXuiMA0G
CSqGSIb3DQEBCwUAA4IBAQBItExyIvez6aiYF3SXLspWjJmAVJ/oROrm86KiBIDA
ixBxctDwY3mpVNzc+95+fwtYU8qWowM3zyTIXswNzA88v830x2/wumTfF04rU0h6
RKveOeanw9Kr8v4wA06NeJeS1Wnhz7VH7dWwpqnZRqncvFwYRdSPo0JJR6rDwuVm
6y9UVxa2HImDzScxDTAIojEcKpZyF0QC6C++6aHstDl00v5VuaDagRDZWLPQg0Nn
PxFCT0SfhnWCsEUZJMg6Pp7HYX+wD+ctR+HURw2LE3fL93mSBgSVkvxA3iKWCPAq
77aOaSRJV5XDEfVMPTk2uiXE0PetZaCq78L8guItEAAv
-----END CERTIFICATE-----
Generated at Mon Jun 17 09:17:25 2024 by rpki-client on console-ams.rpki-client.org