Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/735d37-391a-4aa2-ac83-0b36ac8e23c7/1/Uc5eMO988jyf0m8rMUKO-r9c77s.roa
File: Uc5eMO988jyf0m8rMUKO-r9c77s.roa (raw, json)
Hash identifier: iY195VbDDA37GBObcjrIbBx6HJAlDz3pEg4QhuTKvYY=
Subject key identifier: 51:CE:5E:30:EF:7C:F2:3C:9F:D2:6F:2B:31:42:8E:FA:BF:5C:EF:BB
Certificate issuer: /CN=0e36a05fae760691f70cfb5b4f6249947abade87
Certificate serial: 018CC26D6FB1816D604BF7B9D0DF8C49C8F8
Authority key identifier: 0E:36:A0:5F:AE:76:06:91:F7:0C:FB:5B:4F:62:49:94:7A:BA:DE:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DjagX652BpH3DPtbT2JJlHq63oc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/735d37-391a-4aa2-ac83-0b36ac8e23c7/1/Uc5eMO988jyf0m8rMUKO-r9c77s.roa
Signing time: Mon 01 Jan 2024 00:30:01 +0000
ROA not before: Mon 01 Jan 2024 00:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3290
IP address blocks: 185.124.245.0/24 maxlen: 24
185.124.246.0/24 maxlen: 24
185.124.244.0/24 maxlen: 24
185.124.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/735d37-391a-4aa2-ac83-0b36ac8e23c7/1/DjagX652BpH3DPtbT2JJlHq63oc.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/735d37-391a-4aa2-ac83-0b36ac8e23c7/1/DjagX652BpH3DPtbT2JJlHq63oc.mft
rsync://rpki.ripe.net/repository/DEFAULT/DjagX652BpH3DPtbT2JJlHq63oc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:6f:b1:81:6d:60:4b:f7:b9:d0:df:8c:49:c8:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e36a05fae760691f70cfb5b4f6249947abade87
Validity
Not Before: Jan 1 00:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51ce5e30ef7cf23c9fd26f2b31428efabf5cefbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1d:77:c7:9a:6a:07:2a:7d:6b:15:f1:7b:66:
69:0b:a9:e0:d5:2e:13:1e:9e:fc:08:10:f4:24:3c:
53:dc:69:16:fd:09:46:6b:44:b7:19:0c:4b:ac:ec:
6b:c0:ab:3c:a4:40:3d:75:08:94:83:67:bc:3c:a3:
25:86:be:7d:a7:eb:7b:22:f7:a9:c4:de:56:f4:39:
da:2c:03:7b:68:c3:bd:28:c5:3e:f9:94:f1:b4:9b:
01:67:18:b0:f5:43:c3:e8:15:39:75:b9:f3:16:01:
6c:86:74:a9:55:55:c1:80:96:7c:29:15:28:52:a3:
57:bd:3d:72:18:d2:a7:4f:44:8e:dd:0e:e8:3a:6a:
26:a7:08:c2:83:57:7b:e8:fd:21:2e:b1:b4:c8:7e:
be:a3:3a:88:c5:dc:7a:dc:7a:a3:f8:26:2f:f3:b0:
4e:75:1b:d8:f5:45:39:ff:d9:31:b5:39:78:be:63:
cd:9f:fe:da:ae:6d:08:f6:7d:81:94:b2:85:c0:f0:
96:a0:8c:41:e9:71:eb:81:ce:7b:64:e5:29:45:61:
02:9c:2b:2b:f1:32:10:ca:9f:e3:ef:f4:09:83:b3:
2d:9b:dc:ed:7b:1b:45:59:01:d5:73:6b:01:65:48:
bf:b3:7c:b9:c5:ae:25:6f:6a:3c:88:d2:eb:eb:cc:
72:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:CE:5E:30:EF:7C:F2:3C:9F:D2:6F:2B:31:42:8E:FA:BF:5C:EF:BB
X509v3 Authority Key Identifier:
keyid:0E:36:A0:5F:AE:76:06:91:F7:0C:FB:5B:4F:62:49:94:7A:BA:DE:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DjagX652BpH3DPtbT2JJlHq63oc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/735d37-391a-4aa2-ac83-0b36ac8e23c7/1/Uc5eMO988jyf0m8rMUKO-r9c77s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/735d37-391a-4aa2-ac83-0b36ac8e23c7/1/DjagX652BpH3DPtbT2JJlHq63oc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.244.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:cf:a1:87:39:dc:23:3f:b1:07:e6:b7:b3:49:61:e6:1c:6d:
fd:49:98:da:9a:7b:7c:a7:de:51:f7:dd:e1:5d:78:26:80:e9:
3c:b4:73:31:e8:26:c8:58:c8:54:5c:a1:1d:01:8a:47:32:3b:
8e:b8:4c:87:2c:55:52:b1:0c:f7:4c:52:71:1f:03:65:c7:7c:
71:9f:73:42:ac:db:e4:8e:76:98:a0:d0:97:50:7b:7d:8b:40:
38:5b:b1:9a:0d:82:85:e8:67:d0:5b:ae:c9:08:98:58:34:4d:
b4:13:5c:37:8f:ce:72:7d:31:e5:f7:dd:90:af:8c:42:4e:28:
b3:b9:d2:a4:ee:01:71:dd:21:3c:07:b2:74:34:18:9a:c0:c7:
08:2c:12:f9:52:ef:2e:f8:d4:d0:0d:fc:42:34:42:24:38:3a:
08:9d:0d:0b:4c:02:c4:dd:27:e8:ba:a5:af:78:b9:51:bb:d0:
2f:42:43:a2:10:12:47:a8:b4:0a:63:66:44:82:0a:c6:5c:2f:
4c:0f:ab:3f:b5:de:10:f9:1c:a5:a5:fc:7b:23:50:b1:53:2c:
27:4c:6e:a4:b4:40:6d:27:d4:26:83:8c:13:99:b2:ef:b6:80:
40:ed:c3:db:11:f5:6c:c7:6f:a8:fc:31:d5:6a:b8:1e:f7:06:
58:fd:3f:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbW+xgW1gS/e50N+MScj4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMzZhMDVmYWU3NjA2OTFmNzBjZmI1YjRmNjI0OTk0N2Fi
YWRlODcwHhcNMjQwMTAxMDAzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWNlNWUzMGVmN2NmMjNjOWZkMjZmMmIzMTQyOGVmYWJmNWNlZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApB13x5pqByp9axXxe2ZpC6ng1S4T
Hp78CBD0JDxT3GkW/QlGa0S3GQxLrOxrwKs8pEA9dQiUg2e8PKMlhr59p+t7Ivep
xN5W9DnaLAN7aMO9KMU++ZTxtJsBZxiw9UPD6BU5dbnzFgFshnSpVVXBgJZ8KRUo
UqNXvT1yGNKnT0SO3Q7oOmompwjCg1d76P0hLrG0yH6+ozqIxdx63Hqj+CYv87BO
dRvY9UU5/9kxtTl4vmPNn/7arm0I9n2BlLKFwPCWoIxB6XHrgc57ZOUpRWECnCsr
8TIQyp/j7/QJg7Mtm9ztextFWQHVc2sBZUi/s3y5xa4lb2o8iNLr68xyhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFHOXjDvfPI8n9JvKzFCjvq/XO+7MB8GA1UdIwQY
MBaAFA42oF+udgaR9wz7W09iSZR6ut6HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGphZ1g2NTJCcEgzRFB0YlQySkpsSHE2M29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83MzVkMzctMzkxYS00YWEyLWFjODMt
MGIzNmFjOGUyM2M3LzEvVWM1ZU1POTg4anlmMG04ck1VS08tcjljNzdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83MzVkMzctMzkxYS00YWEyLWFjODMtMGIzNmFjOGUyM2M3
LzEvRGphZ1g2NTJCcEgzRFB0YlQySkpsSHE2M29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXz0MA0G
CSqGSIb3DQEBCwUAA4IBAQC2z6GHOdwjP7EH5rezSWHmHG39SZjamnt8p95R993h
XXgmgOk8tHMx6CbIWMhUXKEdAYpHMjuOuEyHLFVSsQz3TFJxHwNlx3xxn3NCrNvk
jnaYoNCXUHt9i0A4W7GaDYKF6GfQW67JCJhYNE20E1w3j85yfTHl992Qr4xCTiiz
udKk7gFx3SE8B7J0NBiawMcILBL5Uu8u+NTQDfxCNEIkODoInQ0LTALE3SfouqWv
eLlRu9AvQkOiEBJHqLQKY2ZEggrGXC9MD6s/td4Q+Rylpfx7I1CxUywnTG6ktEBt
J9Qmg4wTmbLvtoBA7cPbEfVsx2+o/DHVarge9wZY/T+b
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:09:52 2024 by rpki-client on console-ams.rpki-client.org