Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/UumEUPJWdKnwH4j39WfGKzBfftU.roa
File: UumEUPJWdKnwH4j39WfGKzBfftU.roa (raw, json)
Hash identifier: QLC3oswocz9VQVbcnuKdu/DwWC0lg+m7Hg+gfzxKRfI=
Subject key identifier: 52:E9:84:50:F2:56:74:A9:F0:1F:88:F7:F5:67:C6:2B:30:5F:7E:D5
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 019225677030A2685FD3B84D177B690B398A
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/UumEUPJWdKnwH4j39WfGKzBfftU.roa
Signing time: Tue 24 Sep 2024 18:59:48 +0000
ROA not before: Tue 24 Sep 2024 18:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214268
IP address blocks: 31.41.12.0/23 maxlen: 23
178.217.160.0/22 maxlen: 24
178.217.164.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:25:67:70:30:a2:68:5f:d3:b8:4d:17:7b:69:0b:39:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: Sep 24 18:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52e98450f25674a9f01f88f7f567c62b305f7ed5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d7:c4:80:7e:5e:f2:a2:37:55:9a:b5:1e:18:
ec:f6:12:12:e8:85:e6:05:97:f4:c5:d2:96:83:3a:
89:f2:fb:59:97:e0:03:93:0b:06:2c:4e:f5:1e:0f:
29:17:91:90:3d:3a:e8:08:3c:7b:61:5c:38:8f:d6:
d5:3f:a5:c8:c5:ab:4c:d8:1e:56:89:8b:16:88:9a:
0d:4b:47:74:69:1a:1c:cf:61:6f:b1:62:0f:e2:91:
65:30:39:03:d3:7f:aa:65:a8:11:a4:53:3e:40:1b:
2d:fd:bf:b3:cd:2e:f1:76:4d:25:7f:c2:83:5c:11:
b4:95:dc:ad:c3:db:b6:af:aa:80:4b:58:c7:f1:07:
33:67:2f:97:87:5c:07:e2:24:53:68:51:94:24:3e:
4f:16:72:ee:2f:98:98:91:dd:e9:cc:84:43:90:25:
7e:e6:b3:71:ce:91:cc:ae:27:be:82:64:0d:74:97:
b9:5b:f6:38:57:ee:95:89:6b:74:71:8b:a9:e9:a8:
fe:75:19:df:68:e8:5a:57:49:3a:8a:8a:b7:dc:a5:
9d:a4:79:d6:9a:e0:6d:0f:8f:98:dd:9b:1f:56:6a:
e4:fe:b4:a6:60:ef:71:f9:ae:d0:dd:89:32:48:f9:
22:2e:4e:ed:c1:7e:bf:ff:13:53:dc:77:21:13:68:
da:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E9:84:50:F2:56:74:A9:F0:1F:88:F7:F5:67:C6:2B:30:5F:7E:D5
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/UumEUPJWdKnwH4j39WfGKzBfftU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.12.0/23
178.217.160.0/21
Signature Algorithm: sha256WithRSAEncryption
9f:45:7c:fa:39:d2:fb:15:00:18:17:98:39:f7:29:d9:3d:94:
48:02:e1:b8:a9:01:2c:07:59:cc:4c:32:1f:d9:4e:6e:cf:0e:
1c:d7:6d:c8:03:d3:61:91:6f:2a:bb:a6:56:61:f5:07:df:4b:
03:89:d9:c4:b4:3a:45:cb:85:9c:63:e0:9e:e0:17:f1:ac:12:
22:1c:63:6f:e4:c3:7d:c9:59:c6:fc:14:9f:fc:d4:bb:ae:d2:
da:2d:f7:10:dc:fb:c2:c5:8a:27:84:13:f9:54:a3:98:c9:96:
16:3d:23:83:f7:ff:c8:4a:79:eb:b7:8d:b1:28:79:47:15:3b:
6a:0e:7d:5f:d0:3f:29:e9:aa:c8:10:be:ed:5c:31:19:ba:8f:
e5:c9:7e:ad:6a:ec:74:19:9a:d7:41:f8:ec:b5:45:8e:16:4d:
88:be:2e:66:31:a0:2c:07:da:57:d5:d7:b7:e0:30:41:be:df:
a5:72:99:53:64:93:15:1f:ba:0e:bd:b1:23:f8:da:08:3a:aa:
da:45:a1:cc:70:c5:83:a6:6a:a5:e3:dc:ee:15:6c:37:5b:67:
90:0a:81:01:84:75:7a:f9:ce:2c:2d:a1:f7:62:a8:55:42:aa:
75:68:9e:78:e0:b8:0e:39:f6:0c:14:f0:de:bc:7f:06:4c:cf:
0b:dd:15:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIlZ3Awomhf07hNF3tpCzmKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh
NTAyNTAwHhcNMjQwOTI0MTg1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmU5ODQ1MGYyNTY3NGE5ZjAxZjg4ZjdmNTY3YzYyYjMwNWY3ZWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdfEgH5e8qI3VZq1Hhjs9hIS6IXm
BZf0xdKWgzqJ8vtZl+ADkwsGLE71Hg8pF5GQPTroCDx7YVw4j9bVP6XIxatM2B5W
iYsWiJoNS0d0aRocz2FvsWIP4pFlMDkD03+qZagRpFM+QBst/b+zzS7xdk0lf8KD
XBG0ldytw9u2r6qAS1jH8QczZy+Xh1wH4iRTaFGUJD5PFnLuL5iYkd3pzIRDkCV+
5rNxzpHMrie+gmQNdJe5W/Y4V+6ViWt0cYup6aj+dRnfaOhaV0k6ioq33KWdpHnW
muBtD4+Y3ZsfVmrk/rSmYO9x+a7Q3YkySPkiLk7twX6//xNT3HchE2jacQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFLphFDyVnSp8B+I9/VnxiswX37VMB8GA1UdIwQY
MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt
YjY2ZmE0ZjQ3NjNhLzEvVXVtRVVQSldkS253SDRqMzlXZkdLekJmZnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh
LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBHykMAwQD
stmgMA0GCSqGSIb3DQEBCwUAA4IBAQCfRXz6OdL7FQAYF5g59ynZPZRIAuG4qQEs
B1nMTDIf2U5uzw4c123IA9NhkW8qu6ZWYfUH30sDidnEtDpFy4WcY+Ce4BfxrBIi
HGNv5MN9yVnG/BSf/NS7rtLaLfcQ3PvCxYonhBP5VKOYyZYWPSOD9//ISnnrt42x
KHlHFTtqDn1f0D8p6arIEL7tXDEZuo/lyX6taux0GZrXQfjstUWOFk2Ivi5mMaAs
B9pX1de34DBBvt+lcplTZJMVH7oOvbEj+NoIOqraRaHMcMWDpmql49zuFWw3W2eQ
CoEBhHV6+c4sLaH3YqhVQqp1aJ544LgOOfYMFPDevH8GTM8L3RWC
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:41:45 2024 by rpki-client on console-ams.rpki-client.org