Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/u50_wKG1fyOwHvWkzRwzICXpDWg.roa
File: u50_wKG1fyOwHvWkzRwzICXpDWg.roa (raw, json)
Hash identifier: CZdrB6w1qzmX5lmOiy7eRx/Bep2giQy9ZtJiJEeI0F0=
Subject key identifier: BB:9D:3F:C0:A1:B5:7F:23:B0:1E:F5:A4:CD:1C:33:20:25:E9:0D:68
Certificate issuer: /CN=e14f264fa4a4c90dcb4a99cccec50c5508f44498
Certificate serial: 018EA9D861B1F870E511B543D947018407F6
Authority key identifier: E1:4F:26:4F:A4:A4:C9:0D:CB:4A:99:CC:CE:C5:0C:55:08:F4:44:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4U8mT6SkyQ3LSpnMzsUMVQj0RJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/u50_wKG1fyOwHvWkzRwzICXpDWg.roa
Signing time: Thu 04 Apr 2024 16:01:54 +0000
ROA not before: Thu 04 Apr 2024 16:01:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207594
IP address blocks: 85.116.148.0/22 maxlen: 22
85.116.152.0/22 maxlen: 22
85.116.156.0/23 maxlen: 23
85.116.158.0/24 maxlen: 24
85.116.159.0/24 maxlen: 24
185.30.80.0/22 maxlen: 22
185.68.192.0/22 maxlen: 22
2a00:a2a0::/32 maxlen: 32
2a05:10c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/4U8mT6SkyQ3LSpnMzsUMVQj0RJg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/4U8mT6SkyQ3LSpnMzsUMVQj0RJg.mft
rsync://rpki.ripe.net/repository/DEFAULT/4U8mT6SkyQ3LSpnMzsUMVQj0RJg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a9:d8:61:b1:f8:70:e5:11:b5:43:d9:47:01:84:07:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e14f264fa4a4c90dcb4a99cccec50c5508f44498
Validity
Not Before: Apr 4 16:01:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb9d3fc0a1b57f23b01ef5a4cd1c332025e90d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:40:68:e8:20:46:68:64:19:6d:58:a7:6a:5c:
c4:ea:01:a8:a8:9d:47:42:1e:99:23:88:ae:b3:2f:
d2:d0:6b:52:f2:df:7b:d8:8f:3d:12:e2:b9:67:5f:
18:e1:63:06:e1:5d:d3:54:aa:59:cd:7a:95:56:9f:
88:a5:b9:c7:f8:b9:9b:62:cc:0f:c1:81:6c:9f:26:
7e:de:83:c1:47:19:6c:c8:e8:2e:56:70:6e:00:27:
88:d2:f4:9d:13:f3:5d:3b:65:4d:82:d1:18:29:dc:
09:5f:e0:42:e2:4e:27:06:1d:e4:a9:06:12:4a:28:
6b:87:43:69:92:1c:88:92:1d:0a:82:e0:6a:89:98:
90:6a:df:f1:ac:be:e7:81:8d:1b:79:5f:b0:55:b3:
44:a3:13:67:77:cf:4a:4f:5e:e5:e8:a4:48:6f:a8:
52:e4:b9:23:b7:f0:7e:b9:3e:5c:34:3c:22:26:d9:
16:10:6c:22:88:b3:e6:cc:41:50:6a:25:2c:ba:61:
29:6b:cb:b6:81:42:4e:4e:a2:73:e8:d1:b8:65:be:
db:6c:ee:d6:35:58:ab:ef:0a:3c:10:7a:97:27:15:
18:ed:2b:0c:98:9d:ca:5a:dd:fd:34:05:b9:e4:14:
ef:c0:2b:c6:77:28:58:8a:75:c7:5d:59:60:f7:59:
ab:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:9D:3F:C0:A1:B5:7F:23:B0:1E:F5:A4:CD:1C:33:20:25:E9:0D:68
X509v3 Authority Key Identifier:
keyid:E1:4F:26:4F:A4:A4:C9:0D:CB:4A:99:CC:CE:C5:0C:55:08:F4:44:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4U8mT6SkyQ3LSpnMzsUMVQj0RJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/u50_wKG1fyOwHvWkzRwzICXpDWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/4U8mT6SkyQ3LSpnMzsUMVQj0RJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.148.0-85.116.159.255
185.30.80.0/22
185.68.192.0/22
IPv6:
2a00:a2a0::/32
2a05:10c0::/29
Signature Algorithm: sha256WithRSAEncryption
bd:12:c1:12:ca:99:51:35:19:5c:6e:d2:d1:17:1b:39:5a:cb:
aa:27:4a:0d:de:ad:9b:5d:53:70:26:10:f7:f9:8d:8a:d3:81:
a5:10:49:9c:a7:01:43:21:41:4a:2e:2c:2e:29:21:cd:d1:11:
73:5b:64:45:f2:47:ee:f4:2f:a5:50:1f:ee:58:7a:2c:84:ee:
b7:29:cd:6a:9d:b6:a0:31:b0:06:51:b4:b8:31:f4:ec:96:f2:
e6:fd:dd:de:bd:8f:19:42:63:22:14:25:58:03:dc:9a:97:ae:
49:b2:ef:3d:e2:f9:f0:1b:a3:eb:e3:a3:7c:ac:9d:eb:56:b7:
76:2d:83:b1:05:c9:2d:dd:fe:69:5a:1d:b4:b8:ed:ad:7f:f0:
aa:18:49:dc:42:06:c7:4c:28:8c:4c:49:92:a2:fd:f7:46:df:
5a:af:d6:80:ae:70:9d:f0:45:9d:83:60:8e:88:e6:ca:59:bb:
17:3a:b2:1a:ea:ad:df:a5:7a:fe:5f:75:ab:07:71:ce:6a:de:
5e:89:ad:3d:91:98:76:fe:0f:0f:d6:bf:b5:9c:68:46:cb:66:
5e:58:7a:21:c0:b2:e3:72:8a:08:4a:6e:fe:8d:42:79:0b:ee:
18:37:b5:f2:df:93:d2:64:43:ce:2a:b8:ce:94:ab:88:31:b5:
7f:27:db:47
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY6p2GGx+HDlEbVD2UcBhAf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNGYyNjRmYTRhNGM5MGRjYjRhOTljY2NlYzUwYzU1MDhm
NDQ0OTgwHhcNMjQwNDA0MTYwMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjlkM2ZjMGExYjU3ZjIzYjAxZWY1YTRjZDFjMzMyMDI1ZTkwZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkBo6CBGaGQZbVinalzE6gGoqJ1H
Qh6ZI4iusy/S0GtS8t972I89EuK5Z18Y4WMG4V3TVKpZzXqVVp+IpbnH+LmbYswP
wYFsnyZ+3oPBRxlsyOguVnBuACeI0vSdE/NdO2VNgtEYKdwJX+BC4k4nBh3kqQYS
Sihrh0NpkhyIkh0KguBqiZiQat/xrL7ngY0beV+wVbNEoxNnd89KT17l6KRIb6hS
5Lkjt/B+uT5cNDwiJtkWEGwiiLPmzEFQaiUsumEpa8u2gUJOTqJz6NG4Zb7bbO7W
NVir7wo8EHqXJxUY7SsMmJ3KWt39NAW55BTvwCvGdyhYinXHXVlg91mr4wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLudP8ChtX8jsB71pM0cMyAl6Q1oMB8GA1UdIwQY
MBaAFOFPJk+kpMkNy0qZzM7FDFUI9ESYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFU4bVQ2U2t5UTNMU3BuTXpzVU1WUWowUkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy80MTU5YzMtODE0ZC00MDAxLTg1Mjct
MTM5MDQzNzQ5YzQ4LzEvdTUwX3dLRzFmeU93SHZXa3pSd3pJQ1hwRFdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy80MTU5YzMtODE0ZC00MDAxLTg1MjctMTM5MDQzNzQ5YzQ4
LzEvNFU4bVQ2U2t5UTNMU3BuTXpzVU1WUWowUkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAgBAIAATAaMAwDBAJVdJQD
BAVVdIADBAK5HlADBAK5RMAwFAQCAAIwDgMFACoAoqADBQMqBRDAMA0GCSqGSIb3
DQEBCwUAA4IBAQC9EsESyplRNRlcbtLRFxs5WsuqJ0oN3q2bXVNwJhD3+Y2K04Gl
EEmcpwFDIUFKLiwuKSHN0RFzW2RF8kfu9C+lUB/uWHoshO63Kc1qnbagMbAGUbS4
MfTslvLm/d3evY8ZQmMiFCVYA9yal65Jsu894vnwG6Pr46N8rJ3rVrd2LYOxBckt
3f5pWh20uO2tf/CqGEncQgbHTCiMTEmSov33Rt9ar9aArnCd8EWdg2COiObKWbsX
OrIa6q3fpXr+X3WrB3HOat5eia09kZh2/g8P1r+1nGhGy2ZeWHohwLLjcooISm7+
jUJ5C+4YN7Xy35PSZEPOKrjOlKuIMbV/J9tH
-----END CERTIFICATE-----
Generated at Sun Jun 2 06:35:29 2024 by rpki-client on console-ams.rpki-client.org