Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/UjqBYUezB4iRMCdJjcVV1A15AFI.roa
File: UjqBYUezB4iRMCdJjcVV1A15AFI.roa (raw, json)
Hash identifier: 57kYDFNVVTCmUQVXc0Quzv7zHCcVM6YIWNyNIJdxfdQ=
Subject key identifier: 52:3A:81:61:47:B3:07:88:91:30:27:49:8D:C5:55:D4:0D:79:00:52
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 018CC802D394AD74EC26318E17A6BFAF7BAC
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/UjqBYUezB4iRMCdJjcVV1A15AFI.roa
Signing time: Tue 02 Jan 2024 02:31:17 +0000
ROA not before: Tue 02 Jan 2024 02:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6079
IP address blocks: 158.120.53.0/24 maxlen: 24
158.120.57.0/24 maxlen: 24
158.120.55.0/24 maxlen: 24
158.120.61.0/24 maxlen: 24
158.120.59.0/24 maxlen: 24
158.120.63.0/24 maxlen: 24
192.46.184.0/22 maxlen: 22
192.46.184.0/21 maxlen: 21
192.46.188.0/24 maxlen: 24
192.46.200.0/22 maxlen: 22
158.120.51.0/24 maxlen: 24
158.120.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:d3:94:ad:74:ec:26:31:8e:17:a6:bf:af:7b:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Jan 2 02:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=523a816147b30788913027498dc555d40d790052
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5e:e3:05:46:61:81:48:6f:66:62:61:fc:52:
93:d5:c4:8c:74:b0:49:8e:1b:53:c0:ed:87:52:87:
18:58:7b:b6:43:6f:d7:fa:a9:01:ec:1e:37:64:5f:
92:3e:fd:5a:08:33:d7:c4:96:b0:9f:85:48:db:cd:
4c:cc:c5:3d:3a:7b:1f:c1:ed:a1:c5:a8:f9:4a:2e:
be:f3:62:2e:40:f2:8d:41:ad:c5:15:03:58:d8:d0:
2a:7f:fd:a2:5b:5e:d0:b8:ef:41:93:b3:95:fe:e8:
f2:a2:56:77:2d:ad:64:69:40:b4:b4:a2:12:41:8e:
63:4a:34:35:63:69:8f:5d:f5:c9:bc:d3:ea:07:c2:
d5:05:e8:98:b1:ac:dd:80:2b:29:e3:41:a7:eb:6f:
41:2e:7f:a4:76:22:f1:70:04:97:07:f7:e2:5a:7a:
cb:55:75:99:9b:9b:bc:f9:d0:02:bb:da:05:b6:7e:
ea:e9:12:2a:cd:13:24:da:97:3c:9b:cd:06:ff:1a:
43:62:85:0c:5a:1e:27:c2:5d:97:67:01:83:70:04:
81:09:fd:d8:ec:2f:46:53:25:b4:9e:1e:0d:43:4f:
90:87:f8:23:3d:a9:aa:1f:1c:0e:a5:e8:a0:05:1d:
25:b8:c8:15:4f:19:8c:19:74:ef:6e:ef:af:d2:c8:
0d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:3A:81:61:47:B3:07:88:91:30:27:49:8D:C5:55:D4:0D:79:00:52
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/UjqBYUezB4iRMCdJjcVV1A15AFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.120.49.0/24
158.120.51.0/24
158.120.53.0/24
158.120.55.0/24
158.120.57.0/24
158.120.59.0/24
158.120.61.0/24
158.120.63.0/24
192.46.184.0/21
192.46.200.0/22
Signature Algorithm: sha256WithRSAEncryption
90:99:26:06:30:47:2f:b9:6e:f0:83:d4:48:c9:21:b3:6d:70:
23:28:73:35:5a:98:ee:d0:43:18:8e:82:c0:a5:f9:92:16:ab:
ef:99:75:03:9b:93:2a:15:72:2b:c5:85:11:20:e5:93:16:1a:
49:7f:74:3e:ff:f9:9e:fe:10:0d:17:0b:d9:32:c6:71:f5:f6:
60:d3:20:6b:2f:85:72:83:be:ef:58:24:61:41:9c:50:d1:d7:
38:2f:51:f0:7d:5a:17:a8:da:b2:20:29:a8:a4:27:12:4a:2c:
a3:b8:a1:8b:e1:08:aa:fd:99:02:dd:3b:a8:f9:f6:6f:37:4e:
80:66:b2:9f:d3:db:55:75:df:49:11:44:cc:06:a3:c5:c1:62:
4b:5e:29:d5:1a:33:50:9c:2e:37:05:b3:47:ff:b1:b2:70:bf:
a9:09:af:e0:76:c7:0d:26:02:97:4d:2a:3b:6a:e6:c3:4f:59:
d5:50:dd:50:01:59:ce:81:ed:9f:f8:19:92:af:a1:44:b8:d0:
2c:a0:c8:2f:da:32:eb:ca:db:ef:4c:62:72:1d:59:7b:de:27:
ab:7c:cc:96:80:20:91:9c:63:b6:15:bc:f6:5c:e1:8c:70:5f:
4d:2d:ba:68:72:80:79:60:fa:ff:6d:10:d4:70:2c:f4:47:6b:
90:ae:9c:17
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzIAtOUrXTsJjGOF6a/r3usMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjQwMTAyMDIzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjNhODE2MTQ3YjMwNzg4OTEzMDI3NDk4ZGM1NTVkNDBkNzkwMDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoV7jBUZhgUhvZmJh/FKT1cSMdLBJ
jhtTwO2HUocYWHu2Q2/X+qkB7B43ZF+SPv1aCDPXxJawn4VI281MzMU9Onsfwe2h
xaj5Si6+82IuQPKNQa3FFQNY2NAqf/2iW17QuO9Bk7OV/ujyolZ3La1kaUC0tKIS
QY5jSjQ1Y2mPXfXJvNPqB8LVBeiYsazdgCsp40Gn629BLn+kdiLxcASXB/fiWnrL
VXWZm5u8+dACu9oFtn7q6RIqzRMk2pc8m80G/xpDYoUMWh4nwl2XZwGDcASBCf3Y
7C9GUyW0nh4NQ0+Qh/gjPamqHxwOpeigBR0luMgVTxmMGXTvbu+v0sgNfwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFFI6gWFHsweIkTAnSY3FVdQNeQBSMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvVWpxQllVZXpCNGlSTUNkSmpjVlYxQTE1QUZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAnngxAwQA
nngzAwQAnng1AwQAnng3AwQAnng5AwQAnng7AwQAnng9AwQAnng/AwQDwC64AwQC
wC7IMA0GCSqGSIb3DQEBCwUAA4IBAQCQmSYGMEcvuW7wg9RIySGzbXAjKHM1Wpju
0EMYjoLApfmSFqvvmXUDm5MqFXIrxYURIOWTFhpJf3Q+//me/hANFwvZMsZx9fZg
0yBrL4Vyg77vWCRhQZxQ0dc4L1HwfVoXqNqyICmopCcSSiyjuKGL4Qiq/ZkC3Tuo
+fZvN06AZrKf09tVdd9JEUTMBqPFwWJLXinVGjNQnC43BbNH/7GycL+pCa/gdscN
JgKXTSo7aubDT1nVUN1QAVnOge2f+BmSr6FEuNAsoMgv2jLrytvvTGJyHVl73ier
fMyWgCCRnGO2Fbz2XOGMcF9NLbpocoB5YPr/bRDUcCz0R2uQrpwX
-----END CERTIFICATE-----
Generated at Fri Nov 22 05:52:03 2024 by rpki-client on console-fra.rpki-client.org