Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/SpQlHYiYdqpQsCpwOfLDR7arRow.roa
File: SpQlHYiYdqpQsCpwOfLDR7arRow.roa (raw, json)
Hash identifier: XA6SlITSzm5TOdDvAKKHWHnyrckzBgRooDt8TEE7D4s=
Subject key identifier: 4A:94:25:1D:88:98:76:AA:50:B0:2A:70:39:F2:C3:47:B6:AB:46:8C
Certificate issuer: /CN=50182bee9aa010c1ffd2d804f6aa7b14bddb91f7
Certificate serial: 018CC94E35E7F8C6AC967B636E0DB97AF37B
Authority key identifier: 50:18:2B:EE:9A:A0:10:C1:FF:D2:D8:04:F6:AA:7B:14:BD:DB:91:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UBgr7pqgEMH_0tgE9qp7FL3bkfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/SpQlHYiYdqpQsCpwOfLDR7arRow.roa
Signing time: Tue 02 Jan 2024 08:33:15 +0000
ROA not before: Tue 02 Jan 2024 08:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36892
IP address blocks: 81.199.14.0/24 maxlen: 24
62.56.138.0/24 maxlen: 24
81.199.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/UBgr7pqgEMH_0tgE9qp7FL3bkfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/UBgr7pqgEMH_0tgE9qp7FL3bkfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/UBgr7pqgEMH_0tgE9qp7FL3bkfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 01:03:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:35:e7:f8:c6:ac:96:7b:63:6e:0d:b9:7a:f3:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50182bee9aa010c1ffd2d804f6aa7b14bddb91f7
Validity
Not Before: Jan 2 08:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a94251d889876aa50b02a7039f2c347b6ab468c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:dc:ca:df:e6:c7:75:0c:d9:6e:3c:cd:ad:3a:
a0:5e:fb:8c:79:ac:77:2f:fa:50:f9:c5:22:1f:c1:
d1:7b:8c:10:f4:44:1d:07:01:00:7f:25:79:3d:be:
ca:d1:a5:31:eb:75:95:f4:14:85:7d:a5:f7:f9:69:
af:40:fe:16:f4:14:53:11:6f:2b:d8:ad:9d:f0:78:
93:f1:84:f9:22:5c:5f:fe:e9:dd:eb:8d:21:c4:3b:
d1:5d:16:59:b1:bd:49:75:2c:83:23:de:e7:2a:4a:
24:66:c4:fb:c4:11:38:4e:88:42:13:de:34:c8:11:
37:63:fe:6b:2d:74:7a:3f:66:50:9b:b7:c2:01:28:
8b:14:23:1a:ac:0e:46:16:88:bc:d6:de:d4:21:7f:
18:ab:b6:f3:86:62:d0:e6:6b:21:c8:3d:23:80:02:
cc:bd:c0:f7:10:2f:cc:aa:23:07:9f:8c:d3:bf:e7:
04:d4:bd:bc:1a:04:5d:77:fd:0d:18:32:d9:9b:f3:
65:3b:12:fc:63:28:f6:b1:2d:35:fe:65:a8:04:63:
88:68:52:59:48:25:30:4a:28:67:80:df:bf:b4:ba:
dd:d6:c4:16:05:6f:3d:aa:e9:aa:10:2a:a1:aa:3d:
8f:cf:f7:f6:1e:ad:24:85:31:4d:45:b1:53:c5:98:
1e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:94:25:1D:88:98:76:AA:50:B0:2A:70:39:F2:C3:47:B6:AB:46:8C
X509v3 Authority Key Identifier:
keyid:50:18:2B:EE:9A:A0:10:C1:FF:D2:D8:04:F6:AA:7B:14:BD:DB:91:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UBgr7pqgEMH_0tgE9qp7FL3bkfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/SpQlHYiYdqpQsCpwOfLDR7arRow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/UBgr7pqgEMH_0tgE9qp7FL3bkfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.56.138.0/24
81.199.14.0/24
81.199.89.0/24
Signature Algorithm: sha256WithRSAEncryption
95:b3:7d:a7:fc:d3:bd:fb:cf:e2:1e:27:9f:f7:d1:af:2f:bd:
ea:34:0f:bc:7f:76:e0:8b:c7:da:19:d0:f6:44:2f:77:49:71:
d8:8a:b3:fd:e7:bb:a5:65:5f:58:87:aa:e3:b8:83:84:9f:8a:
2e:13:a9:fc:2e:ec:db:63:a2:89:1e:c9:f3:8c:7c:fd:b7:7b:
25:37:12:8b:21:85:55:74:70:4d:76:43:e9:20:cc:b1:4c:14:
ff:f7:b8:f4:9d:23:0c:9e:8f:49:f5:96:bf:39:f1:80:69:d3:
4d:3f:09:8e:0b:79:3d:08:3d:42:54:43:17:6b:26:ab:9f:1e:
9f:9c:41:ee:b1:42:c0:0d:8b:0b:d3:88:ce:57:78:18:e6:9e:
72:71:e4:25:67:d3:93:24:91:3b:cb:1d:e9:bf:01:13:b3:c8:
2e:56:1a:59:42:7f:03:65:b7:16:6a:06:d5:84:98:47:a8:f1:
95:60:e4:ce:27:f5:82:a6:c6:0e:23:5f:b9:b0:d5:9d:e9:fb:
39:8d:c7:de:9b:67:62:42:03:2c:14:af:9f:90:88:00:4c:16:
11:9e:31:52:b7:32:52:d3:1f:e0:54:d9:c8:a5:81:c9:a8:2a:
bb:5a:f7:b2:91:15:0f:86:76:2c:bf:39:06:9a:bf:d8:98:cf:
0a:fa:19:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJTjXn+Maslntjbg25evN7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMTgyYmVlOWFhMDEwYzFmZmQyZDgwNGY2YWE3YjE0YmRk
YjkxZjcwHhcNMjQwMTAyMDgzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTk0MjUxZDg4OTg3NmFhNTBiMDJhNzAzOWYyYzM0N2I2YWI0NjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNzK3+bHdQzZbjzNrTqgXvuMeax3
L/pQ+cUiH8HRe4wQ9EQdBwEAfyV5Pb7K0aUx63WV9BSFfaX3+WmvQP4W9BRTEW8r
2K2d8HiT8YT5Ilxf/und640hxDvRXRZZsb1JdSyDI97nKkokZsT7xBE4TohCE940
yBE3Y/5rLXR6P2ZQm7fCASiLFCMarA5GFoi81t7UIX8Yq7bzhmLQ5mshyD0jgALM
vcD3EC/MqiMHn4zTv+cE1L28GgRdd/0NGDLZm/NlOxL8Yyj2sS01/mWoBGOIaFJZ
SCUwSihngN+/tLrd1sQWBW89qumqECqhqj2Pz/f2Hq0khTFNRbFTxZgekQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEqUJR2ImHaqULAqcDnyw0e2q0aMMB8GA1UdIwQY
MBaAFFAYK+6aoBDB/9LYBPaqexS925H3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUJncjdwcWdFTUhfMHRnRTlxcDdGTDNia2ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9iZDQ1NjYtYWMyNy00NmY4LTk0Zjkt
MTlkMWJiNjFkOWE3LzEvU3BRbEhZaVlkcXBRc0Nwd09mTERSN2FyUm93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9iZDQ1NjYtYWMyNy00NmY4LTk0ZjktMTlkMWJiNjFkOWE3
LzEvVUJncjdwcWdFTUhfMHRnRTlxcDdGTDNia2ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPjiKAwQA
UccOAwQAUcdZMA0GCSqGSIb3DQEBCwUAA4IBAQCVs32n/NO9+8/iHief99GvL73q
NA+8f3bgi8faGdD2RC93SXHYirP957ulZV9Yh6rjuIOEn4ouE6n8LuzbY6KJHsnz
jHz9t3slNxKLIYVVdHBNdkPpIMyxTBT/97j0nSMMno9J9Za/OfGAadNNPwmOC3k9
CD1CVEMXayarnx6fnEHusULADYsL04jOV3gY5p5yceQlZ9OTJJE7yx3pvwETs8gu
VhpZQn8DZbcWagbVhJhHqPGVYOTOJ/WCpsYOI1+5sNWd6fs5jcfem2diQgMsFK+f
kIgATBYRnjFStzJS0x/gVNnIpYHJqCq7WveykRUPhnYsvzkGmr/YmM8K+hlB
-----END CERTIFICATE-----
Generated at Sun Jun 2 05:25:35 2024 by rpki-client on console-fra.rpki-client.org