Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/Qlu1dXXxPHbSVvLSCTBMLzWpiG0.roa
File: Qlu1dXXxPHbSVvLSCTBMLzWpiG0.roa (raw, json)
Hash identifier: JT5w90eKlXnP8R7lhm31oPKKRfnBAPU89BjDdqozlSY=
Subject key identifier: 42:5B:B5:75:75:F1:3C:76:D2:56:F2:D2:09:30:4C:2F:35:A9:88:6D
Certificate issuer: /CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Certificate serial: 018CC8DEBE7198FD48049826B7274CF72080
Authority key identifier: 50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/Qlu1dXXxPHbSVvLSCTBMLzWpiG0.roa
Signing time: Tue 02 Jan 2024 06:31:30 +0000
ROA not before: Tue 02 Jan 2024 06:31:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50611
IP address blocks: 195.253.65.0/24 maxlen: 24
195.253.66.0/24 maxlen: 24
195.253.88.0/23 maxlen: 23
195.253.90.0/23 maxlen: 23
195.253.96.0/19 maxlen: 24
185.119.136.0/22 maxlen: 24
195.253.64.0/24 maxlen: 24
2a01:5b0:8::/46 maxlen: 48
2a01:5b0:2e::/48 maxlen: 48
2a01:5b0:10::/45 maxlen: 48
2a01:5b0:12::/47 maxlen: 47
2a01:5b0:5::/48 maxlen: 48
2a01:5b0:20::/43 maxlen: 48
2a01:5b0:2b::/48 maxlen: 48
2a01:5b0:6::/48 maxlen: 48
2a01:5b0:4::/48 maxlen: 48
2a01:5b0:2a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jul 2024 05:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:be:71:98:fd:48:04:98:26:b7:27:4c:f7:20:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Validity
Not Before: Jan 2 06:31:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=425bb57575f13c76d256f2d209304c2f35a9886d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:52:5a:ae:22:81:af:3f:1e:48:d4:f2:3d:be:
0e:4a:0a:95:fc:5d:c3:a4:e3:7e:07:20:75:54:b7:
ea:0b:27:e9:f4:23:4d:f9:80:01:76:b5:fd:b8:7d:
26:94:18:87:17:92:67:5c:67:0e:b8:59:e0:62:4f:
f7:0c:05:70:37:9a:68:3c:27:47:4b:41:ee:cd:d1:
1f:d8:09:89:f7:e9:b0:83:4d:31:4f:0d:e3:c1:cb:
fa:20:37:9b:c2:0a:99:be:38:6f:17:5b:c9:45:3d:
a6:33:72:12:94:e0:71:e4:41:37:88:63:55:73:b1:
d9:3b:fa:1e:d1:1e:a2:71:d8:d0:8c:f4:b4:49:be:
a0:d6:be:b2:c1:22:12:ae:3e:d2:fc:25:d0:b5:17:
4d:29:1c:fd:57:88:de:09:7e:74:65:fe:ba:eb:1b:
2f:80:90:8f:53:ec:18:8d:50:f6:13:7b:4f:71:d0:
c2:23:07:46:99:d3:19:2f:ee:69:39:60:cf:71:90:
5e:27:42:0b:03:8f:8a:1e:ba:72:36:fe:9e:77:4c:
2a:de:9c:c8:40:b9:04:3e:16:ad:dd:ab:7a:73:1b:
a3:e2:37:39:26:6a:bb:d7:ba:c8:8f:6b:d3:e1:1d:
55:87:be:9d:db:08:31:53:38:b7:75:46:06:57:bc:
10:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:5B:B5:75:75:F1:3C:76:D2:56:F2:D2:09:30:4C:2F:35:A9:88:6D
X509v3 Authority Key Identifier:
keyid:50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/Qlu1dXXxPHbSVvLSCTBMLzWpiG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.136.0/22
195.253.64.0-195.253.66.255
195.253.88.0/22
195.253.96.0/19
IPv6:
2a01:5b0:4::-2a01:5b0:6:ffff:ffff:ffff:ffff:ffff
2a01:5b0:8::/46
2a01:5b0:10::/45
2a01:5b0:20::/43
Signature Algorithm: sha256WithRSAEncryption
05:31:42:18:b0:d9:5c:5c:8b:ef:66:55:f9:3b:29:ad:37:e9:
71:bc:18:6e:db:07:22:54:ff:fc:bb:66:ed:76:2e:f5:55:f2:
80:52:5b:36:7e:cf:a0:45:bc:99:0f:6b:c1:44:76:9b:2c:bd:
b0:3f:e1:77:fd:7f:2a:41:2c:61:09:e2:72:41:e5:37:ec:03:
78:eb:4e:30:87:41:41:c8:19:be:31:50:cf:be:72:1c:a2:51:
47:0b:7f:7b:93:98:bc:36:17:31:92:8a:a7:76:da:00:2e:f0:
82:73:df:59:86:b7:cc:20:fb:cf:51:72:31:3d:fc:8e:d4:10:
ca:66:73:34:4a:70:d8:05:a5:47:93:9c:5f:6b:3a:55:80:bb:
c7:b2:44:9d:ba:f8:d7:dd:2d:bd:80:7b:85:f6:5c:8f:b6:c3:
37:b3:d6:c8:45:54:a0:78:d9:8c:ea:30:8e:8a:e2:9b:50:b2:
0f:8b:a9:fb:b4:59:43:50:60:17:ba:5e:01:c4:ae:f2:f6:9e:
ae:dd:b5:28:56:dc:3b:4f:cf:89:e9:36:33:b9:6e:e1:15:c8:
4a:a5:d1:25:c3:58:ae:c9:7b:f9:90:61:8c:c2:75:c1:79:64:
96:53:9a:27:82:fa:05:86:3a:09:26:1d:6a:9a:33:bc:a1:79:
fb:49:f5:cf
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYzI3r5xmP1IBJgmtydM9yCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYzFlNDI2ZjU4ZTQyYWUzMGU1NmNkYjdmZjRkOGY5ZGRk
ODViMzAwHhcNMjQwMTAyMDYzMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjViYjU3NTc1ZjEzYzc2ZDI1NmYyZDIwOTMwNGMyZjM1YTk4ODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1JariKBrz8eSNTyPb4OSgqV/F3D
pON+ByB1VLfqCyfp9CNN+YABdrX9uH0mlBiHF5JnXGcOuFngYk/3DAVwN5poPCdH
S0HuzdEf2AmJ9+mwg00xTw3jwcv6IDebwgqZvjhvF1vJRT2mM3ISlOBx5EE3iGNV
c7HZO/oe0R6icdjQjPS0Sb6g1r6ywSISrj7S/CXQtRdNKRz9V4jeCX50Zf666xsv
gJCPU+wYjVD2E3tPcdDCIwdGmdMZL+5pOWDPcZBeJ0ILA4+KHrpyNv6ed0wq3pzI
QLkEPhat3at6cxuj4jc5Jmq717rIj2vT4R1Vh76d2wgxUzi3dUYGV7wQqQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFEJbtXV18Tx20lby0gkwTC81qYhtMB8GA1UdIwQY
MBaAFFDB5Cb1jkKuMOVs23/02Pnd2FswMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMt
MDYzY2U2Y2Y0NjBkLzEvUWx1MWRYWHhQSGJTVnZMU0NUQk1MeldwaUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMtMDYzY2U2Y2Y0NjBk
LzEvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzAmBAIAATAgAwQCuXeIMAwD
BAbD/UADBADD/UIDBALD/VgDBAXD/WAwNQQCAAIwLzASAwcCKgEFsAAEAwcAKgEF
sAAGAwcCKgEFsAAIAwcDKgEFsAAQAwcFKgEFsAAgMA0GCSqGSIb3DQEBCwUAA4IB
AQAFMUIYsNlcXIvvZlX5OymtN+lxvBhu2wciVP/8u2btdi71VfKAUls2fs+gRbyZ
D2vBRHabLL2wP+F3/X8qQSxhCeJyQeU37AN4604wh0FByBm+MVDPvnIcolFHC397
k5i8NhcxkoqndtoALvCCc99ZhrfMIPvPUXIxPfyO1BDKZnM0SnDYBaVHk5xfazpV
gLvHskSduvjX3S29gHuF9lyPtsM3s9bIRVSgeNmM6jCOiuKbULIPi6n7tFlDUGAX
ul4BxK7y9p6u3bUoVtw7T8+J6TYzuW7hFchKpdElw1iuyXv5kGGMwnXBeWSWU5on
gvoFhjoJJh1qmjO8oXn7SfXP
-----END CERTIFICATE-----
Generated at Sat Jul 6 08:21:28 2024 by rpki-client on console-ams.rpki-client.org