Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/UqsaG06FSmCyBqX3iCIv9imBD_4.roa
File: UqsaG06FSmCyBqX3iCIv9imBD_4.roa (raw, json)
Hash identifier: 92AtYDYD9srBlRO10yj4cvvn9vj+gujGiqzLzk9bS7o=
Subject key identifier: 52:AB:1A:1B:4E:85:4A:60:B2:06:A5:F7:88:22:2F:F6:29:81:0F:FE
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0190737E7FC05822BE85ABD13091B62E8338
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/UqsaG06FSmCyBqX3iCIv9imBD_4.roa
Signing time: Tue 02 Jul 2024 12:49:48 +0000
ROA not before: Tue 02 Jul 2024 12:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210937
IP address blocks: 45.153.244.0/22 maxlen: 24
2a09:1::/48 maxlen: 48
2a09:2::/48 maxlen: 48
2a09:3::/48 maxlen: 48
2a09:4::/48 maxlen: 48
2a09:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:73:7e:7f:c0:58:22:be:85:ab:d1:30:91:b6:2e:83:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jul 2 12:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52ab1a1b4e854a60b206a5f788222ff629810ffe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:09:38:2c:86:a3:ae:dc:03:2f:72:9b:ec:f8:
a9:94:3b:dc:bb:8b:c7:69:86:d5:90:dc:fe:a5:f0:
ac:8d:28:b0:05:ea:a9:21:ff:7c:08:40:bd:a0:cc:
be:6f:85:29:f0:7a:10:d3:1f:48:ff:0c:43:e8:b5:
9c:46:5a:a5:73:ef:ca:41:9a:3c:48:59:90:b0:53:
32:e1:05:3c:a3:6c:bf:d2:b8:6d:27:83:b8:50:87:
7b:68:9b:8d:b5:a0:d5:dc:9a:52:c1:14:fe:61:b6:
78:c9:73:28:bf:94:10:fa:0a:78:13:73:26:e4:c7:
8d:bd:c3:a0:75:78:fc:b0:d8:84:cd:44:42:1f:5a:
a9:73:be:7b:c2:f5:5a:e0:78:f2:64:81:63:da:89:
33:db:9b:24:fd:63:73:3e:6f:c5:20:7b:52:61:0e:
35:45:83:c6:6f:8d:f7:00:34:bf:64:cd:6a:43:2f:
cd:15:1d:7b:3a:dd:bf:79:79:de:a3:97:15:62:cd:
8f:2f:4e:1b:c9:05:b4:ca:09:07:9b:3c:aa:85:93:
11:ad:df:8c:8e:74:f0:8c:38:3b:cd:26:5d:e5:87:
54:55:bb:a5:9a:1f:dd:03:a8:65:c3:b3:7e:b4:66:
54:4d:2c:16:bd:c5:f0:b5:1c:31:e1:c9:b6:e9:e9:
e5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:AB:1A:1B:4E:85:4A:60:B2:06:A5:F7:88:22:2F:F6:29:81:0F:FE
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/UqsaG06FSmCyBqX3iCIv9imBD_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.244.0/22
IPv6:
2a09:1::/48
2a09:2::/48
2a09:3::/48
2a09:4::/48
2a09:5::/48
Signature Algorithm: sha256WithRSAEncryption
5f:32:86:af:3f:d3:a4:5e:c5:45:64:8a:a1:04:7a:c2:c3:66:
d8:6f:28:48:eb:13:ea:09:21:62:e1:94:4b:01:3a:5d:64:c0:
18:0a:73:0f:52:9d:9c:f4:17:38:65:16:0e:d5:29:36:15:0b:
67:ff:dc:89:f9:64:38:02:1e:d0:81:0f:1e:5d:32:fc:c8:fc:
90:ac:ce:6c:a7:96:55:68:e7:c6:74:c7:ec:fe:f2:bc:80:d2:
de:d5:5a:bf:79:0f:de:3f:d8:67:20:c4:ff:d3:15:12:6a:cc:
71:3b:bc:7e:f3:0e:77:e9:84:68:7c:5a:18:a6:1d:4b:56:49:
52:36:d5:5c:b1:6f:71:75:45:9e:d7:43:de:9b:a9:11:78:ed:
64:a4:b2:81:e4:3a:4e:36:65:19:bf:00:b7:7a:58:e6:12:02:
45:c8:37:88:db:04:12:8e:93:dc:33:90:27:33:3b:d2:cf:a3:
5a:40:f2:3b:9e:82:d9:91:a7:21:13:04:2e:32:81:1f:52:aa:
90:25:7b:f6:64:db:39:bb:8a:f0:3b:5d:9e:2c:f7:50:34:7b:
13:b1:2d:fd:e2:4f:ac:27:f2:a3:84:24:91:66:f4:20:23:f4:
3f:52:1e:ee:45:6d:19:6a:67:9e:e2:23:2e:bd:2a:d6:9f:fc:
4c:63:8a:68
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZBzfn/AWCK+havRMJG2LoM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwNzAyMTI0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmFiMWExYjRlODU0YTYwYjIwNmE1Zjc4ODIyMmZmNjI5ODEwZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ak4LIajrtwDL3Kb7PiplDvcu4vH
aYbVkNz+pfCsjSiwBeqpIf98CEC9oMy+b4Up8HoQ0x9I/wxD6LWcRlqlc+/KQZo8
SFmQsFMy4QU8o2y/0rhtJ4O4UId7aJuNtaDV3JpSwRT+YbZ4yXMov5QQ+gp4E3Mm
5MeNvcOgdXj8sNiEzURCH1qpc757wvVa4HjyZIFj2okz25sk/WNzPm/FIHtSYQ41
RYPGb433ADS/ZM1qQy/NFR17Ot2/eXneo5cVYs2PL04byQW0ygkHmzyqhZMRrd+M
jnTwjDg7zSZd5YdUVbulmh/dA6hlw7N+tGZUTSwWvcXwtRwx4cm26enldwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFFKrGhtOhUpgsgal94giL/YpgQ/+MB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvVXFzYUcwNkZTbUN5QnFYM2lDSXY5aW1CRF80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAMBAIAATAGAwQCLZn0MDME
AgACMC0DBwAqCQABAAADBwAqCQACAAADBwAqCQADAAADBwAqCQAEAAADBwAqCQAF
AAAwDQYJKoZIhvcNAQELBQADggEBAF8yhq8/06RexUVkiqEEesLDZthvKEjrE+oJ
IWLhlEsBOl1kwBgKcw9SnZz0FzhlFg7VKTYVC2f/3In5ZDgCHtCBDx5dMvzI/JCs
zmynllVo58Z0x+z+8ryA0t7VWr95D94/2GcgxP/TFRJqzHE7vH7zDnfphGh8Whim
HUtWSVI21Vyxb3F1RZ7XQ96bqRF47WSksoHkOk42ZRm/ALd6WOYSAkXIN4jbBBKO
k9wzkCczO9LPo1pA8juegtmRpyETBC4ygR9SqpAle/Zk2zm7ivA7XZ4s91A0exOx
Lf3iT6wn8qOEJJFm9CAj9D9SHu5FbRlqZ57iIy69Ktaf/Exjimg=
-----END CERTIFICATE-----
Generated at Sun Nov 24 15:46:59 2024 by rpki-client on console-fra.rpki-client.org