Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/U-oC6f9ImQxX8lCdCCMzcMkvZvw.roa
File: U-oC6f9ImQxX8lCdCCMzcMkvZvw.roa (raw, json)
Hash identifier: PXs5eOl/iiqTDJulz/y7Eaf15yF3ArjOHEF5+Djqcqg=
Subject key identifier: 53:EA:02:E9:FF:48:99:0C:57:F2:50:9D:08:23:33:70:C9:2F:66:FC
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 018CC7275EE8B114197E917738E70824A6EE
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/U-oC6f9ImQxX8lCdCCMzcMkvZvw.roa
Signing time: Mon 01 Jan 2024 22:31:35 +0000
ROA not before: Mon 01 Jan 2024 22:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3741
IP address blocks: 192.109.144.0/24 maxlen: 24
2a07:8146::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 13:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:5e:e8:b1:14:19:7e:91:77:38:e7:08:24:a6:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Jan 1 22:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53ea02e9ff48990c57f2509d08233370c92f66fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:89:83:9e:02:03:5e:e2:d7:37:e7:9a:d3:d7:
bd:01:e8:33:a7:c5:8c:2a:bd:f2:be:a4:46:91:e9:
67:f2:f3:4c:be:94:c7:44:7d:49:04:84:15:73:1a:
ae:76:ca:84:f5:e3:54:5f:95:0c:bf:41:c1:d8:6d:
e8:c9:2d:25:25:62:f5:62:6f:24:c5:25:a0:ee:98:
ea:7a:a9:3e:fa:8e:f3:5b:31:d1:c1:43:05:f6:e2:
58:8a:6b:bd:99:dc:86:26:99:22:bc:a6:aa:e4:40:
d0:28:97:7e:35:d7:83:cb:9e:5d:1a:de:88:62:39:
99:84:b7:82:54:96:33:ff:92:8b:b9:0f:bf:f7:b2:
24:6d:d4:2e:04:59:23:8a:20:dd:b0:89:99:10:b4:
a6:fe:7a:d4:6c:e8:72:68:0c:a1:bb:06:a9:39:e5:
6e:b1:7e:d0:25:63:95:9f:c5:aa:aa:39:03:05:be:
66:7f:b5:6e:4a:cb:79:a4:f1:f5:46:8e:26:66:56:
a8:a5:4e:1d:03:e3:fe:19:87:51:28:f7:ef:a8:8c:
9a:19:7f:af:03:a2:cd:23:19:49:f2:43:5b:98:f9:
1c:89:76:74:5a:db:b1:c6:23:50:c0:64:f3:61:e0:
e8:29:20:41:ee:f4:50:4b:03:25:3d:5d:8c:78:75:
2e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:EA:02:E9:FF:48:99:0C:57:F2:50:9D:08:23:33:70:C9:2F:66:FC
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/U-oC6f9ImQxX8lCdCCMzcMkvZvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.144.0/24
IPv6:
2a07:8146::/36
Signature Algorithm: sha256WithRSAEncryption
57:56:50:30:4c:4b:e0:81:db:5d:f5:c4:d5:49:2d:c2:4f:50:
46:2a:e7:69:16:44:0e:a5:98:59:e3:fd:d8:26:2c:25:65:3b:
f7:38:61:32:c1:11:59:41:7e:80:64:f7:6c:5c:f8:30:aa:0a:
c8:59:ec:2e:a1:f1:e6:d6:5f:7c:33:8e:f1:c2:2b:12:dd:a4:
e5:80:73:2b:7b:9a:55:50:5c:51:cd:b9:ad:d9:5d:3f:fd:ba:
15:fd:2a:9d:ec:60:72:d7:3f:06:a1:a0:77:a9:e7:8e:fb:2d:
01:12:8d:47:88:aa:ce:3b:a3:51:9c:29:d7:f9:9c:b8:e8:42:
e4:57:2e:82:3b:cf:5e:9c:42:89:5d:84:e6:29:b9:41:e3:f5:
3b:a8:66:49:85:17:08:73:9f:c4:a8:f8:b2:de:fd:cc:c3:cb:
d5:d2:22:fc:27:0a:c8:85:3d:0f:c7:28:af:16:cd:06:f9:50:
bd:fc:c5:4b:1d:fb:9c:57:bc:09:22:03:17:39:6c:eb:7a:1f:
0f:d8:99:38:24:09:3d:fb:37:11:c2:42:24:fb:e7:4b:bc:0d:
f7:97:f6:32:f8:67:e4:c7:45:28:1f:32:00:0c:f1:13:86:c4:
11:37:41:61:45:52:ae:87:d9:64:72:b9:cc:45:56:13:cb:41:
11:ea:58:57
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzHJ17osRQZfpF3OOcIJKbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMzdkODA3ZDRmN2NkZDNlMGFmZTRhYmM4ZWU1YTg4MGM2
MDkwZjEwHhcNMjQwMTAxMjIzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2VhMDJlOWZmNDg5OTBjNTdmMjUwOWQwODIzMzM3MGM5MmY2NmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YmDngIDXuLXN+ea09e9Aegzp8WM
Kr3yvqRGkeln8vNMvpTHRH1JBIQVcxqudsqE9eNUX5UMv0HB2G3oyS0lJWL1Ym8k
xSWg7pjqeqk++o7zWzHRwUMF9uJYimu9mdyGJpkivKaq5EDQKJd+NdeDy55dGt6I
YjmZhLeCVJYz/5KLuQ+/97IkbdQuBFkjiiDdsImZELSm/nrUbOhyaAyhuwapOeVu
sX7QJWOVn8WqqjkDBb5mf7VuSst5pPH1Ro4mZlaopU4dA+P+GYdRKPfvqIyaGX+v
A6LNIxlJ8kNbmPkciXZ0WtuxxiNQwGTzYeDoKSBB7vRQSwMlPV2MeHUuLwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFFPqAun/SJkMV/JQnQgjM3DJL2b8MB8GA1UdIwQY
MBaAFAo32AfU983T4K/kq8juWogMYJDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjkt
ODAwZWRhMmNmYjM2LzEvVS1vQzZmOUltUXhYOGxDZENDTXpjTWt2WnZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjktODAwZWRhMmNmYjM2
LzEvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAwG2QMA4E
AgACMAgDBgQqB4FGADANBgkqhkiG9w0BAQsFAAOCAQEAV1ZQMExL4IHbXfXE1Ukt
wk9QRirnaRZEDqWYWeP92CYsJWU79zhhMsERWUF+gGT3bFz4MKoKyFnsLqHx5tZf
fDOO8cIrEt2k5YBzK3uaVVBcUc25rdldP/26Ff0qnexgctc/BqGgd6nnjvstARKN
R4iqzjujUZwp1/mcuOhC5FcugjvPXpxCiV2E5im5QeP1O6hmSYUXCHOfxKj4st79
zMPL1dIi/CcKyIU9D8corxbNBvlQvfzFSx37nFe8CSIDFzls63ofD9iZOCQJPfs3
EcJCJPvnS7wN95f2Mvhn5MdFKB8yAAzxE4bEETdBYUVSrofZZHK5zEVWE8tBEepY
Vw==
-----END CERTIFICATE-----
Generated at Mon May 27 20:03:52 2024 by rpki-client on console-fra.rpki-client.org