Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/zutOUL6uPqePGJB0UPDT52gOOUY.roa
File: zutOUL6uPqePGJB0UPDT52gOOUY.roa (raw, json)
Hash identifier: 1ol/bB2C8agt2hJ7qYwKjgxYHD68O0yogCU1e+rA+oA=
Subject key identifier: CE:EB:4E:50:BE:AE:3E:A7:8F:18:90:74:50:F0:D3:E7:68:0E:39:46
Certificate issuer: /CN=50980fb6ade858f2652e736993126c85759f06d9
Certificate serial: 018CC72727E8DC1FF81D760AD5FD14F56CA9
Authority key identifier: 50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/zutOUL6uPqePGJB0UPDT52gOOUY.roa
Signing time: Mon 01 Jan 2024 22:31:21 +0000
ROA not before: Mon 01 Jan 2024 22:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209372
IP address blocks: 91.232.8.0/22 maxlen: 24
91.204.181.0/24 maxlen: 24
91.204.182.0/24 maxlen: 24
91.204.182.0/23 maxlen: 23
91.204.180.0/24 maxlen: 24
91.218.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:27:e8:dc:1f:f8:1d:76:0a:d5:fd:14:f5:6c:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50980fb6ade858f2652e736993126c85759f06d9
Validity
Not Before: Jan 1 22:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ceeb4e50beae3ea78f18907450f0d3e7680e3946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:05:a3:5e:10:a6:f0:d3:90:15:d4:29:28:20:
fb:61:c9:0b:75:3f:13:75:45:c9:db:39:2f:18:65:
66:f9:79:51:d9:88:dd:68:98:51:64:12:4f:73:ec:
56:b3:f8:f6:27:76:f7:86:0a:8b:76:d0:8e:0d:06:
ee:a4:5f:9a:94:89:73:dd:d3:f0:11:7c:28:30:0e:
fb:ef:66:4b:f9:57:af:e2:b9:af:72:46:8e:59:06:
ff:ef:bf:7f:2e:83:58:ba:6a:63:3b:9a:b8:28:dc:
c3:33:82:55:c3:6e:4c:b0:dc:89:fa:3a:63:52:7f:
73:a6:a3:35:62:f0:22:cb:5c:dd:a9:5b:49:e1:4a:
e5:dc:0d:29:ca:08:bd:c5:16:47:b6:4b:9c:79:b8:
c9:a2:bd:b5:fb:99:c3:d3:fe:cc:29:5d:fd:b2:bb:
c0:cc:f4:85:67:8d:9b:23:cc:94:90:b2:69:27:f9:
f3:4d:a8:95:a3:65:11:c7:fd:d7:cc:75:6d:37:05:
1d:49:37:ad:ad:f8:63:24:12:26:6b:96:fd:6f:be:
4d:0b:29:83:28:9f:e5:51:c4:fb:a4:6f:cb:6b:d7:
aa:f6:95:f2:06:3a:2c:10:ec:67:70:aa:4d:e2:2b:
19:97:91:fd:31:87:56:d2:57:f0:c0:9e:24:79:c3:
69:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:EB:4E:50:BE:AE:3E:A7:8F:18:90:74:50:F0:D3:E7:68:0E:39:46
X509v3 Authority Key Identifier:
keyid:50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/zutOUL6uPqePGJB0UPDT52gOOUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.180.0/22
91.218.176.0/22
91.232.8.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:84:49:00:29:3a:59:b3:b7:67:1a:0e:4a:93:8b:5c:f5:b2:
04:a8:57:b8:6e:9f:8e:ab:84:b7:4b:17:6b:a4:a0:06:d0:4e:
9d:fa:c7:2c:cf:14:29:93:95:15:56:63:6c:d1:a2:71:a7:4e:
b8:6c:ed:e6:24:7c:a7:a6:4c:ee:97:9f:e2:c8:10:82:6e:d6:
ae:77:30:77:42:52:d7:19:f3:af:b9:07:d8:a4:26:1c:42:19:
fa:a8:98:0e:73:5b:0c:e4:91:33:f0:6b:0f:42:65:35:1d:dc:
2f:4e:21:9c:81:45:0a:3b:46:e9:f0:5f:01:d7:64:18:06:a6:
a7:33:b6:33:2c:11:77:94:13:61:33:88:67:38:1c:60:c2:43:
99:25:98:25:3d:0c:85:1f:89:a3:82:5e:87:cb:19:b4:8e:74:
cc:cf:05:94:70:f2:31:e9:ea:41:d6:11:a3:e4:4e:db:f9:12:
ac:08:b7:0b:03:aa:e4:cc:71:d6:b9:9a:5d:31:25:40:cf:14:
db:50:48:6e:89:bf:8f:23:a7:77:33:cc:26:67:33:0c:13:b6:
2f:83:67:d7:6e:09:79:c8:94:71:ca:c6:bb:53:be:eb:6c:ec:
4f:19:9d:9b:a0:cb:cc:5f:04:5f:ff:4d:fb:7a:98:49:55:d1:
30:cf:1e:3f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJyfo3B/4HXYK1f0U9WypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTgwZmI2YWRlODU4ZjI2NTJlNzM2OTkzMTI2Yzg1NzU5
ZjA2ZDkwHhcNMjQwMTAxMjIzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWViNGU1MGJlYWUzZWE3OGYxODkwNzQ1MGYwZDNlNzY4MGUzOTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5AWjXhCm8NOQFdQpKCD7YckLdT8T
dUXJ2zkvGGVm+XlR2YjdaJhRZBJPc+xWs/j2J3b3hgqLdtCODQbupF+alIlz3dPw
EXwoMA7772ZL+Vev4rmvckaOWQb/779/LoNYumpjO5q4KNzDM4JVw25MsNyJ+jpj
Un9zpqM1YvAiy1zdqVtJ4Url3A0pygi9xRZHtkucebjJor21+5nD0/7MKV39srvA
zPSFZ42bI8yUkLJpJ/nzTaiVo2URx/3XzHVtNwUdSTetrfhjJBIma5b9b75NCymD
KJ/lUcT7pG/La9eq9pXyBjosEOxncKpN4isZl5H9MYdW0lfwwJ4kecNp5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM7rTlC+rj6njxiQdFDw0+doDjlGMB8GA1UdIwQY
MBaAFFCYD7at6FjyZS5zaZMSbIV1nwbZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEt
Y2NhNzlhNjk4MjBhLzEvenV0T1VMNnVQcWVQR0pCMFVQRFQ1MmdPT1VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEtY2NhNzlhNjk4MjBh
LzEvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8y0AwQC
W9qwAwQCW+gIMA0GCSqGSIb3DQEBCwUAA4IBAQB7hEkAKTpZs7dnGg5Kk4tc9bIE
qFe4bp+Oq4S3SxdrpKAG0E6d+scszxQpk5UVVmNs0aJxp064bO3mJHynpkzul5/i
yBCCbtaudzB3QlLXGfOvuQfYpCYcQhn6qJgOc1sM5JEz8GsPQmU1HdwvTiGcgUUK
O0bp8F8B12QYBqanM7YzLBF3lBNhM4hnOBxgwkOZJZglPQyFH4mjgl6Hyxm0jnTM
zwWUcPIx6epB1hGj5E7b+RKsCLcLA6rkzHHWuZpdMSVAzxTbUEhuib+PI6d3M8wm
ZzMME7Yvg2fXbgl5yJRxysa7U77rbOxPGZ2boMvMXwRf/037ephJVdEwzx4/
-----END CERTIFICATE-----
Generated at Sat May 4 00:41:39 2024 by rpki-client on console-fra.rpki-client.org