Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/c01306-66f5-4209-8c88-2db691b1d4ab/1/UOTWrjU9h5hDScznEdnlyFoQCJU.roa
File: UOTWrjU9h5hDScznEdnlyFoQCJU.roa (raw, json)
Hash identifier: grDO8mpgZurLld6qE/UyetGsVzAOmBIjOa9F+xnFFVQ=
Subject key identifier: 50:E4:D6:AE:35:3D:87:98:43:49:CC:E7:11:D9:E5:C8:5A:10:08:95
Certificate issuer: /CN=8300996c08890bd5e1e6dd0528217d28f9d09355
Certificate serial: 018CC4254056B57CEA69DE11D10155CBF200
Authority key identifier: 83:00:99:6C:08:89:0B:D5:E1:E6:DD:05:28:21:7D:28:F9:D0:93:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gwCZbAiJC9Xh5t0FKCF9KPnQk1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/c01306-66f5-4209-8c88-2db691b1d4ab/1/UOTWrjU9h5hDScznEdnlyFoQCJU.roa
Signing time: Mon 01 Jan 2024 08:30:24 +0000
ROA not before: Mon 01 Jan 2024 08:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197422
IP address blocks: 185.119.168.0/22 maxlen: 24
91.224.148.0/23 maxlen: 24
2a03:7220::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/c01306-66f5-4209-8c88-2db691b1d4ab/1/gwCZbAiJC9Xh5t0FKCF9KPnQk1U.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/c01306-66f5-4209-8c88-2db691b1d4ab/1/gwCZbAiJC9Xh5t0FKCF9KPnQk1U.mft
rsync://rpki.ripe.net/repository/DEFAULT/gwCZbAiJC9Xh5t0FKCF9KPnQk1U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:40:56:b5:7c:ea:69:de:11:d1:01:55:cb:f2:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8300996c08890bd5e1e6dd0528217d28f9d09355
Validity
Not Before: Jan 1 08:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50e4d6ae353d87984349cce711d9e5c85a100895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:11:d0:0e:ac:47:d0:3a:0f:b7:7e:be:a2:98:
c1:76:5c:c4:94:22:44:5d:67:4b:34:2c:60:b8:d3:
5a:ed:f1:d7:f2:ef:ad:fe:b8:16:97:08:49:d9:67:
7f:f3:a2:2f:de:02:1f:17:c8:e8:15:63:09:66:74:
76:ff:9c:eb:0b:22:a5:40:f5:17:31:ec:28:f3:34:
7a:ff:61:0b:b9:92:e6:ec:33:1f:8e:95:06:7d:6b:
1d:79:7b:09:05:0e:11:d6:43:81:5d:3d:27:dc:70:
9d:fa:ed:54:7f:28:fe:2a:2a:af:04:77:d4:80:6d:
6e:c7:ba:80:79:b8:ff:e3:d5:ca:57:cb:f9:4c:ec:
94:2d:d8:59:4f:1b:70:af:33:94:d2:1f:c5:f8:6a:
59:74:18:8a:36:e0:7c:1a:42:55:c3:97:96:9c:b7:
6f:08:7f:59:e1:54:10:6a:bd:7a:30:91:b1:ca:e8:
87:2f:eb:79:54:7b:71:c2:c4:88:82:5b:01:f7:93:
d4:7c:ae:6f:fa:25:cd:3d:cf:c7:b7:47:7b:44:8a:
80:40:d7:8d:2c:1b:e4:76:df:ff:2b:b3:d2:32:fa:
5a:fa:26:8d:c5:01:4d:c4:ce:a0:93:e2:d9:05:f1:
0f:7e:b0:13:ed:4a:cc:c1:2d:56:aa:46:b4:cb:98:
76:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:E4:D6:AE:35:3D:87:98:43:49:CC:E7:11:D9:E5:C8:5A:10:08:95
X509v3 Authority Key Identifier:
keyid:83:00:99:6C:08:89:0B:D5:E1:E6:DD:05:28:21:7D:28:F9:D0:93:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gwCZbAiJC9Xh5t0FKCF9KPnQk1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/c01306-66f5-4209-8c88-2db691b1d4ab/1/UOTWrjU9h5hDScznEdnlyFoQCJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/c01306-66f5-4209-8c88-2db691b1d4ab/1/gwCZbAiJC9Xh5t0FKCF9KPnQk1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.148.0/23
185.119.168.0/22
IPv6:
2a03:7220::/29
Signature Algorithm: sha256WithRSAEncryption
76:77:84:6d:9e:38:15:a1:86:ea:e8:1c:fa:62:76:01:25:85:
a1:57:45:95:1c:7e:b5:5d:d8:e7:32:eb:ca:de:e1:23:d6:22:
4c:3c:4f:89:4d:71:b3:ed:5a:29:c8:aa:45:ff:09:86:57:7b:
48:45:d6:2f:af:d6:fd:1f:a3:f3:fc:c3:d6:46:da:a7:e5:2a:
99:1f:28:62:73:69:8c:89:c5:1d:50:29:ca:9e:f4:1c:f0:36:
11:ff:57:cb:ac:f6:84:f0:c6:73:63:4e:91:ec:61:72:f9:ef:
2c:28:3a:be:83:c1:53:d4:50:fe:80:f2:d1:21:85:90:d3:26:
60:27:da:81:11:8f:98:5d:9d:71:da:ba:a3:36:e8:da:23:7d:
0a:b4:98:b7:81:e6:ab:0f:e1:96:1b:2b:2f:78:52:de:76:83:
59:3d:91:ad:af:ec:88:6e:69:46:3c:fd:47:69:86:e2:9c:9f:
ce:51:60:ba:d1:ae:50:0d:4b:e8:c8:24:6f:89:4f:0c:f8:33:
e1:69:e8:0e:6e:4b:93:4e:08:2a:c0:87:dc:49:54:31:89:ef:
36:8d:0d:9b:b9:de:24:bc:53:25:3d:5e:7c:63:9a:55:e7:47:
80:9b:a6:ae:8e:b9:af:52:a5:50:2e:d6:c5:0e:21:0b:ef:2f:
72:85:16:0b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEJUBWtXzqad4R0QFVy/IAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMDA5OTZjMDg4OTBiZDVlMWU2ZGQwNTI4MjE3ZDI4Zjlk
MDkzNTUwHhcNMjQwMTAxMDgzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGU0ZDZhZTM1M2Q4Nzk4NDM0OWNjZTcxMWQ5ZTVjODVhMTAwODk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hHQDqxH0DoPt36+opjBdlzElCJE
XWdLNCxguNNa7fHX8u+t/rgWlwhJ2Wd/86Iv3gIfF8joFWMJZnR2/5zrCyKlQPUX
Mewo8zR6/2ELuZLm7DMfjpUGfWsdeXsJBQ4R1kOBXT0n3HCd+u1Ufyj+KiqvBHfU
gG1ux7qAebj/49XKV8v5TOyULdhZTxtwrzOU0h/F+GpZdBiKNuB8GkJVw5eWnLdv
CH9Z4VQQar16MJGxyuiHL+t5VHtxwsSIglsB95PUfK5v+iXNPc/Ht0d7RIqAQNeN
LBvkdt//K7PSMvpa+iaNxQFNxM6gk+LZBfEPfrAT7UrMwS1Wqka0y5h20wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFDk1q41PYeYQ0nM5xHZ5chaEAiVMB8GA1UdIwQY
MBaAFIMAmWwIiQvV4ebdBSghfSj50JNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3dDWmJBaUpDOVhoNXQwRktDRjlLUG5RazFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9jMDEzMDYtNjZmNS00MjA5LThjODgt
MmRiNjkxYjFkNGFiLzEvVU9UV3JqVTloNWhEU2N6bkVkbmx5Rm9RQ0pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9jMDEzMDYtNjZmNS00MjA5LThjODgtMmRiNjkxYjFkNGFi
LzEvZ3dDWmJBaUpDOVhoNXQwRktDRjlLUG5RazFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW+CUAwQC
uXeoMA0EAgACMAcDBQMqA3IgMA0GCSqGSIb3DQEBCwUAA4IBAQB2d4RtnjgVoYbq
6Bz6YnYBJYWhV0WVHH61XdjnMuvK3uEj1iJMPE+JTXGz7VopyKpF/wmGV3tIRdYv
r9b9H6Pz/MPWRtqn5SqZHyhic2mMicUdUCnKnvQc8DYR/1fLrPaE8MZzY06R7GFy
+e8sKDq+g8FT1FD+gPLRIYWQ0yZgJ9qBEY+YXZ1x2rqjNujaI30KtJi3gearD+GW
GysveFLedoNZPZGtr+yIbmlGPP1HaYbinJ/OUWC60a5QDUvoyCRviU8M+DPhaegO
bkuTTggqwIfcSVQxie82jQ2bud4kvFMlPV58Y5pV50eAm6aujrmvUqVQLtbFDiEL
7y9yhRYL
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:24:26 2024 by rpki-client on console-ams.rpki-client.org