Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9f9440-591b-44d3-87d6-7c445b3f9fc3/1/UEbSpgHkcWj5krzv2_X86SYcP_w.roa
File: UEbSpgHkcWj5krzv2_X86SYcP_w.roa (raw, json)
Hash identifier: rH9hW5DTNBHHD0sJC33E3PfzZpZCx2MFUC5yisyUiwc=
Subject key identifier: 50:46:D2:A6:01:E4:71:68:F9:92:BC:EF:DB:F5:FC:E9:26:1C:3F:FC
Certificate issuer: /CN=62bb1c6e5e886588cd47616bacbd7ccb64abf478
Certificate serial: 018CC6B908267FE02D3AF0370FF7C5946626
Authority key identifier: 62:BB:1C:6E:5E:88:65:88:CD:47:61:6B:AC:BD:7C:CB:64:AB:F4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yrscbl6IZYjNR2FrrL18y2Sr9Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9f9440-591b-44d3-87d6-7c445b3f9fc3/1/UEbSpgHkcWj5krzv2_X86SYcP_w.roa
Signing time: Mon 01 Jan 2024 20:31:04 +0000
ROA not before: Mon 01 Jan 2024 20:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200796
IP address blocks: 185.95.152.0/22 maxlen: 22
185.95.152.0/23 maxlen: 23
185.95.154.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/9f9440-591b-44d3-87d6-7c445b3f9fc3/1/Yrscbl6IZYjNR2FrrL18y2Sr9Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/9f9440-591b-44d3-87d6-7c445b3f9fc3/1/Yrscbl6IZYjNR2FrrL18y2Sr9Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yrscbl6IZYjNR2FrrL18y2Sr9Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 Nov 2024 17:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:08:26:7f:e0:2d:3a:f0:37:0f:f7:c5:94:66:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62bb1c6e5e886588cd47616bacbd7ccb64abf478
Validity
Not Before: Jan 1 20:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5046d2a601e47168f992bcefdbf5fce9261c3ffc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c9:ea:5f:bd:5a:a1:dd:79:66:26:a9:b2:6d:
ae:d3:71:9d:23:67:ed:0e:c0:09:4f:f9:be:f4:a4:
26:a4:ac:bb:73:fe:0c:63:bf:62:26:ca:02:3f:71:
0e:be:47:65:a9:6b:6a:4e:bb:de:11:40:2c:42:e1:
56:88:aa:83:4d:ca:9c:bc:04:34:90:c7:05:aa:a2:
c2:35:74:18:b4:27:db:5c:76:d3:84:e4:11:4a:18:
80:df:37:e7:2d:76:f1:c5:b4:30:6b:62:27:81:6d:
6b:ac:f8:9a:b4:15:66:19:65:82:e5:37:d4:24:ab:
75:b5:68:f8:ae:bc:6f:da:60:43:12:c4:32:fc:80:
2b:48:bf:a1:0a:fa:27:30:88:77:90:15:1e:f2:8d:
0f:c1:92:ca:47:be:ed:e4:ec:23:6c:05:1f:a9:61:
49:82:38:79:82:12:34:14:45:e3:41:7f:d7:cf:a6:
40:7d:cf:bd:b7:3e:31:35:9b:87:b6:d4:6a:36:a7:
e7:e9:67:7d:c9:7d:df:fd:a3:0a:3d:ad:d0:67:0c:
2d:66:5f:f8:29:d2:50:2c:b3:45:7b:c1:03:49:60:
04:68:29:0d:97:d2:57:b2:25:a8:75:64:3a:22:16:
2e:62:26:1c:7b:d4:b1:6c:d9:d4:0c:75:17:be:30:
a8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:46:D2:A6:01:E4:71:68:F9:92:BC:EF:DB:F5:FC:E9:26:1C:3F:FC
X509v3 Authority Key Identifier:
keyid:62:BB:1C:6E:5E:88:65:88:CD:47:61:6B:AC:BD:7C:CB:64:AB:F4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yrscbl6IZYjNR2FrrL18y2Sr9Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9f9440-591b-44d3-87d6-7c445b3f9fc3/1/UEbSpgHkcWj5krzv2_X86SYcP_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9f9440-591b-44d3-87d6-7c445b3f9fc3/1/Yrscbl6IZYjNR2FrrL18y2Sr9Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.152.0/22
Signature Algorithm: sha256WithRSAEncryption
33:3c:fa:e0:43:ee:8a:a7:69:a2:dd:72:f6:c4:52:11:eb:67:
60:e0:68:06:e8:29:a2:53:bc:8c:06:2e:f3:fc:46:e4:2a:1d:
dd:a1:ad:0b:1b:60:c3:4b:30:af:ff:20:ad:82:11:04:a5:d3:
ca:73:54:6a:30:05:5b:2f:28:e1:58:b5:87:a6:f2:b2:af:cd:
01:d3:8c:51:b6:07:ca:da:00:67:e2:09:0d:38:e1:16:5a:59:
b9:fa:e4:85:16:f0:93:d1:82:4a:73:f9:36:4e:bd:6a:22:eb:
cd:28:ea:a9:15:0b:2f:c9:37:f6:b4:d1:96:26:44:0a:80:79:
6d:9b:b8:09:12:52:09:a1:76:10:ae:dd:89:ef:9c:96:06:5d:
1e:eb:cd:86:e9:8b:99:b8:01:92:f9:5d:c1:83:f7:3a:f2:1d:
45:6f:09:a7:d1:77:99:f1:60:60:80:e9:39:4a:72:fb:82:f4:
a4:4d:64:94:ff:89:54:f4:7d:40:00:3c:ec:30:45:2b:b2:1c:
c1:99:0d:f2:b6:84:67:22:81:5c:86:e1:85:64:26:ea:63:b9:
67:28:7b:14:f6:7b:1a:5e:02:1c:47:18:a1:7d:4c:f6:f1:01:
08:41:cb:85:7e:7f:50:89:c0:43:a4:17:51:dc:59:32:ef:1a:
a6:1b:a7:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuQgmf+AtOvA3D/fFlGYmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYmIxYzZlNWU4ODY1ODhjZDQ3NjE2YmFjYmQ3Y2NiNjRh
YmY0NzgwHhcNMjQwMTAxMjAzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDQ2ZDJhNjAxZTQ3MTY4Zjk5MmJjZWZkYmY1ZmNlOTI2MWMzZmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMnqX71aod15Ziapsm2u03GdI2ft
DsAJT/m+9KQmpKy7c/4MY79iJsoCP3EOvkdlqWtqTrveEUAsQuFWiKqDTcqcvAQ0
kMcFqqLCNXQYtCfbXHbThOQRShiA3zfnLXbxxbQwa2IngW1rrPiatBVmGWWC5TfU
JKt1tWj4rrxv2mBDEsQy/IArSL+hCvonMIh3kBUe8o0PwZLKR77t5OwjbAUfqWFJ
gjh5ghI0FEXjQX/Xz6ZAfc+9tz4xNZuHttRqNqfn6Wd9yX3f/aMKPa3QZwwtZl/4
KdJQLLNFe8EDSWAEaCkNl9JXsiWodWQ6IhYuYiYce9SxbNnUDHUXvjCooQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFBG0qYB5HFo+ZK879v1/OkmHD/8MB8GA1UdIwQY
MBaAFGK7HG5eiGWIzUdha6y9fMtkq/R4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXJzY2JsNklaWWpOUjJGcnJMMTh5MlNyOUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85Zjk0NDAtNTkxYi00NGQzLTg3ZDYt
N2M0NDViM2Y5ZmMzLzEvVUViU3BnSGtjV2o1a3J6djJfWDg2U1ljUF93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85Zjk0NDAtNTkxYi00NGQzLTg3ZDYtN2M0NDViM2Y5ZmMz
LzEvWXJzY2JsNklaWWpOUjJGcnJMMTh5MlNyOUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuV+YMA0G
CSqGSIb3DQEBCwUAA4IBAQAzPPrgQ+6Kp2mi3XL2xFIR62dg4GgG6CmiU7yMBi7z
/EbkKh3doa0LG2DDSzCv/yCtghEEpdPKc1RqMAVbLyjhWLWHpvKyr80B04xRtgfK
2gBn4gkNOOEWWlm5+uSFFvCT0YJKc/k2Tr1qIuvNKOqpFQsvyTf2tNGWJkQKgHlt
m7gJElIJoXYQrt2J75yWBl0e682G6YuZuAGS+V3Bg/c68h1Fbwmn0XeZ8WBggOk5
SnL7gvSkTWSU/4lU9H1AADzsMEUrshzBmQ3ytoRnIoFchuGFZCbqY7lnKHsU9nsa
XgIcRxihfUz28QEIQcuFfn9QicBDpBdR3Fky7xqmG6fr
-----END CERTIFICATE-----
Generated at Fri Nov 15 23:30:51 2024 by rpki-client on console-fra.rpki-client.org