Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/UGwqomISx8dmkHOgLw242k5n8KA.roa
File: UGwqomISx8dmkHOgLw242k5n8KA.roa (raw, json)
Hash identifier: tlHE+rLQjhfcNcIpIGb7d4iag5nMQYpNoc8BnqmbZZw=
Subject key identifier: 50:6C:2A:A2:62:12:C7:C7:66:90:73:A0:2F:0D:B8:DA:4E:67:F0:A0
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 018CC9BC6AD6BDD9634EFC7F4DB69E6B6486
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/UGwqomISx8dmkHOgLw242k5n8KA.roa
Signing time: Tue 02 Jan 2024 10:33:37 +0000
ROA not before: Tue 02 Jan 2024 10:33:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34820
IP address blocks: 45.158.82.0/24 maxlen: 24
185.225.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:6a:d6:bd:d9:63:4e:fc:7f:4d:b6:9e:6b:64:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Jan 2 10:33:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=506c2aa26212c7c7669073a02f0db8da4e67f0a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e7:e2:7e:a2:4c:04:82:8b:9a:ab:b9:90:ec:
e8:15:3f:c1:de:2f:9f:2e:51:76:0b:3a:18:9b:9b:
61:67:f8:6e:08:01:71:c1:16:f2:c3:f2:b1:59:da:
94:c8:a1:b2:43:a9:6b:6d:f7:97:ca:22:c7:16:13:
82:b5:87:0f:66:6e:47:c6:76:4c:64:52:c6:71:aa:
8a:50:ba:05:30:5a:77:ad:b4:0a:3d:6e:4d:93:0e:
c3:cb:24:18:bf:e2:d0:52:2c:07:8f:5d:5d:4a:d4:
e1:8b:36:b3:40:c1:f6:ac:ea:31:02:de:fc:73:bf:
53:d2:6d:9f:98:24:ce:b5:cf:41:71:e1:dd:a0:3f:
5d:77:d4:de:1a:85:5f:66:02:9b:3c:5a:c3:fe:a9:
da:86:e2:d8:dc:d2:0e:a2:67:82:da:21:a7:02:a6:
34:77:70:19:84:1f:20:d5:98:83:f4:c8:1b:74:bb:
2e:4b:7e:05:46:5d:7d:5e:46:92:67:1a:2b:84:a1:
3e:72:60:f7:7a:ec:ba:1d:63:f2:c2:a3:08:5f:84:
ab:ed:e7:46:dc:86:e8:2d:79:ff:cf:d4:6a:bc:7c:
9e:d5:a0:0d:dd:1f:a3:ee:a3:e9:e6:8b:d3:99:59:
b7:4a:f5:3d:00:2f:df:6d:e6:d2:32:4c:28:e7:c4:
86:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:6C:2A:A2:62:12:C7:C7:66:90:73:A0:2F:0D:B8:DA:4E:67:F0:A0
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/UGwqomISx8dmkHOgLw242k5n8KA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.82.0/24
185.225.204.0/24
Signature Algorithm: sha256WithRSAEncryption
96:c9:cf:b6:85:62:56:cb:3e:75:1b:94:31:ca:2a:81:62:fc:
04:cc:db:f4:ed:a6:99:0d:89:e1:18:04:c1:f0:2b:cd:fd:1f:
1e:c0:33:61:c6:4d:b6:d4:eb:18:5e:2f:8c:17:68:61:a8:0c:
59:b1:a5:d6:63:5f:1b:4b:60:37:ee:db:6a:72:da:89:c1:1c:
40:23:00:83:a8:e4:6e:ab:b9:f4:c7:fc:86:ad:19:35:cb:ac:
07:10:28:d3:2e:61:77:10:3f:39:2c:e5:0b:65:d3:a5:74:a7:
83:52:fe:79:a9:65:ad:bb:33:1b:d2:b9:29:43:e8:87:9e:82:
d2:e7:03:3c:e1:19:da:89:02:ce:d7:db:94:0f:11:45:31:35:
ac:ca:69:9e:a8:ac:b1:0d:c5:6f:c4:7c:88:ed:53:03:33:b1:
6b:49:79:25:0b:4e:39:08:de:d7:50:ba:16:33:18:da:73:d4:
dc:60:67:f2:b7:2c:4f:48:9c:b4:d0:00:b1:4e:22:9c:3b:8c:
17:2d:c7:b4:85:83:e9:6a:ee:53:1f:b4:11:75:d5:09:07:f8:
8e:38:1a:8a:be:06:58:06:3c:70:2e:fc:53:d7:e8:97:33:39:
21:38:91:98:3a:ef:09:15:8e:f3:da:9a:11:48:ba:e4:63:61:
7a:cd:20:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvGrWvdljTvx/Tbaea2SGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjQwMTAyMTAzMzM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDZjMmFhMjYyMTJjN2M3NjY5MDczYTAyZjBkYjhkYTRlNjdmMGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOfifqJMBIKLmqu5kOzoFT/B3i+f
LlF2CzoYm5thZ/huCAFxwRbyw/KxWdqUyKGyQ6lrbfeXyiLHFhOCtYcPZm5HxnZM
ZFLGcaqKULoFMFp3rbQKPW5Nkw7DyyQYv+LQUiwHj11dStThizazQMH2rOoxAt78
c79T0m2fmCTOtc9BceHdoD9dd9TeGoVfZgKbPFrD/qnahuLY3NIOomeC2iGnAqY0
d3AZhB8g1ZiD9MgbdLsuS34FRl19XkaSZxorhKE+cmD3euy6HWPywqMIX4Sr7edG
3IboLXn/z9RqvHye1aAN3R+j7qPp5ovTmVm3SvU9AC/fbebSMkwo58SGDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFBsKqJiEsfHZpBzoC8NuNpOZ/CgMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvVUd3cW9tSVN4OGRta0hPZ0x3MjQyazVuOEtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZ5SAwQA
ueHMMA0GCSqGSIb3DQEBCwUAA4IBAQCWyc+2hWJWyz51G5QxyiqBYvwEzNv07aaZ
DYnhGATB8CvN/R8ewDNhxk221OsYXi+MF2hhqAxZsaXWY18bS2A37ttqctqJwRxA
IwCDqORuq7n0x/yGrRk1y6wHECjTLmF3ED85LOULZdOldKeDUv55qWWtuzMb0rkp
Q+iHnoLS5wM84RnaiQLO19uUDxFFMTWsymmeqKyxDcVvxHyI7VMDM7FrSXklC045
CN7XULoWMxjac9TcYGfytyxPSJy00ACxTiKcO4wXLce0hYPpau5TH7QRddUJB/iO
OBqKvgZYBjxwLvxT1+iXMzkhOJGYOu8JFY7z2poRSLrkY2F6zSCF
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:54:37 2024 by rpki-client on console-ams.rpki-client.org