Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/18c856-18b1-4375-bcac-19f22ed613a5/1/UsX_Qd8wcEqpo1sgbFft0if1JxY.roa
File: UsX_Qd8wcEqpo1sgbFft0if1JxY.roa (raw, json)
Hash identifier: CJAla0E9MV6f4J/Vm1KGDcIhFRqIe9uG8yBriKI7loI=
Subject key identifier: 52:C5:FF:41:DF:30:70:4A:A9:A3:5B:20:6C:57:ED:D2:27:F5:27:16
Certificate issuer: /CN=068cb85bc4e9e4b732e957f08aa1c0237aadc47f
Certificate serial: 018CC86EF6578455A8EC9192B11337EA5193
Authority key identifier: 06:8C:B8:5B:C4:E9:E4:B7:32:E9:57:F0:8A:A1:C0:23:7A:AD:C4:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Boy4W8Tp5Lcy6VfwiqHAI3qtxH8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/18c856-18b1-4375-bcac-19f22ed613a5/1/UsX_Qd8wcEqpo1sgbFft0if1JxY.roa
Signing time: Tue 02 Jan 2024 04:29:24 +0000
ROA not before: Tue 02 Jan 2024 04:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29686
IP address blocks: 194.0.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/18c856-18b1-4375-bcac-19f22ed613a5/1/Boy4W8Tp5Lcy6VfwiqHAI3qtxH8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/18c856-18b1-4375-bcac-19f22ed613a5/1/Boy4W8Tp5Lcy6VfwiqHAI3qtxH8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Boy4W8Tp5Lcy6VfwiqHAI3qtxH8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:f6:57:84:55:a8:ec:91:92:b1:13:37:ea:51:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=068cb85bc4e9e4b732e957f08aa1c0237aadc47f
Validity
Not Before: Jan 2 04:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52c5ff41df30704aa9a35b206c57edd227f52716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:22:e1:ad:40:2e:ba:b6:59:17:b3:cf:a7:08:
70:d6:3a:0d:83:71:9e:9e:01:1f:94:56:a7:2a:2c:
32:94:28:e6:9d:7c:a5:56:08:23:58:61:db:a3:b8:
fe:d7:05:4f:e0:b0:b5:51:65:dd:a3:5a:48:44:e5:
83:75:8d:12:7b:ac:55:b3:f5:d9:0c:f8:42:cf:12:
c6:2c:da:67:5a:75:ca:e7:b0:14:94:ac:1a:42:fb:
16:f8:f1:59:bd:3e:1c:d0:4d:df:61:52:72:54:0b:
4e:7a:5f:02:00:8d:81:0e:f4:79:89:53:03:07:1a:
50:c8:d3:9c:40:c0:0a:7e:71:d1:b0:66:14:1a:99:
56:09:f1:1d:45:b3:ab:5b:90:24:ac:56:63:05:13:
37:80:8b:d6:bb:29:78:57:38:40:a8:3c:4b:79:28:
10:d5:07:d0:fd:e9:75:05:3d:91:87:c3:79:64:a8:
56:d3:1b:5b:ac:95:fb:3f:a9:33:cd:3d:ae:d5:9c:
a1:cc:67:19:f7:a4:83:f2:65:64:38:da:0f:b6:6a:
65:63:1e:d0:4e:e7:f8:a2:b5:24:dd:25:13:60:59:
ee:7d:46:4e:1b:81:bb:4c:9b:b8:92:22:9f:ef:cb:
30:9b:3f:2a:c5:78:03:f3:cd:f6:0e:ea:d0:bf:4c:
c7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C5:FF:41:DF:30:70:4A:A9:A3:5B:20:6C:57:ED:D2:27:F5:27:16
X509v3 Authority Key Identifier:
keyid:06:8C:B8:5B:C4:E9:E4:B7:32:E9:57:F0:8A:A1:C0:23:7A:AD:C4:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Boy4W8Tp5Lcy6VfwiqHAI3qtxH8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/18c856-18b1-4375-bcac-19f22ed613a5/1/UsX_Qd8wcEqpo1sgbFft0if1JxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/18c856-18b1-4375-bcac-19f22ed613a5/1/Boy4W8Tp5Lcy6VfwiqHAI3qtxH8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.208.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:55:3a:32:85:7e:43:f7:eb:64:e7:4b:23:52:bf:82:1f:69:
81:77:d3:e9:4f:62:64:8a:6e:15:0a:d5:6e:5a:fa:19:56:4b:
c8:12:19:7f:cb:68:f0:c0:cb:2f:c9:18:95:7f:ba:72:ad:db:
f4:98:5d:67:be:09:b4:e8:9b:e6:6c:3f:d1:ce:27:8a:2c:99:
e2:e9:b9:dd:a6:4b:ad:27:62:18:8e:4d:50:51:78:14:f9:8b:
95:6f:a8:5f:f9:e2:51:97:f1:6b:98:53:8a:ca:eb:76:b2:84:
b0:8f:88:78:60:a6:e3:b5:01:29:79:8a:b2:97:92:0e:c1:93:
8f:d6:5c:d9:cb:9b:c8:ef:01:32:41:14:f7:95:d0:23:2a:9a:
f5:f5:49:9a:8b:4b:3d:a8:36:ba:4d:70:b9:8a:8e:b5:45:41:
a8:2e:cb:49:00:7e:e3:86:24:61:19:61:43:66:4e:97:18:c9:
ec:e5:7b:9f:d2:9e:8b:e6:22:b8:65:b9:6f:91:40:38:b3:d0:
e0:1c:fc:ec:0f:0a:d1:24:b1:66:b7:6d:6c:4a:f8:b0:3d:7a:
81:8b:bb:de:79:78:32:ff:bf:aa:d1:4d:da:5f:e9:e6:a0:ae:
52:3f:de:00:ae:2e:11:db:f7:4c:ff:13:f0:1a:b6:d5:c2:17:
95:18:74:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIbvZXhFWo7JGSsRM36lGTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2OGNiODViYzRlOWU0YjczMmU5NTdmMDhhYTFjMDIzN2Fh
ZGM0N2YwHhcNMjQwMTAyMDQyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmM1ZmY0MWRmMzA3MDRhYTlhMzViMjA2YzU3ZWRkMjI3ZjUyNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSLhrUAuurZZF7PPpwhw1joNg3Ge
ngEflFanKiwylCjmnXylVggjWGHbo7j+1wVP4LC1UWXdo1pIROWDdY0Se6xVs/XZ
DPhCzxLGLNpnWnXK57AUlKwaQvsW+PFZvT4c0E3fYVJyVAtOel8CAI2BDvR5iVMD
BxpQyNOcQMAKfnHRsGYUGplWCfEdRbOrW5AkrFZjBRM3gIvWuyl4VzhAqDxLeSgQ
1QfQ/el1BT2Rh8N5ZKhW0xtbrJX7P6kzzT2u1ZyhzGcZ96SD8mVkONoPtmplYx7Q
Tuf4orUk3SUTYFnufUZOG4G7TJu4kiKf78swmz8qxXgD8832DurQv0zHHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFLF/0HfMHBKqaNbIGxX7dIn9ScWMB8GA1UdIwQY
MBaAFAaMuFvE6eS3MulX8IqhwCN6rcR/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm95NFc4VHA1TGN5NlZmd2lxSEFJM3F0eEg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8xOGM4NTYtMThiMS00Mzc1LWJjYWMt
MTlmMjJlZDYxM2E1LzEvVXNYX1FkOHdjRXFwbzFzZ2JGZnQwaWYxSnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8xOGM4NTYtMThiMS00Mzc1LWJjYWMtMTlmMjJlZDYxM2E1
LzEvQm95NFc4VHA1TGN5NlZmd2lxSEFJM3F0eEg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgDQMA0G
CSqGSIb3DQEBCwUAA4IBAQDFVToyhX5D9+tk50sjUr+CH2mBd9PpT2Jkim4VCtVu
WvoZVkvIEhl/y2jwwMsvyRiVf7pyrdv0mF1nvgm06JvmbD/RzieKLJni6bndpkut
J2IYjk1QUXgU+YuVb6hf+eJRl/FrmFOKyut2soSwj4h4YKbjtQEpeYqyl5IOwZOP
1lzZy5vI7wEyQRT3ldAjKpr19Umai0s9qDa6TXC5io61RUGoLstJAH7jhiRhGWFD
Zk6XGMns5Xuf0p6L5iK4ZblvkUA4s9DgHPzsDwrRJLFmt21sSviwPXqBi7veeXgy
/7+q0U3aX+nmoK5SP94Ari4R2/dM/xPwGrbVwheVGHRm
-----END CERTIFICATE-----
Generated at Wed May 22 06:20:30 2024 by rpki-client on console-ams.rpki-client.org