Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/UXThVNgMwyMv9MtpPXM4Qd4niWU.roa
File: UXThVNgMwyMv9MtpPXM4Qd4niWU.roa (raw, json)
Hash identifier: hdMqPvXVFigRo2iCCuN7H5TzcOlZvXVdCjcN2etOcr4=
Subject key identifier: 51:74:E1:54:D8:0C:C3:23:2F:F4:CB:69:3D:73:38:41:DE:27:89:65
Certificate issuer: /CN=d922d8d45f985dc3896c9176a7d48d7658cb4f68
Certificate serial: 018CC94D7E501B5C602BCCDD96258895040E
Authority key identifier: D9:22:D8:D4:5F:98:5D:C3:89:6C:91:76:A7:D4:8D:76:58:CB:4F:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2SLY1F-YXcOJbJF2p9SNdljLT2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/UXThVNgMwyMv9MtpPXM4Qd4niWU.roa
Signing time: Tue 02 Jan 2024 08:32:28 +0000
ROA not before: Tue 02 Jan 2024 08:32:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39500
IP address blocks: 185.154.68.0/24 maxlen: 24
193.47.191.0/24 maxlen: 24
185.154.69.0/24 maxlen: 24
185.154.70.0/24 maxlen: 24
2a07:7f40::/29 maxlen: 29
2001:67c:1f4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/2SLY1F-YXcOJbJF2p9SNdljLT2g.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/2SLY1F-YXcOJbJF2p9SNdljLT2g.mft
rsync://rpki.ripe.net/repository/DEFAULT/2SLY1F-YXcOJbJF2p9SNdljLT2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:7e:50:1b:5c:60:2b:cc:dd:96:25:88:95:04:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d922d8d45f985dc3896c9176a7d48d7658cb4f68
Validity
Not Before: Jan 2 08:32:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5174e154d80cc3232ff4cb693d733841de278965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:95:2a:ef:87:3e:11:24:92:3a:29:7d:c8:48:
e0:25:e8:f0:58:b4:34:51:03:74:b9:b6:df:5c:3a:
93:d7:04:95:a3:d3:d6:28:73:fb:91:fd:df:ed:c2:
5d:aa:55:ab:22:3c:5a:6b:92:0e:ea:87:01:52:9b:
26:87:41:a1:77:30:26:57:af:17:2a:e8:36:50:86:
0e:d5:d7:6e:1b:a3:84:f6:4f:30:81:b5:76:fc:11:
c8:77:23:a8:b7:61:a1:55:81:85:ed:76:77:56:29:
64:3f:d9:0c:1b:c2:1a:82:53:c3:62:eb:76:bd:99:
b1:9b:88:8d:8f:48:21:31:f0:67:08:90:47:0b:94:
ad:91:ce:e7:5c:e2:ac:a9:e3:af:ea:58:f4:86:01:
7a:a5:86:d8:e5:94:de:75:db:d2:2f:aa:6b:43:af:
e0:17:b5:26:34:50:d1:f5:53:f0:6c:2a:a5:99:ba:
7a:38:6a:93:db:ed:86:b1:9a:fc:2c:b6:ed:59:7c:
06:18:95:16:d7:38:de:f5:41:fd:44:e2:14:5e:79:
5a:03:29:9b:e7:00:ee:24:64:06:35:d8:62:f6:1f:
2f:2c:9d:9b:0f:4c:45:2d:ce:6f:05:d1:cd:02:c8:
e7:84:fe:d6:81:11:3a:aa:50:8d:68:21:4e:39:d2:
bc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:74:E1:54:D8:0C:C3:23:2F:F4:CB:69:3D:73:38:41:DE:27:89:65
X509v3 Authority Key Identifier:
keyid:D9:22:D8:D4:5F:98:5D:C3:89:6C:91:76:A7:D4:8D:76:58:CB:4F:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2SLY1F-YXcOJbJF2p9SNdljLT2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/UXThVNgMwyMv9MtpPXM4Qd4niWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/2SLY1F-YXcOJbJF2p9SNdljLT2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.68.0-185.154.70.255
193.47.191.0/24
IPv6:
2001:67c:1f4::/48
2a07:7f40::/29
Signature Algorithm: sha256WithRSAEncryption
87:f9:55:7c:1e:26:05:8f:3e:c5:41:a9:49:54:73:c4:ac:a4:
75:5f:22:8c:46:d6:1e:40:5e:c0:a4:f1:9b:93:ef:37:eb:39:
3f:d0:84:1c:5e:bb:d1:94:c6:36:f1:c1:fe:f8:0c:fb:8a:a2:
7e:07:c7:bd:cd:fd:88:8e:fd:3b:62:dc:4a:9f:74:93:37:1d:
4c:db:04:44:9b:c5:c8:ef:77:a1:ea:27:e3:dc:d4:96:61:5a:
de:d8:47:e0:6c:41:75:08:47:b7:33:f7:a2:7c:a2:45:aa:70:
a7:bd:0a:e5:d0:37:11:1e:35:34:1e:a1:cd:d0:d2:66:11:70:
99:5a:b0:d6:e3:6e:7d:17:2a:33:f7:e1:52:8a:50:8d:a1:76:
74:85:8a:99:e3:01:a3:fe:b5:d4:07:0a:81:21:f8:25:3f:78:
21:14:64:cc:ac:9e:9e:1c:03:43:c9:67:80:e1:e6:f2:59:b2:
af:84:d7:40:5d:51:e1:ec:92:ad:c8:44:77:1a:29:2b:c8:6b:
17:e9:b7:ef:a5:2f:a6:e3:81:1c:ea:48:c2:40:a0:e3:cf:ab:
9a:b1:ab:b3:68:32:7f:ab:8d:03:d5:fd:72:d2:cd:b7:4d:d7:
af:52:2b:cc:ef:14:fc:ac:a8:bd:0a:39:18:7b:39:2e:2f:e3:
6f:ea:f6:c7
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzJTX5QG1xgK8zdliWIlQQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MjJkOGQ0NWY5ODVkYzM4OTZjOTE3NmE3ZDQ4ZDc2NThj
YjRmNjgwHhcNMjQwMTAyMDgzMjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTc0ZTE1NGQ4MGNjMzIzMmZmNGNiNjkzZDczMzg0MWRlMjc4OTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpUq74c+ESSSOil9yEjgJejwWLQ0
UQN0ubbfXDqT1wSVo9PWKHP7kf3f7cJdqlWrIjxaa5IO6ocBUpsmh0GhdzAmV68X
Kug2UIYO1dduG6OE9k8wgbV2/BHIdyOot2GhVYGF7XZ3VilkP9kMG8IaglPDYut2
vZmxm4iNj0ghMfBnCJBHC5Stkc7nXOKsqeOv6lj0hgF6pYbY5ZTeddvSL6prQ6/g
F7UmNFDR9VPwbCqlmbp6OGqT2+2GsZr8LLbtWXwGGJUW1zje9UH9ROIUXnlaAymb
5wDuJGQGNdhi9h8vLJ2bD0xFLc5vBdHNAsjnhP7WgRE6qlCNaCFOOdK8VwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFFF04VTYDMMjL/TLaT1zOEHeJ4llMB8GA1UdIwQY
MBaAFNki2NRfmF3DiWyRdqfUjXZYy09oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlNMWTFGLVlYY09KYkpGMnA5U05kbGpMVDJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC85MDAyZTItZGMwNC00YzM5LTkyMzUt
NTRkNWQwNGUzNDZkLzEvVVhUaFZOZ013eU12OU10cFBYTTRRZDRuaVdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC85MDAyZTItZGMwNC00YzM5LTkyMzUtNTRkNWQwNGUzNDZk
LzEvMlNMWTFGLVlYY09KYkpGMnA5U05kbGpMVDJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAaBAIAATAUMAwDBAK5mkQD
BAC5mkYDBADBL78wFgQCAAIwEAMHACABBnwB9AMFAyoHf0AwDQYJKoZIhvcNAQEL
BQADggEBAIf5VXweJgWPPsVBqUlUc8SspHVfIoxG1h5AXsCk8ZuT7zfrOT/QhBxe
u9GUxjbxwf74DPuKon4Hx73N/YiO/Tti3EqfdJM3HUzbBESbxcjvd6HqJ+Pc1JZh
Wt7YR+BsQXUIR7cz96J8okWqcKe9CuXQNxEeNTQeoc3Q0mYRcJlasNbjbn0XKjP3
4VKKUI2hdnSFipnjAaP+tdQHCoEh+CU/eCEUZMysnp4cA0PJZ4Dh5vJZsq+E10Bd
UeHskq3IRHcaKSvIaxfpt++lL6bjgRzqSMJAoOPPq5qxq7NoMn+rjQPV/XLSzbdN
169SK8zvFPysqL0KORh7OS4v42/q9sc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:12:53 2024 by rpki-client on console-fra.rpki-client.org