Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/Ug0y31yGl2J0nFHmhKDep2_41nE.roa
File: Ug0y31yGl2J0nFHmhKDep2_41nE.roa (raw, json)
Hash identifier: ucxH8nh3JGfHyWk4oP8fy92T6lP2Okm+PJysr712HrQ=
Subject key identifier: 52:0D:32:DF:5C:86:97:62:74:9C:51:E6:84:A0:DE:A7:6F:F8:D6:71
Certificate issuer: /CN=971a6cbb2df6e7faccc5853ba5400f1f470eab16
Certificate serial: 018CC8DF8363C571A9A0F364BF709971F68C
Authority key identifier: 97:1A:6C:BB:2D:F6:E7:FA:CC:C5:85:3B:A5:40:0F:1F:47:0E:AB:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxpsuy325_rMxYU7pUAPH0cOqxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/Ug0y31yGl2J0nFHmhKDep2_41nE.roa
Signing time: Tue 02 Jan 2024 06:32:20 +0000
ROA not before: Tue 02 Jan 2024 06:32:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59989
IP address blocks: 185.22.34.0/24 maxlen: 24
185.22.32.0/22 maxlen: 22
185.22.33.0/24 maxlen: 24
185.22.35.0/24 maxlen: 24
185.22.32.0/24 maxlen: 24
185.100.202.0/24 maxlen: 24
185.100.201.0/24 maxlen: 24
185.100.200.0/22 maxlen: 22
185.100.203.0/24 maxlen: 24
185.100.200.0/24 maxlen: 24
2a00:5e60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/lxpsuy325_rMxYU7pUAPH0cOqxY.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/lxpsuy325_rMxYU7pUAPH0cOqxY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lxpsuy325_rMxYU7pUAPH0cOqxY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:83:63:c5:71:a9:a0:f3:64:bf:70:99:71:f6:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=971a6cbb2df6e7faccc5853ba5400f1f470eab16
Validity
Not Before: Jan 2 06:32:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=520d32df5c869762749c51e684a0dea76ff8d671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:85:67:35:e9:e4:39:87:e5:0a:91:b1:2d:11:
bb:b1:81:2b:86:0c:26:48:d4:a1:8e:cc:20:e1:88:
c3:95:e8:5e:9c:08:19:2c:bf:ff:6b:b2:af:3c:2f:
a0:fc:c1:65:eb:39:d0:5b:34:0e:6c:59:00:28:2a:
00:63:09:78:ff:99:0d:a8:da:c3:ea:e9:ad:e1:11:
70:73:a8:87:3c:e6:f7:46:1e:b4:da:86:be:24:84:
58:ad:48:87:5c:3f:15:7b:3e:85:62:e4:da:1c:87:
ab:c4:c1:32:cb:af:cc:2c:58:53:49:c7:0c:b9:b9:
55:30:7c:c1:87:51:b0:9a:c3:d1:ec:0e:cc:a1:78:
70:30:c0:70:ea:8f:d8:a5:6d:da:c8:73:62:1e:72:
5e:1a:4b:7c:20:60:77:5f:8f:5c:1d:17:02:f9:0a:
45:fb:ab:7c:3f:fa:c3:81:14:c3:38:8e:c8:67:5f:
b6:e6:54:5e:d2:30:bb:d3:c4:98:09:ea:a8:2d:12:
9d:1a:02:4e:9e:14:86:47:0f:98:79:18:2c:ba:47:
82:fa:f2:51:40:7f:27:aa:29:96:45:48:a2:b0:4a:
19:fe:1c:ef:04:dc:db:f6:74:20:13:e8:95:f7:c8:
e1:51:21:59:79:e4:7e:40:76:11:32:34:77:74:47:
83:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:0D:32:DF:5C:86:97:62:74:9C:51:E6:84:A0:DE:A7:6F:F8:D6:71
X509v3 Authority Key Identifier:
keyid:97:1A:6C:BB:2D:F6:E7:FA:CC:C5:85:3B:A5:40:0F:1F:47:0E:AB:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxpsuy325_rMxYU7pUAPH0cOqxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/Ug0y31yGl2J0nFHmhKDep2_41nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/lxpsuy325_rMxYU7pUAPH0cOqxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.32.0/22
185.100.200.0/22
IPv6:
2a00:5e60::/32
Signature Algorithm: sha256WithRSAEncryption
68:b0:b4:f9:38:47:ab:0c:c9:bf:46:05:ac:52:8c:05:2a:6e:
c5:9a:1c:76:bd:1a:c1:61:c6:17:f0:b8:c5:96:62:59:26:9a:
64:a9:7f:11:48:fa:27:70:33:6a:22:9b:fe:1f:1a:21:d1:52:
cb:53:b8:05:14:ae:1f:a8:f0:a5:97:0c:b5:7e:33:6e:3b:14:
55:a4:ed:70:41:b2:12:c6:b9:b4:63:8c:1d:8f:fc:21:33:97:
4f:ca:92:b3:10:d0:5a:e5:05:45:fe:c8:f2:32:35:89:e2:15:
79:ab:8c:e5:eb:46:d8:86:ea:cf:a2:73:47:0b:e1:47:8f:9f:
e0:0e:76:93:e2:24:da:21:56:a7:7b:d1:17:59:a3:d2:bd:88:
f2:e8:1b:a1:d9:77:a8:72:ca:06:a7:41:e4:61:81:81:ae:e1:
f6:07:f4:70:1f:fd:50:a5:c5:5c:c1:d6:9c:83:04:14:54:11:
9f:ce:32:7b:4e:a0:b0:2e:86:d0:d4:29:b5:36:c6:83:ef:77:
c6:3a:04:04:09:f5:7a:84:20:95:f7:0c:63:8e:d3:80:0d:8c:
f8:78:65:6d:12:ad:cb:35:cb:4a:8b:91:e2:04:34:33:d1:ee:
8f:6a:13:93:e7:2c:7a:c6:05:c1:d2:f6:d0:51:18:8d:d5:ba:
11:b8:a9:f8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzI34NjxXGpoPNkv3CZcfaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MWE2Y2JiMmRmNmU3ZmFjY2M1ODUzYmE1NDAwZjFmNDcw
ZWFiMTYwHhcNMjQwMTAyMDYzMjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjBkMzJkZjVjODY5NzYyNzQ5YzUxZTY4NGEwZGVhNzZmZjhkNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYVnNenkOYflCpGxLRG7sYErhgwm
SNShjswg4YjDlehenAgZLL//a7KvPC+g/MFl6znQWzQObFkAKCoAYwl4/5kNqNrD
6umt4RFwc6iHPOb3Rh602oa+JIRYrUiHXD8Vez6FYuTaHIerxMEyy6/MLFhTSccM
ublVMHzBh1GwmsPR7A7MoXhwMMBw6o/YpW3ayHNiHnJeGkt8IGB3X49cHRcC+QpF
+6t8P/rDgRTDOI7IZ1+25lRe0jC708SYCeqoLRKdGgJOnhSGRw+YeRgsukeC+vJR
QH8nqimWRUiisEoZ/hzvBNzb9nQgE+iV98jhUSFZeeR+QHYRMjR3dEeD7QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFINMt9chpdidJxR5oSg3qdv+NZxMB8GA1UdIwQY
MBaAFJcabLst9uf6zMWFO6VADx9HDqsWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHhwc3V5MzI1X3JNeFlVN3BVQVBIMGNPcXhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS83ZDNmMDAtZDQ4Yy00MTZmLTkxOWUt
ZGMwMzg5ZjkxNjdkLzEvVWcweTMxeUdsMkowbkZIbWhLRGVwMl80MW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS83ZDNmMDAtZDQ4Yy00MTZmLTkxOWUtZGMwMzg5ZjkxNjdk
LzEvbHhwc3V5MzI1X3JNeFlVN3BVQVBIMGNPcXhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRYgAwQC
uWTIMA0EAgACMAcDBQAqAF5gMA0GCSqGSIb3DQEBCwUAA4IBAQBosLT5OEerDMm/
RgWsUowFKm7Fmhx2vRrBYcYX8LjFlmJZJppkqX8RSPoncDNqIpv+Hxoh0VLLU7gF
FK4fqPCllwy1fjNuOxRVpO1wQbISxrm0Y4wdj/whM5dPypKzENBa5QVF/sjyMjWJ
4hV5q4zl60bYhurPonNHC+FHj5/gDnaT4iTaIVane9EXWaPSvYjy6Buh2XeocsoG
p0HkYYGBruH2B/RwH/1QpcVcwdacgwQUVBGfzjJ7TqCwLobQ1Cm1NsaD73fGOgQE
CfV6hCCV9wxjjtOADYz4eGVtEq3LNctKi5HiBDQz0e6PahOT5yx6xgXB0vbQURiN
1boRuKn4
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:18:54 2024 by rpki-client on console-fra.rpki-client.org