Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/Uu0gyqe1I-mxyREq2SRbKswNBy0.roa
File: Uu0gyqe1I-mxyREq2SRbKswNBy0.roa (raw, json)
Hash identifier: sqjldu1tFo48f1K0XN3w5dfuZ8FGJkPU1PGNYC/Brok=
Subject key identifier: 52:ED:20:CA:A7:B5:23:E9:B1:C9:11:2A:D9:24:5B:2A:CC:0D:07:2D
Certificate issuer: /CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Certificate serial: 018CCA29A0593D987082A9767F036C17250F
Authority key identifier: D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/Uu0gyqe1I-mxyREq2SRbKswNBy0.roa
Signing time: Tue 02 Jan 2024 12:32:54 +0000
ROA not before: Tue 02 Jan 2024 12:32:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60256
IP address blocks: 5.145.119.0/24 maxlen: 24
185.24.254.0/24 maxlen: 24
5.145.112.0/23 maxlen: 23
5.145.112.0/24 maxlen: 24
5.145.115.0/24 maxlen: 24
5.145.113.0/24 maxlen: 24
5.145.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 07:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:a0:59:3d:98:70:82:a9:76:7f:03:6c:17:25:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Validity
Not Before: Jan 2 12:32:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52ed20caa7b523e9b1c9112ad9245b2acc0d072d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:80:60:4c:df:04:7b:6a:5c:23:fc:ef:3c:f8:
8d:f3:e7:da:28:f8:2f:16:d6:1b:0e:ac:7b:1f:8e:
ee:f4:39:c0:d7:2e:cb:04:2e:5c:93:3b:f5:20:8d:
c0:ea:6a:50:81:c3:50:20:dd:86:fa:86:c7:71:54:
5b:40:04:f6:0c:1e:50:cd:1e:ff:bd:6f:73:5e:24:
55:5d:56:5f:83:aa:5d:cf:57:e1:5d:c7:8b:3c:53:
95:30:f5:18:e5:41:d7:0e:af:17:f0:8a:b3:3e:a6:
87:a7:74:f3:cb:e8:fc:de:8d:45:64:33:80:5c:70:
ba:b2:13:02:22:30:db:00:5d:1b:92:e9:3c:9c:6b:
9d:45:3b:62:81:8d:8e:93:d8:10:b7:6b:cb:7a:10:
57:ee:62:58:9a:6e:c7:49:3a:7e:12:04:d3:8f:93:
46:d2:16:bb:ef:c6:8e:33:b8:b6:2e:8f:5a:4a:22:
73:3c:bb:2b:72:c2:e3:72:06:47:c7:a5:24:df:a6:
44:ed:0b:3f:79:37:39:1a:62:85:42:78:21:4a:3c:
d7:1c:30:85:b1:e0:62:b8:9d:ce:3e:9b:14:32:28:
b9:85:50:53:9b:3a:a0:43:08:95:16:fd:c7:aa:93:
f2:ee:4c:41:f6:c7:b4:bc:a9:38:7d:8e:04:32:7e:
6d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:ED:20:CA:A7:B5:23:E9:B1:C9:11:2A:D9:24:5B:2A:CC:0D:07:2D
X509v3 Authority Key Identifier:
keyid:D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/Uu0gyqe1I-mxyREq2SRbKswNBy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.112.0/23
5.145.115.0/24
5.145.118.0/23
185.24.254.0/24
Signature Algorithm: sha256WithRSAEncryption
55:a6:c2:04:21:25:c0:5d:e8:b7:47:0a:3e:c0:db:8a:59:2a:
a2:08:1f:3b:69:43:5b:0a:d8:a7:d3:0b:8f:c1:cb:4d:70:2d:
8e:36:c6:8e:ea:51:80:42:6e:bd:7e:0d:b2:35:ce:a9:6d:65:
07:60:e3:af:5a:ab:92:ef:c4:84:3f:db:7e:d4:70:19:d1:16:
19:7a:ee:d8:62:f8:2d:2e:8c:20:1b:d2:b8:98:81:cd:05:eb:
52:9b:c7:49:36:c8:f7:a8:77:7a:38:ee:b5:6f:68:65:3e:1e:
bc:5f:8d:75:74:31:80:b1:79:27:c3:b9:bb:33:ed:94:6f:d4:
9c:3a:5a:16:74:b3:aa:da:78:ce:ad:b3:cb:21:85:4a:e0:19:
f3:06:a3:b9:1e:e6:f9:1a:12:f9:c9:0d:26:d5:af:6d:77:e6:
d0:50:14:bf:ac:65:cd:51:05:5f:94:af:89:e5:14:45:1c:c1:
0e:14:d0:fe:30:ad:f2:90:a3:82:4a:94:49:b9:52:f1:74:d6:
62:b7:81:46:35:29:4d:bc:31:db:d1:3b:65:07:af:ff:10:10:
20:52:9c:c4:fc:14:45:2a:24:fa:91:ad:51:de:cf:00:fc:d9:
35:18:fc:3d:3c:09:3b:e8:75:37:64:1a:3b:56:d8:96:cd:7f:
66:b8:51:94
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKKaBZPZhwgql2fwNsFyUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTI2OTQ2NTJhYTI5ODUxMWVkYWZiZTE4ZDJiMWNkYmM3
OTI2MzgwHhcNMjQwMTAyMTIzMjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmVkMjBjYWE3YjUyM2U5YjFjOTExMmFkOTI0NWIyYWNjMGQwNzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoBgTN8Ee2pcI/zvPPiN8+faKPgv
FtYbDqx7H47u9DnA1y7LBC5ckzv1II3A6mpQgcNQIN2G+obHcVRbQAT2DB5QzR7/
vW9zXiRVXVZfg6pdz1fhXceLPFOVMPUY5UHXDq8X8IqzPqaHp3Tzy+j83o1FZDOA
XHC6shMCIjDbAF0bkuk8nGudRTtigY2Ok9gQt2vLehBX7mJYmm7HSTp+EgTTj5NG
0ha778aOM7i2Lo9aSiJzPLsrcsLjcgZHx6Uk36ZE7Qs/eTc5GmKFQnghSjzXHDCF
seBiuJ3OPpsUMii5hVBTmzqgQwiVFv3HqpPy7kxB9se0vKk4fY4EMn5tMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFLtIMqntSPpsckRKtkkWyrMDQctMB8GA1UdIwQY
MBaAFNbiaUZSqimFEe2vvhjSsc28eSY4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODkt
YjQyMzY0ODk1MDgzLzEvVXUwZ3lxZTFJLW14eVJFcTJTUmJLc3dOQnkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODktYjQyMzY0ODk1MDgz
LzEvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBZFwAwQA
BZFzAwQBBZF2AwQAuRj+MA0GCSqGSIb3DQEBCwUAA4IBAQBVpsIEISXAXei3Rwo+
wNuKWSqiCB87aUNbCtin0wuPwctNcC2ONsaO6lGAQm69fg2yNc6pbWUHYOOvWquS
78SEP9t+1HAZ0RYZeu7YYvgtLowgG9K4mIHNBetSm8dJNsj3qHd6OO61b2hlPh68
X411dDGAsXknw7m7M+2Ub9ScOloWdLOq2njOrbPLIYVK4BnzBqO5Hub5GhL5yQ0m
1a9td+bQUBS/rGXNUQVflK+J5RRFHMEOFND+MK3ykKOCSpRJuVLxdNZit4FGNSlN
vDHb0TtlB6//EBAgUpzE/BRFKiT6ka1R3s8A/Nk1GPw9PAk76HU3ZBo7VtiWzX9m
uFGU
-----END CERTIFICATE-----
Generated at Fri Apr 26 12:14:52 2024 by rpki-client on console-ams.rpki-client.org