Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/CUK8u63-Rds64vmeOOzjGYiej68.roa
File: CUK8u63-Rds64vmeOOzjGYiej68.roa (raw, json)
Hash identifier: V+b3Xo/NnquDvWjHASe43TS0SLYfUD5eoXyZFVBw3Q8=
Subject key identifier: 09:42:BC:BB:AD:FE:45:DB:3A:E2:F9:9E:38:EC:E3:19:88:9E:8F:AF
Certificate issuer: /CN=52a165dc3aafbe2c62e265ff104327a3e675f89f
Certificate serial: 018CC94E48D3B52EA1CF55FECFFAE4FCDB31
Authority key identifier: 52:A1:65:DC:3A:AF:BE:2C:62:E2:65:FF:10:43:27:A3:E6:75:F8:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UqFl3Dqvvixi4mX_EEMno-Z1-J8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/CUK8u63-Rds64vmeOOzjGYiej68.roa
Signing time: Tue 02 Jan 2024 08:33:20 +0000
ROA not before: Tue 02 Jan 2024 08:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207713
IP address blocks: 185.143.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/UqFl3Dqvvixi4mX_EEMno-Z1-J8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/UqFl3Dqvvixi4mX_EEMno-Z1-J8.mft
rsync://rpki.ripe.net/repository/DEFAULT/UqFl3Dqvvixi4mX_EEMno-Z1-J8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:48:d3:b5:2e:a1:cf:55:fe:cf:fa:e4:fc:db:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52a165dc3aafbe2c62e265ff104327a3e675f89f
Validity
Not Before: Jan 2 08:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0942bcbbadfe45db3ae2f99e38ece319889e8faf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:37:13:da:0a:25:91:0e:22:80:19:ac:9e:3e:
d0:64:83:cc:69:1c:56:5f:26:37:77:5e:26:7a:9b:
b7:e2:95:3c:ed:54:55:f4:4f:2f:b9:9b:85:e4:92:
a2:54:5c:1a:78:3f:1a:bd:99:1f:ea:4c:2a:ea:ec:
fe:95:12:d2:22:9f:72:91:6d:c4:b3:69:e8:a4:25:
0e:40:9f:27:61:69:ea:36:ce:af:c5:a9:d7:7e:2c:
c7:f2:d7:e4:b9:70:34:a4:58:d6:14:41:6a:bd:a6:
3f:90:61:6c:ca:de:17:10:68:d4:71:e4:f3:2e:e4:
e2:f9:b2:4e:20:df:db:30:e3:92:4e:40:11:ec:1a:
a4:d9:d0:8c:8e:20:c5:9f:c2:8b:a0:fb:3e:62:e2:
8c:29:45:ca:cb:2c:54:3c:57:02:e6:44:72:ba:52:
60:f3:4a:9d:83:4e:1c:40:1f:1a:d4:a2:b8:01:73:
fa:1a:0f:0a:df:62:58:7c:ab:b2:07:4d:1e:f9:54:
c4:21:92:f1:13:7c:73:2d:63:f3:ab:f6:d6:b2:4a:
1a:07:8f:eb:11:6c:f4:9d:69:a1:e2:12:cc:fc:2b:
5b:4b:6a:e2:6e:f5:bb:e8:73:10:7d:69:b5:b1:53:
63:20:df:d0:e3:96:c1:e2:b0:ed:9f:ad:67:2b:cd:
c6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:42:BC:BB:AD:FE:45:DB:3A:E2:F9:9E:38:EC:E3:19:88:9E:8F:AF
X509v3 Authority Key Identifier:
keyid:52:A1:65:DC:3A:AF:BE:2C:62:E2:65:FF:10:43:27:A3:E6:75:F8:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UqFl3Dqvvixi4mX_EEMno-Z1-J8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/CUK8u63-Rds64vmeOOzjGYiej68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/UqFl3Dqvvixi4mX_EEMno-Z1-J8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.223.0/24
Signature Algorithm: sha256WithRSAEncryption
64:94:31:29:f8:ba:c3:25:d5:43:eb:19:f8:45:85:f0:69:33:
1e:4e:19:70:09:33:f2:de:47:31:9f:0e:19:aa:76:13:d9:bc:
72:51:f5:df:29:ab:e8:c1:69:e4:9b:6c:02:76:d9:ec:1e:ef:
36:fc:6a:9a:9c:67:c4:9b:2b:4d:02:a8:a2:2b:dc:21:1b:ae:
0c:3b:4a:2b:63:38:4c:ae:25:54:66:b2:da:dd:8e:65:9f:63:
79:b0:79:a9:d9:ca:3a:47:f7:f5:9b:13:74:c3:76:91:df:25:
8f:35:dd:17:40:9a:fd:e0:20:97:32:45:48:0b:78:04:fb:e1:
ff:f5:22:62:52:78:57:73:fd:aa:8f:83:4a:13:47:ae:86:1e:
53:ad:45:e1:8c:ca:ca:1d:2f:1a:2c:c6:3a:13:db:0b:90:dc:
8a:54:cc:e7:4f:de:7a:f4:57:20:fa:3d:06:b5:e2:b2:c8:69:
fb:e7:3a:1b:28:c4:4a:bf:7b:53:65:36:a9:c6:c5:d0:ef:bc:
74:5b:73:1f:21:68:e2:8c:7b:f7:f7:83:e3:68:48:9b:55:6b:
79:45:71:cf:6c:01:fa:ee:6b:5a:81:6a:8c:db:0a:79:fb:af:
c7:5a:1b:0c:12:11:d6:80:2d:1a:b3:05:29:37:2e:cf:66:95:
ea:f6:76:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTkjTtS6hz1X+z/rk/NsxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYTE2NWRjM2FhZmJlMmM2MmUyNjVmZjEwNDMyN2EzZTY3
NWY4OWYwHhcNMjQwMTAyMDgzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTQyYmNiYmFkZmU0NWRiM2FlMmY5OWUzOGVjZTMxOTg4OWU4ZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjcT2golkQ4igBmsnj7QZIPMaRxW
XyY3d14mepu34pU87VRV9E8vuZuF5JKiVFwaeD8avZkf6kwq6uz+lRLSIp9ykW3E
s2nopCUOQJ8nYWnqNs6vxanXfizH8tfkuXA0pFjWFEFqvaY/kGFsyt4XEGjUceTz
LuTi+bJOIN/bMOOSTkAR7Bqk2dCMjiDFn8KLoPs+YuKMKUXKyyxUPFcC5kRyulJg
80qdg04cQB8a1KK4AXP6Gg8K32JYfKuyB00e+VTEIZLxE3xzLWPzq/bWskoaB4/r
EWz0nWmh4hLM/CtbS2ribvW76HMQfWm1sVNjIN/Q45bB4rDtn61nK83GjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAlCvLut/kXbOuL5njjs4xmIno+vMB8GA1UdIwQY
MBaAFFKhZdw6r74sYuJl/xBDJ6PmdfifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXFGbDNEcXZ2aXhpNG1YX0VFTW5vLVoxLUo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy84MGFjZWItNTBlMi00MGMwLWE4NTIt
ZTI5OGI0MWI2YzgxLzEvQ1VLOHU2My1SZHM2NHZtZU9PempHWWllajY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy84MGFjZWItNTBlMi00MGMwLWE4NTItZTI5OGI0MWI2Yzgx
LzEvVXFGbDNEcXZ2aXhpNG1YX0VFTW5vLVoxLUo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuY/fMA0G
CSqGSIb3DQEBCwUAA4IBAQBklDEp+LrDJdVD6xn4RYXwaTMeThlwCTPy3kcxnw4Z
qnYT2bxyUfXfKavowWnkm2wCdtnsHu82/GqanGfEmytNAqiiK9whG64MO0orYzhM
riVUZrLa3Y5ln2N5sHmp2co6R/f1mxN0w3aR3yWPNd0XQJr94CCXMkVIC3gE++H/
9SJiUnhXc/2qj4NKE0euhh5TrUXhjMrKHS8aLMY6E9sLkNyKVMznT9569Fcg+j0G
teKyyGn75zobKMRKv3tTZTapxsXQ77x0W3MfIWjijHv394PjaEibVWt5RXHPbAH6
7mtagWqM2wp5+6/HWhsMEhHWgC0aswUpNy7PZpXq9nb7
-----END CERTIFICATE-----
Generated at Fri May 31 22:38:59 2024 by rpki-client on console-ams.rpki-client.org