Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/UkTa21LQcdSQ4tU7mxD3lUi-UcE.roa
File: UkTa21LQcdSQ4tU7mxD3lUi-UcE.roa (raw, json)
Hash identifier: angsn8IJ43mtO/ZzeIKHZobgiyUH0cGGqtBtiKab9Uo=
Subject key identifier: 52:44:DA:DB:52:D0:71:D4:90:E2:D5:3B:9B:10:F7:95:48:BE:51:C1
Certificate issuer: /CN=2ef957aba2ef00352850e202464c71d33ca81448
Certificate serial: 018CC49305699F9E38836D034643F33F0674
Authority key identifier: 2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/UkTa21LQcdSQ4tU7mxD3lUi-UcE.roa
Signing time: Mon 01 Jan 2024 10:30:18 +0000
ROA not before: Mon 01 Jan 2024 10:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2088
IP address blocks: 193.54.33.0/24 maxlen: 24
193.51.58.0/24 maxlen: 24
193.55.5.0/24 maxlen: 24
194.254.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:05:69:9f:9e:38:83:6d:03:46:43:f3:3f:06:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ef957aba2ef00352850e202464c71d33ca81448
Validity
Not Before: Jan 1 10:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5244dadb52d071d490e2d53b9b10f79548be51c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:81:bf:55:95:4b:33:a6:49:2b:f3:5d:e3:19:
84:6e:9f:d4:ec:3c:c8:00:24:85:eb:86:f5:6e:a7:
6b:33:d7:1c:1f:92:7d:24:00:8a:da:c0:95:a2:bc:
f4:12:ea:6b:40:ff:05:a3:a2:91:c2:fb:32:76:05:
24:1a:3f:2b:d4:f5:6b:d3:81:fa:71:40:71:29:0a:
23:62:6e:ec:96:81:26:06:a2:8c:67:cf:c9:24:07:
62:e6:9e:e3:2d:a0:9f:14:09:02:9e:03:69:04:45:
22:bd:98:6e:90:ec:a4:3d:56:4b:9d:78:5a:83:19:
e4:52:5f:f0:c5:cd:d6:b3:d6:15:ac:b9:ff:90:e0:
40:39:c0:e7:2d:97:13:9d:42:b4:0d:65:1f:41:cc:
07:7d:80:46:88:c0:14:a3:5c:75:fc:e1:d1:94:fd:
dd:df:e2:3e:e1:b1:73:a5:19:11:dd:29:9e:75:06:
dc:68:f9:af:cf:c8:15:2a:82:b0:2f:6f:78:7c:be:
e8:7b:8c:1f:8b:32:ca:57:fd:45:a2:d8:97:26:89:
a4:42:60:79:b7:54:00:ee:80:79:f2:62:ed:1c:23:
c6:7d:0c:76:18:4e:98:8d:7d:ef:bc:9a:ec:0e:bf:
96:5a:79:a3:34:9a:78:7d:4a:5a:90:60:b3:37:24:
cb:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:44:DA:DB:52:D0:71:D4:90:E2:D5:3B:9B:10:F7:95:48:BE:51:C1
X509v3 Authority Key Identifier:
keyid:2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/UkTa21LQcdSQ4tU7mxD3lUi-UcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.51.58.0/24
193.54.33.0/24
193.55.5.0/24
194.254.188.0/24
Signature Algorithm: sha256WithRSAEncryption
46:62:75:b7:70:3a:50:fd:86:50:dd:99:19:03:f4:d9:93:31:
92:b6:18:45:48:98:2c:f8:3a:51:11:6d:e7:98:d9:76:db:e1:
87:fe:28:3c:37:c1:f4:42:3d:d0:d3:d4:67:c3:8b:a8:6b:c4:
6d:fe:28:38:81:bd:32:fb:30:80:9a:a6:a3:13:ec:79:4a:61:
19:e5:80:a4:59:3e:40:a1:7c:22:cf:ce:42:42:b4:98:b4:82:
1f:d6:ec:26:1f:87:a8:75:0b:37:ae:a6:74:3a:c2:56:19:bd:
10:b5:d5:93:9d:c1:9d:93:6e:37:95:6e:83:3f:64:de:ff:c6:
f0:e4:a5:2b:e8:52:e8:d0:28:52:55:33:9a:85:a0:11:e0:13:
5c:52:f3:3e:93:cc:0a:01:b2:07:41:fc:e9:fd:d6:52:b1:52:
26:8b:69:4a:9d:5d:a7:47:af:2a:2a:18:6c:8d:31:7b:d0:85:
30:69:36:f2:8f:aa:ba:34:f7:dc:07:7c:0a:84:64:f3:80:bd:
1a:b5:c0:65:cb:52:30:9c:fd:92:71:df:05:2c:40:e5:b2:64:
74:4f:73:4c:fd:c2:7e:42:0c:7e:e1:79:f3:b1:ba:12:21:4f:
f6:02:0e:79:37:97:8e:2f:c8:7a:5e:ca:55:37:0e:b8:cd:28:
14:19:f8:f2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkwVpn544g20DRkPzPwZ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZjk1N2FiYTJlZjAwMzUyODUwZTIwMjQ2NGM3MWQzM2Nh
ODE0NDgwHhcNMjQwMTAxMTAzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjQ0ZGFkYjUyZDA3MWQ0OTBlMmQ1M2I5YjEwZjc5NTQ4YmU1MWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4G/VZVLM6ZJK/Nd4xmEbp/U7DzI
ACSF64b1bqdrM9ccH5J9JACK2sCVorz0EuprQP8Fo6KRwvsydgUkGj8r1PVr04H6
cUBxKQojYm7sloEmBqKMZ8/JJAdi5p7jLaCfFAkCngNpBEUivZhukOykPVZLnXha
gxnkUl/wxc3Ws9YVrLn/kOBAOcDnLZcTnUK0DWUfQcwHfYBGiMAUo1x1/OHRlP3d
3+I+4bFzpRkR3SmedQbcaPmvz8gVKoKwL294fL7oe4wfizLKV/1FotiXJomkQmB5
t1QA7oB58mLtHCPGfQx2GE6YjX3vvJrsDr+WWnmjNJp4fUpakGCzNyTLnwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFJE2ttS0HHUkOLVO5sQ95VIvlHBMB8GA1UdIwQY
MBaAFC75V6ui7wA1KFDiAkZMcdM8qBRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYt
MDRhMjdjNGQ1NDUzLzEvVWtUYTIxTFFjZFNRNHRVN214RDNsVWktVWNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYtMDRhMjdjNGQ1NDUz
LzEvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwTM6AwQA
wTYhAwQAwTcFAwQAwv68MA0GCSqGSIb3DQEBCwUAA4IBAQBGYnW3cDpQ/YZQ3ZkZ
A/TZkzGSthhFSJgs+DpREW3nmNl22+GH/ig8N8H0Qj3Q09Rnw4uoa8Rt/ig4gb0y
+zCAmqajE+x5SmEZ5YCkWT5AoXwiz85CQrSYtIIf1uwmH4eodQs3rqZ0OsJWGb0Q
tdWTncGdk243lW6DP2Te/8bw5KUr6FLo0ChSVTOahaAR4BNcUvM+k8wKAbIHQfzp
/dZSsVImi2lKnV2nR68qKhhsjTF70IUwaTbyj6q6NPfcB3wKhGTzgL0atcBly1Iw
nP2Scd8FLEDlsmR0T3NM/cJ+Qgx+4XnzsboSIU/2Ag55N5eOL8h6XspVNw64zSgU
Gfjy
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:38:16 2024 by rpki-client on console-fra.rpki-client.org