Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/ccc645-5323-4b20-b475-f37705361cf8/1/UTqaNiAJsrEZyVla220sCRUZxXk.roa
File: UTqaNiAJsrEZyVla220sCRUZxXk.roa (raw, json)
Hash identifier: n62EOAjgMlgI8DY0znbf3GukKJwyVumiDUWrLkfqo4o=
Subject key identifier: 51:3A:9A:36:20:09:B2:B1:19:C9:59:5A:DB:6D:2C:09:15:19:C5:79
Certificate issuer: /CN=98cd3ebd65ed3d9aae079a0e24d7132d9a71aab8
Certificate serial: 0192197FA5B1B9669F870CC13A13F5DA121D
Authority key identifier: 98:CD:3E:BD:65:ED:3D:9A:AE:07:9A:0E:24:D7:13:2D:9A:71:AA:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mM0-vWXtPZquB5oOJNcTLZpxqrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/ccc645-5323-4b20-b475-f37705361cf8/1/UTqaNiAJsrEZyVla220sCRUZxXk.roa
Signing time: Sun 22 Sep 2024 11:30:48 +0000
ROA not before: Sun 22 Sep 2024 11:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25220
IP address blocks: 46.182.248.0/21 maxlen: 24
62.102.192.0/19 maxlen: 24
82.145.192.0/20 maxlen: 24
85.197.64.0/19 maxlen: 24
85.197.96.0/21 maxlen: 24
85.197.104.0/21 maxlen: 24
185.56.228.0/22 maxlen: 24
193.106.16.0/22 maxlen: 24
193.254.212.0/23 maxlen: 24
195.135.224.0/22 maxlen: 24
2001:4b38::/32 maxlen: 48
2001:4b39::/32 maxlen: 48
2001:4b3a::/32 maxlen: 48
2001:4b3b::/32 maxlen: 48
2a00:9e00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/ccc645-5323-4b20-b475-f37705361cf8/1/mM0-vWXtPZquB5oOJNcTLZpxqrg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/ccc645-5323-4b20-b475-f37705361cf8/1/mM0-vWXtPZquB5oOJNcTLZpxqrg.mft
rsync://rpki.ripe.net/repository/DEFAULT/mM0-vWXtPZquB5oOJNcTLZpxqrg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 17:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:19:7f:a5:b1:b9:66:9f:87:0c:c1:3a:13:f5:da:12:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98cd3ebd65ed3d9aae079a0e24d7132d9a71aab8
Validity
Not Before: Sep 22 11:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=513a9a362009b2b119c9595adb6d2c091519c579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:28:40:4e:77:10:2e:78:9c:45:bd:30:e1:ec:
12:8b:34:08:4f:31:8b:d2:ae:60:ea:7f:59:e2:35:
00:93:41:7d:11:a4:a2:b2:06:b7:ef:55:df:c7:80:
fd:55:ba:ec:5e:b5:1e:76:13:c4:03:3d:52:28:67:
1d:58:95:af:48:e8:30:ab:59:a1:d1:e6:cd:19:b5:
9a:56:bc:7d:75:ab:14:82:8f:bb:3f:f4:aa:06:49:
4f:24:0e:0d:c3:ce:16:52:dc:99:a6:86:86:1f:14:
66:9d:f6:e1:39:c8:38:82:37:52:2f:b5:cc:80:ed:
f7:9f:08:1f:25:2b:81:f7:ad:d7:6b:6b:82:9e:5f:
12:a2:dd:71:25:27:cf:a5:72:32:45:f1:b9:c6:8a:
c6:5f:6d:f9:f4:42:2b:43:97:d6:8f:81:09:50:99:
e4:ca:c1:80:70:d2:2e:f6:ae:69:c1:19:24:04:09:
a3:3c:15:11:b1:91:6a:e7:a5:fd:97:aa:9b:e2:eb:
05:10:4e:e4:a6:2c:ef:f2:ca:73:1f:ca:fa:a8:99:
10:97:f6:df:c8:96:11:02:10:b8:5a:b8:96:3f:56:
0e:51:12:30:fa:6a:e5:89:e5:85:ce:70:2b:12:07:
76:80:75:63:d6:0a:75:6b:c5:95:3b:70:d9:3d:5f:
62:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:3A:9A:36:20:09:B2:B1:19:C9:59:5A:DB:6D:2C:09:15:19:C5:79
X509v3 Authority Key Identifier:
keyid:98:CD:3E:BD:65:ED:3D:9A:AE:07:9A:0E:24:D7:13:2D:9A:71:AA:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mM0-vWXtPZquB5oOJNcTLZpxqrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/ccc645-5323-4b20-b475-f37705361cf8/1/UTqaNiAJsrEZyVla220sCRUZxXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/ccc645-5323-4b20-b475-f37705361cf8/1/mM0-vWXtPZquB5oOJNcTLZpxqrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.248.0/21
62.102.192.0/19
82.145.192.0/20
85.197.64.0-85.197.111.255
185.56.228.0/22
193.106.16.0/22
193.254.212.0/23
195.135.224.0/22
IPv6:
2001:4b38::/30
2a00:9e00::/32
Signature Algorithm: sha256WithRSAEncryption
92:c4:25:f1:a2:e3:a0:03:f2:d2:93:75:07:68:bf:f3:fe:c6:
b5:5e:e1:37:c1:22:14:b6:10:13:2b:12:44:85:b2:1a:61:c6:
71:b1:00:c4:37:2d:47:69:d8:51:b9:ae:96:80:c3:70:90:2f:
11:08:a7:dc:60:60:af:4b:24:4c:26:34:68:54:86:54:6f:73:
97:d8:a7:64:03:92:89:21:69:05:3c:a8:4f:e0:cb:7e:40:d4:
d3:38:13:a4:7f:70:0e:69:d1:bb:8b:36:d3:a4:b5:fb:70:48:
1e:b6:b5:37:88:de:85:ab:2c:c5:5a:53:f2:ab:93:52:f6:0f:
33:87:69:95:84:45:69:3a:64:f3:2d:85:71:e7:5b:f8:e9:e2:
b1:6f:00:9b:c9:96:d0:50:6f:e0:e7:5e:e0:00:ba:2f:ac:78:
5b:ea:bb:36:ef:2b:3d:41:0e:05:22:e5:76:b5:54:32:fc:6b:
eb:52:31:79:51:c9:c9:e3:24:7d:0e:20:4f:b8:bb:f3:9f:58:
d2:ab:93:75:5b:f0:ad:56:cf:f8:2e:4a:ac:41:1a:a2:12:99:
92:55:a4:3c:50:a6:db:3a:8e:f1:c3:6f:4c:af:61:ad:b1:3a:
0f:56:fd:8c:28:ca:3d:d0:ac:6d:d5:ae:4f:32:4d:6b:f3:94:
c8:83:c6:be
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZIZf6WxuWafhwzBOhP12hIdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4Y2QzZWJkNjVlZDNkOWFhZTA3OWEwZTI0ZDcxMzJkOWE3
MWFhYjgwHhcNMjQwOTIyMTEzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTNhOWEzNjIwMDliMmIxMTljOTU5NWFkYjZkMmMwOTE1MTljNTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsChATncQLnicRb0w4ewSizQITzGL
0q5g6n9Z4jUAk0F9EaSisga371Xfx4D9VbrsXrUedhPEAz1SKGcdWJWvSOgwq1mh
0ebNGbWaVrx9dasUgo+7P/SqBklPJA4Nw84WUtyZpoaGHxRmnfbhOcg4gjdSL7XM
gO33nwgfJSuB963Xa2uCnl8Sot1xJSfPpXIyRfG5xorGX2359EIrQ5fWj4EJUJnk
ysGAcNIu9q5pwRkkBAmjPBURsZFq56X9l6qb4usFEE7kpizv8spzH8r6qJkQl/bf
yJYRAhC4WriWP1YOURIw+mrlieWFznArEgd2gHVj1gp1a8WVO3DZPV9itQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFFE6mjYgCbKxGclZWtttLAkVGcV5MB8GA1UdIwQY
MBaAFJjNPr1l7T2argeaDiTXEy2acaq4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU0wLXZXWHRQWnF1QjVvT0pOY1RMWnB4cXJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9jY2M2NDUtNTMyMy00YjIwLWI0NzUt
ZjM3NzA1MzYxY2Y4LzEvVVRxYU5pQUpzckVaeVZsYTIyMHNDUlVaeFhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9jY2M2NDUtNTMyMy00YjIwLWI0NzUtZjM3NzA1MzYxY2Y4
LzEvbU0wLXZXWHRQWnF1QjVvT0pOY1RMWnB4cXJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA+BAIAATA4AwQDLrb4AwQF
PmbAAwQEUpHAMAwDBAZVxUADBARVxWADBAK5OOQDBALBahADBAHB/tQDBALDh+Aw
FAQCAAIwDgMFAiABSzgDBQAqAJ4AMA0GCSqGSIb3DQEBCwUAA4IBAQCSxCXxouOg
A/LSk3UHaL/z/sa1XuE3wSIUthATKxJEhbIaYcZxsQDENy1HadhRua6WgMNwkC8R
CKfcYGCvSyRMJjRoVIZUb3OX2KdkA5KJIWkFPKhP4Mt+QNTTOBOkf3AOadG7izbT
pLX7cEgetrU3iN6FqyzFWlPyq5NS9g8zh2mVhEVpOmTzLYVx51v46eKxbwCbyZbQ
UG/g517gALovrHhb6rs27ys9QQ4FIuV2tVQy/GvrUjF5UcnJ4yR9DiBPuLvzn1jS
q5N1W/CtVs/4LkqsQRqiEpmSVaQ8UKbbOo7xw29Mr2GtsToPVv2MKMo90Kxt1a5P
Mk1r85TIg8a+
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:59:47 2024 by rpki-client on console-fra.rpki-client.org