Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/3b023e-a397-46bb-9465-bf3f62b95f10/1/tU3fKU4qBjhb3TWkkosdmgsZEQU.roa
File: tU3fKU4qBjhb3TWkkosdmgsZEQU.roa (raw, json)
Hash identifier: Ye2Q4lBcdzZ4ijNpOQGiL1omVl/0bq1rcQcD3prDLB8=
Subject key identifier: B5:4D:DF:29:4E:2A:06:38:5B:DD:35:A4:92:8B:1D:9A:0B:19:11:05
Certificate issuer: /CN=504523f8811ebe5aa3598511a48f3baf0001a8e8
Certificate serial: 018CC8DEAC115602C8574408480406937A87
Authority key identifier: 50:45:23:F8:81:1E:BE:5A:A3:59:85:11:A4:8F:3B:AF:00:01:A8:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UEUj-IEevlqjWYURpI87rwABqOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/3b023e-a397-46bb-9465-bf3f62b95f10/1/tU3fKU4qBjhb3TWkkosdmgsZEQU.roa
Signing time: Tue 02 Jan 2024 06:31:25 +0000
ROA not before: Tue 02 Jan 2024 06:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.239.93.0/24 maxlen: 24
185.239.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/3b023e-a397-46bb-9465-bf3f62b95f10/1/UEUj-IEevlqjWYURpI87rwABqOg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/3b023e-a397-46bb-9465-bf3f62b95f10/1/UEUj-IEevlqjWYURpI87rwABqOg.mft
rsync://rpki.ripe.net/repository/DEFAULT/UEUj-IEevlqjWYURpI87rwABqOg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:ac:11:56:02:c8:57:44:08:48:04:06:93:7a:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=504523f8811ebe5aa3598511a48f3baf0001a8e8
Validity
Not Before: Jan 2 06:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b54ddf294e2a06385bdd35a4928b1d9a0b191105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9d:4c:9e:07:33:d1:f9:ea:92:eb:dc:ed:9a:
83:35:95:0a:a0:43:8e:0b:36:bc:bd:a8:bf:45:5b:
4b:49:46:11:b8:e7:ff:36:85:67:fb:02:9d:66:52:
44:c1:3b:96:5c:dc:26:1b:5f:30:72:b9:b9:70:cd:
26:49:c9:7c:02:2a:60:04:a5:5a:29:63:4f:58:06:
92:81:f9:8d:cb:df:46:8e:e0:89:9f:73:7a:b5:62:
8a:8e:ed:5b:30:20:62:84:d8:69:b4:30:77:3d:0d:
06:31:09:21:05:15:a5:81:22:1a:4e:70:a4:bf:c7:
ee:1d:5e:14:bd:59:81:34:88:db:57:34:aa:f7:80:
ff:09:7b:67:e0:72:5b:65:2e:cc:fb:f9:8e:19:2b:
bc:14:56:f6:9a:23:f5:ed:34:5b:76:2a:94:9f:99:
35:b9:6d:6a:eb:3f:eb:ec:db:83:7e:38:a9:8c:74:
fa:cc:9a:b7:9a:b3:85:ec:29:6f:bb:17:a6:a3:4b:
62:92:7c:c9:e2:05:39:1c:db:31:21:f4:0f:bb:ce:
8a:ab:d0:ee:50:b6:65:69:75:29:1b:62:bd:9f:bf:
e1:61:70:c7:d7:bf:78:76:b6:f8:8c:18:36:4e:80:
0c:bc:08:a0:a6:d8:ae:d3:3f:2d:98:6c:d4:52:01:
f1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:4D:DF:29:4E:2A:06:38:5B:DD:35:A4:92:8B:1D:9A:0B:19:11:05
X509v3 Authority Key Identifier:
keyid:50:45:23:F8:81:1E:BE:5A:A3:59:85:11:A4:8F:3B:AF:00:01:A8:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UEUj-IEevlqjWYURpI87rwABqOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/3b023e-a397-46bb-9465-bf3f62b95f10/1/tU3fKU4qBjhb3TWkkosdmgsZEQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/3b023e-a397-46bb-9465-bf3f62b95f10/1/UEUj-IEevlqjWYURpI87rwABqOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.92.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:ee:a8:04:eb:19:43:27:59:6b:68:9b:4a:bb:34:8a:64:4d:
ed:5f:f2:56:d5:b0:3b:d1:17:d3:03:29:fe:83:b8:64:1d:3e:
85:21:12:d1:83:03:4e:67:e1:6d:33:d7:54:4d:3c:a0:5f:b9:
42:b7:9c:0c:3d:08:d6:50:40:be:11:2a:69:c5:e6:cb:66:d2:
69:70:c5:01:38:44:5b:05:24:64:d3:3a:ab:10:24:6f:61:be:
c5:9a:29:e3:57:ca:71:64:0c:39:87:4f:a2:02:ae:dd:4d:85:
73:f7:ea:77:94:b5:35:19:0c:19:2b:0c:c8:4f:83:ab:5a:b6:
ce:54:0d:2b:32:75:9c:42:b4:e7:1b:70:35:e5:11:d8:42:77:
46:41:6f:5f:77:f0:2f:33:ae:6b:3a:28:66:4f:13:31:bc:b8:
37:09:b7:d9:ca:5d:81:dd:ff:c3:fd:cb:1f:46:d9:83:94:38:
7a:61:3c:78:a9:b1:8e:65:d9:01:c1:33:5c:d9:5a:cc:0f:ed:
e2:13:7f:32:5e:99:8e:c5:67:4e:68:26:2b:63:c6:08:cf:5c:
c6:36:3c:ff:c4:7b:13:79:64:e2:a7:74:34:fc:f4:9e:b4:f4:
a0:7d:38:e8:ab:c9:82:e8:f8:94:d5:6d:3a:b5:71:0d:eb:38:
b9:8b:6d:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3qwRVgLIV0QISAQGk3qHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNDUyM2Y4ODExZWJlNWFhMzU5ODUxMWE0OGYzYmFmMDAw
MWE4ZTgwHhcNMjQwMTAyMDYzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTRkZGYyOTRlMmEwNjM4NWJkZDM1YTQ5MjhiMWQ5YTBiMTkxMTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmp1Mngcz0fnqkuvc7ZqDNZUKoEOO
Cza8vai/RVtLSUYRuOf/NoVn+wKdZlJEwTuWXNwmG18wcrm5cM0mScl8AipgBKVa
KWNPWAaSgfmNy99GjuCJn3N6tWKKju1bMCBihNhptDB3PQ0GMQkhBRWlgSIaTnCk
v8fuHV4UvVmBNIjbVzSq94D/CXtn4HJbZS7M+/mOGSu8FFb2miP17TRbdiqUn5k1
uW1q6z/r7NuDfjipjHT6zJq3mrOF7Clvuxemo0tiknzJ4gU5HNsxIfQPu86Kq9Du
ULZlaXUpG2K9n7/hYXDH1794drb4jBg2ToAMvAigptiu0z8tmGzUUgHxQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLVN3ylOKgY4W901pJKLHZoLGREFMB8GA1UdIwQY
MBaAFFBFI/iBHr5ao1mFEaSPO68AAajoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUVVai1JRWV2bHFqV1lVUnBJODdyd0FCcU9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8zYjAyM2UtYTM5Ny00NmJiLTk0NjUt
YmYzZjYyYjk1ZjEwLzEvdFUzZktVNHFCamhiM1RXa2tvc2RtZ3NaRVFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8zYjAyM2UtYTM5Ny00NmJiLTk0NjUtYmYzZjYyYjk1ZjEw
LzEvVUVVai1JRWV2bHFqV1lVUnBJODdyd0FCcU9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue9cMA0G
CSqGSIb3DQEBCwUAA4IBAQBP7qgE6xlDJ1lraJtKuzSKZE3tX/JW1bA70RfTAyn+
g7hkHT6FIRLRgwNOZ+FtM9dUTTygX7lCt5wMPQjWUEC+ESppxebLZtJpcMUBOERb
BSRk0zqrECRvYb7FminjV8pxZAw5h0+iAq7dTYVz9+p3lLU1GQwZKwzIT4OrWrbO
VA0rMnWcQrTnG3A15RHYQndGQW9fd/AvM65rOihmTxMxvLg3CbfZyl2B3f/D/csf
RtmDlDh6YTx4qbGOZdkBwTNc2VrMD+3iE38yXpmOxWdOaCYrY8YIz1zGNjz/xHsT
eWTip3Q0/PSetPSgfTjoq8mC6PiU1W06tXEN6zi5i22Z
-----END CERTIFICATE-----
Generated at Thu May 2 16:25:56 2024 by rpki-client on console-fra.rpki-client.org