Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/U2DJ5Nhp5xUmNW2NPGgkE-BinWs.roa
File: U2DJ5Nhp5xUmNW2NPGgkE-BinWs.roa (raw, json)
Hash identifier: 2W8872UAYxZ+AEsSE30pnEdPLB6zYLScW9KspUN+09M=
Subject key identifier: 53:60:C9:E4:D8:69:E7:15:26:35:6D:8D:3C:68:24:13:E0:62:9D:6B
Certificate issuer: /CN=53d0359f9f8b20815ce4d988e109bf82306e4c74
Certificate serial: 018CC3B7261916FF176DFE2C368C7997F84C
Authority key identifier: 53:D0:35:9F:9F:8B:20:81:5C:E4:D9:88:E1:09:BF:82:30:6E:4C:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/U2DJ5Nhp5xUmNW2NPGgkE-BinWs.roa
Signing time: Mon 01 Jan 2024 06:30:09 +0000
ROA not before: Mon 01 Jan 2024 06:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205842
IP address blocks: 185.239.188.0/23 maxlen: 23
185.202.72.0/23 maxlen: 23
185.202.74.0/23 maxlen: 23
2a0a:d2c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:26:19:16:ff:17:6d:fe:2c:36:8c:79:97:f8:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53d0359f9f8b20815ce4d988e109bf82306e4c74
Validity
Not Before: Jan 1 06:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5360c9e4d869e71526356d8d3c682413e0629d6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ae:cb:3f:19:3e:a3:c5:15:57:1c:03:e9:82:
f1:47:2d:b8:5d:40:41:f4:63:3f:aa:43:4c:2c:77:
eb:49:38:d6:89:d4:09:12:ec:e4:97:73:4b:26:60:
8e:03:20:7f:ea:c8:66:b0:fa:f2:e9:02:3e:25:48:
e3:10:af:fc:4b:86:8e:7a:af:d8:cf:89:c6:33:b1:
96:3e:5c:0a:08:79:21:d2:8f:a3:f8:70:e1:ec:5f:
38:80:5d:b8:b4:32:c7:1e:f9:18:cb:96:46:64:00:
95:98:bf:ef:59:70:23:ce:62:18:61:2e:9a:94:9b:
52:26:62:f8:ab:9c:9d:0e:b8:da:ea:fe:21:95:c7:
c1:4f:e1:07:0f:ba:9a:b5:33:5f:91:84:6d:7b:08:
db:8b:6e:6e:f4:7a:0a:b4:40:ba:f6:ef:a3:05:01:
e0:e0:04:52:02:a9:32:08:03:48:ea:20:2e:f6:25:
54:8e:9c:32:32:17:c9:a0:14:2d:ea:a1:e4:57:3f:
98:2a:d3:be:61:c8:7a:e4:2e:70:18:f4:c8:c3:94:
7e:7f:68:f1:c7:75:4b:85:78:27:fd:77:17:80:98:
74:76:6c:cc:0d:1e:0d:a6:f2:8e:cc:30:19:96:8b:
ec:4c:d6:53:19:77:40:dd:89:ae:87:49:1e:4a:51:
0b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:60:C9:E4:D8:69:E7:15:26:35:6D:8D:3C:68:24:13:E0:62:9D:6B
X509v3 Authority Key Identifier:
keyid:53:D0:35:9F:9F:8B:20:81:5C:E4:D9:88:E1:09:BF:82:30:6E:4C:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/U2DJ5Nhp5xUmNW2NPGgkE-BinWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.72.0/22
185.239.188.0/23
IPv6:
2a0a:d2c0::/29
Signature Algorithm: sha256WithRSAEncryption
45:f1:45:81:ee:29:6c:f5:3b:7f:cd:34:ee:08:bc:e1:20:7f:
1d:6f:f9:fc:a6:79:b6:5b:03:26:5a:85:02:38:01:9d:2b:78:
15:5c:c5:6c:8e:b8:64:f8:f8:57:98:19:1e:64:ee:ea:88:63:
fe:44:1c:28:0f:25:9c:15:c7:68:64:57:71:55:34:93:28:05:
4e:e7:b8:52:c1:f8:d7:59:41:93:84:c4:6a:d1:d0:de:8a:8a:
86:87:3a:f7:0c:a8:89:3c:f5:d6:22:f8:93:cc:f8:53:84:f5:
ac:90:83:97:03:6c:8f:fa:3b:ad:d4:d6:8e:ac:9d:9b:49:94:
c9:f8:9f:0e:c3:74:2d:bf:38:d9:ed:71:d9:21:b8:06:ab:b8:
d4:54:d8:e5:d9:c9:e7:04:7b:6e:bc:91:62:a7:7b:b3:df:35:
ee:90:95:f0:8e:79:ad:30:83:32:d9:77:43:af:9c:6f:f9:21:
99:37:56:d2:bb:ee:6b:7a:94:25:7e:3d:63:fc:ab:36:62:c3:
d5:fb:2c:4c:07:e2:e9:68:97:8c:10:ba:c6:c7:92:0d:0f:3f:
a8:a9:92:b4:d8:ea:0a:aa:7a:df:a0:ab:77:e8:d8:41:35:40:
e6:58:58:da:2e:09:77:e4:8b:35:24:73:ef:d3:3d:af:0a:8d:
ab:5d:d2:a2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDtyYZFv8Xbf4sNox5l/hMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZDAzNTlmOWY4YjIwODE1Y2U0ZDk4OGUxMDliZjgyMzA2
ZTRjNzQwHhcNMjQwMTAxMDYzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzYwYzllNGQ4NjllNzE1MjYzNTZkOGQzYzY4MjQxM2UwNjI5ZDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq67LPxk+o8UVVxwD6YLxRy24XUBB
9GM/qkNMLHfrSTjWidQJEuzkl3NLJmCOAyB/6shmsPry6QI+JUjjEK/8S4aOeq/Y
z4nGM7GWPlwKCHkh0o+j+HDh7F84gF24tDLHHvkYy5ZGZACVmL/vWXAjzmIYYS6a
lJtSJmL4q5ydDrja6v4hlcfBT+EHD7qatTNfkYRtewjbi25u9HoKtEC69u+jBQHg
4ARSAqkyCANI6iAu9iVUjpwyMhfJoBQt6qHkVz+YKtO+Ych65C5wGPTIw5R+f2jx
x3VLhXgn/XcXgJh0dmzMDR4NpvKOzDAZlovsTNZTGXdA3Ymuh0keSlELoQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFNgyeTYaecVJjVtjTxoJBPgYp1rMB8GA1UdIwQY
MBaAFFPQNZ+fiyCBXOTZiOEJv4Iwbkx0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTlBMW41LUxJSUZjNU5tSTRRbV9nakJ1VEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80OTM1NzEtMjEwZS00ZDFhLTg4MTkt
YTZjNDljZTkwNzU2LzEvVTJESjVOaHA1eFVtTlcyTlBHZ2tFLUJpbldzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC80OTM1NzEtMjEwZS00ZDFhLTg4MTktYTZjNDljZTkwNzU2
LzEvVTlBMW41LUxJSUZjNU5tSTRRbV9nakJ1VEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCucpIAwQB
ue+8MA0EAgACMAcDBQMqCtLAMA0GCSqGSIb3DQEBCwUAA4IBAQBF8UWB7ils9Tt/
zTTuCLzhIH8db/n8pnm2WwMmWoUCOAGdK3gVXMVsjrhk+PhXmBkeZO7qiGP+RBwo
DyWcFcdoZFdxVTSTKAVO57hSwfjXWUGThMRq0dDeioqGhzr3DKiJPPXWIviTzPhT
hPWskIOXA2yP+jut1NaOrJ2bSZTJ+J8Ow3QtvzjZ7XHZIbgGq7jUVNjl2cnnBHtu
vJFip3uz3zXukJXwjnmtMIMy2XdDr5xv+SGZN1bSu+5repQlfj1j/Ks2YsPV+yxM
B+LpaJeMELrGx5INDz+oqZK02OoKqnrfoKt36NhBNUDmWFjaLgl35Is1JHPv0z2v
Co2rXdKi
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:10:07 2024 by rpki-client on console-fra.rpki-client.org