Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/2b7fe9-2a87-4c57-b108-9214278108a8/1/UcM4REdB3a7VX2qi1P3wSc-LCmk.roa
File: UcM4REdB3a7VX2qi1P3wSc-LCmk.roa (raw, json)
Hash identifier: kNPlnOAbNM39cP/7gbhhsxJkB1gu382l3iuhs8VMyTA=
Subject key identifier: 51:C3:38:44:47:41:DD:AE:D5:5F:6A:A2:D4:FD:F0:49:CF:8B:0A:69
Certificate issuer: /CN=e50c22c66b85fac98de83d761ef4243437ab0393
Certificate serial: 018CC72659C9FB6F5C0996759C73DE5CD985
Authority key identifier: E5:0C:22:C6:6B:85:FA:C9:8D:E8:3D:76:1E:F4:24:34:37:AB:03:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QwixmuF-smN6D12HvQkNDerA5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/2b7fe9-2a87-4c57-b108-9214278108a8/1/UcM4REdB3a7VX2qi1P3wSc-LCmk.roa
Signing time: Mon 01 Jan 2024 22:30:28 +0000
ROA not before: Mon 01 Jan 2024 22:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29240
IP address blocks: 185.217.236.0/22 maxlen: 22
185.244.244.0/22 maxlen: 22
213.255.160.0/19 maxlen: 19
185.77.244.0/22 maxlen: 22
193.142.16.0/23 maxlen: 23
2a01:18::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/2b7fe9-2a87-4c57-b108-9214278108a8/1/5QwixmuF-smN6D12HvQkNDerA5M.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/2b7fe9-2a87-4c57-b108-9214278108a8/1/5QwixmuF-smN6D12HvQkNDerA5M.mft
rsync://rpki.ripe.net/repository/DEFAULT/5QwixmuF-smN6D12HvQkNDerA5M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:59:c9:fb:6f:5c:09:96:75:9c:73:de:5c:d9:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e50c22c66b85fac98de83d761ef4243437ab0393
Validity
Not Before: Jan 1 22:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51c338444741ddaed55f6aa2d4fdf049cf8b0a69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:25:ff:83:6f:17:18:c8:40:38:f9:dc:be:fd:
ab:a4:78:dc:2d:a5:1c:7f:d9:21:e8:c0:6c:ac:ec:
3e:e7:3e:d9:db:76:5a:60:77:83:ee:47:48:ce:23:
12:62:9c:52:b1:0a:cb:a5:dc:31:ac:3c:f3:29:69:
8d:03:54:eb:0e:90:bb:42:79:6d:1b:fd:ae:7f:b5:
e5:ef:52:d8:0a:b0:ab:1b:c3:42:a8:69:e8:da:98:
6a:30:8a:e9:91:f6:c0:f0:b3:1c:69:97:ea:b2:87:
0c:0e:84:17:75:83:1e:ae:02:03:4b:96:6b:ef:2d:
cc:42:fb:a3:f6:21:5b:1f:02:25:af:ce:4f:78:9a:
e4:9e:a7:a7:5c:ef:87:88:1a:84:f0:c5:42:44:f4:
33:79:c9:65:a5:5b:cc:82:b2:0b:7b:d5:3b:a9:5a:
8f:41:24:01:61:07:c7:4e:af:8c:ba:af:17:51:60:
4b:0c:11:cd:54:f6:09:61:80:b9:11:f0:27:d1:19:
7f:60:46:c1:a6:e8:43:de:86:3d:b7:36:46:cd:2e:
0b:e7:68:d8:a7:96:ab:2e:7e:93:76:8e:21:21:03:
75:0b:71:1e:27:5c:1b:fc:82:91:b6:4c:88:be:e2:
4d:f9:eb:43:3e:df:d4:9d:cf:c3:0c:b7:03:6b:70:
6c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:C3:38:44:47:41:DD:AE:D5:5F:6A:A2:D4:FD:F0:49:CF:8B:0A:69
X509v3 Authority Key Identifier:
keyid:E5:0C:22:C6:6B:85:FA:C9:8D:E8:3D:76:1E:F4:24:34:37:AB:03:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QwixmuF-smN6D12HvQkNDerA5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/2b7fe9-2a87-4c57-b108-9214278108a8/1/UcM4REdB3a7VX2qi1P3wSc-LCmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/2b7fe9-2a87-4c57-b108-9214278108a8/1/5QwixmuF-smN6D12HvQkNDerA5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.244.0/22
185.217.236.0/22
185.244.244.0/22
193.142.16.0/23
213.255.160.0/19
IPv6:
2a01:18::/32
Signature Algorithm: sha256WithRSAEncryption
5e:c5:f7:7a:a6:d8:b1:0b:ac:da:4b:6d:a9:cd:92:a3:ff:e7:
bc:18:37:d4:a8:e1:a9:ad:31:90:a8:25:da:b2:68:fd:ab:62:
68:ef:ef:c3:8c:f2:04:d7:46:88:26:2d:f6:05:f5:7a:67:a1:
36:e6:68:65:9d:2e:6e:d4:02:00:41:01:6d:72:48:7d:e9:57:
f8:f4:ed:89:b5:30:e0:fe:90:12:5e:81:b0:7a:4a:f8:0a:b8:
3c:a9:fa:af:05:95:f9:78:49:8a:65:a0:95:d9:78:69:6e:2d:
09:06:70:43:b0:25:70:2d:31:83:1d:93:21:be:5e:cb:c7:a0:
59:fd:8d:8a:b7:cc:b1:9d:f3:66:86:f3:0d:28:9d:f6:2c:dd:
37:64:61:69:52:6b:24:da:10:b9:ac:13:7e:e6:7d:1f:e7:8b:
a7:a6:3b:0c:43:fb:a2:09:8f:c3:70:42:b7:3f:18:0e:85:5f:
2a:f1:a0:10:3c:50:01:07:d0:aa:5c:61:05:26:b9:46:5d:73:
8c:e4:a6:8d:ca:28:b7:ea:c8:bd:f7:fe:7c:7e:e0:42:d3:9d:
ee:16:27:00:ab:ec:87:94:f9:10:fa:90:94:3a:91:b9:a9:27:
8c:73:73:d0:c1:09:8d:90:93:97:62:66:76:45:c6:08:ea:9f:
bb:0a:7a:a0
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzHJlnJ+29cCZZ1nHPeXNmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MGMyMmM2NmI4NWZhYzk4ZGU4M2Q3NjFlZjQyNDM0Mzdh
YjAzOTMwHhcNMjQwMTAxMjIzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWMzMzg0NDQ3NDFkZGFlZDU1ZjZhYTJkNGZkZjA0OWNmOGIwYTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiX/g28XGMhAOPncvv2rpHjcLaUc
f9kh6MBsrOw+5z7Z23ZaYHeD7kdIziMSYpxSsQrLpdwxrDzzKWmNA1TrDpC7Qnlt
G/2uf7Xl71LYCrCrG8NCqGno2phqMIrpkfbA8LMcaZfqsocMDoQXdYMergIDS5Zr
7y3MQvuj9iFbHwIlr85PeJrknqenXO+HiBqE8MVCRPQzecllpVvMgrILe9U7qVqP
QSQBYQfHTq+Muq8XUWBLDBHNVPYJYYC5EfAn0Rl/YEbBpuhD3oY9tzZGzS4L52jY
p5arLn6Tdo4hIQN1C3EeJ1wb/IKRtkyIvuJN+etDPt/Unc/DDLcDa3BsPQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFHDOERHQd2u1V9qotT98EnPiwppMB8GA1UdIwQY
MBaAFOUMIsZrhfrJjeg9dh70JDQ3qwOTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVF3aXhtdUYtc21ONkQxMkh2UWtORGVyQTVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8yYjdmZTktMmE4Ny00YzU3LWIxMDgt
OTIxNDI3ODEwOGE4LzEvVWNNNFJFZEIzYTdWWDJxaTFQM3dTYy1MQ21rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8yYjdmZTktMmE4Ny00YzU3LWIxMDgtOTIxNDI3ODEwOGE4
LzEvNVF3aXhtdUYtc21ONkQxMkh2UWtORGVyQTVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCuU30AwQC
udnsAwQCufT0AwQBwY4QAwQF1f+gMA0EAgACMAcDBQAqAQAYMA0GCSqGSIb3DQEB
CwUAA4IBAQBexfd6ptixC6zaS22pzZKj/+e8GDfUqOGprTGQqCXasmj9q2Jo7+/D
jPIE10aIJi32BfV6Z6E25mhlnS5u1AIAQQFtckh96Vf49O2JtTDg/pASXoGwekr4
Crg8qfqvBZX5eEmKZaCV2Xhpbi0JBnBDsCVwLTGDHZMhvl7Lx6BZ/Y2Kt8yxnfNm
hvMNKJ32LN03ZGFpUmsk2hC5rBN+5n0f54unpjsMQ/uiCY/DcEK3PxgOhV8q8aAQ
PFABB9CqXGEFJrlGXXOM5KaNyii36si99/58fuBC053uFicAq+yHlPkQ+pCUOpG5
qSeMc3PQwQmNkJOXYmZ2RcYI6p+7Cnqg
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:16:19 2024 by rpki-client on console-fra.rpki-client.org