Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/fe5041-d3f4-499c-9853-22d10635f0c4/1/U1eW9BQqUcWDb6vbuKmKpRjpuJA.roa
File: U1eW9BQqUcWDb6vbuKmKpRjpuJA.roa (raw, json)
Hash identifier: egqVukqMaV+6xK21wLR7HvdNvSCuMOta9pBydIfmw14=
Subject key identifier: 53:57:96:F4:14:2A:51:C5:83:6F:AB:DB:B8:A9:8A:A5:18:E9:B8:90
Certificate issuer: /CN=9bc350bc613d05de910a8da26c91c297171078b6
Certificate serial: 018CC26D676B5A0A4A62A93CB72CC8FBEBF7
Authority key identifier: 9B:C3:50:BC:61:3D:05:DE:91:0A:8D:A2:6C:91:C2:97:17:10:78:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m8NQvGE9Bd6RCo2ibJHClxcQeLY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/fe5041-d3f4-499c-9853-22d10635f0c4/1/U1eW9BQqUcWDb6vbuKmKpRjpuJA.roa
Signing time: Mon 01 Jan 2024 00:29:58 +0000
ROA not before: Mon 01 Jan 2024 00:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44424
IP address blocks: 92.43.56.0/21 maxlen: 24
92.43.56.0/22 maxlen: 22
92.43.62.0/23 maxlen: 23
92.43.60.0/22 maxlen: 22
2a03:76e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/fe5041-d3f4-499c-9853-22d10635f0c4/1/m8NQvGE9Bd6RCo2ibJHClxcQeLY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/fe5041-d3f4-499c-9853-22d10635f0c4/1/m8NQvGE9Bd6RCo2ibJHClxcQeLY.mft
rsync://rpki.ripe.net/repository/DEFAULT/m8NQvGE9Bd6RCo2ibJHClxcQeLY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:67:6b:5a:0a:4a:62:a9:3c:b7:2c:c8:fb:eb:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bc350bc613d05de910a8da26c91c297171078b6
Validity
Not Before: Jan 1 00:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=535796f4142a51c5836fabdbb8a98aa518e9b890
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4d:dc:41:69:2d:3d:9f:4b:3f:69:6d:a2:79:
e3:76:ce:cf:28:96:8d:7a:f3:25:a3:2e:5f:17:4d:
dc:48:cd:83:b4:ff:d3:10:e7:af:f8:de:d3:27:a4:
18:ed:e8:04:4d:9d:bf:b1:11:b5:fb:8c:fe:90:1b:
98:42:2f:b8:99:31:49:35:5e:b3:4a:eb:d0:21:26:
ae:34:83:e0:bf:7e:53:65:91:c3:88:5a:58:e7:67:
a9:25:c7:b6:af:3b:5b:19:51:ec:66:c4:50:d5:ce:
74:4e:ac:62:76:03:28:45:76:18:25:a0:b0:16:7e:
4d:92:de:05:4a:aa:58:b1:75:9b:ef:8b:7d:f3:b7:
d9:20:30:21:66:d9:72:05:5a:94:3d:c5:ac:3a:aa:
b4:92:c8:ef:e7:67:1c:7c:51:6a:ee:7a:f9:9a:01:
8b:5c:ec:b7:0b:67:5d:a4:4f:fc:ad:cb:cc:ee:b7:
f4:7a:51:da:26:40:6f:5d:4e:82:2d:f0:2f:b7:e8:
c6:1a:6a:3a:e0:9e:46:2b:a9:8c:dd:d7:71:37:aa:
5c:5a:f8:ac:b7:da:1f:b6:43:e2:c9:41:f7:8f:d5:
47:bb:d5:47:c1:20:8b:8e:aa:5f:32:03:70:4d:06:
78:ba:0e:20:07:2e:2d:5f:35:0f:cc:fa:a0:c2:0b:
07:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:57:96:F4:14:2A:51:C5:83:6F:AB:DB:B8:A9:8A:A5:18:E9:B8:90
X509v3 Authority Key Identifier:
keyid:9B:C3:50:BC:61:3D:05:DE:91:0A:8D:A2:6C:91:C2:97:17:10:78:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m8NQvGE9Bd6RCo2ibJHClxcQeLY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/fe5041-d3f4-499c-9853-22d10635f0c4/1/U1eW9BQqUcWDb6vbuKmKpRjpuJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/fe5041-d3f4-499c-9853-22d10635f0c4/1/m8NQvGE9Bd6RCo2ibJHClxcQeLY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.43.56.0/21
IPv6:
2a03:76e0::/32
Signature Algorithm: sha256WithRSAEncryption
c2:5e:cf:e1:11:a4:b7:6e:81:bf:ed:55:91:11:82:47:91:51:
37:06:31:6f:f4:2d:e3:c1:f6:9d:3d:63:57:68:b5:2e:23:ef:
b3:4b:59:4f:89:47:55:ad:80:c4:3b:ee:19:f9:07:61:6b:fd:
c6:1f:e1:2f:8d:28:ff:aa:e8:1f:b4:cd:9f:f1:70:53:30:a0:
9e:f9:74:34:32:fd:c0:cd:aa:a1:89:ce:fa:97:c8:6d:07:32:
9f:02:6e:a8:81:61:0e:22:a8:88:2d:af:bd:b3:7d:d9:47:67:
be:16:03:66:3d:6e:eb:a9:b3:f2:54:72:10:5a:b8:99:69:e9:
58:b1:28:46:87:18:47:8b:73:5a:10:fe:de:08:c5:fe:dd:f2:
7e:9b:fe:06:03:e6:51:1f:79:0c:16:43:11:e3:c2:76:6e:c7:
c9:b0:e5:cb:ce:8e:22:f1:b6:fb:96:bd:9e:3a:a3:93:96:b7:
29:d5:40:f7:dc:2d:dc:58:21:b3:49:d7:16:8a:ab:ed:93:25:
cb:d1:32:34:bf:47:2a:8a:bd:f3:18:c0:7c:04:24:53:2c:af:
6a:7b:eb:1f:8b:38:4f:7b:2d:c7:27:c9:b7:dc:07:d7:91:ed:
41:b7:70:3e:9c:1b:6b:4a:52:b5:52:c9:2d:80:c3:da:a3:d0:
45:5a:52:af
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbWdrWgpKYqk8tyzI++v3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYzM1MGJjNjEzZDA1ZGU5MTBhOGRhMjZjOTFjMjk3MTcx
MDc4YjYwHhcNMjQwMTAxMDAyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzU3OTZmNDE0MmE1MWM1ODM2ZmFiZGJiOGE5OGFhNTE4ZTliODkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm03cQWktPZ9LP2ltonnjds7PKJaN
evMloy5fF03cSM2DtP/TEOev+N7TJ6QY7egETZ2/sRG1+4z+kBuYQi+4mTFJNV6z
SuvQISauNIPgv35TZZHDiFpY52epJce2rztbGVHsZsRQ1c50TqxidgMoRXYYJaCw
Fn5Nkt4FSqpYsXWb74t987fZIDAhZtlyBVqUPcWsOqq0ksjv52ccfFFq7nr5mgGL
XOy3C2ddpE/8rcvM7rf0elHaJkBvXU6CLfAvt+jGGmo64J5GK6mM3ddxN6pcWvis
t9oftkPiyUH3j9VHu9VHwSCLjqpfMgNwTQZ4ug4gBy4tXzUPzPqgwgsH2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFNXlvQUKlHFg2+r27ipiqUY6biQMB8GA1UdIwQY
MBaAFJvDULxhPQXekQqNomyRwpcXEHi2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbThOUXZHRTlCZDZSQ28yaWJKSENseGNRZUxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9mZTUwNDEtZDNmNC00OTljLTk4NTMt
MjJkMTA2MzVmMGM0LzEvVTFlVzlCUXFVY1dEYjZ2YnVLbUtwUmpwdUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9mZTUwNDEtZDNmNC00OTljLTk4NTMtMjJkMTA2MzVmMGM0
LzEvbThOUXZHRTlCZDZSQ28yaWJKSENseGNRZUxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXCs4MA0E
AgACMAcDBQAqA3bgMA0GCSqGSIb3DQEBCwUAA4IBAQDCXs/hEaS3boG/7VWREYJH
kVE3BjFv9C3jwfadPWNXaLUuI++zS1lPiUdVrYDEO+4Z+Qdha/3GH+EvjSj/qugf
tM2f8XBTMKCe+XQ0Mv3Azaqhic76l8htBzKfAm6ogWEOIqiILa+9s33ZR2e+FgNm
PW7rqbPyVHIQWriZaelYsShGhxhHi3NaEP7eCMX+3fJ+m/4GA+ZRH3kMFkMR48J2
bsfJsOXLzo4i8bb7lr2eOqOTlrcp1UD33C3cWCGzSdcWiqvtkyXL0TI0v0cqir3z
GMB8BCRTLK9qe+sfizhPey3HJ8m33AfXke1Bt3A+nBtrSlK1UsktgMPao9BFWlKv
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:48:24 2024 by rpki-client on console-fra.rpki-client.org