Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f1b41f-a44c-44e1-b8d2-37cb8a57087b/1/UJ5jrCt8aI5URgsnphR-EhXxkcg.roa
File: UJ5jrCt8aI5URgsnphR-EhXxkcg.roa (raw, json)
Hash identifier: ESL7zlPzgfHXW3cKoI80PzxsvWxeYs3Ur9TEjtMjSK4=
Subject key identifier: 50:9E:63:AC:2B:7C:68:8E:54:46:0B:27:A6:14:7E:12:15:F1:91:C8
Certificate issuer: /CN=102a93b92f5845be62a6241f23cfadb14cb16994
Certificate serial: 018CC9BC24403D5439CA82CDCA9698814C8C
Authority key identifier: 10:2A:93:B9:2F:58:45:BE:62:A6:24:1F:23:CF:AD:B1:4C:B1:69:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ECqTuS9YRb5ipiQfI8-tsUyxaZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/f1b41f-a44c-44e1-b8d2-37cb8a57087b/1/UJ5jrCt8aI5URgsnphR-EhXxkcg.roa
Signing time: Tue 02 Jan 2024 10:33:19 +0000
ROA not before: Tue 02 Jan 2024 10:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57507
IP address blocks: 158.255.192.0/20 maxlen: 24
185.152.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/f1b41f-a44c-44e1-b8d2-37cb8a57087b/1/ECqTuS9YRb5ipiQfI8-tsUyxaZQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/f1b41f-a44c-44e1-b8d2-37cb8a57087b/1/ECqTuS9YRb5ipiQfI8-tsUyxaZQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ECqTuS9YRb5ipiQfI8-tsUyxaZQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:24:40:3d:54:39:ca:82:cd:ca:96:98:81:4c:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=102a93b92f5845be62a6241f23cfadb14cb16994
Validity
Not Before: Jan 2 10:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=509e63ac2b7c688e54460b27a6147e1215f191c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:fd:96:dc:67:d1:66:6b:21:5f:7b:3b:ff:69:
a7:58:5e:e0:85:6f:b0:c9:05:28:16:26:20:c4:fc:
56:04:6e:bb:7f:31:dc:d3:b6:63:ab:8b:dc:be:ed:
8a:ff:9b:38:3e:d1:c6:06:44:7b:c2:af:ad:0d:39:
c5:22:e7:8a:30:ad:1f:bb:05:aa:02:31:45:83:d4:
13:78:bf:70:e6:9c:a6:14:33:66:02:ab:0e:d8:a7:
0c:10:9b:2c:5f:97:0d:1b:33:4e:43:49:74:09:51:
d2:4d:c0:28:46:4d:6c:c6:19:85:6a:fe:a7:9e:78:
4c:c9:5c:30:0a:32:62:db:58:8d:7f:f8:b0:81:d6:
43:fd:59:94:79:18:d6:0b:1f:c9:82:48:8b:71:85:
0f:26:af:a3:be:d1:fe:63:95:88:4b:4e:9e:ce:f8:
91:b8:61:4d:75:ab:3e:9b:38:1a:1f:ca:ce:14:c3:
6f:95:7e:27:e5:a8:88:73:a6:7b:19:d3:a2:5c:d8:
f6:85:d6:72:dd:75:64:0b:fd:78:d8:a8:bf:33:29:
87:33:5f:7c:de:df:e0:b4:19:73:ae:84:5d:3e:07:
b6:a4:4a:61:73:01:5f:61:a0:40:10:b1:de:c5:0d:
ac:75:b4:a7:1f:46:70:54:10:d7:77:8e:30:34:c2:
1d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:9E:63:AC:2B:7C:68:8E:54:46:0B:27:A6:14:7E:12:15:F1:91:C8
X509v3 Authority Key Identifier:
keyid:10:2A:93:B9:2F:58:45:BE:62:A6:24:1F:23:CF:AD:B1:4C:B1:69:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ECqTuS9YRb5ipiQfI8-tsUyxaZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f1b41f-a44c-44e1-b8d2-37cb8a57087b/1/UJ5jrCt8aI5URgsnphR-EhXxkcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f1b41f-a44c-44e1-b8d2-37cb8a57087b/1/ECqTuS9YRb5ipiQfI8-tsUyxaZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.255.192.0/20
185.152.40.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:dd:0e:e6:14:19:4e:1d:82:8a:12:03:bb:b0:46:37:e9:a7:
d3:a0:11:21:37:0d:67:af:ac:1b:29:70:75:9d:a6:df:53:00:
b6:96:16:8b:cd:9a:64:b1:9f:a7:3a:ea:ed:14:39:aa:03:34:
00:42:a4:b7:1e:d4:9d:11:1c:17:5f:e2:71:1d:bc:a1:80:ac:
b9:3c:c1:62:bb:6b:2b:f2:55:31:21:e6:dc:6e:66:ec:cb:c8:
5a:d7:0d:ba:ab:41:c2:43:b4:70:c6:43:70:94:5b:ac:c6:60:
ca:60:c0:05:eb:6e:e6:33:c1:3b:0e:25:9a:ef:24:b4:cb:6d:
45:7a:59:ca:69:5f:04:40:ec:6c:19:79:5a:ec:0b:ea:4d:de:
c6:03:9c:98:ca:57:fd:87:fd:e5:8e:0e:53:a4:f3:cf:66:2c:
c7:82:ed:64:db:ba:09:33:b9:22:97:10:bb:49:c8:81:82:6a:
b5:46:5c:39:db:b2:9b:eb:a0:23:ba:5d:e4:27:8f:2b:a2:0a:
26:0d:48:e2:42:5d:be:ae:b0:90:97:c6:9c:b0:9f:ae:b8:4f:
5e:df:be:2a:12:49:34:5f:0b:3b:7a:5b:98:4f:1b:6c:34:46:
4b:87:e0:72:11:0b:e0:9c:aa:54:fc:9d:0e:34:16:48:ef:aa:
b3:fc:6a:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvCRAPVQ5yoLNypaYgUyMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMmE5M2I5MmY1ODQ1YmU2MmE2MjQxZjIzY2ZhZGIxNGNi
MTY5OTQwHhcNMjQwMTAyMTAzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDllNjNhYzJiN2M2ODhlNTQ0NjBiMjdhNjE0N2UxMjE1ZjE5MWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhv2W3GfRZmshX3s7/2mnWF7ghW+w
yQUoFiYgxPxWBG67fzHc07Zjq4vcvu2K/5s4PtHGBkR7wq+tDTnFIueKMK0fuwWq
AjFFg9QTeL9w5pymFDNmAqsO2KcMEJssX5cNGzNOQ0l0CVHSTcAoRk1sxhmFav6n
nnhMyVwwCjJi21iNf/iwgdZD/VmUeRjWCx/JgkiLcYUPJq+jvtH+Y5WIS06ezviR
uGFNdas+mzgaH8rOFMNvlX4n5aiIc6Z7GdOiXNj2hdZy3XVkC/142Ki/MymHM198
3t/gtBlzroRdPge2pEphcwFfYaBAELHexQ2sdbSnH0ZwVBDXd44wNMIdDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFCeY6wrfGiOVEYLJ6YUfhIV8ZHIMB8GA1UdIwQY
MBaAFBAqk7kvWEW+YqYkHyPPrbFMsWmUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUNxVHVTOVlSYjVpcGlRZkk4LXRzVXl4YVpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mMWI0MWYtYTQ0Yy00NGUxLWI4ZDIt
MzdjYjhhNTcwODdiLzEvVUo1anJDdDhhSTVVUmdzbnBoUi1FaFh4a2NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9mMWI0MWYtYTQ0Yy00NGUxLWI4ZDItMzdjYjhhNTcwODdi
LzEvRUNxVHVTOVlSYjVpcGlRZkk4LXRzVXl4YVpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEnv/AAwQC
uZgoMA0GCSqGSIb3DQEBCwUAA4IBAQCp3Q7mFBlOHYKKEgO7sEY36afToBEhNw1n
r6wbKXB1nabfUwC2lhaLzZpksZ+nOurtFDmqAzQAQqS3HtSdERwXX+JxHbyhgKy5
PMFiu2sr8lUxIebcbmbsy8ha1w26q0HCQ7RwxkNwlFusxmDKYMAF627mM8E7DiWa
7yS0y21FelnKaV8EQOxsGXla7AvqTd7GA5yYylf9h/3ljg5TpPPPZizHgu1k27oJ
M7kilxC7SciBgmq1Rlw527Kb66Ajul3kJ48rogomDUjiQl2+rrCQl8acsJ+uuE9e
374qEkk0Xws7eluYTxtsNEZLh+ByEQvgnKpU/J0ONBZI76qz/GrI
-----END CERTIFICATE-----
Generated at Sun May 19 11:41:20 2024 by rpki-client on console-ams.rpki-client.org