Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/2bb706-66d4-4fae-93a1-b97c2c4ad439/1/UZlQM9Ac06vVIav-KMAIFOFYjYY.roa
File: UZlQM9Ac06vVIav-KMAIFOFYjYY.roa (raw, json)
Hash identifier: 9O+e/qjden+xtp4QSPqqsCG82xsP+xhezQN8BrPWUQI=
Subject key identifier: 51:99:50:33:D0:1C:D3:AB:D5:21:AB:FE:28:C0:08:14:E1:58:8D:86
Certificate issuer: /CN=aa8fd05eeb6ea05a11d667abedd8ea1093d271b3
Certificate serial: 018D68A2CD4E3C5BDCDABB8294B96CD36466
Authority key identifier: AA:8F:D0:5E:EB:6E:A0:5A:11:D6:67:AB:ED:D8:EA:10:93:D2:71:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qo_QXutuoFoR1mer7djqEJPScbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/2bb706-66d4-4fae-93a1-b97c2c4ad439/1/UZlQM9Ac06vVIav-KMAIFOFYjYY.roa
Signing time: Fri 02 Feb 2024 07:05:16 +0000
ROA not before: Fri 02 Feb 2024 07:05:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48757
IP address blocks: 91.215.172.0/22 maxlen: 22
95.128.176.0/22 maxlen: 22
95.128.180.0/22 maxlen: 22
95.128.180.0/24 maxlen: 24
95.128.181.0/24 maxlen: 24
95.128.182.0/24 maxlen: 24
95.128.183.0/24 maxlen: 24
185.17.140.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/2bb706-66d4-4fae-93a1-b97c2c4ad439/1/qo_QXutuoFoR1mer7djqEJPScbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/2bb706-66d4-4fae-93a1-b97c2c4ad439/1/qo_QXutuoFoR1mer7djqEJPScbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/qo_QXutuoFoR1mer7djqEJPScbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:68:a2:cd:4e:3c:5b:dc:da:bb:82:94:b9:6c:d3:64:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa8fd05eeb6ea05a11d667abedd8ea1093d271b3
Validity
Not Before: Feb 2 07:05:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51995033d01cd3abd521abfe28c00814e1588d86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8a:76:b9:e0:c3:2f:c5:c2:13:19:90:44:a2:
c5:58:64:1b:1d:b3:63:c4:f3:d7:36:3a:89:d5:c9:
98:d9:e0:d8:7c:29:2e:63:a8:bd:4b:f2:1f:bd:5f:
84:42:d1:e6:c4:75:e8:26:64:fd:d8:35:0a:5a:10:
80:39:f1:55:5f:c7:be:23:e6:1e:3e:a0:68:e1:66:
89:3f:0e:ce:10:22:48:8e:83:b9:33:ae:57:f1:9c:
0a:d1:01:4c:19:c8:c8:25:ea:6b:11:c7:b8:8e:62:
bd:b0:a4:33:2b:aa:df:78:37:9e:4f:0b:05:25:77:
16:a8:81:cc:2d:0f:30:f8:ad:fb:af:6d:66:cd:77:
d8:cb:a3:12:37:97:84:86:6f:b4:77:c7:9c:47:8d:
16:39:91:9b:68:84:16:d8:54:71:2a:7b:1c:4b:83:
42:e7:bb:59:dd:81:a0:fd:ad:e8:42:27:e1:c0:5c:
a8:a9:4c:36:f9:3d:29:fa:02:d9:33:d3:fb:b6:27:
c4:da:c9:ce:2f:38:35:d7:57:70:7c:38:a0:2f:12:
28:b1:18:d8:27:c1:fb:75:b6:85:25:3b:cc:a6:ac:
16:10:43:72:6c:a3:fe:89:03:70:ea:42:d3:b3:fe:
66:95:1e:89:e1:c2:c4:e9:9c:ad:66:c0:4f:c1:8b:
e9:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:99:50:33:D0:1C:D3:AB:D5:21:AB:FE:28:C0:08:14:E1:58:8D:86
X509v3 Authority Key Identifier:
keyid:AA:8F:D0:5E:EB:6E:A0:5A:11:D6:67:AB:ED:D8:EA:10:93:D2:71:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qo_QXutuoFoR1mer7djqEJPScbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/2bb706-66d4-4fae-93a1-b97c2c4ad439/1/UZlQM9Ac06vVIav-KMAIFOFYjYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/2bb706-66d4-4fae-93a1-b97c2c4ad439/1/qo_QXutuoFoR1mer7djqEJPScbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.172.0/22
95.128.176.0/21
185.17.140.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:8f:17:b0:d1:51:b2:ec:8f:75:fe:9c:8c:23:4a:2f:28:78:
f1:fe:e3:01:5d:f9:c8:47:35:cd:8c:ab:c8:6d:4b:78:c6:b4:
6b:4e:2a:d4:5d:80:14:b1:f6:05:39:74:63:14:c2:83:c4:84:
64:a0:76:10:36:ca:42:21:f7:ee:ee:af:f5:4a:fa:c6:91:13:
cc:0d:2d:bf:29:05:ce:78:bb:d9:80:a4:59:43:4b:fe:07:6e:
07:e4:e0:fd:d7:20:9c:c3:69:3e:4e:fa:78:49:fc:ed:54:f8:
63:ab:6c:65:e4:1a:94:3f:e2:5a:ca:7c:54:7b:49:a0:df:22:
2c:da:5f:f9:66:41:2c:64:47:2a:38:f9:74:85:4a:4d:8b:d7:
34:06:c2:f2:9b:42:ed:16:43:a4:50:db:a9:66:55:b3:9b:5a:
d2:f1:02:72:5c:18:ce:ae:c8:37:73:23:1f:07:c4:c9:5f:f4:
1c:83:ce:50:b3:1f:5d:02:6d:af:2b:4e:8c:2d:5a:51:69:b3:
df:41:63:ca:31:c4:71:28:5b:51:c7:88:5b:68:64:83:ac:57:
dc:df:bc:53:bc:25:34:f0:1b:98:be:3e:37:2b:b9:da:56:18:
7d:15:84:cc:45:4d:3d:a5:73:0d:27:ef:49:62:37:23:e0:8b:
c7:03:4e:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1oos1OPFvc2ruClLls02RmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOGZkMDVlZWI2ZWEwNWExMWQ2NjdhYmVkZDhlYTEwOTNk
MjcxYjMwHhcNMjQwMjAyMDcwNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTk5NTAzM2QwMWNkM2FiZDUyMWFiZmUyOGMwMDgxNGUxNTg4ZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4p2ueDDL8XCExmQRKLFWGQbHbNj
xPPXNjqJ1cmY2eDYfCkuY6i9S/IfvV+EQtHmxHXoJmT92DUKWhCAOfFVX8e+I+Ye
PqBo4WaJPw7OECJIjoO5M65X8ZwK0QFMGcjIJeprEce4jmK9sKQzK6rfeDeeTwsF
JXcWqIHMLQ8w+K37r21mzXfYy6MSN5eEhm+0d8ecR40WOZGbaIQW2FRxKnscS4NC
57tZ3YGg/a3oQifhwFyoqUw2+T0p+gLZM9P7tifE2snOLzg111dwfDigLxIosRjY
J8H7dbaFJTvMpqwWEENybKP+iQNw6kLTs/5mlR6J4cLE6ZytZsBPwYvpcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFGZUDPQHNOr1SGr/ijACBThWI2GMB8GA1UdIwQY
MBaAFKqP0F7rbqBaEdZnq+3Y6hCT0nGzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW9fUVh1dHVvRm9SMW1lcjdkanFFSlBTY2JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8yYmI3MDYtNjZkNC00ZmFlLTkzYTEt
Yjk3YzJjNGFkNDM5LzEvVVpsUU05QWMwNnZWSWF2LUtNQUlGT0ZZallZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8yYmI3MDYtNjZkNC00ZmFlLTkzYTEtYjk3YzJjNGFkNDM5
LzEvcW9fUVh1dHVvRm9SMW1lcjdkanFFSlBTY2JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW9esAwQD
X4CwAwQCuRGMMA0GCSqGSIb3DQEBCwUAA4IBAQBujxew0VGy7I91/pyMI0ovKHjx
/uMBXfnIRzXNjKvIbUt4xrRrTirUXYAUsfYFOXRjFMKDxIRkoHYQNspCIffu7q/1
SvrGkRPMDS2/KQXOeLvZgKRZQ0v+B24H5OD91yCcw2k+Tvp4SfztVPhjq2xl5BqU
P+JaynxUe0mg3yIs2l/5ZkEsZEcqOPl0hUpNi9c0BsLym0LtFkOkUNupZlWzm1rS
8QJyXBjOrsg3cyMfB8TJX/Qcg85Qsx9dAm2vK06MLVpRabPfQWPKMcRxKFtRx4hb
aGSDrFfc37xTvCU08BuYvj43K7naVhh9FYTMRU09pXMNJ+9JYjcj4IvHA04F
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:37:58 2024 by rpki-client on console-ams.rpki-client.org