Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/UP262ju1nAuFyc3H2WOnpd6jhQU.roa
File: UP262ju1nAuFyc3H2WOnpd6jhQU.roa (raw, json)
Hash identifier: C2m+BJRJHn43/ypHkHVsQLDjcfNEn68R4mFm25TA04o=
Subject key identifier: 50:FD:BA:DA:3B:B5:9C:0B:85:C9:CD:C7:D9:63:A7:A5:DE:A3:85:05
Certificate issuer: /CN=d826ca5d53c1b5308e2c9c791c630a0f22337943
Certificate serial: 018CC3B695AF06D56DFAF3C9437AEA531BF5
Authority key identifier: D8:26:CA:5D:53:C1:B5:30:8E:2C:9C:79:1C:63:0A:0F:22:33:79:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2CbKXVPBtTCOLJx5HGMKDyIzeUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/UP262ju1nAuFyc3H2WOnpd6jhQU.roa
Signing time: Mon 01 Jan 2024 06:29:32 +0000
ROA not before: Mon 01 Jan 2024 06:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 109.68.70.0/24 maxlen: 24
109.68.67.0/24 maxlen: 24
109.68.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/2CbKXVPBtTCOLJx5HGMKDyIzeUM.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/2CbKXVPBtTCOLJx5HGMKDyIzeUM.mft
rsync://rpki.ripe.net/repository/DEFAULT/2CbKXVPBtTCOLJx5HGMKDyIzeUM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:95:af:06:d5:6d:fa:f3:c9:43:7a:ea:53:1b:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d826ca5d53c1b5308e2c9c791c630a0f22337943
Validity
Not Before: Jan 1 06:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50fdbada3bb59c0b85c9cdc7d963a7a5dea38505
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:96:74:ac:ab:39:36:06:4f:aa:08:21:67:cd:
04:9a:b5:9b:5e:2c:36:1c:78:63:ce:6c:91:66:1f:
7d:ad:48:f2:87:e2:1c:1a:64:29:45:2a:fe:32:47:
9c:26:20:89:6f:cc:44:ca:71:8e:0f:03:c2:48:34:
09:6a:0e:15:82:53:f6:0e:21:42:d4:37:11:be:c7:
a5:76:6e:44:09:56:a2:16:b5:34:7d:97:2c:68:73:
2d:16:d2:67:b9:8c:ae:61:94:3c:b2:09:3f:bc:2c:
6f:81:ee:75:ac:73:e5:79:7e:71:3f:a3:61:79:8f:
c2:ff:c0:f6:a7:1e:c1:be:04:de:56:c3:03:d7:c5:
ce:24:e6:65:5e:c3:9c:ba:d7:a0:b2:89:90:f3:83:
ca:c5:07:e2:b3:6f:65:75:ea:63:9a:05:2e:d2:57:
9a:a9:41:92:59:bc:0c:1b:24:27:87:79:3d:ef:e6:
30:15:76:b5:86:86:c2:5e:7f:2e:dd:c8:24:38:ad:
a5:7f:4b:7d:6b:9f:26:6e:50:08:ff:c3:f7:3f:c9:
78:a5:45:5a:50:2c:c1:0c:64:02:78:54:ab:a4:f1:
14:50:d0:60:e8:77:66:32:c6:28:5f:c5:d3:76:e3:
ad:50:80:49:32:a6:fe:c4:6f:77:1d:ac:3b:c8:67:
1b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:FD:BA:DA:3B:B5:9C:0B:85:C9:CD:C7:D9:63:A7:A5:DE:A3:85:05
X509v3 Authority Key Identifier:
keyid:D8:26:CA:5D:53:C1:B5:30:8E:2C:9C:79:1C:63:0A:0F:22:33:79:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2CbKXVPBtTCOLJx5HGMKDyIzeUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/UP262ju1nAuFyc3H2WOnpd6jhQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/2CbKXVPBtTCOLJx5HGMKDyIzeUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.67.0/24
109.68.70.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:27:51:01:1d:a4:04:13:bc:40:92:16:9e:04:f6:cd:a7:fc:
de:a6:42:77:c8:ce:1e:75:d8:07:ea:8f:b0:d7:3f:6c:f3:95:
9f:40:59:db:15:a1:34:81:e7:69:6b:8b:1c:36:53:15:98:86:
52:6f:b1:33:2b:d6:a6:47:e4:84:72:e3:bf:30:fa:54:48:64:
fc:5a:56:77:2a:09:07:ad:fc:b6:6f:54:0c:88:df:ad:b8:cf:
31:cd:0d:f2:48:5c:c8:df:c9:6d:c0:7e:5d:cf:5e:b2:2f:45:
b6:4b:84:e5:80:66:e9:f5:56:a5:d7:36:45:4f:6e:d4:74:b5:
37:93:aa:90:03:e4:9c:73:40:a7:3c:4b:03:be:23:5d:42:a5:
d3:39:f1:c3:ec:9d:37:2f:1c:d5:9c:9d:d8:e0:76:49:f6:69:
fa:16:4d:f0:7a:b8:58:45:46:c0:30:ff:0e:c7:00:09:9e:ff:
c5:09:b4:15:d4:e4:d1:79:3f:60:20:55:3e:12:89:40:f4:08:
bf:f1:8d:7e:9c:21:99:5a:1b:d7:c5:da:28:34:f7:ca:1e:18:
7f:77:aa:10:f1:cb:e7:dc:9e:8d:e7:70:43:ba:48:03:7d:6c:
e0:e5:33:ad:6c:c5:c4:60:fb:f1:2e:f5:c6:0e:49:d9:68:e2:
f9:ee:69:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtpWvBtVt+vPJQ3rqUxv1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MjZjYTVkNTNjMWI1MzA4ZTJjOWM3OTFjNjMwYTBmMjIz
Mzc5NDMwHhcNMjQwMTAxMDYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGZkYmFkYTNiYjU5YzBiODVjOWNkYzdkOTYzYTdhNWRlYTM4NTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJZ0rKs5NgZPqgghZ80EmrWbXiw2
HHhjzmyRZh99rUjyh+IcGmQpRSr+MkecJiCJb8xEynGODwPCSDQJag4VglP2DiFC
1DcRvseldm5ECVaiFrU0fZcsaHMtFtJnuYyuYZQ8sgk/vCxvge51rHPleX5xP6Nh
eY/C/8D2px7BvgTeVsMD18XOJOZlXsOcutegsomQ84PKxQfis29ldepjmgUu0lea
qUGSWbwMGyQnh3k97+YwFXa1hobCXn8u3cgkOK2lf0t9a58mblAI/8P3P8l4pUVa
UCzBDGQCeFSrpPEUUNBg6HdmMsYoX8XTduOtUIBJMqb+xG93Haw7yGcbUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFD9uto7tZwLhcnNx9ljp6Xeo4UFMB8GA1UdIwQY
MBaAFNgmyl1TwbUwjiyceRxjCg8iM3lDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkNiS1hWUEJ0VENPTEp4NUhHTUtEeUl6ZVVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS80YjU0NGUtNjUzNS00YWY4LWJiZGIt
NThkMmVlOTgyODc5LzEvVVAyNjJqdTFuQXVGeWMzSDJXT25wZDZqaFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS80YjU0NGUtNjUzNS00YWY4LWJiZGItNThkMmVlOTgyODc5
LzEvMkNiS1hWUEJ0VENPTEp4NUhHTUtEeUl6ZVVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbURDAwQB
bURGMA0GCSqGSIb3DQEBCwUAA4IBAQBtJ1EBHaQEE7xAkhaeBPbNp/zepkJ3yM4e
ddgH6o+w1z9s85WfQFnbFaE0gedpa4scNlMVmIZSb7EzK9amR+SEcuO/MPpUSGT8
WlZ3KgkHrfy2b1QMiN+tuM8xzQ3ySFzI38ltwH5dz16yL0W2S4TlgGbp9Val1zZF
T27UdLU3k6qQA+Scc0CnPEsDviNdQqXTOfHD7J03LxzVnJ3Y4HZJ9mn6Fk3werhY
RUbAMP8OxwAJnv/FCbQV1OTReT9gIFU+EolA9Ai/8Y1+nCGZWhvXxdooNPfKHhh/
d6oQ8cvn3J6N53BDukgDfWzg5TOtbMXEYPvxLvXGDknZaOL57mmT
-----END CERTIFICATE-----
Generated at Thu May 2 07:52:06 2024 by rpki-client on console-fra.rpki-client.org