Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/1-IWXBzFSEaaNlrAZAKaNawiRsCQ.roa
File: 1-IWXBzFSEaaNlrAZAKaNawiRsCQ.roa (raw, json)
Hash identifier: yL+ETBUO+U/3HB3sZPBB/wgyI7oh5WCWYHj8BG4Dxto=
Subject key identifier: F8:85:97:07:31:52:11:A6:8D:96:B0:19:00:A6:8D:6B:08:91:B0:24
Certificate issuer: /CN=f4460d6554d581ebb80e39e45015cd7d36d93f66
Certificate serial: 018CC80302E03DE8D8B88773F3079A5E8BC6
Authority key identifier: F4:46:0D:65:54:D5:81:EB:B8:0E:39:E4:50:15:CD:7D:36:D9:3F:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9EYNZVTVgeu4DjnkUBXNfTbZP2Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/1-IWXBzFSEaaNlrAZAKaNawiRsCQ.roa
Signing time: Tue 02 Jan 2024 02:31:29 +0000
ROA not before: Tue 02 Jan 2024 02:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2535
IP address blocks: 149.184.160.0/20 maxlen: 20
149.184.160.0/21 maxlen: 21
149.184.168.0/21 maxlen: 21
149.189.192.0/22 maxlen: 22
149.189.192.0/21 maxlen: 21
149.189.196.0/22 maxlen: 22
149.182.217.0/24 maxlen: 24
149.182.216.0/24 maxlen: 24
149.182.216.0/23 maxlen: 23
149.184.144.0/24 maxlen: 24
149.184.144.0/23 maxlen: 23
149.184.143.0/24 maxlen: 24
149.184.145.0/24 maxlen: 24
149.184.142.0/24 maxlen: 24
149.184.142.0/23 maxlen: 23
149.189.160.0/21 maxlen: 21
149.189.160.0/20 maxlen: 20
149.189.168.0/21 maxlen: 21
149.195.58.0/23 maxlen: 23
149.195.58.0/24 maxlen: 24
149.195.59.0/24 maxlen: 24
149.184.224.0/19 maxlen: 19
149.184.224.0/20 maxlen: 20
149.184.240.0/20 maxlen: 20
149.185.136.0/24 maxlen: 24
149.185.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/9EYNZVTVgeu4DjnkUBXNfTbZP2Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/9EYNZVTVgeu4DjnkUBXNfTbZP2Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/9EYNZVTVgeu4DjnkUBXNfTbZP2Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 19:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:03:02:e0:3d:e8:d8:b8:87:73:f3:07:9a:5e:8b:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4460d6554d581ebb80e39e45015cd7d36d93f66
Validity
Not Before: Jan 2 02:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8859707315211a68d96b01900a68d6b0891b024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:31:e8:ce:b9:2a:43:eb:d2:83:58:e9:bd:ec:
a1:9f:54:e0:bd:98:88:52:9f:3c:fa:f7:33:ea:35:
fa:01:f2:cc:1a:c5:64:4a:7e:e3:57:6d:59:c8:dd:
5b:dc:11:61:6a:4c:01:a3:96:fd:99:6b:1c:d7:67:
0b:39:b3:90:45:45:8f:3a:eb:ab:3c:7e:a2:86:47:
03:b6:b0:56:4f:d5:ec:7f:69:c5:d8:be:40:1e:1b:
95:ea:c4:65:5b:24:12:2f:11:d8:68:fb:28:c7:bd:
50:7b:26:3b:1f:67:1b:60:78:3c:d7:e4:f0:2a:dc:
8c:5a:f3:e2:ca:b4:6a:64:aa:07:46:04:9d:f6:9c:
51:65:9f:c8:50:98:da:77:bb:23:f7:97:2f:46:c0:
f7:8c:2f:7e:24:51:f8:e3:1c:94:72:a4:03:23:15:
c6:b2:9f:71:b2:d6:b7:ea:c6:d3:4d:3e:c5:04:cf:
86:3a:72:af:cd:73:43:28:ac:f5:48:81:b1:ca:22:
e6:30:41:9f:74:f6:c2:85:bd:73:d2:47:9e:ca:c3:
11:7b:cb:39:d4:43:63:0c:c9:b1:f7:b4:83:8e:43:
6c:88:c4:91:d9:b9:03:e9:f3:2c:b9:ee:db:f1:62:
bd:11:28:63:81:a8:d2:d9:f5:79:05:65:24:41:ba:
df:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:85:97:07:31:52:11:A6:8D:96:B0:19:00:A6:8D:6B:08:91:B0:24
X509v3 Authority Key Identifier:
keyid:F4:46:0D:65:54:D5:81:EB:B8:0E:39:E4:50:15:CD:7D:36:D9:3F:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9EYNZVTVgeu4DjnkUBXNfTbZP2Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/1-IWXBzFSEaaNlrAZAKaNawiRsCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/9EYNZVTVgeu4DjnkUBXNfTbZP2Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.182.216.0/23
149.184.142.0-149.184.145.255
149.184.160.0/20
149.184.224.0/19
149.185.136.0/24
149.185.200.0/24
149.189.160.0/20
149.189.192.0/21
149.195.58.0/23
Signature Algorithm: sha256WithRSAEncryption
72:91:73:d3:80:03:2c:51:c1:24:ae:11:d3:60:9b:1d:f3:42:
ab:43:ee:d3:fa:60:69:25:96:44:02:81:f3:e8:04:37:c0:f0:
ef:19:65:c9:54:99:fe:b9:32:03:70:28:ea:7d:5d:cf:90:ed:
92:86:09:d6:3c:d3:b2:e9:8b:a6:54:20:e3:49:9f:9a:92:40:
e9:e6:fa:b8:e9:45:b8:a4:43:14:e7:79:a8:cc:b6:33:b1:e7:
35:b8:d5:a8:4e:e5:91:54:ed:1b:8e:5f:78:91:b9:da:80:05:
0d:94:87:b7:27:84:33:f0:a4:d0:bd:f2:15:f1:1a:33:6a:ef:
2b:d9:2f:2f:09:6b:70:69:0f:9c:41:c1:30:8c:9b:1b:4f:cb:
7e:e0:a4:c1:27:8e:f1:98:0d:be:02:58:31:2a:08:38:c8:df:
ae:f6:22:0b:13:30:d8:4c:bb:a4:19:35:cd:55:19:ce:07:de:
41:7e:ac:2c:31:c0:d6:53:91:45:5e:e7:9d:40:64:1e:d1:49:
e9:52:ba:3b:41:d4:a0:71:07:b4:cd:55:2a:18:5b:98:4e:57:
12:89:8b:e5:4a:69:cf:fe:18:92:83:a5:c4:2b:f8:a7:cd:77:
a4:e2:22:02:33:87:fd:f6:77:6e:9e:53:a8:a3:03:75:10:9b:
8a:73:28:ae
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzIAwLgPejYuIdz8weaXovGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0NDYwZDY1NTRkNTgxZWJiODBlMzllNDUwMTVjZDdkMzZk
OTNmNjYwHhcNMjQwMTAyMDIzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODg1OTcwNzMxNTIxMWE2OGQ5NmIwMTkwMGE2OGQ2YjA4OTFiMDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DHozrkqQ+vSg1jpveyhn1TgvZiI
Up88+vcz6jX6AfLMGsVkSn7jV21ZyN1b3BFhakwBo5b9mWsc12cLObOQRUWPOuur
PH6ihkcDtrBWT9Xsf2nF2L5AHhuV6sRlWyQSLxHYaPsox71QeyY7H2cbYHg81+Tw
KtyMWvPiyrRqZKoHRgSd9pxRZZ/IUJjad7sj95cvRsD3jC9+JFH44xyUcqQDIxXG
sp9xsta36sbTTT7FBM+GOnKvzXNDKKz1SIGxyiLmMEGfdPbChb1z0keeysMRe8s5
1ENjDMmx97SDjkNsiMSR2bkD6fMsue7b8WK9EShjgajS2fV5BWUkQbrfiQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFPiFlwcxUhGmjZawGQCmjWsIkbAkMB8GA1UdIwQY
MBaAFPRGDWVU1YHruA455FAVzX022T9mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUVZTlpWVFZnZXU0RGpua1VCWE5mVGJaUDJZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi80NTVmNTYtMWU2Zi00NjdkLWI3MTEt
ZWJkZjM4YjAwOTVjLzEvMS1JV1hCekZTRWFhTmxyQVpBS2FOYXdpUnNDUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWYvNDU1ZjU2LTFlNmYtNDY3ZC1iNzExLWViZGYzOGIwMDk1
Yy8xLzlFWU5aVlRWZ2V1NERqbmtVQlhOZlRiWlAyWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBXBggrBgEFBQcBBwEB/wRIMEYwRAQCAAEwPgMEAZW22DAM
AwQBlbiOAwQBlbiQAwQElbigAwQFlbjgAwQAlbmIAwQAlbnIAwQElb2gAwQDlb3A
AwQBlcM6MA0GCSqGSIb3DQEBCwUAA4IBAQBykXPTgAMsUcEkrhHTYJsd80KrQ+7T
+mBpJZZEAoHz6AQ3wPDvGWXJVJn+uTIDcCjqfV3PkO2ShgnWPNOy6YumVCDjSZ+a
kkDp5vq46UW4pEMU53mozLYzsec1uNWoTuWRVO0bjl94kbnagAUNlIe3J4Qz8KTQ
vfIV8Rozau8r2S8vCWtwaQ+cQcEwjJsbT8t+4KTBJ47xmA2+AlgxKgg4yN+u9iIL
EzDYTLukGTXNVRnOB95BfqwsMcDWU5FFXuedQGQe0UnpUro7QdSgcQe0zVUqGFuY
TlcSiYvlSmnP/hiSg6XEK/inzXek4iICM4f99ndunlOoowN1EJuKcyiu
-----END CERTIFICATE-----
Generated at Fri Jun 21 03:19:31 2024 by rpki-client on console-ams.rpki-client.org