Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/etGJKZWJOHDMEHj_1-wALoeMZ6I.roa
File: etGJKZWJOHDMEHj_1-wALoeMZ6I.roa (raw, json)
Hash identifier: NQ4aG+sl/cPxukQQGkhj/zm4x86eGYA0nAuxZ8ljoCg=
Subject key identifier: 7A:D1:89:29:95:89:38:70:CC:10:78:FF:D7:EC:00:2E:87:8C:67:A2
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018E26D8DC2B23B2A10A69DDEA8D3CDF8A83
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/etGJKZWJOHDMEHj_1-wALoeMZ6I.roa
Signing time: Sun 10 Mar 2024 05:32:10 +0000
ROA not before: Sun 10 Mar 2024 05:32:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 148.253.239.0/24 maxlen: 24
148.253.240.0/24 maxlen: 24
148.253.241.0/24 maxlen: 24
148.253.242.0/24 maxlen: 24
148.253.243.0/24 maxlen: 24
148.253.249.0/24 maxlen: 24
148.253.250.0/24 maxlen: 24
151.249.90.0/24 maxlen: 24
151.249.91.0/24 maxlen: 24
163.171.77.0/24 maxlen: 24
163.171.90.0/24 maxlen: 24
163.171.91.0/24 maxlen: 24
163.171.246.0/24 maxlen: 24
163.171.247.0/24 maxlen: 24
163.171.251.0/24 maxlen: 24
163.171.253.0/24 maxlen: 24
163.171.254.0/24 maxlen: 24
185.27.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:26:d8:dc:2b:23:b2:a1:0a:69:dd:ea:8d:3c:df:8a:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Mar 10 05:32:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ad1892995893870cc1078ffd7ec002e878c67a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c0:41:31:e5:cd:61:e9:2f:14:d9:5e:cf:9b:
ee:7a:7e:0d:28:f2:18:18:26:32:97:78:b1:7a:84:
d5:81:26:20:7e:bd:ec:b1:64:3a:d8:b8:fa:82:2c:
2d:e6:1c:b6:61:be:b5:3f:2e:cf:64:42:48:05:07:
fe:ba:16:12:b4:10:a7:6a:a7:15:67:cc:02:01:a8:
f8:c8:dd:67:70:2e:39:4c:1c:24:11:7d:90:c1:1b:
15:18:c7:22:fd:e0:93:ae:d9:48:57:48:1b:48:88:
2d:9f:35:97:0a:88:db:52:2d:57:40:42:4b:c6:fe:
4c:a6:73:13:0d:b0:56:34:29:71:eb:46:7f:6a:30:
ff:dc:35:7b:b7:64:2b:68:cd:78:fe:0d:ee:fd:e4:
43:4d:67:26:48:0d:16:f2:d0:0c:58:ae:d7:fc:d6:
3e:c1:05:03:6d:ab:11:01:ea:ce:c8:52:2f:fd:2c:
16:47:53:07:88:81:e5:8a:04:3c:1b:d6:35:01:6d:
8e:a3:66:d0:61:01:7f:f3:28:d3:83:76:73:46:f1:
70:e1:10:50:3f:5f:b4:2c:61:88:d0:d9:0f:1c:6f:
98:5d:3b:bc:ff:7b:4f:4b:ab:34:d3:e0:ce:4f:1f:
41:2c:05:a7:cc:8e:b9:67:94:3e:b8:0f:4a:7e:be:
20:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:D1:89:29:95:89:38:70:CC:10:78:FF:D7:EC:00:2E:87:8C:67:A2
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/etGJKZWJOHDMEHj_1-wALoeMZ6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.253.239.0-148.253.243.255
148.253.249.0-148.253.250.255
151.249.90.0/23
163.171.77.0/24
163.171.90.0/23
163.171.246.0/23
163.171.251.0/24
163.171.253.0-163.171.254.255
185.27.228.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:15:4a:57:4b:e9:f9:e4:7c:07:0d:e5:4b:8f:6b:c8:d1:42:
4d:17:56:48:af:90:50:7d:5d:93:68:a1:2b:3c:58:61:a1:4a:
68:f0:1d:e0:32:64:83:42:cc:5f:a4:aa:41:2a:85:dc:a3:81:
72:ba:22:b1:8d:25:9f:67:23:66:6f:09:54:e0:c4:94:6b:f4:
5c:8d:1a:8c:c5:57:ca:eb:7b:1b:b0:11:bf:33:43:4b:59:e8:
7b:ae:48:a0:6b:08:d9:e7:83:08:8d:c5:c6:25:03:79:f3:f9:
35:6d:ce:a9:11:8f:70:4b:14:eb:6d:93:63:5a:8d:51:5e:7d:
33:58:a4:74:d3:1d:58:b4:e1:bb:f3:a3:69:3d:ba:57:ca:04:
a3:aa:a8:d8:53:e9:51:bc:c1:97:f4:2a:50:b4:42:25:36:1e:
01:a4:fa:f4:e5:ee:36:ef:f1:db:62:b4:97:88:10:83:79:39:
12:be:34:95:9b:7e:ed:1a:39:95:d4:bd:75:b7:f8:63:45:ec:
64:95:1a:8c:6a:1f:4d:fd:39:d8:60:47:5c:e1:71:de:c1:08:
c1:db:cd:74:ea:96:40:12:ea:ca:45:50:d2:b2:dc:84:cf:8c:
d2:8b:63:e3:ae:99:c8:92:64:91:10:95:36:75:54:0e:83:1c:
a3:5f:e4:ef
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY4m2NwrI7KhCmnd6o0834qDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQwMzEwMDUzMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWQxODkyOTk1ODkzODcwY2MxMDc4ZmZkN2VjMDAyZTg3OGM2N2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8BBMeXNYekvFNlez5vuen4NKPIY
GCYyl3ixeoTVgSYgfr3ssWQ62Lj6giwt5hy2Yb61Py7PZEJIBQf+uhYStBCnaqcV
Z8wCAaj4yN1ncC45TBwkEX2QwRsVGMci/eCTrtlIV0gbSIgtnzWXCojbUi1XQEJL
xv5MpnMTDbBWNClx60Z/ajD/3DV7t2QraM14/g3u/eRDTWcmSA0W8tAMWK7X/NY+
wQUDbasRAerOyFIv/SwWR1MHiIHligQ8G9Y1AW2Oo2bQYQF/8yjTg3ZzRvFw4RBQ
P1+0LGGI0NkPHG+YXTu8/3tPS6s00+DOTx9BLAWnzI65Z5Q+uA9Kfr4gDwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFHrRiSmViThwzBB4/9fsAC6HjGeiMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvZXRHSktaV0pPSERNRUhqXzEtd0FMb2VNWjZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOMAwDBACU/e8D
BAKU/fAwDAMEAJT9+QMEAJT9+gMEAZf5WgMEAKOrTQMEAaOrWgMEAaOr9gMEAKOr
+zAMAwQAo6v9AwQAo6v+AwQAuRvkMA0GCSqGSIb3DQEBCwUAA4IBAQCeFUpXS+n5
5HwHDeVLj2vI0UJNF1ZIr5BQfV2TaKErPFhhoUpo8B3gMmSDQsxfpKpBKoXco4Fy
uiKxjSWfZyNmbwlU4MSUa/RcjRqMxVfK63sbsBG/M0NLWeh7rkigawjZ54MIjcXG
JQN58/k1bc6pEY9wSxTrbZNjWo1RXn0zWKR00x1YtOG786NpPbpXygSjqqjYU+lR
vMGX9CpQtEIlNh4BpPr05e427/HbYrSXiBCDeTkSvjSVm37tGjmV1L11t/hjRexk
lRqMah9N/TnYYEdc4XHewQjB28106pZAEurKRVDSstyEz4zSi2PjrpnIkmSREJU2
dVQOgxyjX+Tv
-----END CERTIFICATE-----
Generated at Mon May 6 08:35:19 2024 by rpki-client on console-ams.rpki-client.org