Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/paHQnU_72UEU3zyrm-nyH4RC594.roa
File: paHQnU_72UEU3zyrm-nyH4RC594.roa (raw, json)
Hash identifier: NHUkVLEbrJsng7+lnxXwScpgatu3caawpNFyF1FdCac=
Subject key identifier: A5:A1:D0:9D:4F:FB:D9:41:14:DF:3C:AB:9B:E9:F2:1F:84:42:E7:DE
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 019006E38D7D8C79AB109CF76A6406CB32F6
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/paHQnU_72UEU3zyrm-nyH4RC594.roa
Signing time: Tue 11 Jun 2024 10:41:34 +0000
ROA not before: Tue 11 Jun 2024 10:41:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 148.253.239.0/24 maxlen: 24
148.253.240.0/24 maxlen: 24
148.253.241.0/24 maxlen: 24
148.253.242.0/24 maxlen: 24
148.253.243.0/24 maxlen: 24
148.253.249.0/24 maxlen: 24
148.253.250.0/24 maxlen: 24
151.249.90.0/24 maxlen: 24
151.249.91.0/24 maxlen: 24
163.171.77.0/24 maxlen: 24
163.171.90.0/24 maxlen: 24
163.171.91.0/24 maxlen: 24
163.171.246.0/24 maxlen: 24
163.171.247.0/24 maxlen: 24
163.171.251.0/24 maxlen: 24
163.171.253.0/24 maxlen: 24
163.171.254.0/24 maxlen: 24
185.27.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:06:e3:8d:7d:8c:79:ab:10:9c:f7:6a:64:06:cb:32:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Jun 11 10:41:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5a1d09d4ffbd94114df3cab9be9f21f8442e7de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:11:cd:39:c2:1a:81:52:34:bf:1c:cc:04:c9:
cc:91:93:cb:ec:f9:2c:6a:63:f1:63:64:1a:df:84:
07:ad:73:4d:e0:4f:f1:d0:bf:46:0b:7f:65:e5:68:
a8:83:3a:ae:40:f8:f0:5c:d7:0c:6c:ab:5d:d4:84:
24:2a:a7:05:00:35:e9:02:26:02:34:94:e6:92:c2:
c9:a3:94:c6:54:ec:62:d2:33:ee:b9:b7:b0:d0:b5:
11:a6:d3:5d:1d:6f:71:7a:0a:65:ed:94:79:34:6f:
84:dd:30:ad:69:99:aa:c6:9b:02:b9:91:96:e9:3d:
10:40:64:f6:8d:03:43:c1:d2:dd:eb:0a:13:04:60:
fe:df:81:eb:1e:16:49:80:b5:77:34:a5:38:1f:7f:
cb:ea:4b:c8:ed:24:62:9b:0f:5c:cd:19:25:ae:58:
a9:cf:b2:ef:b7:cc:9f:0c:2b:2d:6f:15:7c:35:3c:
59:b2:f6:e0:2d:3a:31:d0:d1:c1:f3:eb:6f:0e:9b:
f7:d1:aa:ec:d1:ac:26:19:f1:07:9a:b9:dc:e1:1e:
b2:73:6d:a4:38:c5:31:77:46:a4:5e:dd:ac:39:47:
e9:5f:ee:fd:81:94:21:a6:04:59:54:2f:4e:61:83:
a4:f5:f2:98:55:63:2d:fc:2a:52:14:d8:97:ed:d5:
b0:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A1:D0:9D:4F:FB:D9:41:14:DF:3C:AB:9B:E9:F2:1F:84:42:E7:DE
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/paHQnU_72UEU3zyrm-nyH4RC594.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.253.239.0-148.253.243.255
148.253.249.0-148.253.250.255
151.249.90.0/23
163.171.77.0/24
163.171.90.0/23
163.171.246.0/23
163.171.251.0/24
163.171.253.0-163.171.254.255
185.27.228.0/24
Signature Algorithm: sha256WithRSAEncryption
77:37:b0:a9:57:c1:3a:9c:a0:5d:66:b5:a6:ea:9b:42:f2:03:
b2:e6:1d:93:2c:56:0b:b4:a5:da:21:86:7d:76:e9:8d:fd:0a:
52:3e:77:d8:f7:dc:b4:48:4b:8b:c8:2a:67:e2:04:18:ed:68:
51:5e:0e:72:6e:64:93:76:c3:1a:7c:ee:93:f5:59:82:68:5e:
97:1a:44:16:6b:8d:ff:89:d5:09:39:a7:59:e1:91:81:5e:09:
00:7b:b0:1d:e1:97:f4:1a:a2:ee:5b:c6:91:bd:b0:c7:7b:89:
3d:2c:e6:2e:0b:9e:9c:22:2c:b5:e1:ec:1c:aa:d0:75:31:16:
78:54:47:2b:96:60:ad:d6:e3:bd:fa:9d:7d:93:de:e2:d3:78:
ed:fb:a5:56:93:ad:39:6a:fb:23:2c:e5:ad:04:b8:ec:51:e0:
66:37:15:a4:e3:f5:ec:9d:b3:4d:c5:1b:f7:2a:66:5a:9e:aa:
1e:cc:e5:8d:4f:88:c2:f2:60:90:ed:d6:7e:8e:ba:1c:a7:29:
e2:89:54:3d:75:bf:d3:63:eb:8f:6c:9f:c3:bf:ef:f6:0a:49:
9a:0a:5b:50:09:34:79:bd:27:dd:c2:4b:74:ab:48:a9:50:8d:
5d:c7:7d:4c:7e:07:08:ab:63:b3:f3:97:d8:ef:56:c8:3c:26:
0b:ad:4d:c3
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZAG4419jHmrEJz3amQGyzL2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQwNjExMTA0MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWExZDA5ZDRmZmJkOTQxMTRkZjNjYWI5YmU5ZjIxZjg0NDJlN2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BHNOcIagVI0vxzMBMnMkZPL7Pks
amPxY2Qa34QHrXNN4E/x0L9GC39l5WiogzquQPjwXNcMbKtd1IQkKqcFADXpAiYC
NJTmksLJo5TGVOxi0jPuubew0LURptNdHW9xegpl7ZR5NG+E3TCtaZmqxpsCuZGW
6T0QQGT2jQNDwdLd6woTBGD+34HrHhZJgLV3NKU4H3/L6kvI7SRimw9czRklrlip
z7Lvt8yfDCstbxV8NTxZsvbgLTox0NHB8+tvDpv30ars0awmGfEHmrnc4R6yc22k
OMUxd0akXt2sOUfpX+79gZQhpgRZVC9OYYOk9fKYVWMt/CpSFNiX7dWweQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFKWh0J1P+9lBFN88q5vp8h+EQufeMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvcGFIUW5VXzcyVUVVM3p5cm0tbnlINFJDNTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOMAwDBACU/e8D
BAKU/fAwDAMEAJT9+QMEAJT9+gMEAZf5WgMEAKOrTQMEAaOrWgMEAaOr9gMEAKOr
+zAMAwQAo6v9AwQAo6v+AwQAuRvkMA0GCSqGSIb3DQEBCwUAA4IBAQB3N7CpV8E6
nKBdZrWm6ptC8gOy5h2TLFYLtKXaIYZ9dumN/QpSPnfY99y0SEuLyCpn4gQY7WhR
Xg5ybmSTdsMafO6T9VmCaF6XGkQWa43/idUJOadZ4ZGBXgkAe7Ad4Zf0GqLuW8aR
vbDHe4k9LOYuC56cIiy14ewcqtB1MRZ4VEcrlmCt1uO9+p19k97i03jt+6VWk605
avsjLOWtBLjsUeBmNxWk4/XsnbNNxRv3KmZanqoezOWNT4jC8mCQ7dZ+jrocpyni
iVQ9db/TY+uPbJ/Dv+/2CkmaCltQCTR5vSfdwkt0q0ipUI1dx31MfgcIq2Oz85fY
71bIPCYLrU3D
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:55:15 2024 by rpki-client on console-ams.rpki-client.org