Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/ce7ce8-a60d-4f56-bb0e-d5d37aa9b604/1/9IimDrBQFog7IGTWeROgcEGgYdU.roa
File: 9IimDrBQFog7IGTWeROgcEGgYdU.roa (raw, json)
Hash identifier: kZL674bH0ghQLTTdIhfxzfvzbO4dlX87MH/CCrJqfw8=
Subject key identifier: F4:88:A6:0E:B0:50:16:88:3B:20:64:D6:79:13:A0:70:41:A0:61:D5
Certificate issuer: /CN=31e0f99bcdccd7ffe72bd35c344bcd032ff74f73
Certificate serial: 018CC5DCDE018FCC54BE131542E699A5D222
Authority key identifier: 31:E0:F9:9B:CD:CC:D7:FF:E7:2B:D3:5C:34:4B:CD:03:2F:F7:4F:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MeD5m83M1__nK9NcNEvNAy_3T3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/ce7ce8-a60d-4f56-bb0e-d5d37aa9b604/1/9IimDrBQFog7IGTWeROgcEGgYdU.roa
Signing time: Mon 01 Jan 2024 16:30:35 +0000
ROA not before: Mon 01 Jan 2024 16:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211466
IP address blocks: 185.153.163.0/24 maxlen: 24
185.153.160.0/24 maxlen: 24
185.153.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/ce7ce8-a60d-4f56-bb0e-d5d37aa9b604/1/MeD5m83M1__nK9NcNEvNAy_3T3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/ce7ce8-a60d-4f56-bb0e-d5d37aa9b604/1/MeD5m83M1__nK9NcNEvNAy_3T3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/MeD5m83M1__nK9NcNEvNAy_3T3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:de:01:8f:cc:54:be:13:15:42:e6:99:a5:d2:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31e0f99bcdccd7ffe72bd35c344bcd032ff74f73
Validity
Not Before: Jan 1 16:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f488a60eb05016883b2064d67913a07041a061d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:da:81:d0:57:1a:42:1e:85:6c:d9:76:ca:cb:
0a:24:05:44:07:13:a8:7d:a5:9f:90:fd:7a:0c:6a:
30:ca:cd:71:e3:78:f9:71:3d:4b:55:a6:98:04:ba:
ac:6e:c0:cd:fe:43:a9:c1:10:85:63:e0:e4:dc:f4:
f0:7a:65:96:87:22:83:1f:51:5f:2b:66:e4:50:5e:
a1:cf:52:8f:fd:d1:7f:1d:c1:45:66:af:54:ac:1e:
cd:60:e1:a5:8a:1d:bd:df:10:ed:98:fa:b2:9d:ac:
a8:e3:ad:be:91:30:a1:29:ea:5d:2b:98:4b:4c:9d:
2e:29:0a:b6:3c:9f:39:eb:c6:0d:a5:f7:b7:32:1f:
6f:e2:08:bd:ba:de:38:9f:5c:2b:d5:eb:ca:71:40:
98:73:bb:f0:46:e2:a3:94:d0:6b:a0:9b:fd:a3:2d:
8b:3c:9c:7e:35:0f:e8:9d:e0:42:2a:a8:f0:0a:ef:
d9:ed:34:5d:ac:af:10:a2:4d:3a:e6:af:45:87:57:
c5:57:ba:43:59:dd:7d:40:2f:ad:54:e2:b8:2e:2a:
7c:61:a0:73:2e:ce:01:a4:74:41:2e:c8:52:66:75:
a4:00:67:e0:90:31:6a:26:dd:b7:e1:28:34:56:19:
cb:17:07:fd:68:92:89:93:5d:71:90:6f:f1:da:98:
20:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:88:A6:0E:B0:50:16:88:3B:20:64:D6:79:13:A0:70:41:A0:61:D5
X509v3 Authority Key Identifier:
keyid:31:E0:F9:9B:CD:CC:D7:FF:E7:2B:D3:5C:34:4B:CD:03:2F:F7:4F:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MeD5m83M1__nK9NcNEvNAy_3T3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/ce7ce8-a60d-4f56-bb0e-d5d37aa9b604/1/9IimDrBQFog7IGTWeROgcEGgYdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/ce7ce8-a60d-4f56-bb0e-d5d37aa9b604/1/MeD5m83M1__nK9NcNEvNAy_3T3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.160.0/23
185.153.163.0/24
Signature Algorithm: sha256WithRSAEncryption
70:79:ea:af:7d:a7:c2:d2:20:e8:4e:80:f7:27:9a:51:1b:28:
a1:18:05:28:f8:1b:a7:48:e7:ef:3d:b0:2a:49:0b:dd:37:2b:
83:2c:1b:21:c7:ac:98:cb:45:89:e4:97:1f:12:1f:42:e8:7e:
4f:61:29:40:9b:35:77:80:14:f7:90:80:df:66:09:fb:d7:d3:
fd:c2:6b:ef:03:89:82:1a:c6:75:38:29:5e:51:f0:37:9f:9a:
19:fa:72:79:b8:63:33:9f:30:0a:8d:40:a0:f4:19:d1:42:d6:
eb:d7:c0:60:d7:73:c6:e1:9a:58:ec:0e:88:f1:de:55:d1:02:
a4:a2:70:d4:bc:e3:3b:45:45:aa:fb:9e:18:28:bf:87:73:40:
f0:ec:4b:23:9d:2f:ba:41:f0:49:31:d4:50:54:e6:0e:55:36:
11:0a:43:70:65:40:17:0d:90:ca:b0:2b:c1:ab:f4:0a:a0:2f:
ab:14:aa:d0:4a:2e:0d:20:be:69:2c:c2:c4:5f:1a:7c:c5:c3:
51:cb:27:19:f7:d7:2c:5a:09:4e:7b:ab:97:7f:7d:e4:3b:31:
61:ec:a4:55:76:97:fb:81:19:b1:7f:3d:32:be:a7:d1:ee:08:
94:33:14:c3:15:72:12:97:4b:b8:1d:a0:ca:45:e4:06:32:5a:
1e:19:a5:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3N4Bj8xUvhMVQuaZpdIiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZTBmOTliY2RjY2Q3ZmZlNzJiZDM1YzM0NGJjZDAzMmZm
NzRmNzMwHhcNMjQwMTAxMTYzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDg4YTYwZWIwNTAxNjg4M2IyMDY0ZDY3OTEzYTA3MDQxYTA2MWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9qB0FcaQh6FbNl2yssKJAVEBxOo
faWfkP16DGowys1x43j5cT1LVaaYBLqsbsDN/kOpwRCFY+Dk3PTwemWWhyKDH1Ff
K2bkUF6hz1KP/dF/HcFFZq9UrB7NYOGlih293xDtmPqynayo462+kTChKepdK5hL
TJ0uKQq2PJ8568YNpfe3Mh9v4gi9ut44n1wr1evKcUCYc7vwRuKjlNBroJv9oy2L
PJx+NQ/oneBCKqjwCu/Z7TRdrK8Qok065q9Fh1fFV7pDWd19QC+tVOK4Lip8YaBz
Ls4BpHRBLshSZnWkAGfgkDFqJt234Sg0VhnLFwf9aJKJk11xkG/x2pggUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPSIpg6wUBaIOyBk1nkToHBBoGHVMB8GA1UdIwQY
MBaAFDHg+ZvNzNf/5yvTXDRLzQMv909zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWVENW04M00xX19uSzlOY05Fdk5BeV8zVDNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9jZTdjZTgtYTYwZC00ZjU2LWJiMGUt
ZDVkMzdhYTliNjA0LzEvOUlpbURyQlFGb2c3SUdUV2VST2djRUdnWWRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9jZTdjZTgtYTYwZC00ZjU2LWJiMGUtZDVkMzdhYTliNjA0
LzEvTWVENW04M00xX19uSzlOY05Fdk5BeV8zVDNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuZmgAwQA
uZmjMA0GCSqGSIb3DQEBCwUAA4IBAQBweeqvfafC0iDoToD3J5pRGyihGAUo+Bun
SOfvPbAqSQvdNyuDLBshx6yYy0WJ5JcfEh9C6H5PYSlAmzV3gBT3kIDfZgn719P9
wmvvA4mCGsZ1OCleUfA3n5oZ+nJ5uGMznzAKjUCg9BnRQtbr18Bg13PG4ZpY7A6I
8d5V0QKkonDUvOM7RUWq+54YKL+Hc0Dw7EsjnS+6QfBJMdRQVOYOVTYRCkNwZUAX
DZDKsCvBq/QKoC+rFKrQSi4NIL5pLMLEXxp8xcNRyycZ99csWglOe6uXf33kOzFh
7KRVdpf7gRmxfz0yvqfR7giUMxTDFXISl0u4HaDKReQGMloeGaUo
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:51:26 2024 by rpki-client on console-fra.rpki-client.org