Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/ad55e4-c0c9-4319-8bd8-04bc87a29e4d/1/jX76HCBI8HzCt6MaqwSWhd9ECvs.roa
File: jX76HCBI8HzCt6MaqwSWhd9ECvs.roa (raw, json)
Hash identifier: uFbBJ8h9GeCRHbD58fnZjmr/IyBqZVV/95/IaIo2QUA=
Subject key identifier: 8D:7E:FA:1C:20:48:F0:7C:C2:B7:A3:1A:AB:04:96:85:DF:44:0A:FB
Certificate issuer: /CN=0a1fdb80eff5bce1654ac8c6b922e781fd2d36a5
Certificate serial: 018CC94AA9DEDE41C4A8DADF939B3910031A
Authority key identifier: 0A:1F:DB:80:EF:F5:BC:E1:65:4A:C8:C6:B9:22:E7:81:FD:2D:36:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch_bgO_1vOFlSsjGuSLngf0tNqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/ad55e4-c0c9-4319-8bd8-04bc87a29e4d/1/jX76HCBI8HzCt6MaqwSWhd9ECvs.roa
Signing time: Tue 02 Jan 2024 08:29:22 +0000
ROA not before: Tue 02 Jan 2024 08:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36492
IP address blocks: 185.150.148.0/22 maxlen: 22
185.150.149.0/24 maxlen: 24
185.150.150.0/23 maxlen: 23
185.150.150.0/24 maxlen: 24
185.150.148.0/24 maxlen: 24
185.150.148.0/23 maxlen: 23
185.150.151.0/24 maxlen: 24
2a03:ace0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/ad55e4-c0c9-4319-8bd8-04bc87a29e4d/1/Ch_bgO_1vOFlSsjGuSLngf0tNqU.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/ad55e4-c0c9-4319-8bd8-04bc87a29e4d/1/Ch_bgO_1vOFlSsjGuSLngf0tNqU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ch_bgO_1vOFlSsjGuSLngf0tNqU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:a9:de:de:41:c4:a8:da:df:93:9b:39:10:03:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1fdb80eff5bce1654ac8c6b922e781fd2d36a5
Validity
Not Before: Jan 2 08:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d7efa1c2048f07cc2b7a31aab049685df440afb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:1a:b0:7c:98:4e:ca:97:3e:1b:a1:d8:7c:d5:
b9:22:33:58:44:fd:c0:84:c7:d7:02:58:ca:f4:33:
20:97:d9:36:f8:ec:5c:00:33:c7:78:6c:0f:12:3c:
d9:09:f4:a3:43:a6:2f:78:bd:4f:09:a9:7b:ae:20:
31:32:7d:fd:c7:cc:34:8d:96:46:b0:a8:95:05:be:
8e:28:7e:08:ba:74:83:18:58:8d:17:ea:2e:f1:7d:
e4:20:59:4b:7c:d1:1d:0f:43:80:34:77:bf:d1:83:
7e:a4:3e:e1:30:58:81:d9:58:97:d9:77:10:c6:bf:
a1:c5:10:12:5d:a9:60:91:0c:9b:50:f3:e7:41:cd:
e1:29:65:9e:28:54:87:98:b9:a1:5f:06:60:84:d2:
25:2a:bf:91:4a:17:69:59:8e:a3:de:dd:34:9f:9a:
ee:78:e5:5f:86:67:0d:77:84:5e:dc:84:4f:dd:7f:
6d:e2:bc:c5:77:39:b5:5b:87:30:3d:0b:59:f9:5d:
74:40:f2:cc:6b:45:5b:c0:3e:a2:08:02:08:0e:90:
6b:a9:d0:03:73:58:ee:1d:23:d0:d9:29:ff:c8:e8:
de:ca:eb:e6:99:b8:91:8f:11:3d:d7:ab:41:e2:3f:
19:29:46:c4:86:aa:77:e5:9f:2b:30:fc:01:b4:7e:
63:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:7E:FA:1C:20:48:F0:7C:C2:B7:A3:1A:AB:04:96:85:DF:44:0A:FB
X509v3 Authority Key Identifier:
keyid:0A:1F:DB:80:EF:F5:BC:E1:65:4A:C8:C6:B9:22:E7:81:FD:2D:36:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch_bgO_1vOFlSsjGuSLngf0tNqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ad55e4-c0c9-4319-8bd8-04bc87a29e4d/1/jX76HCBI8HzCt6MaqwSWhd9ECvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ad55e4-c0c9-4319-8bd8-04bc87a29e4d/1/Ch_bgO_1vOFlSsjGuSLngf0tNqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.148.0/22
IPv6:
2a03:ace0::/32
Signature Algorithm: sha256WithRSAEncryption
23:4d:d0:cf:44:cb:7b:c9:74:4d:7c:b3:e8:9e:29:76:96:e1:
25:6b:27:83:8e:17:dd:3c:e8:cc:6e:c3:7c:37:5b:34:ed:67:
65:9f:d7:a7:79:e9:65:ac:cb:1c:d3:78:69:9a:c2:8f:9d:76:
77:67:da:85:8a:21:52:4e:82:66:42:17:d0:e3:46:d6:25:e2:
90:2c:12:cd:7c:ad:9a:fc:0a:4b:09:6c:96:f8:aa:fb:9c:12:
d2:ed:21:6e:0b:a3:4d:f7:58:cd:5f:71:9a:84:1c:39:92:ff:
d2:24:69:c9:2e:45:2b:ab:54:d4:e2:ec:60:ff:1d:f2:91:eb:
e9:aa:2e:ac:5c:4f:55:89:6c:ab:8d:1e:2d:f1:b0:6d:ef:77:
bb:50:f0:31:d4:64:21:de:bb:9e:36:8f:d9:a1:ef:52:e0:e2:
46:c9:57:87:c9:17:eb:b0:5c:a8:86:91:bb:1c:43:f1:93:a5:
b4:a9:97:64:e1:63:84:a6:86:f0:ba:8f:10:e1:a7:84:5b:37:
47:70:2e:cd:a4:8d:c1:b2:05:83:d5:ce:2b:4f:29:94:fc:7a:
77:69:f9:f7:27:33:0c:a4:bb:4b:f7:41:f9:92:4a:68:47:0c:
28:27:a3:36:d8:01:ad:85:97:65:e0:51:ee:6f:fa:38:62:55:
2d:95:eb:9d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJSqne3kHEqNrfk5s5EAMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMWZkYjgwZWZmNWJjZTE2NTRhYzhjNmI5MjJlNzgxZmQy
ZDM2YTUwHhcNMjQwMTAyMDgyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDdlZmExYzIwNDhmMDdjYzJiN2EzMWFhYjA0OTY4NWRmNDQwYWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxqwfJhOypc+G6HYfNW5IjNYRP3A
hMfXAljK9DMgl9k2+OxcADPHeGwPEjzZCfSjQ6YveL1PCal7riAxMn39x8w0jZZG
sKiVBb6OKH4IunSDGFiNF+ou8X3kIFlLfNEdD0OANHe/0YN+pD7hMFiB2ViX2XcQ
xr+hxRASXalgkQybUPPnQc3hKWWeKFSHmLmhXwZghNIlKr+RShdpWY6j3t00n5ru
eOVfhmcNd4Re3IRP3X9t4rzFdzm1W4cwPQtZ+V10QPLMa0VbwD6iCAIIDpBrqdAD
c1juHSPQ2Sn/yOjeyuvmmbiRjxE916tB4j8ZKUbEhqp35Z8rMPwBtH5jPwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI1++hwgSPB8wrejGqsEloXfRAr7MB8GA1UdIwQY
MBaAFAof24Dv9bzhZUrIxrki54H9LTalMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2hfYmdPXzF2T0ZsU3NqR3VTTG5nZjB0TnFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9hZDU1ZTQtYzBjOS00MzE5LThiZDgt
MDRiYzg3YTI5ZTRkLzEvalg3NkhDQkk4SHpDdDZNYXF3U1doZDlFQ3ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9hZDU1ZTQtYzBjOS00MzE5LThiZDgtMDRiYzg3YTI5ZTRk
LzEvQ2hfYmdPXzF2T0ZsU3NqR3VTTG5nZjB0TnFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZaUMA0E
AgACMAcDBQAqA6zgMA0GCSqGSIb3DQEBCwUAA4IBAQAjTdDPRMt7yXRNfLPonil2
luElayeDjhfdPOjMbsN8N1s07Wdln9eneellrMsc03hpmsKPnXZ3Z9qFiiFSToJm
QhfQ40bWJeKQLBLNfK2a/ApLCWyW+Kr7nBLS7SFuC6NN91jNX3GahBw5kv/SJGnJ
LkUrq1TU4uxg/x3ykevpqi6sXE9ViWyrjR4t8bBt73e7UPAx1GQh3rueNo/Zoe9S
4OJGyVeHyRfrsFyohpG7HEPxk6W0qZdk4WOEpobwuo8Q4aeEWzdHcC7NpI3BsgWD
1c4rTymU/Hp3afn3JzMMpLtL90H5kkpoRwwoJ6M22AGthZdl4FHub/o4YlUtleud
-----END CERTIFICATE-----
Generated at Thu May 2 06:00:37 2024 by rpki-client on console-ams.rpki-client.org