Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IRa40ysF7KSPb_0UZdvb1B7E4EE.roa
File: IRa40ysF7KSPb_0UZdvb1B7E4EE.roa (raw, json)
Hash identifier: AspfkgsJxuMvNsJ5mIVdNXG5W1QeQhUomyPgstQmCt8=
Subject key identifier: 21:16:B8:D3:2B:05:EC:A4:8F:6F:FD:14:65:DB:DB:D4:1E:C4:E0:41
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 018CC4938C1148DE2AF8D91CF94A83213E29
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IRa40ysF7KSPb_0UZdvb1B7E4EE.roa
Signing time: Mon 01 Jan 2024 10:30:53 +0000
ROA not before: Mon 01 Jan 2024 10:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20562
IP address blocks: 82.150.150.0/24 maxlen: 24
82.150.151.0/24 maxlen: 24
82.150.156.0/24 maxlen: 24
82.150.157.0/24 maxlen: 24
82.150.158.0/24 maxlen: 24
82.150.159.0/24 maxlen: 24
82.150.153.0/24 maxlen: 24
82.150.154.0/24 maxlen: 24
82.150.155.0/24 maxlen: 24
213.207.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8c:11:48:de:2a:f8:d9:1c:f9:4a:83:21:3e:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 10:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2116b8d32b05eca48f6ffd1465dbdbd41ec4e041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:93:a8:19:95:e3:fb:eb:54:04:04:2f:7d:63:
4a:ae:4f:b1:c8:52:6f:d2:6f:bc:2c:52:dd:8f:df:
cd:34:88:5b:a4:c5:5c:9e:a8:c4:68:9b:9e:75:24:
a8:13:46:6f:1c:bc:03:db:80:4b:54:01:30:dd:33:
66:37:68:20:bf:04:c4:8d:95:ba:1f:47:0e:6a:3a:
61:55:ec:a8:c7:7a:a4:02:34:d8:ac:cb:f7:3d:45:
58:43:22:71:e7:c4:1a:cf:9c:62:e8:81:e0:d4:6c:
55:51:71:5c:06:08:90:ec:90:6f:68:d8:f5:be:1e:
29:88:b5:4f:09:5c:3a:b8:06:ed:fd:1d:35:ed:31:
c4:f1:d4:ec:b5:01:0b:d0:74:db:4b:b3:47:54:79:
80:9b:cc:1d:2a:f3:c1:92:53:8b:ce:7f:43:37:ee:
0f:4e:af:8d:23:d6:eb:54:58:56:f7:90:15:bf:4d:
1c:df:5a:f5:9a:33:e2:81:72:64:60:b9:12:e4:4f:
20:09:ac:05:3d:2a:32:86:23:6f:f1:97:ba:c1:ed:
f9:30:1a:12:cd:88:49:f0:c1:b6:28:68:fd:96:0b:
70:d2:08:3e:74:56:de:39:9a:4f:03:33:81:ac:81:
0f:a4:e4:b8:55:7b:3e:1f:a7:b3:a4:30:f5:a1:0d:
3f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:16:B8:D3:2B:05:EC:A4:8F:6F:FD:14:65:DB:DB:D4:1E:C4:E0:41
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IRa40ysF7KSPb_0UZdvb1B7E4EE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.150.150.0/23
82.150.153.0-82.150.159.255
213.207.20.0/24
Signature Algorithm: sha256WithRSAEncryption
69:31:b4:49:49:4c:bc:7a:0c:43:71:2c:d6:4e:16:0e:e3:b0:
b9:ce:af:43:1c:d9:5a:b2:99:dd:96:f6:91:f8:31:5f:a6:35:
ca:73:d2:2d:58:be:81:42:d6:02:06:76:bc:60:8b:e0:e2:f1:
74:df:ed:6f:c8:00:9b:0f:16:00:74:95:8e:29:11:0b:59:f5:
73:36:73:3d:2d:0f:81:d3:b3:52:f1:fa:a6:b2:e6:cf:3f:9a:
71:32:14:63:b4:58:4e:30:a9:ee:e8:9d:ca:72:23:95:51:54:
d5:05:0e:5e:60:d0:b6:28:93:56:aa:70:2a:e5:d3:dc:45:3b:
ef:1e:28:fd:e4:f3:1c:c9:64:84:d2:75:cf:82:80:cb:b3:32:
70:5a:f0:f4:1d:17:74:84:0d:4a:ce:3d:10:59:db:56:75:7d:
3d:55:d5:1e:d4:a5:b4:d2:d3:eb:b0:20:cb:30:41:63:c9:b8:
6a:4c:37:90:92:b0:69:47:5d:83:ca:5b:d5:e7:24:13:b5:06:
f7:fa:4d:25:3c:8e:ad:da:ae:88:2f:27:f6:7d:06:6e:48:ee:
e8:99:e8:af:9d:7d:d4:b6:a5:61:31:a7:4a:2c:f6:d5:68:c8:
d2:30:22:0b:3e:42:26:8e:d8:74:76:35:9d:0e:12:ff:7b:71:
fc:94:b4:ba
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzEk4wRSN4q+Nkc+UqDIT4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTE2YjhkMzJiMDVlY2E0OGY2ZmZkMTQ2NWRiZGJkNDFlYzRlMDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZOoGZXj++tUBAQvfWNKrk+xyFJv
0m+8LFLdj9/NNIhbpMVcnqjEaJuedSSoE0ZvHLwD24BLVAEw3TNmN2ggvwTEjZW6
H0cOajphVeyox3qkAjTYrMv3PUVYQyJx58Qaz5xi6IHg1GxVUXFcBgiQ7JBvaNj1
vh4piLVPCVw6uAbt/R017THE8dTstQEL0HTbS7NHVHmAm8wdKvPBklOLzn9DN+4P
Tq+NI9brVFhW95AVv00c31r1mjPigXJkYLkS5E8gCawFPSoyhiNv8Ze6we35MBoS
zYhJ8MG2KGj9lgtw0gg+dFbeOZpPAzOBrIEPpOS4VXs+H6ezpDD1oQ0/2wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCEWuNMrBeykj2/9FGXb29QexOBBMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvSVJhNDB5c0Y3S1NQYl8wVVpkdmIxQjdFNEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBUpaWMAwD
BABSlpkDBAVSloADBADVzxQwDQYJKoZIhvcNAQELBQADggEBAGkxtElJTLx6DENx
LNZOFg7jsLnOr0Mc2Vqymd2W9pH4MV+mNcpz0i1YvoFC1gIGdrxgi+Di8XTf7W/I
AJsPFgB0lY4pEQtZ9XM2cz0tD4HTs1Lx+qay5s8/mnEyFGO0WE4wqe7oncpyI5VR
VNUFDl5g0LYok1aqcCrl09xFO+8eKP3k8xzJZITSdc+CgMuzMnBa8PQdF3SEDUrO
PRBZ21Z1fT1V1R7UpbTS0+uwIMswQWPJuGpMN5CSsGlHXYPKW9XnJBO1Bvf6TSU8
jq3arogvJ/Z9Bm5I7uiZ6K+dfdS2pWExp0os9tVoyNIwIgs+QiaO2HR2NZ0OEv97
cfyUtLo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:51:13 2024 by rpki-client on console-fra.rpki-client.org