Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/4hvTF3GhymxK3VRwe79P8WWsBBY.roa
File: 4hvTF3GhymxK3VRwe79P8WWsBBY.roa (raw, json)
Hash identifier: 1eJJhQk8aaDmuQ1xotVqUTLn20jUyylAMiHuxkG9mLg=
Subject key identifier: E2:1B:D3:17:71:A1:CA:6C:4A:DD:54:70:7B:BF:4F:F1:65:AC:04:16
Certificate issuer: /CN=40e3581addd6b99dd8744b9e2886fbb02ae918e3
Certificate serial: 0190EE90C9C14686DE2A1759EB49085EAFB3
Authority key identifier: 40:E3:58:1A:DD:D6:B9:9D:D8:74:4B:9E:28:86:FB:B0:2A:E9:18:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QONYGt3WuZ3YdEueKIb7sCrpGOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/4hvTF3GhymxK3VRwe79P8WWsBBY.roa
Signing time: Fri 26 Jul 2024 10:23:04 +0000
ROA not before: Fri 26 Jul 2024 10:23:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198257
IP address blocks: 185.153.0.0/22 maxlen: 22
185.153.0.0/24 maxlen: 24
185.153.1.0/24 maxlen: 24
185.153.2.0/24 maxlen: 24
185.153.3.0/24 maxlen: 24
2a03:aee0::/29 maxlen: 29
2a03:aee0::/32 maxlen: 32
2a03:aee1::/32 maxlen: 32
2a03:aee2::/32 maxlen: 32
2a03:aee3::/32 maxlen: 32
2a03:aee4::/32 maxlen: 32
2a03:aee5::/32 maxlen: 32
2a03:aee6::/32 maxlen: 32
2a03:aee7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/QONYGt3WuZ3YdEueKIb7sCrpGOM.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/QONYGt3WuZ3YdEueKIb7sCrpGOM.mft
rsync://rpki.ripe.net/repository/DEFAULT/QONYGt3WuZ3YdEueKIb7sCrpGOM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ee:90:c9:c1:46:86:de:2a:17:59:eb:49:08:5e:af:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40e3581addd6b99dd8744b9e2886fbb02ae918e3
Validity
Not Before: Jul 26 10:23:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e21bd31771a1ca6c4add54707bbf4ff165ac0416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d5:75:05:46:23:ca:f5:5f:37:57:8a:4a:6a:
9e:49:1b:4b:09:fc:6c:8e:fe:d0:55:eb:7f:83:dc:
16:29:06:4f:b7:ad:b3:97:a5:27:6c:ce:41:0c:4f:
73:f6:1e:cd:d5:94:77:08:ed:bb:1e:00:ec:9f:01:
e3:6c:cd:c1:7d:6c:9e:a5:dd:b0:aa:00:12:4b:3c:
54:73:4a:86:24:e2:88:ff:7a:ff:29:03:ae:01:a9:
2e:7b:11:06:1b:82:98:bf:d7:b5:43:64:47:b8:53:
5c:bb:82:3e:b1:8a:28:f5:75:86:83:69:f6:ea:c2:
70:4e:bd:26:83:95:54:5a:d1:1d:eb:80:1b:fb:19:
8c:9b:eb:31:e8:ac:d2:b1:58:3b:84:ae:cc:55:33:
b3:9c:60:50:87:72:0b:35:54:8c:33:8b:73:8b:cd:
71:3b:3f:42:1a:e8:99:a6:32:f0:03:a3:c0:8f:e8:
7e:42:be:11:f8:d2:42:d8:82:d3:44:e3:39:11:a3:
77:5e:9e:18:ef:f9:f6:4e:5e:ce:2d:32:fc:20:5e:
11:ab:74:ba:43:a5:65:e0:6d:21:47:40:32:ca:ab:
ab:81:89:a3:16:7a:02:7f:0f:46:cd:2f:6c:58:f7:
c0:4f:87:da:5b:fb:4d:6a:90:4e:c7:a8:25:19:0a:
cf:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:1B:D3:17:71:A1:CA:6C:4A:DD:54:70:7B:BF:4F:F1:65:AC:04:16
X509v3 Authority Key Identifier:
keyid:40:E3:58:1A:DD:D6:B9:9D:D8:74:4B:9E:28:86:FB:B0:2A:E9:18:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QONYGt3WuZ3YdEueKIb7sCrpGOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/4hvTF3GhymxK3VRwe79P8WWsBBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/QONYGt3WuZ3YdEueKIb7sCrpGOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.0.0/22
IPv6:
2a03:aee0::/29
Signature Algorithm: sha256WithRSAEncryption
77:dd:09:e5:78:71:c3:8c:1a:c2:16:a4:4e:35:39:8e:d3:11:
32:84:13:fb:b6:26:a6:65:18:c9:15:f3:a0:c4:90:3b:aa:40:
23:d4:bf:f5:79:e2:22:03:bc:34:ea:e1:be:bd:c0:6c:fb:b1:
53:36:c4:b2:06:68:74:e7:76:4b:92:46:6f:9c:24:e5:17:2e:
1d:45:fd:59:32:32:83:3b:51:7d:24:7e:03:c4:54:19:e0:55:
45:57:56:eb:75:7f:69:18:df:3c:09:ce:92:fe:b9:34:ae:83:
92:d3:70:d6:39:41:52:16:c2:e6:a1:6d:28:a2:6d:79:56:97:
c6:04:85:02:37:dd:78:cd:fc:72:63:6b:0a:75:e1:1b:3f:6e:
43:d6:8b:a2:e8:86:f7:84:7b:a7:48:f0:c7:4c:2e:d8:fc:e6:
44:a7:7b:25:16:02:56:9c:de:c5:b2:1b:94:f0:81:ff:73:77:
42:40:a7:2d:40:b4:f2:8a:0d:5f:c1:5d:23:88:e9:94:72:49:
86:5d:32:db:7a:d6:98:7c:a2:74:81:1c:16:c4:37:07:9b:ad:
fd:96:b5:66:54:20:bd:47:98:b4:e2:31:d9:24:3d:67:49:b7:
bc:99:cb:a1:59:e0:24:b5:81:df:81:ee:fd:85:3c:6e:0c:1a:
c1:24:99:12
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZDukMnBRobeKhdZ60kIXq+zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZTM1ODFhZGRkNmI5OWRkODc0NGI5ZTI4ODZmYmIwMmFl
OTE4ZTMwHhcNMjQwNzI2MTAyMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjFiZDMxNzcxYTFjYTZjNGFkZDU0NzA3YmJmNGZmMTY1YWMwNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dV1BUYjyvVfN1eKSmqeSRtLCfxs
jv7QVet/g9wWKQZPt62zl6UnbM5BDE9z9h7N1ZR3CO27HgDsnwHjbM3BfWyepd2w
qgASSzxUc0qGJOKI/3r/KQOuAakuexEGG4KYv9e1Q2RHuFNcu4I+sYoo9XWGg2n2
6sJwTr0mg5VUWtEd64Ab+xmMm+sx6KzSsVg7hK7MVTOznGBQh3ILNVSMM4tzi81x
Oz9CGuiZpjLwA6PAj+h+Qr4R+NJC2ILTROM5EaN3Xp4Y7/n2Tl7OLTL8IF4Rq3S6
Q6Vl4G0hR0AyyqurgYmjFnoCfw9GzS9sWPfAT4faW/tNapBOx6glGQrP7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOIb0xdxocpsSt1UcHu/T/FlrAQWMB8GA1UdIwQY
MBaAFEDjWBrd1rmd2HRLniiG+7Aq6RjjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9OWUd0M1d1WjNZZEV1ZUtJYjdzQ3JwR09NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny81NTE1MjItN2FmYy00ODg2LWJhZTYt
ZmM1OWRlZGIxZDJiLzEvNGh2VEYzR2h5bXhLM1ZSd2U3OVA4V1dzQkJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny81NTE1MjItN2FmYy00ODg2LWJhZTYtZmM1OWRlZGIxZDJi
LzEvUU9OWUd0M1d1WjNZZEV1ZUtJYjdzQ3JwR09NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZkAMA0E
AgACMAcDBQMqA67gMA0GCSqGSIb3DQEBCwUAA4IBAQB33QnleHHDjBrCFqRONTmO
0xEyhBP7tiamZRjJFfOgxJA7qkAj1L/1eeIiA7w06uG+vcBs+7FTNsSyBmh053ZL
kkZvnCTlFy4dRf1ZMjKDO1F9JH4DxFQZ4FVFV1brdX9pGN88Cc6S/rk0roOS03DW
OUFSFsLmoW0oom15VpfGBIUCN914zfxyY2sKdeEbP25D1oui6Ib3hHunSPDHTC7Y
/OZEp3slFgJWnN7FshuU8IH/c3dCQKctQLTyig1fwV0jiOmUckmGXTLbetaYfKJ0
gRwWxDcHm639lrVmVCC9R5i04jHZJD1nSbe8mcuhWeAktYHfge79hTxuDBrBJJkS
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:39:04 2024 by rpki-client on console-ams.rpki-client.org