Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/7sL1UBW9oIL-S5vfH1jOO3eYhUk.roa
File: 7sL1UBW9oIL-S5vfH1jOO3eYhUk.roa (raw, json)
Hash identifier: WnpcdVTaXzH616PZ8mN25gQu/poO33PVXu+tGiulqjA=
Subject key identifier: EE:C2:F5:50:15:BD:A0:82:FE:4B:9B:DF:1F:58:CE:3B:77:98:85:49
Certificate issuer: /CN=40e3581addd6b99dd8744b9e2886fbb02ae918e3
Certificate serial: 019426D99DEA9985323E372507E39A3F8750
Authority key identifier: 40:E3:58:1A:DD:D6:B9:9D:D8:74:4B:9E:28:86:FB:B0:2A:E9:18:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QONYGt3WuZ3YdEueKIb7sCrpGOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/7sL1UBW9oIL-S5vfH1jOO3eYhUk.roa
Signing time: Thu 02 Jan 2025 11:49:43 +0000
ROA not before: Thu 02 Jan 2025 11:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198257
IP address blocks: 185.153.0.0/22 maxlen: 22
185.153.0.0/24 maxlen: 24
185.153.1.0/24 maxlen: 24
185.153.2.0/24 maxlen: 24
185.153.3.0/24 maxlen: 24
2a03:aee0::/29 maxlen: 29
2a03:aee0::/32 maxlen: 32
2a03:aee1::/32 maxlen: 32
2a03:aee2::/32 maxlen: 32
2a03:aee3::/32 maxlen: 32
2a03:aee4::/32 maxlen: 32
2a03:aee5::/32 maxlen: 32
2a03:aee6::/32 maxlen: 32
2a03:aee7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/QONYGt3WuZ3YdEueKIb7sCrpGOM.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/QONYGt3WuZ3YdEueKIb7sCrpGOM.mft
rsync://rpki.ripe.net/repository/DEFAULT/QONYGt3WuZ3YdEueKIb7sCrpGOM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:9d:ea:99:85:32:3e:37:25:07:e3:9a:3f:87:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40e3581addd6b99dd8744b9e2886fbb02ae918e3
Validity
Not Before: Jan 2 11:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eec2f55015bda082fe4b9bdf1f58ce3b77988549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:88:bc:f7:e5:1c:15:75:67:45:2a:22:bf:4d:
09:99:9f:a5:62:9e:e7:c6:94:a5:d0:90:82:0c:93:
a1:27:48:b2:a7:12:f5:6b:70:16:95:1b:dd:41:ad:
ab:4d:f9:3a:cb:0e:77:8b:7f:73:8e:1d:f8:9f:01:
e1:72:24:d5:d8:24:9c:3b:5e:62:a0:8a:ad:53:87:
7d:0f:e6:fa:f9:b3:eb:94:3a:e5:9c:c1:f5:5f:bc:
9a:76:05:fc:35:bd:ce:19:03:c7:b8:df:7f:93:8a:
82:5c:09:f8:96:35:25:98:93:b5:3b:cd:dc:ee:41:
c6:f9:33:a1:5f:2b:a1:84:90:c4:e0:c7:74:05:5a:
5e:c6:9d:8a:65:f2:f8:1c:5b:b8:4f:d5:bf:2e:13:
37:72:d4:5c:f1:13:fd:bb:42:a5:b1:46:8d:f0:81:
df:43:78:15:68:b6:d6:a5:f2:22:d6:21:f8:ac:69:
1d:f1:d6:22:1b:ad:ac:1e:23:9e:f8:fd:5d:a4:ba:
af:a5:02:a8:e7:ca:b8:b4:7e:02:aa:95:a0:50:2a:
03:71:84:b3:fd:9e:06:5c:f1:06:d2:d6:5d:ca:a2:
e6:59:a7:0e:cf:68:4c:67:81:4a:5c:42:ed:5f:77:
eb:ad:bd:ea:d5:16:eb:57:83:eb:16:aa:b0:19:91:
66:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C2:F5:50:15:BD:A0:82:FE:4B:9B:DF:1F:58:CE:3B:77:98:85:49
X509v3 Authority Key Identifier:
keyid:40:E3:58:1A:DD:D6:B9:9D:D8:74:4B:9E:28:86:FB:B0:2A:E9:18:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QONYGt3WuZ3YdEueKIb7sCrpGOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/7sL1UBW9oIL-S5vfH1jOO3eYhUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/QONYGt3WuZ3YdEueKIb7sCrpGOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.0.0/22
IPv6:
2a03:aee0::/29
Signature Algorithm: sha256WithRSAEncryption
09:cf:55:d2:47:e4:e7:03:5b:05:a2:11:f7:b3:a9:35:e6:f8:
50:0b:7f:6d:25:8c:68:0f:22:22:87:e9:52:8b:5f:e4:67:aa:
96:e9:2f:ca:23:cd:7f:5e:10:4f:e2:6a:06:5e:50:22:90:44:
e2:70:96:cd:70:82:0d:3a:e5:ed:c1:79:1f:7e:8a:e1:98:33:
0a:4d:a1:28:05:34:c6:f0:14:39:f3:cd:07:71:47:0d:d3:70:
8e:c0:86:26:1b:ba:d4:99:a1:24:eb:43:4c:87:89:e9:fe:27:
b1:41:2c:64:43:f8:cf:c7:e1:45:1b:8a:f2:58:13:02:be:33:
16:de:30:60:f1:45:e7:8e:22:94:ad:c7:b5:c0:ec:01:01:fd:
cd:44:08:55:13:c0:26:1e:26:b3:1c:ee:7b:39:ef:ac:b2:76:
92:0a:f2:ed:11:c1:a1:3f:8c:ef:5a:a7:48:21:68:dd:74:33:
d9:e0:81:b7:e9:81:6f:33:a6:08:43:c5:6a:db:b0:02:50:2e:
8e:3a:20:3d:b7:13:1b:45:0a:36:8e:a9:3c:d5:db:9c:4a:f4:
56:76:2c:f3:da:03:4a:f5:c3:31:ae:64:3d:3c:c9:02:d6:2a:
ca:27:da:a9:c3:02:a5:e2:66:02:f9:b2:2d:8b:ca:18:06:6f:
a1:eb:f1:8d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2Z3qmYUyPjclB+OaP4dQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZTM1ODFhZGRkNmI5OWRkODc0NGI5ZTI4ODZmYmIwMmFl
OTE4ZTMwHhcNMjUwMTAyMTE0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWMyZjU1MDE1YmRhMDgyZmU0YjliZGYxZjU4Y2UzYjc3OTg4NTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA94i89+UcFXVnRSoiv00JmZ+lYp7n
xpSl0JCCDJOhJ0iypxL1a3AWlRvdQa2rTfk6yw53i39zjh34nwHhciTV2CScO15i
oIqtU4d9D+b6+bPrlDrlnMH1X7yadgX8Nb3OGQPHuN9/k4qCXAn4ljUlmJO1O83c
7kHG+TOhXyuhhJDE4Md0BVpexp2KZfL4HFu4T9W/LhM3ctRc8RP9u0KlsUaN8IHf
Q3gVaLbWpfIi1iH4rGkd8dYiG62sHiOe+P1dpLqvpQKo58q4tH4CqpWgUCoDcYSz
/Z4GXPEG0tZdyqLmWacOz2hMZ4FKXELtX3frrb3q1RbrV4PrFqqwGZFmQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO7C9VAVvaCC/kub3x9Yzjt3mIVJMB8GA1UdIwQY
MBaAFEDjWBrd1rmd2HRLniiG+7Aq6RjjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9OWUd0M1d1WjNZZEV1ZUtJYjdzQ3JwR09NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny81NTE1MjItN2FmYy00ODg2LWJhZTYt
ZmM1OWRlZGIxZDJiLzEvN3NMMVVCVzlvSUwtUzV2Zkgxak9PM2VZaFVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny81NTE1MjItN2FmYy00ODg2LWJhZTYtZmM1OWRlZGIxZDJi
LzEvUU9OWUd0M1d1WjNZZEV1ZUtJYjdzQ3JwR09NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZkAMA0E
AgACMAcDBQMqA67gMA0GCSqGSIb3DQEBCwUAA4IBAQAJz1XSR+TnA1sFohH3s6k1
5vhQC39tJYxoDyIih+lSi1/kZ6qW6S/KI81/XhBP4moGXlAikETicJbNcIINOuXt
wXkfforhmDMKTaEoBTTG8BQ5880HcUcN03COwIYmG7rUmaEk60NMh4np/iexQSxk
Q/jPx+FFG4ryWBMCvjMW3jBg8UXnjiKUrce1wOwBAf3NRAhVE8AmHiazHO57Oe+s
snaSCvLtEcGhP4zvWqdIIWjddDPZ4IG36YFvM6YIQ8Vq27ACUC6OOiA9txMbRQo2
jqk81ducSvRWdizz2gNK9cMxrmQ9PMkC1irKJ9qpwwKl4mYC+bIti8oYBm+h6/GN
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:04:20 2025 by rpki-client