Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/fl8HvhHMF8JruvZvy9GS-cNfh_Q.roa
File: fl8HvhHMF8JruvZvy9GS-cNfh_Q.roa (raw, json)
Hash identifier: NNSxCQsJouAcTw4w2r+9K2jDJBTda6X6pC5Zp0SKrNI=
Subject key identifier: 7E:5F:07:BE:11:CC:17:C2:6B:BA:F6:6F:CB:D1:92:F9:C3:5F:87:F4
Certificate issuer: /CN=40e3581addd6b99dd8744b9e2886fbb02ae918e3
Certificate serial: 018D7ADD3B1EA29BBB2164DF4A76BBDB4053
Authority key identifier: 40:E3:58:1A:DD:D6:B9:9D:D8:74:4B:9E:28:86:FB:B0:2A:E9:18:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QONYGt3WuZ3YdEueKIb7sCrpGOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/fl8HvhHMF8JruvZvy9GS-cNfh_Q.roa
Signing time: Mon 05 Feb 2024 20:02:15 +0000
ROA not before: Mon 05 Feb 2024 20:02:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198257
IP address blocks: 185.153.0.0/22 maxlen: 22
185.153.0.0/24 maxlen: 24
185.153.1.0/24 maxlen: 24
185.153.2.0/24 maxlen: 24
185.153.3.0/24 maxlen: 24
2a03:aee0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/QONYGt3WuZ3YdEueKIb7sCrpGOM.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/QONYGt3WuZ3YdEueKIb7sCrpGOM.mft
rsync://rpki.ripe.net/repository/DEFAULT/QONYGt3WuZ3YdEueKIb7sCrpGOM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:dd:3b:1e:a2:9b:bb:21:64:df:4a:76:bb:db:40:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40e3581addd6b99dd8744b9e2886fbb02ae918e3
Validity
Not Before: Feb 5 20:02:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e5f07be11cc17c26bbaf66fcbd192f9c35f87f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:96:69:05:b3:3a:e5:3d:b0:e0:08:7f:48:bc:
b5:5b:cd:ef:21:41:a0:8a:03:ce:99:97:a4:a1:22:
e3:73:34:ae:f6:7d:b3:75:fa:06:86:db:9f:26:6e:
a8:25:b6:ad:74:69:42:a3:0a:29:95:24:04:c0:e8:
2c:eb:39:26:8c:4f:66:66:cb:e1:6b:b8:92:63:f5:
60:e1:a0:2d:6c:07:b9:ab:ae:ef:78:5a:e6:b8:1d:
21:76:57:19:c1:44:eb:13:57:12:0a:05:d5:a2:76:
bf:fe:a9:8a:41:c9:fb:78:5a:aa:de:71:08:dc:d1:
6a:00:d9:7a:e6:39:9f:cc:31:55:bd:c7:5d:12:fa:
bc:c3:eb:68:e2:c1:01:d8:fc:d4:96:df:cc:fe:18:
a2:dc:03:66:65:1c:40:6f:0e:d9:10:84:98:dc:01:
e9:98:e8:e2:b4:2c:0f:7f:84:3c:c2:e2:56:21:ac:
6a:5d:fc:2d:7f:a5:61:92:2d:47:70:35:46:98:ec:
7a:58:a9:18:56:cb:87:64:26:0f:78:b0:9b:f6:8f:
8b:37:2d:ce:37:88:73:28:04:10:00:5d:92:3f:0d:
27:f8:a5:fb:c9:90:2f:d5:81:12:3b:03:68:50:6b:
5b:ed:aa:0e:d4:81:c0:2a:c8:9a:b3:5e:35:22:f6:
07:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:5F:07:BE:11:CC:17:C2:6B:BA:F6:6F:CB:D1:92:F9:C3:5F:87:F4
X509v3 Authority Key Identifier:
keyid:40:E3:58:1A:DD:D6:B9:9D:D8:74:4B:9E:28:86:FB:B0:2A:E9:18:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QONYGt3WuZ3YdEueKIb7sCrpGOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/fl8HvhHMF8JruvZvy9GS-cNfh_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/QONYGt3WuZ3YdEueKIb7sCrpGOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.0.0/22
IPv6:
2a03:aee0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:27:da:dc:11:08:c7:47:ad:59:42:af:8f:6a:c0:3b:6d:e2:
02:21:25:5c:e6:db:e2:d7:ea:61:a8:3f:5b:96:a2:53:38:09:
ad:b4:e1:cd:9b:5d:33:3e:fd:f8:22:a9:86:b9:0b:5f:8d:de:
dd:8e:e4:71:95:f4:52:33:75:18:0c:22:26:02:b3:ed:ad:58:
33:87:64:05:ee:f8:48:79:fc:36:07:33:35:aa:7b:66:b0:a4:
7a:1d:56:28:a7:b8:4d:cd:ae:27:6f:1d:ce:aa:57:75:f9:73:
03:d5:b9:e0:90:a6:57:ec:44:55:75:16:f6:0f:ce:dd:35:cb:
b4:12:52:d6:d5:4d:00:cb:19:af:43:88:c0:6e:77:ef:73:4b:
92:77:62:d3:d0:f8:1b:cb:77:5c:3c:04:f5:46:45:ef:eb:67:
80:cf:a8:bd:30:73:54:f9:b1:57:6e:98:98:99:92:13:04:fd:
8b:d1:8b:05:41:bd:57:0d:15:fe:c3:1f:e6:7d:9a:77:af:da:
96:e2:7d:c1:b2:90:bb:c2:1b:cf:1b:06:18:c2:7b:e1:6b:95:
46:48:c9:b5:bb:f2:85:62:76:91:be:66:0f:41:c9:e8:8c:82:
b3:b8:1e:2b:a2:72:3a:e0:dc:94:3b:2a:dd:30:9d:16:b9:bc:
dc:be:b8:08
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY163Tseopu7IWTfSna720BTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZTM1ODFhZGRkNmI5OWRkODc0NGI5ZTI4ODZmYmIwMmFl
OTE4ZTMwHhcNMjQwMjA1MjAwMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTVmMDdiZTExY2MxN2MyNmJiYWY2NmZjYmQxOTJmOWMzNWY4N2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJZpBbM65T2w4Ah/SLy1W83vIUGg
igPOmZekoSLjczSu9n2zdfoGhtufJm6oJbatdGlCowoplSQEwOgs6zkmjE9mZsvh
a7iSY/Vg4aAtbAe5q67veFrmuB0hdlcZwUTrE1cSCgXVona//qmKQcn7eFqq3nEI
3NFqANl65jmfzDFVvcddEvq8w+to4sEB2PzUlt/M/hii3ANmZRxAbw7ZEISY3AHp
mOjitCwPf4Q8wuJWIaxqXfwtf6Vhki1HcDVGmOx6WKkYVsuHZCYPeLCb9o+LNy3O
N4hzKAQQAF2SPw0n+KX7yZAv1YESOwNoUGtb7aoO1IHAKsias141IvYH2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH5fB74RzBfCa7r2b8vRkvnDX4f0MB8GA1UdIwQY
MBaAFEDjWBrd1rmd2HRLniiG+7Aq6RjjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9OWUd0M1d1WjNZZEV1ZUtJYjdzQ3JwR09NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny81NTE1MjItN2FmYy00ODg2LWJhZTYt
ZmM1OWRlZGIxZDJiLzEvZmw4SHZoSE1GOEpydXZadnk5R1MtY05maF9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny81NTE1MjItN2FmYy00ODg2LWJhZTYtZmM1OWRlZGIxZDJi
LzEvUU9OWUd0M1d1WjNZZEV1ZUtJYjdzQ3JwR09NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZkAMA0E
AgACMAcDBQMqA67gMA0GCSqGSIb3DQEBCwUAA4IBAQCfJ9rcEQjHR61ZQq+PasA7
beICISVc5tvi1+phqD9blqJTOAmttOHNm10zPv34IqmGuQtfjd7djuRxlfRSM3UY
DCImArPtrVgzh2QF7vhIefw2BzM1qntmsKR6HVYop7hNza4nbx3Oqld1+XMD1bng
kKZX7ERVdRb2D87dNcu0ElLW1U0AyxmvQ4jAbnfvc0uSd2LT0Pgby3dcPAT1RkXv
62eAz6i9MHNU+bFXbpiYmZITBP2L0YsFQb1XDRX+wx/mfZp3r9qW4n3BspC7whvP
GwYYwnvha5VGSMm1u/KFYnaRvmYPQcnojIKzuB4ronI64NyUOyrdMJ0WubzcvrgI
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:30:30 2024 by rpki-client on console-ams.rpki-client.org