Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/fSQqw8DS2jok8AD7NelVHaa4LLM.roa
File: fSQqw8DS2jok8AD7NelVHaa4LLM.roa (raw, json)
Hash identifier: 1kZgOFpblrmzdsZR/MUEmE7sBYKgHpi+xZMFMUB5NsY=
Subject key identifier: 7D:24:2A:C3:C0:D2:DA:3A:24:F0:00:FB:35:E9:55:1D:A6:B8:2C:B3
Certificate issuer: /CN=b4c41e59834da612d83ca24194f02ca6d7602448
Certificate serial: 0191F9B75BC0388231033267A8A99ABDA401
Authority key identifier: B4:C4:1E:59:83:4D:A6:12:D8:3C:A2:41:94:F0:2C:A6:D7:60:24:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tMQeWYNNphLYPKJBlPAsptdgJEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/fSQqw8DS2jok8AD7NelVHaa4LLM.roa
Signing time: Mon 16 Sep 2024 07:23:48 +0000
ROA not before: Mon 16 Sep 2024 07:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214666
IP address blocks: 185.133.160.0/22 maxlen: 22
185.133.160.0/23 maxlen: 23
185.133.162.0/23 maxlen: 23
2a12:ff40::/32 maxlen: 32
2a12:ff40::/33 maxlen: 33
2a12:ff40:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/tMQeWYNNphLYPKJBlPAsptdgJEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/tMQeWYNNphLYPKJBlPAsptdgJEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/tMQeWYNNphLYPKJBlPAsptdgJEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 20:19:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f9:b7:5b:c0:38:82:31:03:32:67:a8:a9:9a:bd:a4:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4c41e59834da612d83ca24194f02ca6d7602448
Validity
Not Before: Sep 16 07:23:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d242ac3c0d2da3a24f000fb35e9551da6b82cb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bd:1a:d3:a0:72:ab:06:33:ee:0e:c3:c4:65:
ff:5b:ca:0d:bb:2c:89:2c:74:f4:bf:8b:df:07:5c:
02:50:e8:bf:6e:2b:b1:be:4f:0d:bc:3f:0f:c7:7f:
ff:86:60:1d:7a:7b:26:f5:39:a0:80:de:8a:6f:bf:
65:7e:d6:29:39:1f:bc:a9:ec:7b:d6:73:c1:bc:f7:
73:f6:a6:bb:4c:70:ea:7e:37:62:31:c9:35:db:77:
e1:5b:47:82:55:d8:29:36:0c:1f:76:1e:cd:71:58:
90:74:98:5f:20:d5:ce:19:4d:32:2a:80:92:bf:69:
7c:29:a1:fe:e6:93:92:8d:af:f1:2a:9c:4e:12:10:
b7:97:1b:00:71:33:bb:d8:e2:bc:ff:39:18:0a:81:
06:44:fc:05:42:03:64:71:5f:e9:8a:11:f4:75:16:
25:29:82:59:2b:c2:9e:8d:a2:aa:21:89:1a:9d:7f:
06:74:26:b8:16:f2:b8:2a:8f:eb:5d:86:2f:f3:f9:
3e:0d:6e:d5:78:d5:fd:f1:5d:ad:f7:12:cf:68:39:
31:c0:2a:9a:c8:99:6a:c1:41:cb:4f:c8:e4:ca:73:
d3:79:62:d0:0f:33:41:b0:f1:d9:7a:c0:66:2d:f4:
1f:ef:16:cb:5a:18:57:fe:ba:c4:11:b7:7f:07:8f:
9b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:24:2A:C3:C0:D2:DA:3A:24:F0:00:FB:35:E9:55:1D:A6:B8:2C:B3
X509v3 Authority Key Identifier:
keyid:B4:C4:1E:59:83:4D:A6:12:D8:3C:A2:41:94:F0:2C:A6:D7:60:24:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tMQeWYNNphLYPKJBlPAsptdgJEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/fSQqw8DS2jok8AD7NelVHaa4LLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/tMQeWYNNphLYPKJBlPAsptdgJEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.160.0/22
IPv6:
2a12:ff40::/32
Signature Algorithm: sha256WithRSAEncryption
67:42:f5:8b:25:8b:24:08:c8:c6:a6:b1:91:84:7d:cb:9d:3b:
2d:a1:55:df:a6:f5:1c:76:3b:1b:11:39:c0:6b:3c:c9:5f:7e:
5d:62:9b:50:03:85:3e:3a:b3:60:8f:76:d4:35:f4:2a:42:e0:
64:1e:53:74:b6:a9:39:b1:4d:ab:53:c8:28:c9:e4:3e:81:94:
26:c7:59:3e:1f:80:2d:24:04:fb:c7:64:da:20:3a:0b:6a:c1:
2e:b8:15:90:9f:81:bf:61:4f:f3:9a:4d:e4:09:b5:a1:0e:e2:
d4:f6:aa:50:52:d2:3a:90:c2:86:91:67:24:6b:43:ba:e9:f4:
38:5d:63:8c:6b:e8:40:16:d9:36:45:e5:fe:ce:0f:27:74:f9:
6f:a4:5d:99:51:5e:50:be:05:4d:5a:3e:fd:a8:62:36:35:77:
65:2f:35:ff:10:0c:4a:52:a8:c1:5c:6b:2f:91:81:3e:c3:3d:
c0:4d:66:ae:82:30:5d:7c:bd:ee:22:53:5a:e3:e3:ef:6f:47:
85:e3:18:e2:42:c2:bb:7b:23:fe:7d:2e:7d:a4:6d:f1:b7:17:
da:2b:6b:68:7c:d0:87:ac:ce:7a:b6:61:da:5f:1b:76:fd:d5:
94:ea:9c:43:ba:64:e9:80:8c:f5:ba:3c:01:1d:5b:2c:0b:2b:
e7:1d:76:b2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZH5t1vAOIIxAzJnqKmavaQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YzQxZTU5ODM0ZGE2MTJkODNjYTI0MTk0ZjAyY2E2ZDc2
MDI0NDgwHhcNMjQwOTE2MDcyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDI0MmFjM2MwZDJkYTNhMjRmMDAwZmIzNWU5NTUxZGE2YjgyY2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAub0a06ByqwYz7g7DxGX/W8oNuyyJ
LHT0v4vfB1wCUOi/biuxvk8NvD8Px3//hmAdensm9TmggN6Kb79lftYpOR+8qex7
1nPBvPdz9qa7THDqfjdiMck123fhW0eCVdgpNgwfdh7NcViQdJhfINXOGU0yKoCS
v2l8KaH+5pOSja/xKpxOEhC3lxsAcTO72OK8/zkYCoEGRPwFQgNkcV/pihH0dRYl
KYJZK8KejaKqIYkanX8GdCa4FvK4Ko/rXYYv8/k+DW7VeNX98V2t9xLPaDkxwCqa
yJlqwUHLT8jkynPTeWLQDzNBsPHZesBmLfQf7xbLWhhX/rrEEbd/B4+bswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH0kKsPA0to6JPAA+zXpVR2muCyzMB8GA1UdIwQY
MBaAFLTEHlmDTaYS2DyiQZTwLKbXYCRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE1RZVdZTk5waExZUEtKQmxQQXNwdGRnSkVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hM2JhY2EtNDM3ZC00NjA3LTljMWEt
NTU3YTRjMzFlMDJlLzEvZlNRcXc4RFMyam9rOEFEN05lbFZIYWE0TExNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hM2JhY2EtNDM3ZC00NjA3LTljMWEtNTU3YTRjMzFlMDJl
LzEvdE1RZVdZTk5waExZUEtKQmxQQXNwdGRnSkVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYWgMA0E
AgACMAcDBQAqEv9AMA0GCSqGSIb3DQEBCwUAA4IBAQBnQvWLJYskCMjGprGRhH3L
nTstoVXfpvUcdjsbETnAazzJX35dYptQA4U+OrNgj3bUNfQqQuBkHlN0tqk5sU2r
U8goyeQ+gZQmx1k+H4AtJAT7x2TaIDoLasEuuBWQn4G/YU/zmk3kCbWhDuLU9qpQ
UtI6kMKGkWcka0O66fQ4XWOMa+hAFtk2ReX+zg8ndPlvpF2ZUV5QvgVNWj79qGI2
NXdlLzX/EAxKUqjBXGsvkYE+wz3ATWaugjBdfL3uIlNa4+Pvb0eF4xjiQsK7eyP+
fS59pG3xtxfaK2tofNCHrM56tmHaXxt2/dWU6pxDumTpgIz1ujwBHVssCyvnHXay
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:24:35 2024 by rpki-client on console-ams.rpki-client.org