Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/37c8ff-187f-4d91-b4d6-136656a3ede7/1/D22gMUPBHrETmpRU0eqH3y-tCDc.roa
File: D22gMUPBHrETmpRU0eqH3y-tCDc.roa (raw, json)
Hash identifier: zhmuEnJLrMIH0qYLabMhL09IHA4bgFG1dOSZSj8+SxQ=
Subject key identifier: 0F:6D:A0:31:43:C1:1E:B1:13:9A:94:54:D1:EA:87:DF:2F:AD:08:37
Certificate issuer: /CN=0f9ba06b6d22673f7f7b3d0f889f4720441b6e0c
Certificate serial: 0190219F1DE5292C5BDD3D5B9BEF51E3B380
Authority key identifier: 0F:9B:A0:6B:6D:22:67:3F:7F:7B:3D:0F:88:9F:47:20:44:1B:6E:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5uga20iZz9_ez0PiJ9HIEQbbgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/37c8ff-187f-4d91-b4d6-136656a3ede7/1/D22gMUPBHrETmpRU0eqH3y-tCDc.roa
Signing time: Sun 16 Jun 2024 15:16:34 +0000
ROA not before: Sun 16 Jun 2024 15:16:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200249
IP address blocks: 185.252.140.0/22 maxlen: 22
185.252.140.0/24 maxlen: 24
185.252.143.0/24 maxlen: 24
2a13:7840::/29 maxlen: 29
2a13:7840::/32 maxlen: 32
2a13:7847::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/37c8ff-187f-4d91-b4d6-136656a3ede7/1/D5uga20iZz9_ez0PiJ9HIEQbbgw.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/37c8ff-187f-4d91-b4d6-136656a3ede7/1/D5uga20iZz9_ez0PiJ9HIEQbbgw.mft
rsync://rpki.ripe.net/repository/DEFAULT/D5uga20iZz9_ez0PiJ9HIEQbbgw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:21:9f:1d:e5:29:2c:5b:dd:3d:5b:9b:ef:51:e3:b3:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f9ba06b6d22673f7f7b3d0f889f4720441b6e0c
Validity
Not Before: Jun 16 15:16:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f6da03143c11eb1139a9454d1ea87df2fad0837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b8:3a:a3:0b:e2:5e:d3:e5:5a:af:ee:5e:a9:
d9:d5:20:12:f1:9e:57:fa:97:c9:6e:b0:db:48:52:
a6:b1:95:b1:a5:41:c3:77:75:8c:b6:3f:09:2a:6d:
29:9a:5c:38:5a:fd:9f:be:79:02:30:07:3d:21:01:
ca:09:94:59:8b:48:ca:47:c5:73:e4:34:74:7b:0e:
17:da:46:07:ea:fb:48:9b:2c:2a:6a:1a:ba:c4:36:
6c:e4:70:ec:0c:62:53:23:d0:78:49:4f:1c:58:7a:
11:8f:fd:7c:f9:22:fe:ec:9e:f4:b9:4c:10:85:07:
aa:48:90:9e:c9:a9:0c:d8:1d:b2:0d:70:ee:52:12:
35:fb:13:17:59:f5:37:ae:67:70:cb:ab:35:c4:d1:
cc:8f:66:7b:72:bd:30:e8:fe:04:14:9d:6d:2a:03:
bf:37:03:e8:39:a6:d7:84:cb:d6:1f:df:6e:09:b9:
06:7d:cf:9e:b4:ff:96:5d:43:a9:3a:0e:d4:d3:ee:
fd:6c:37:da:68:4d:94:17:a0:86:94:ff:38:8b:f8:
0a:cf:e0:7d:2d:69:85:a0:31:c1:2e:ea:df:6f:bc:
c1:48:d0:db:fb:af:2c:ab:3c:5f:8a:73:e6:83:86:
09:d2:04:33:62:0c:79:68:8b:a3:47:2c:03:19:1d:
a2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:6D:A0:31:43:C1:1E:B1:13:9A:94:54:D1:EA:87:DF:2F:AD:08:37
X509v3 Authority Key Identifier:
keyid:0F:9B:A0:6B:6D:22:67:3F:7F:7B:3D:0F:88:9F:47:20:44:1B:6E:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5uga20iZz9_ez0PiJ9HIEQbbgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/37c8ff-187f-4d91-b4d6-136656a3ede7/1/D22gMUPBHrETmpRU0eqH3y-tCDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/37c8ff-187f-4d91-b4d6-136656a3ede7/1/D5uga20iZz9_ez0PiJ9HIEQbbgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.140.0/22
IPv6:
2a13:7840::/29
Signature Algorithm: sha256WithRSAEncryption
9a:38:22:1b:e0:06:9e:c6:ee:a0:f8:6e:88:9b:14:5f:75:60:
14:8c:63:fc:8f:30:0d:c6:cb:99:13:b0:3a:d6:f7:ac:3a:6b:
97:87:bf:f0:e0:2a:c7:d6:08:da:fd:35:c8:ec:34:ba:97:62:
14:3c:13:10:77:12:97:c0:25:1a:e9:f5:8d:81:32:88:d5:d6:
96:c9:8f:90:5e:70:34:22:d9:d4:da:0e:b5:fd:0d:e2:ce:07:
5c:aa:8b:ce:5a:73:99:f6:8c:5e:51:a2:b4:a0:62:da:2d:d2:
7a:07:06:2a:0c:e2:db:a8:ed:24:17:23:30:1b:97:bd:35:c7:
5e:e4:ae:a3:2a:ae:d2:e7:6e:4d:3d:34:c6:06:34:46:df:98:
6d:c1:ae:6c:10:dc:dc:2e:4f:03:88:5d:e9:3e:1e:67:8c:95:
a8:a4:74:40:e7:24:79:84:3e:42:cd:de:a1:da:ee:64:9d:72:
db:c9:be:e2:04:b8:0f:56:a2:6a:a6:4b:77:e8:5e:b3:1b:4f:
93:5c:7e:0a:61:a7:46:6f:a3:f9:b1:fb:c1:ba:a3:10:df:39:
79:0f:6f:e7:cb:4a:b2:4b:4d:b8:d6:d9:01:de:3b:78:f5:e0:
b5:a5:72:cf:4a:68:fb:27:b2:87:06:19:2b:48:fd:ea:11:18:
c5:78:de:cf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZAhnx3lKSxb3T1bm+9R47OAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOWJhMDZiNmQyMjY3M2Y3ZjdiM2QwZjg4OWY0NzIwNDQx
YjZlMGMwHhcNMjQwNjE2MTUxNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjZkYTAzMTQzYzExZWIxMTM5YTk0NTRkMWVhODdkZjJmYWQwODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrg6owviXtPlWq/uXqnZ1SAS8Z5X
+pfJbrDbSFKmsZWxpUHDd3WMtj8JKm0pmlw4Wv2fvnkCMAc9IQHKCZRZi0jKR8Vz
5DR0ew4X2kYH6vtImywqahq6xDZs5HDsDGJTI9B4SU8cWHoRj/18+SL+7J70uUwQ
hQeqSJCeyakM2B2yDXDuUhI1+xMXWfU3rmdwy6s1xNHMj2Z7cr0w6P4EFJ1tKgO/
NwPoOabXhMvWH99uCbkGfc+etP+WXUOpOg7U0+79bDfaaE2UF6CGlP84i/gKz+B9
LWmFoDHBLurfb7zBSNDb+68sqzxfinPmg4YJ0gQzYgx5aIujRywDGR2iMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA9toDFDwR6xE5qUVNHqh98vrQg3MB8GA1UdIwQY
MBaAFA+boGttImc/f3s9D4ifRyBEG24MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDV1Z2EyMGlaejlfZXowUGlKOUhJRVFiYmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zN2M4ZmYtMTg3Zi00ZDkxLWI0ZDYt
MTM2NjU2YTNlZGU3LzEvRDIyZ01VUEJIckVUbXBSVTBlcUgzeS10Q0RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zN2M4ZmYtMTg3Zi00ZDkxLWI0ZDYtMTM2NjU2YTNlZGU3
LzEvRDV1Z2EyMGlaejlfZXowUGlKOUhJRVFiYmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufyMMA0E
AgACMAcDBQMqE3hAMA0GCSqGSIb3DQEBCwUAA4IBAQCaOCIb4Aaexu6g+G6ImxRf
dWAUjGP8jzANxsuZE7A61vesOmuXh7/w4CrH1gja/TXI7DS6l2IUPBMQdxKXwCUa
6fWNgTKI1daWyY+QXnA0ItnU2g61/Q3izgdcqovOWnOZ9oxeUaK0oGLaLdJ6BwYq
DOLbqO0kFyMwG5e9Ncde5K6jKq7S525NPTTGBjRG35htwa5sENzcLk8DiF3pPh5n
jJWopHRA5yR5hD5Czd6h2u5knXLbyb7iBLgPVqJqpkt36F6zG0+TXH4KYadGb6P5
sfvBuqMQ3zl5D2/ny0qyS0241tkB3jt49eC1pXLPSmj7J7KHBhkrSP3qERjFeN7P
-----END CERTIFICATE-----
Generated at Wed Jun 26 17:33:34 2024 by rpki-client on console-fra.rpki-client.org