Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/45b2d9-e861-43ef-bcc0-e9975a0bdea7/1/IGmjWZMr976RnJNfoip55fMjjwM.roa
File: IGmjWZMr976RnJNfoip55fMjjwM.roa (raw, json)
Hash identifier: 5YsOgqf0aVWaQiWIcnBLMwCt2TxW87LLHeZh6gv8bEs=
Subject key identifier: 20:69:A3:59:93:2B:F7:BE:91:9C:93:5F:A2:2A:79:E5:F3:23:8F:03
Certificate issuer: /CN=a4434d6691e6e27c282caa37aff90f2bc54bf1e3
Certificate serial: 018CC86F6183BDEC0486529F4EDF0F7BAAA1
Authority key identifier: A4:43:4D:66:91:E6:E2:7C:28:2C:AA:37:AF:F9:0F:2B:C5:4B:F1:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pENNZpHm4nwoLKo3r_kPK8VL8eM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/45b2d9-e861-43ef-bcc0-e9975a0bdea7/1/IGmjWZMr976RnJNfoip55fMjjwM.roa
Signing time: Tue 02 Jan 2024 04:29:51 +0000
ROA not before: Tue 02 Jan 2024 04:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 37468
IP address blocks: 185.148.112.0/23 maxlen: 24
185.148.112.0/22 maxlen: 24
185.148.113.0/24 maxlen: 24
185.148.114.0/23 maxlen: 24
2a07:6040::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/45b2d9-e861-43ef-bcc0-e9975a0bdea7/1/pENNZpHm4nwoLKo3r_kPK8VL8eM.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/45b2d9-e861-43ef-bcc0-e9975a0bdea7/1/pENNZpHm4nwoLKo3r_kPK8VL8eM.mft
rsync://rpki.ripe.net/repository/DEFAULT/pENNZpHm4nwoLKo3r_kPK8VL8eM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:61:83:bd:ec:04:86:52:9f:4e:df:0f:7b:aa:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4434d6691e6e27c282caa37aff90f2bc54bf1e3
Validity
Not Before: Jan 2 04:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2069a359932bf7be919c935fa22a79e5f3238f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:cf:15:43:09:89:94:f6:5b:e2:47:49:33:dc:
dc:ad:f8:9d:3d:7d:ce:3e:78:42:84:59:b6:1f:bd:
99:dc:c5:05:9a:dc:56:86:dd:23:7a:95:77:44:f6:
ca:76:7f:bc:d0:a4:37:36:97:98:39:e4:8c:4d:ad:
94:44:e0:2d:3a:13:79:c7:c7:d0:25:8d:92:8a:23:
80:3a:d3:88:59:af:2d:c5:5b:b8:c1:c6:53:93:00:
74:a1:58:c5:70:d3:09:8f:f3:d3:13:27:1c:29:85:
84:d8:3f:64:f8:15:e6:07:8f:f1:8f:bb:5f:eb:59:
13:0f:d9:a3:51:05:ba:b1:ad:73:96:6a:e8:c9:54:
76:06:14:28:7d:cb:14:c3:90:1a:30:7d:2f:29:a0:
32:ac:7a:0e:ae:04:d0:f1:52:d1:41:8a:10:7c:6d:
f6:53:69:bf:91:5d:03:b4:e2:9a:37:78:cc:fd:c0:
b7:d6:b4:91:ef:78:d2:90:f7:83:e0:de:d2:4a:0b:
6a:86:5a:14:6a:a8:fd:c1:32:9c:29:c6:ec:70:d2:
8b:7b:61:5f:10:28:dd:cd:df:68:46:78:b4:22:f5:
76:fb:50:9a:c9:76:ed:81:b5:a0:9b:b4:61:c1:b7:
dd:ef:20:8c:82:7e:14:14:c0:7b:f6:a9:18:e4:7e:
6e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:69:A3:59:93:2B:F7:BE:91:9C:93:5F:A2:2A:79:E5:F3:23:8F:03
X509v3 Authority Key Identifier:
keyid:A4:43:4D:66:91:E6:E2:7C:28:2C:AA:37:AF:F9:0F:2B:C5:4B:F1:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pENNZpHm4nwoLKo3r_kPK8VL8eM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/45b2d9-e861-43ef-bcc0-e9975a0bdea7/1/IGmjWZMr976RnJNfoip55fMjjwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/45b2d9-e861-43ef-bcc0-e9975a0bdea7/1/pENNZpHm4nwoLKo3r_kPK8VL8eM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.112.0/22
IPv6:
2a07:6040::/29
Signature Algorithm: sha256WithRSAEncryption
0d:d9:bc:26:eb:33:e0:50:d2:7b:f2:fd:b9:1b:77:7e:7c:35:
82:07:90:c1:72:9c:80:53:df:78:55:42:83:8a:69:6c:67:4b:
ef:66:08:10:b1:8d:da:10:b6:8e:42:0a:9f:1e:a0:77:99:bb:
2a:53:ed:c8:61:80:51:ea:6f:f6:b3:aa:f8:3f:84:5a:d1:23:
3a:da:0c:d8:2c:ff:36:2e:fe:0b:5d:9c:64:2e:e1:02:2d:7a:
85:cb:d7:60:a6:7d:39:2d:d4:49:bf:e2:ea:e1:93:1e:72:6b:
c7:3a:81:8b:80:76:7d:90:42:ec:62:b6:8a:62:fb:84:4a:6e:
50:19:50:02:89:f3:e6:0e:83:2d:15:30:63:ba:16:3f:1e:c4:
35:56:52:79:fb:3f:a5:fc:d8:60:41:84:c1:b2:f2:02:3f:2a:
2d:76:99:87:e0:6b:11:c8:0b:a7:50:8b:3e:bf:cd:6d:f7:4c:
47:4c:4a:78:43:13:d4:10:cc:52:ab:33:08:65:e4:87:aa:cf:
fd:f0:05:70:4d:ac:14:df:9f:a3:22:ad:0b:43:7e:fe:32:9c:
ea:71:f3:05:c6:1e:ab:9b:1e:08:ae:85:a4:db:2d:55:82:20:
4a:c0:3b:f7:c8:b3:c3:a4:2e:d5:c8:4c:a6:9c:da:21:32:3f:
72:bd:85:b4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIb2GDvewEhlKfTt8Pe6qhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NDM0ZDY2OTFlNmUyN2MyODJjYWEzN2FmZjkwZjJiYzU0
YmYxZTMwHhcNMjQwMTAyMDQyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDY5YTM1OTkzMmJmN2JlOTE5YzkzNWZhMjJhNzllNWYzMjM4ZjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiM8VQwmJlPZb4kdJM9zcrfidPX3O
PnhChFm2H72Z3MUFmtxWht0jepV3RPbKdn+80KQ3NpeYOeSMTa2UROAtOhN5x8fQ
JY2SiiOAOtOIWa8txVu4wcZTkwB0oVjFcNMJj/PTEyccKYWE2D9k+BXmB4/xj7tf
61kTD9mjUQW6sa1zlmroyVR2BhQofcsUw5AaMH0vKaAyrHoOrgTQ8VLRQYoQfG32
U2m/kV0DtOKaN3jM/cC31rSR73jSkPeD4N7SSgtqhloUaqj9wTKcKcbscNKLe2Ff
ECjdzd9oRni0IvV2+1CayXbtgbWgm7Rhwbfd7yCMgn4UFMB79qkY5H5uywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCBpo1mTK/e+kZyTX6IqeeXzI48DMB8GA1UdIwQY
MBaAFKRDTWaR5uJ8KCyqN6/5DyvFS/HjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEVOTlpwSG00bndvTEtvM3Jfa1BLOFZMOGVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny80NWIyZDktZTg2MS00M2VmLWJjYzAt
ZTk5NzVhMGJkZWE3LzEvSUdtaldaTXI5NzZSbkpOZm9pcDU1Zk1qandNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny80NWIyZDktZTg2MS00M2VmLWJjYzAtZTk5NzVhMGJkZWE3
LzEvcEVOTlpwSG00bndvTEtvM3Jfa1BLOFZMOGVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZRwMA0E
AgACMAcDBQMqB2BAMA0GCSqGSIb3DQEBCwUAA4IBAQAN2bwm6zPgUNJ78v25G3d+
fDWCB5DBcpyAU994VUKDimlsZ0vvZggQsY3aELaOQgqfHqB3mbsqU+3IYYBR6m/2
s6r4P4Ra0SM62gzYLP82Lv4LXZxkLuECLXqFy9dgpn05LdRJv+Lq4ZMecmvHOoGL
gHZ9kELsYraKYvuESm5QGVACifPmDoMtFTBjuhY/HsQ1VlJ5+z+l/NhgQYTBsvIC
PyotdpmH4GsRyAunUIs+v81t90xHTEp4QxPUEMxSqzMIZeSHqs/98AVwTawU35+j
Iq0LQ37+MpzqcfMFxh6rmx4IroWk2y1VgiBKwDv3yLPDpC7VyEymnNohMj9yvYW0
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:36:21 2024 by rpki-client on console-ams.rpki-client.org