Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/CRav-kAnaTCSWjonIP6cOo_clU4.roa
File: CRav-kAnaTCSWjonIP6cOo_clU4.roa (raw, json)
Hash identifier: Od07L82YLZboYvPIM3RWhbqLX4NNecCludMb4S+wlGM=
Subject key identifier: 09:16:AF:FA:40:27:69:30:92:5A:3A:27:20:FE:9C:3A:8F:DC:95:4E
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018CC7952FE2369AA74D81B7D36F44ECC9EF
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/CRav-kAnaTCSWjonIP6cOo_clU4.roa
Signing time: Tue 02 Jan 2024 00:31:32 +0000
ROA not before: Tue 02 Jan 2024 00:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3561
IP address blocks: 109.166.40.0/21 maxlen: 21
151.248.72.0/21 maxlen: 21
109.166.48.0/21 maxlen: 21
151.248.80.0/21 maxlen: 21
151.248.88.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.mft
rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 09:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:2f:e2:36:9a:a7:4d:81:b7:d3:6f:44:ec:c9:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Jan 2 00:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0916affa40276930925a3a2720fe9c3a8fdc954e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e2:8e:74:85:0a:8b:93:9a:b2:35:51:98:25:
e7:ff:e8:a9:be:3d:3f:f1:b9:cd:6e:59:b0:95:04:
a5:1e:58:89:ff:91:95:43:01:6a:84:5e:82:d5:70:
19:ec:3c:76:15:32:7b:53:32:04:a6:c9:4f:26:4a:
32:06:b1:c8:2e:f5:08:93:86:94:ce:a4:db:e2:81:
1d:39:51:2e:19:74:d5:c5:ce:89:62:c1:c8:c9:d6:
9e:b4:12:83:8a:c9:c4:ee:f6:e3:f0:a3:69:29:5c:
49:45:73:35:61:d6:b0:d7:79:1e:09:16:17:db:4a:
eb:8e:0a:13:36:03:de:94:4f:97:5b:14:90:ae:db:
25:32:d1:80:43:ef:3e:d7:f8:52:30:06:38:c7:b4:
3f:f4:5d:e8:b0:06:38:88:46:1c:21:c1:28:d2:96:
59:7a:3a:15:71:0b:a3:e0:f3:7e:fd:3c:61:cb:a6:
b5:2d:37:25:e5:86:98:ac:31:93:08:9e:c6:81:31:
b0:ed:40:3b:6f:35:85:a7:eb:aa:9f:e7:71:7c:75:
2c:6a:04:36:02:35:b8:2f:94:4b:e8:52:fe:21:26:
a9:f7:40:45:4d:e4:8a:69:57:97:f0:3d:4b:7a:aa:
7b:e9:07:bb:43:3b:d9:e8:38:0f:48:14:dd:37:b3:
cc:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:16:AF:FA:40:27:69:30:92:5A:3A:27:20:FE:9C:3A:8F:DC:95:4E
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/CRav-kAnaTCSWjonIP6cOo_clU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.166.40.0-109.166.55.255
151.248.72.0-151.248.91.255
Signature Algorithm: sha256WithRSAEncryption
80:5d:44:0b:cf:70:e8:0b:d2:65:36:a7:79:f3:42:c9:17:ac:
f2:aa:40:c7:ef:f1:b2:9c:ef:f8:5c:29:01:87:3e:79:77:17:
16:46:92:60:a0:7d:ff:9f:57:21:ee:f2:20:53:d6:77:fd:31:
e7:7e:19:c0:ee:bb:c6:b4:90:bb:9e:f3:a5:a6:78:e9:4a:cd:
a6:b1:f2:57:f6:55:80:1c:96:f8:f8:12:41:a0:64:c0:32:ac:
2c:73:c6:43:f1:c2:8c:22:1a:0d:db:82:32:d6:c4:f6:0f:cc:
d2:60:4b:e7:8a:0d:aa:86:5a:10:0c:b2:6d:e4:88:4b:06:0c:
c3:a1:34:86:bb:c9:1b:3b:c6:51:ea:96:87:a9:84:83:57:19:
9d:77:4f:da:5a:03:e5:e0:b3:b5:40:df:8b:26:c0:07:f8:bb:
4f:95:d0:38:8d:7a:4f:de:9c:b4:d5:a5:75:7a:1f:bd:7b:2b:
d6:29:a9:f8:2d:47:fc:88:32:70:45:15:c9:3c:cd:83:0e:b5:
e1:1f:54:2a:d4:36:05:ce:a3:58:b0:14:8c:fd:fd:29:ad:ce:
f8:73:5b:17:3a:0f:93:98:ab:18:3a:ab:4e:51:b5:59:45:45:
65:8a:fa:22:aa:00:c8:91:dd:3c:4f:30:44:74:d1:75:60:ec:
4d:80:29:38
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzHlS/iNpqnTYG3029E7MnvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjQwMTAyMDAzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTE2YWZmYTQwMjc2OTMwOTI1YTNhMjcyMGZlOWMzYThmZGM5NTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOKOdIUKi5OasjVRmCXn/+ipvj0/
8bnNblmwlQSlHliJ/5GVQwFqhF6C1XAZ7Dx2FTJ7UzIEpslPJkoyBrHILvUIk4aU
zqTb4oEdOVEuGXTVxc6JYsHIydaetBKDisnE7vbj8KNpKVxJRXM1Ydaw13keCRYX
20rrjgoTNgPelE+XWxSQrtslMtGAQ+8+1/hSMAY4x7Q/9F3osAY4iEYcIcEo0pZZ
ejoVcQuj4PN+/Txhy6a1LTcl5YaYrDGTCJ7GgTGw7UA7bzWFp+uqn+dxfHUsagQ2
AjW4L5RL6FL+ISap90BFTeSKaVeX8D1Leqp76Qe7QzvZ6DgPSBTdN7PMWQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAkWr/pAJ2kwklo6JyD+nDqP3JVOMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvQ1Jhdi1rQW5hVENTV2pvbklQNmNPb19jbFU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBANtpigD
BANtpjAwDAMEA5f4SAMEApf4WDANBgkqhkiG9w0BAQsFAAOCAQEAgF1EC89w6AvS
ZTanefNCyRes8qpAx+/xspzv+FwpAYc+eXcXFkaSYKB9/59XIe7yIFPWd/0x534Z
wO67xrSQu57zpaZ46UrNprHyV/ZVgByW+PgSQaBkwDKsLHPGQ/HCjCIaDduCMtbE
9g/M0mBL54oNqoZaEAyybeSISwYMw6E0hrvJGzvGUeqWh6mEg1cZnXdP2loD5eCz
tUDfiybAB/i7T5XQOI16T96ctNWldXofvXsr1imp+C1H/IgycEUVyTzNgw614R9U
KtQ2Bc6jWLAUjP39Ka3O+HNbFzoPk5irGDqrTlG1WUVFZYr6IqoAyJHdPE8wRHTR
dWDsTYApOA==
-----END CERTIFICATE-----
Generated at Mon May 6 18:16:40 2024 by rpki-client on console-fra.rpki-client.org