Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/FkyCI75uU_Ee-bHTb1kMRpdwhOY.roa
File: FkyCI75uU_Ee-bHTb1kMRpdwhOY.roa (raw, json)
Hash identifier: nHSSbDWo1NL8JVSHrfKO+NdG4CBHqNomtqnhwh8S6rw=
Subject key identifier: 16:4C:82:23:BE:6E:53:F1:1E:F9:B1:D3:6F:59:0C:46:97:70:84:E6
Certificate issuer: /CN=942f565ed16d8c337a8c8ab3cdc572ef1150f5a9
Certificate serial: 018CC94E6F8D2B632606C7A6624A4554B7E3
Authority key identifier: 94:2F:56:5E:D1:6D:8C:33:7A:8C:8A:B3:CD:C5:72:EF:11:50:F5:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/FkyCI75uU_Ee-bHTb1kMRpdwhOY.roa
Signing time: Tue 02 Jan 2024 08:33:29 +0000
ROA not before: Tue 02 Jan 2024 08:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198583
IP address blocks: 185.153.245.0/24 maxlen: 24
185.153.246.0/24 maxlen: 24
185.153.247.0/24 maxlen: 24
37.148.242.0/24 maxlen: 24
37.148.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.mft
rsync://rpki.ripe.net/repository/DEFAULT/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:6f:8d:2b:63:26:06:c7:a6:62:4a:45:54:b7:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=942f565ed16d8c337a8c8ab3cdc572ef1150f5a9
Validity
Not Before: Jan 2 08:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=164c8223be6e53f11ef9b1d36f590c46977084e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:33:49:88:5a:7e:cf:f2:74:63:4d:6c:cc:22:
3b:43:b4:bc:33:04:37:32:17:d7:fa:2f:85:4d:99:
5d:f9:1d:10:21:22:3c:48:3a:7c:c2:11:b8:af:65:
bd:37:0c:e9:e1:41:e8:d2:dd:26:34:2b:04:3f:9d:
22:96:bf:35:76:e3:8b:43:c1:7c:10:b1:78:d3:de:
36:6f:a5:cd:9c:d5:5f:1e:7b:db:79:8f:a3:2a:9a:
71:9b:f0:4d:84:a5:e5:24:b7:29:4d:28:e5:49:0a:
26:92:bb:0f:8e:43:97:e8:f8:e6:83:4a:eb:80:5e:
6a:f5:e0:15:c3:59:8f:cc:01:6a:08:fc:75:4f:e2:
eb:ae:1e:5a:16:8e:f1:29:65:21:69:1b:1a:da:61:
58:ef:4b:b8:ca:5e:81:20:48:9e:bf:6d:86:27:6c:
29:8a:32:62:94:95:45:db:50:6d:26:36:a5:35:9c:
2f:63:4a:d9:4f:cf:1a:f8:13:69:d0:19:8f:13:ab:
d5:7f:47:11:c9:4c:62:b2:66:58:9c:c1:6b:0f:e5:
b6:3f:60:50:20:26:05:a7:f1:11:20:95:40:ee:5f:
46:d0:4c:b7:82:16:93:0c:75:58:6b:b5:8b:a4:12:
3a:05:48:94:ae:3a:64:01:4c:f9:8b:55:4e:f4:c9:
10:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:4C:82:23:BE:6E:53:F1:1E:F9:B1:D3:6F:59:0C:46:97:70:84:E6
X509v3 Authority Key Identifier:
keyid:94:2F:56:5E:D1:6D:8C:33:7A:8C:8A:B3:CD:C5:72:EF:11:50:F5:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/FkyCI75uU_Ee-bHTb1kMRpdwhOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.242.0/23
185.153.245.0-185.153.247.255
Signature Algorithm: sha256WithRSAEncryption
12:0f:a3:84:4a:74:3f:cc:65:7f:7c:19:aa:12:c4:96:21:9c:
9a:f9:7d:29:12:71:b7:f8:fd:44:6f:00:c6:e9:1f:c2:f0:e0:
9c:b4:44:ed:ee:5e:22:16:78:57:55:a0:90:d3:92:81:c3:87:
96:fd:d9:98:46:ae:7c:4b:0c:6a:e9:94:07:18:0c:0e:df:d8:
56:4b:2a:14:02:7b:fd:45:39:03:b8:86:87:eb:2d:6d:b9:ec:
e2:13:20:8d:e1:a5:10:b8:04:90:76:c3:f4:93:51:b0:9e:21:
60:a6:47:09:3a:dd:b3:12:d2:fe:20:f3:be:10:d7:ff:f6:2c:
7c:f0:df:7a:68:ad:c1:95:f6:7e:30:34:a7:a9:01:11:0e:6d:
d1:b7:20:8a:65:90:0e:88:c6:8f:6e:4d:e4:0d:0f:71:b6:a1:
14:15:12:35:3a:9a:81:9d:f4:9e:fb:7f:5f:33:e6:4a:80:8b:
f1:b8:21:80:2b:c8:6f:fd:7f:c3:a0:90:86:15:3f:97:59:56:
4b:0b:78:c9:e6:72:33:36:94:64:06:b3:cc:9b:d3:37:3b:ad:
42:ad:e5:de:eb:45:fe:84:58:7a:aa:75:2f:57:e8:0a:ac:6a:
87:0c:0a:80:ce:a9:a3:93:05:25:c2:46:82:76:20:86:87:a6:
3f:4a:05:34
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzJTm+NK2MmBsemYkpFVLfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MmY1NjVlZDE2ZDhjMzM3YThjOGFiM2NkYzU3MmVmMTE1
MGY1YTkwHhcNMjQwMTAyMDgzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjRjODIyM2JlNmU1M2YxMWVmOWIxZDM2ZjU5MGM0Njk3NzA4NGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTNJiFp+z/J0Y01szCI7Q7S8MwQ3
MhfX+i+FTZld+R0QISI8SDp8whG4r2W9Nwzp4UHo0t0mNCsEP50ilr81duOLQ8F8
ELF40942b6XNnNVfHnvbeY+jKppxm/BNhKXlJLcpTSjlSQomkrsPjkOX6Pjmg0rr
gF5q9eAVw1mPzAFqCPx1T+Lrrh5aFo7xKWUhaRsa2mFY70u4yl6BIEiev22GJ2wp
ijJilJVF21BtJjalNZwvY0rZT88a+BNp0BmPE6vVf0cRyUxismZYnMFrD+W2P2BQ
ICYFp/ERIJVA7l9G0Ey3ghaTDHVYa7WLpBI6BUiUrjpkAUz5i1VO9MkQcQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBZMgiO+blPxHvmx029ZDEaXcITmMB8GA1UdIwQY
MBaAFJQvVl7RbYwzeoyKs83Fcu8RUPWpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEM5V1h0RnRqRE42aklxenpjVnk3eEZROWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy83ZjE2NDktMGM5ZC00MDVkLWExMzQt
NjZkMjUzNDMyZjVmLzEvRmt5Q0k3NXVVX0VlLWJIVGIxa01ScGR3aE9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy83ZjE2NDktMGM5ZC00MDVkLWExMzQtNjZkMjUzNDMyZjVm
LzEvbEM5V1h0RnRqRE42aklxenpjVnk3eEZROWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBJZTyMAwD
BAC5mfUDBAO5mfAwDQYJKoZIhvcNAQELBQADggEBABIPo4RKdD/MZX98GaoSxJYh
nJr5fSkScbf4/URvAMbpH8Lw4Jy0RO3uXiIWeFdVoJDTkoHDh5b92ZhGrnxLDGrp
lAcYDA7f2FZLKhQCe/1FOQO4hofrLW257OITII3hpRC4BJB2w/STUbCeIWCmRwk6
3bMS0v4g874Q1//2LHzw33porcGV9n4wNKepAREObdG3IIplkA6Ixo9uTeQND3G2
oRQVEjU6moGd9J77f18z5kqAi/G4IYAryG/9f8OgkIYVP5dZVksLeMnmcjM2lGQG
s8yb0zc7rUKt5d7rRf6EWHqqdS9X6AqsaocMCoDOqaOTBSXCRoJ2IIaHpj9KBTQ=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:48:29 2024 by rpki-client on console-fra.rpki-client.org