Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/_2K2vi77pOo8b2_2S2_IJDCWOhc.roa
File: _2K2vi77pOo8b2_2S2_IJDCWOhc.roa (raw, json)
Hash identifier: q1hDZfJx7WzVQT43LuVufsYFuRTNnG9BfN/qoe93kRU=
Subject key identifier: FF:62:B6:BE:2E:FB:A4:EA:3C:6F:6F:F6:4B:6F:C8:24:30:96:3A:17
Certificate issuer: /CN=b467367967dc763349fd0b50e31f75b823028590
Certificate serial: 01905175368BC9A18A50EF7EF3FA96B97155
Authority key identifier: B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/_2K2vi77pOo8b2_2S2_IJDCWOhc.roa
Signing time: Tue 25 Jun 2024 22:12:34 +0000
ROA not before: Tue 25 Jun 2024 22:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199484
IP address blocks: 185.153.248.0/22 maxlen: 22
185.153.248.0/24 maxlen: 24
185.153.249.0/24 maxlen: 24
185.153.250.0/24 maxlen: 24
185.153.251.0/24 maxlen: 24
185.155.148.0/24 maxlen: 24
185.155.149.0/24 maxlen: 24
2a07:89c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:51:75:36:8b:c9:a1:8a:50:ef:7e:f3:fa:96:b9:71:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b467367967dc763349fd0b50e31f75b823028590
Validity
Not Before: Jun 25 22:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff62b6be2efba4ea3c6f6ff64b6fc82430963a17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cb:c7:1f:1d:ef:b9:19:58:e1:4c:ae:62:07:
38:e3:85:32:e6:7f:fd:31:5b:93:f3:1a:0c:4b:92:
57:54:cb:db:03:0c:02:e3:96:ff:d0:40:50:31:17:
5d:19:b0:9c:41:56:44:40:d0:4e:00:66:d4:35:1a:
ad:bf:a4:fd:0a:8f:c9:76:ca:7e:21:0b:28:0c:77:
81:6a:01:4e:4a:ed:24:b9:69:5c:00:fd:d7:98:81:
8a:8a:43:b7:0f:ff:f6:a4:7e:54:27:70:38:46:db:
e8:30:bd:9f:ad:7e:f9:20:92:6b:90:83:96:cd:3c:
3c:22:72:f0:ca:73:cb:4d:08:03:cb:9d:f3:e1:e0:
30:2c:e2:e4:3d:de:fb:65:d4:7a:ec:ee:fa:82:bb:
60:fd:64:62:4b:53:b3:fd:0f:54:32:6d:a4:e7:35:
e6:7a:cd:c9:17:0e:78:82:a2:1e:26:7c:23:d5:46:
4c:aa:1f:99:ab:8c:f7:41:da:f5:cd:1e:ac:fa:04:
21:16:20:4b:1f:81:75:bd:cf:f8:ee:d5:a9:13:3e:
d8:29:a1:a2:a3:ea:a1:09:04:ac:01:31:bc:38:4e:
b4:90:8b:df:69:58:51:08:53:c7:f2:65:5d:97:d2:
8b:c0:a3:2e:a9:6b:b0:81:3e:5f:98:c9:43:b5:c1:
e7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:62:B6:BE:2E:FB:A4:EA:3C:6F:6F:F6:4B:6F:C8:24:30:96:3A:17
X509v3 Authority Key Identifier:
keyid:B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/_2K2vi77pOo8b2_2S2_IJDCWOhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.248.0/22
185.155.148.0/23
IPv6:
2a07:89c0::/48
Signature Algorithm: sha256WithRSAEncryption
a9:a9:49:47:14:36:72:71:fe:ee:d5:5f:c7:84:e3:f0:2c:14:
ab:53:aa:be:6f:c0:fc:e1:75:53:c3:68:ca:c1:40:27:c8:d1:
8c:d5:aa:7d:fa:f9:19:a0:af:de:43:1a:b0:47:21:c2:6d:c8:
e5:87:fb:3b:b7:5d:43:40:9f:c9:f9:20:b0:f3:54:16:21:26:
ae:db:5d:7d:be:8b:22:b0:5b:1e:d9:dc:5a:54:cb:9b:5a:a3:
55:32:c1:29:24:2b:39:a9:ed:b9:fe:50:c9:1d:e8:e8:6c:f7:
84:ef:eb:81:68:ba:2a:32:8e:1c:16:b7:12:79:67:99:d4:70:
68:99:43:73:56:8a:3d:b8:70:1f:be:5b:10:01:e8:13:08:43:
eb:90:74:40:27:03:db:ab:65:ec:ee:8b:23:58:28:2f:aa:75:
d4:14:68:06:0b:b6:0b:58:db:67:63:1e:b4:df:e3:47:6e:9a:
fb:c9:8e:19:ea:c4:4f:8f:2b:3f:b7:bc:41:08:ca:97:14:23:
97:47:27:dd:c0:62:6b:13:d5:fe:f0:db:dc:81:e0:d4:14:10:
6a:89:4f:68:a5:05:ee:a2:e6:dc:54:69:d7:f4:75:2f:0b:c7:
2e:d8:81:b6:1f:3b:e9:db:74:c2:ab:c9:22:8d:e4:68:c1:69:
92:01:1e:81
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZBRdTaLyaGKUO9+8/qWuXFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjczNjc5NjdkYzc2MzM0OWZkMGI1MGUzMWY3NWI4MjMw
Mjg1OTAwHhcNMjQwNjI1MjIxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjYyYjZiZTJlZmJhNGVhM2M2ZjZmZjY0YjZmYzgyNDMwOTYzYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcvHHx3vuRlY4UyuYgc444Uy5n/9
MVuT8xoMS5JXVMvbAwwC45b/0EBQMRddGbCcQVZEQNBOAGbUNRqtv6T9Co/Jdsp+
IQsoDHeBagFOSu0kuWlcAP3XmIGKikO3D//2pH5UJ3A4RtvoML2frX75IJJrkIOW
zTw8InLwynPLTQgDy53z4eAwLOLkPd77ZdR67O76grtg/WRiS1Oz/Q9UMm2k5zXm
es3JFw54gqIeJnwj1UZMqh+Zq4z3Qdr1zR6s+gQhFiBLH4F1vc/47tWpEz7YKaGi
o+qhCQSsATG8OE60kIvfaVhRCFPH8mVdl9KLwKMuqWuwgT5fmMlDtcHnuQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFP9itr4u+6TqPG9v9ktvyCQwljoXMB8GA1UdIwQY
MBaAFLRnNnln3HYzSf0LUOMfdbgjAoWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMt
YjgxMzczYzQwZGM5LzEvXzJLMnZpNzdwT284YjJfMlMyX0lKRENXT2hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMtYjgxMzczYzQwZGM5
LzEvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuZn4AwQB
uZuUMA8EAgACMAkDBwAqB4nAAAAwDQYJKoZIhvcNAQELBQADggEBAKmpSUcUNnJx
/u7VX8eE4/AsFKtTqr5vwPzhdVPDaMrBQCfI0YzVqn36+Rmgr95DGrBHIcJtyOWH
+zu3XUNAn8n5ILDzVBYhJq7bXX2+iyKwWx7Z3FpUy5tao1UywSkkKzmp7bn+UMkd
6Ohs94Tv64FouioyjhwWtxJ5Z5nUcGiZQ3NWij24cB++WxAB6BMIQ+uQdEAnA9ur
ZezuiyNYKC+qddQUaAYLtgtY22djHrTf40dumvvJjhnqxE+PKz+3vEEIypcUI5dH
J93AYmsT1f7w29yB4NQUEGqJT2ilBe6i5txUadf0dS8Lxy7YgbYfO+nbdMKrySKN
5GjBaZIBHoE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:18:27 2024 by rpki-client on console-fra.rpki-client.org