Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/fmIXez5TjXusNSKQqos2u_4kAhY.roa
File: fmIXez5TjXusNSKQqos2u_4kAhY.roa (raw, json)
Hash identifier: oYM1lsb3hPfzOPMEHz/cBW70gwXbfRXmcOJazhfg2K4=
Subject key identifier: 7E:62:17:7B:3E:53:8D:7B:AC:35:22:90:AA:8B:36:BB:FE:24:02:16
Certificate issuer: /CN=de87d35bdcab123affc1a91d1736867969709a23
Certificate serial: 018CC6B8F13026D0FF07154060B5C109D258
Authority key identifier: DE:87:D3:5B:DC:AB:12:3A:FF:C1:A9:1D:17:36:86:79:69:70:9A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/fmIXez5TjXusNSKQqos2u_4kAhY.roa
Signing time: Mon 01 Jan 2024 20:30:58 +0000
ROA not before: Mon 01 Jan 2024 20:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205638
IP address blocks: 185.211.157.0/24 maxlen: 24
185.211.159.0/24 maxlen: 24
185.211.156.0/24 maxlen: 24
185.211.158.0/23 maxlen: 23
185.211.156.0/22 maxlen: 22
185.211.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/3ofTW9yrEjr_wakdFzaGeWlwmiM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/3ofTW9yrEjr_wakdFzaGeWlwmiM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:f1:30:26:d0:ff:07:15:40:60:b5:c1:09:d2:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de87d35bdcab123affc1a91d1736867969709a23
Validity
Not Before: Jan 1 20:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e62177b3e538d7bac352290aa8b36bbfe240216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7d:9c:60:22:71:29:e0:e5:1f:7e:35:e9:6b:
ec:53:76:96:d1:ac:9d:d8:05:59:d8:0b:a7:8e:d1:
bc:02:c4:5c:6a:21:ce:8a:1b:8f:01:c1:35:5b:45:
4e:4c:94:7e:30:af:00:87:e0:8f:7f:f8:99:4d:27:
65:01:ac:c8:e9:3c:ad:0f:97:a1:8e:b0:f1:98:79:
7d:7e:4a:89:ac:82:73:64:fe:86:77:75:26:0e:0e:
71:61:70:2f:f5:36:30:63:69:38:0b:e9:d0:80:8a:
46:4d:26:f7:b3:2a:5b:93:95:ff:93:d2:22:6d:38:
77:1a:dd:fa:e4:ce:04:dd:97:bf:7d:35:b1:4f:bd:
cb:1a:0c:55:81:ee:e3:21:51:c4:3c:7c:96:b4:75:
d6:ec:3a:18:cf:5c:6b:d3:54:4c:95:15:44:8d:f6:
bf:90:a5:da:4d:43:ce:84:64:d1:5f:4f:6c:e7:90:
0d:34:8a:dd:a5:97:e5:ac:b3:b5:12:e8:3c:21:3b:
bc:c7:97:44:48:e9:cd:17:1a:60:d9:1c:31:db:2b:
71:80:d4:dd:64:06:2e:74:88:f4:c3:02:23:4b:25:
34:fb:52:7e:30:53:cb:57:c8:73:2e:e0:60:6e:ad:
ee:ce:a8:1e:d1:63:73:59:b8:7f:37:06:b1:54:16:
61:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:62:17:7B:3E:53:8D:7B:AC:35:22:90:AA:8B:36:BB:FE:24:02:16
X509v3 Authority Key Identifier:
keyid:DE:87:D3:5B:DC:AB:12:3A:FF:C1:A9:1D:17:36:86:79:69:70:9A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/fmIXez5TjXusNSKQqos2u_4kAhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/3ofTW9yrEjr_wakdFzaGeWlwmiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.156.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:e7:20:c2:5e:0b:07:36:a4:1a:e5:31:4e:c4:90:86:18:d5:
32:fa:20:dc:a8:77:1a:d7:2a:8f:9d:a1:4e:be:fc:39:71:3d:
25:98:8d:5d:5a:b1:8b:0c:82:fd:76:8f:ec:b3:30:b4:f0:92:
83:57:e1:d2:02:f2:2c:1d:50:c8:60:c5:da:cc:71:0c:fc:01:
f2:75:77:28:bd:fd:c8:9c:5b:73:b5:b8:2f:67:f1:cb:1b:c5:
7d:ab:d0:5d:2b:6a:e3:ff:7a:a6:26:71:ae:92:fb:c9:4b:de:
cd:78:ab:d0:0f:6a:2a:92:4c:d1:50:78:39:25:79:ac:2a:d7:
a7:dc:6e:48:83:14:3b:10:10:dc:49:5f:07:d3:72:44:4b:53:
8e:5b:05:8a:be:e4:d3:c9:b7:77:45:32:16:c5:56:81:9f:b8:
8d:a6:e0:02:96:8d:d4:da:5c:06:f1:c5:26:bf:01:13:68:8f:
a3:74:9a:37:2e:49:13:aa:74:a3:9c:d5:3f:da:aa:b3:c8:50:
8f:90:d4:e8:d0:65:59:f2:8d:30:5c:5d:16:01:ae:97:f6:80:
a9:d2:c7:08:97:d9:b9:53:b2:01:79:2d:c0:03:de:32:ca:2d:
c9:7c:2e:0b:ec:88:a9:c4:27:90:7a:52:a6:38:c8:d2:08:0d:
3e:39:82:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuPEwJtD/BxVAYLXBCdJYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODdkMzViZGNhYjEyM2FmZmMxYTkxZDE3MzY4Njc5Njk3
MDlhMjMwHhcNMjQwMTAxMjAzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTYyMTc3YjNlNTM4ZDdiYWMzNTIyOTBhYThiMzZiYmZlMjQwMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlH2cYCJxKeDlH3416WvsU3aW0ayd
2AVZ2AunjtG8AsRcaiHOihuPAcE1W0VOTJR+MK8Ah+CPf/iZTSdlAazI6TytD5eh
jrDxmHl9fkqJrIJzZP6Gd3UmDg5xYXAv9TYwY2k4C+nQgIpGTSb3sypbk5X/k9Ii
bTh3Gt365M4E3Ze/fTWxT73LGgxVge7jIVHEPHyWtHXW7DoYz1xr01RMlRVEjfa/
kKXaTUPOhGTRX09s55ANNIrdpZflrLO1Eug8ITu8x5dESOnNFxpg2Rwx2ytxgNTd
ZAYudIj0wwIjSyU0+1J+MFPLV8hzLuBgbq3uzqge0WNzWbh/NwaxVBZhPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH5iF3s+U417rDUikKqLNrv+JAIWMB8GA1UdIwQY
MBaAFN6H01vcqxI6/8GpHRc2hnlpcJojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29mVFc5eXJFanJfd2FrZEZ6YUdlV2x3bWlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS85MTA3MTYtZjI2Ni00N2YwLTliYWQt
YzIyMzkwZThkOWE2LzEvZm1JWGV6NVRqWHVzTlNLUXFvczJ1XzRrQWhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS85MTA3MTYtZjI2Ni00N2YwLTliYWQtYzIyMzkwZThkOWE2
LzEvM29mVFc5eXJFanJfd2FrZEZ6YUdlV2x3bWlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudOcMA0G
CSqGSIb3DQEBCwUAA4IBAQCi5yDCXgsHNqQa5TFOxJCGGNUy+iDcqHca1yqPnaFO
vvw5cT0lmI1dWrGLDIL9do/sszC08JKDV+HSAvIsHVDIYMXazHEM/AHydXcovf3I
nFtztbgvZ/HLG8V9q9BdK2rj/3qmJnGukvvJS97NeKvQD2oqkkzRUHg5JXmsKten
3G5IgxQ7EBDcSV8H03JES1OOWwWKvuTTybd3RTIWxVaBn7iNpuAClo3U2lwG8cUm
vwETaI+jdJo3LkkTqnSjnNU/2qqzyFCPkNTo0GVZ8o0wXF0WAa6X9oCp0scIl9m5
U7IBeS3AA94yyi3JfC4L7IipxCeQelKmOMjSCA0+OYJ7
-----END CERTIFICATE-----
Generated at Wed Jun 26 09:54:00 2024 by rpki-client on console-ams.rpki-client.org