Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/1-h9jXoKhgeORC2XXX61PEE3EGmc.roa
File: 1-h9jXoKhgeORC2XXX61PEE3EGmc.roa (raw, json)
Hash identifier: T1zZeSeeycwF0MDW9wI+NIgS02Myckb76c8NnRJVmos=
Subject key identifier: FA:1F:63:5E:82:A1:81:E3:91:0B:65:D7:5F:AD:4F:10:4D:C4:1A:67
Certificate issuer: /CN=4fb2bb7bad50f1921810a028e78edd65f81f6a7d
Certificate serial: 018CC94D912C22E1E653CD0C112564C2388A
Authority key identifier: 4F:B2:BB:7B:AD:50:F1:92:18:10:A0:28:E7:8E:DD:65:F8:1F:6A:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T7K7e61Q8ZIYEKAo547dZfgfan0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/1-h9jXoKhgeORC2XXX61PEE3EGmc.roa
Signing time: Tue 02 Jan 2024 08:32:32 +0000
ROA not before: Tue 02 Jan 2024 08:32:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36131
IP address blocks: 185.22.40.0/24 maxlen: 24
185.22.41.0/24 maxlen: 24
185.22.42.0/24 maxlen: 24
185.22.43.0/24 maxlen: 24
5.150.158.0/24 maxlen: 24
5.150.159.0/24 maxlen: 24
5.150.156.0/24 maxlen: 24
5.150.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/T7K7e61Q8ZIYEKAo547dZfgfan0.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/T7K7e61Q8ZIYEKAo547dZfgfan0.mft
rsync://rpki.ripe.net/repository/DEFAULT/T7K7e61Q8ZIYEKAo547dZfgfan0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:91:2c:22:e1:e6:53:cd:0c:11:25:64:c2:38:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fb2bb7bad50f1921810a028e78edd65f81f6a7d
Validity
Not Before: Jan 2 08:32:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa1f635e82a181e3910b65d75fad4f104dc41a67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6f:8f:f0:32:c1:04:e6:e8:26:13:74:ec:c2:
da:22:4f:4b:92:4b:be:94:58:0c:2a:5d:92:f8:d0:
46:c0:ea:ee:37:b6:47:66:82:ff:98:be:7d:a2:27:
0f:58:18:cc:ff:cc:9d:53:af:47:e0:96:bc:f6:cb:
0e:04:77:cd:23:91:f7:6c:d7:8b:50:1e:06:e9:8d:
54:8b:b5:11:c2:e7:f1:fa:21:e1:0e:eb:20:d1:3e:
49:42:cb:77:8e:c0:b3:48:09:17:3f:d7:74:b6:2c:
20:7a:cb:de:6c:1b:e8:1b:dc:f2:67:06:9c:f3:06:
5b:01:f3:70:44:2a:3d:e5:4c:9a:f7:1b:2d:fd:83:
d7:97:57:46:a8:d5:7d:bd:4c:39:ec:97:42:16:01:
a1:06:d8:2a:ee:06:87:9e:26:15:67:87:f6:9f:8c:
cb:39:80:f2:81:30:3b:8a:0a:e2:e2:a8:0a:a8:64:
66:3f:b3:19:a4:30:81:e6:87:25:a6:8c:ea:f8:c5:
f3:e5:30:05:da:2b:5c:e9:fa:6c:00:ad:d9:50:02:
6e:0f:1d:df:1d:b5:8c:f5:2b:4b:7a:ff:c6:14:28:
10:b5:1d:f8:e1:0c:78:78:a5:45:eb:4c:12:34:53:
5f:57:a4:0e:a7:a8:78:46:cf:da:6c:c2:2f:c2:3f:
37:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:1F:63:5E:82:A1:81:E3:91:0B:65:D7:5F:AD:4F:10:4D:C4:1A:67
X509v3 Authority Key Identifier:
keyid:4F:B2:BB:7B:AD:50:F1:92:18:10:A0:28:E7:8E:DD:65:F8:1F:6A:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T7K7e61Q8ZIYEKAo547dZfgfan0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/1-h9jXoKhgeORC2XXX61PEE3EGmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/T7K7e61Q8ZIYEKAo547dZfgfan0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.150.156.0/22
185.22.40.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:8c:77:e9:8d:36:6d:ef:ad:22:b0:b1:1f:f2:41:33:6c:5b:
ef:1f:bb:d8:75:b1:a0:7e:68:6a:0e:d9:4a:3c:ef:62:9d:b1:
a0:89:3f:77:a1:07:48:2b:e6:46:a7:12:51:6f:89:ff:5d:58:
ea:07:27:5f:ee:2b:b6:c9:d8:0f:42:9e:a0:a9:bc:f7:e1:23:
88:99:21:b6:1c:9e:36:ce:2e:58:d5:10:2a:7b:84:4c:9a:9f:
d2:e1:be:1f:ce:fb:16:f2:fb:60:be:d9:12:ed:13:12:3b:f6:
f5:6b:37:f2:01:9c:b0:4a:79:02:36:ea:45:13:80:3d:46:53:
9c:36:58:04:b5:9b:c2:1a:92:0f:4a:b9:e8:f7:18:06:db:2a:
b3:81:53:97:2b:00:64:88:bd:88:20:35:18:6a:a4:42:82:45:
22:18:8b:5b:99:38:f8:8c:ae:b2:04:74:87:01:94:53:a0:8b:
96:36:4d:34:dd:59:c9:8f:f9:9f:d9:e8:17:18:7c:83:95:87:
30:73:62:66:0d:ed:de:d6:be:d5:bf:4b:0c:cc:cf:78:42:6b:
88:21:02:63:f0:c9:5b:ee:bf:8c:b6:84:ef:36:c4:6d:d1:ce:
8e:e3:6c:b1:85:c8:fa:34:6f:91:8e:c3:4a:13:e8:bd:d7:5a:
e9:88:fa:72
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzJTZEsIuHmU80MESVkwjiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYjJiYjdiYWQ1MGYxOTIxODEwYTAyOGU3OGVkZDY1Zjgx
ZjZhN2QwHhcNMjQwMTAyMDgzMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTFmNjM1ZTgyYTE4MWUzOTEwYjY1ZDc1ZmFkNGYxMDRkYzQxYTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAum+P8DLBBOboJhN07MLaIk9Lkku+
lFgMKl2S+NBGwOruN7ZHZoL/mL59oicPWBjM/8ydU69H4Ja89ssOBHfNI5H3bNeL
UB4G6Y1Ui7URwufx+iHhDusg0T5JQst3jsCzSAkXP9d0tiwgesvebBvoG9zyZwac
8wZbAfNwRCo95Uya9xst/YPXl1dGqNV9vUw57JdCFgGhBtgq7gaHniYVZ4f2n4zL
OYDygTA7igri4qgKqGRmP7MZpDCB5oclpozq+MXz5TAF2itc6fpsAK3ZUAJuDx3f
HbWM9StLev/GFCgQtR344Qx4eKVF60wSNFNfV6QOp6h4Rs/abMIvwj837wIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPofY16CoYHjkQtl11+tTxBNxBpnMB8GA1UdIwQY
MBaAFE+yu3utUPGSGBCgKOeO3WX4H2p9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDdLN2U2MVE4WklZRUtBbzU0N2RaZmdmYW4wLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9mZGEzODItNDI1Ny00MWMzLThlYzYt
MjdmYmM5OWVhM2M2LzEvMS1oOWpYb0toZ2VPUkMyWFhYNjFQRUUzRUdtYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmQvZmRhMzgyLTQyNTctNDFjMy04ZWM2LTI3ZmJjOTllYTNj
Ni8xL1Q3SzdlNjFROFpJWUVLQW81NDdkWmZnZmFuMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAgWWnAME
ArkWKDANBgkqhkiG9w0BAQsFAAOCAQEAs4x36Y02be+tIrCxH/JBM2xb7x+72HWx
oH5oag7ZSjzvYp2xoIk/d6EHSCvmRqcSUW+J/11Y6gcnX+4rtsnYD0KeoKm89+Ej
iJkhthyeNs4uWNUQKnuETJqf0uG+H877FvL7YL7ZEu0TEjv29Ws38gGcsEp5Ajbq
RROAPUZTnDZYBLWbwhqSD0q56PcYBtsqs4FTlysAZIi9iCA1GGqkQoJFIhiLW5k4
+IyusgR0hwGUU6CLljZNNN1ZyY/5n9noFxh8g5WHMHNiZg3t3ta+1b9LDMzPeEJr
iCECY/DJW+6/jLaE7zbEbdHOjuNssYXI+jRvkY7DShPovdda6Yj6cg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:08:35 2024 by rpki-client on console-ams.rpki-client.org