Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/1y4ieeYOOSzCcEbgscmBVBsEZJc.roa
File: 1y4ieeYOOSzCcEbgscmBVBsEZJc.roa (raw, json)
Hash identifier: IOa4fKA4b+HET4CGnIA34Y5CKIDMplT9sygUZcPfiAU=
Subject key identifier: D7:2E:22:79:E6:0E:39:2C:C2:70:46:E0:B1:C9:81:54:1B:04:64:97
Certificate issuer: /CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Certificate serial: 018CC2DAE10DEF9747F9B5D6C9CA2D8CD6AD
Authority key identifier: C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/1y4ieeYOOSzCcEbgscmBVBsEZJc.roa
Signing time: Mon 01 Jan 2024 02:29:33 +0000
ROA not before: Mon 01 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31593
IP address blocks: 46.33.32.0/21 maxlen: 21
46.33.40.0/22 maxlen: 22
46.33.56.0/22 maxlen: 22
2a03:1240:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jul 2024 07:02:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:e1:0d:ef:97:47:f9:b5:d6:c9:ca:2d:8c:d6:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Validity
Not Before: Jan 1 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d72e2279e60e392cc27046e0b1c981541b046497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:47:da:dc:07:e3:41:b7:19:1b:d6:99:2f:b6:
e1:38:14:9e:6f:79:65:85:3a:e1:fd:8e:b1:44:1d:
9d:95:a1:f8:27:b3:7f:36:37:c1:f4:21:35:2f:be:
87:a7:04:39:2d:4a:19:91:45:d9:c7:99:d5:3d:9f:
44:98:62:f8:d0:23:68:4e:65:55:4b:2a:8d:08:bb:
de:59:7d:1f:96:ca:9d:b1:36:db:ba:99:07:86:dd:
f8:52:ea:87:72:d0:81:48:fe:30:82:94:e7:0d:eb:
d6:e5:6d:37:dd:27:05:92:48:4f:4c:f2:94:a1:2e:
18:3b:bb:37:b0:c5:06:ad:74:3b:8d:25:8b:8f:d4:
28:8c:45:c5:52:d9:87:ef:88:9a:03:e1:d2:1f:84:
de:40:77:1b:a8:5f:6a:63:d7:34:1d:85:3d:3c:75:
46:e4:7e:bd:7e:78:91:c1:3a:e6:68:b9:a6:cc:ae:
3a:32:bf:67:36:57:cb:67:18:f5:ae:ff:93:51:8f:
24:eb:87:4d:43:8a:4c:ce:8d:50:87:ac:d5:cc:5c:
02:11:b8:fd:a0:88:a3:b4:38:e6:ec:cc:aa:d4:d0:
4b:60:a5:82:9f:5d:45:73:36:3d:68:6c:ce:a2:3b:
15:a2:b0:79:9b:f1:90:b0:f4:20:5b:26:27:c1:4a:
ad:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:2E:22:79:E6:0E:39:2C:C2:70:46:E0:B1:C9:81:54:1B:04:64:97
X509v3 Authority Key Identifier:
keyid:C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/1y4ieeYOOSzCcEbgscmBVBsEZJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.32.0-46.33.43.255
46.33.56.0/22
IPv6:
2a03:1240:2::/48
Signature Algorithm: sha256WithRSAEncryption
27:44:04:96:63:40:ed:ee:61:80:31:8e:7c:5e:b1:dd:1a:57:
4a:62:9d:f6:90:a1:58:d3:fe:1b:a7:ff:96:c8:0a:94:a7:b5:
58:47:d2:29:e5:1b:77:26:37:c2:16:86:27:54:12:cf:06:16:
85:4d:55:33:20:a4:f2:b3:6c:34:7d:e7:fa:74:6b:97:ff:51:
db:b4:94:c5:e9:2b:7b:48:a3:ff:23:ca:0c:2e:11:5c:e5:f4:
7e:8d:66:c4:1d:1b:dc:a2:c1:2b:5e:7f:23:1c:f1:b3:f2:19:
c9:6c:8e:43:98:4d:f9:5a:4c:70:5f:69:fd:8b:92:cb:c6:39:
d1:49:87:5e:3a:ba:50:3f:95:72:dd:b2:23:22:60:28:ff:12:
0b:b0:34:3a:61:1b:a8:bc:3e:5c:e3:b5:8c:6d:f2:e3:35:cc:
f5:58:2d:7f:be:60:c0:f6:ec:16:7a:79:db:92:7c:38:e7:00:
ac:31:0e:72:98:bf:29:cd:b8:b6:58:fb:b1:17:b8:94:e2:8f:
7e:36:59:60:11:31:5e:6f:28:19:f7:af:41:08:db:86:9c:dc:
66:49:9e:55:d9:46:e6:5b:ec:c8:e5:f6:f2:c5:ab:1d:67:ff:
b7:25:46:80:29:cf:1c:08:17:46:c0:5e:c9:1d:7f:b5:7c:61:
5e:0d:65:58
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzC2uEN75dH+bXWycotjNatMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYmY4ZjNlNjA5MDcyODg5ZTc0ZGQwZmI0ZTI3ZjliYWM0
N2IzYjAwHhcNMjQwMTAxMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzJlMjI3OWU2MGUzOTJjYzI3MDQ2ZTBiMWM5ODE1NDFiMDQ2NDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUfa3AfjQbcZG9aZL7bhOBSeb3ll
hTrh/Y6xRB2dlaH4J7N/NjfB9CE1L76HpwQ5LUoZkUXZx5nVPZ9EmGL40CNoTmVV
SyqNCLveWX0flsqdsTbbupkHht34UuqHctCBSP4wgpTnDevW5W033ScFkkhPTPKU
oS4YO7s3sMUGrXQ7jSWLj9QojEXFUtmH74iaA+HSH4TeQHcbqF9qY9c0HYU9PHVG
5H69fniRwTrmaLmmzK46Mr9nNlfLZxj1rv+TUY8k64dNQ4pMzo1Qh6zVzFwCEbj9
oIijtDjm7Myq1NBLYKWCn11FczY9aGzOojsVorB5m/GQsPQgWyYnwUqtsQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFNcuInnmDjkswnBG4LHJgVQbBGSXMB8GA1UdIwQY
MBaAFMG/jz5gkHKInnTdD7Tif5usR7OwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQt
MGQwZGEwZDEwNDMyLzEvMXk0aWVlWU9PU3pDY0ViZ3NjbUJWQnNFWkpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQtMGQwZGEwZDEwNDMy
LzEvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAUuISAD
BAIuISgDBAIuITgwDwQCAAIwCQMHACoDEkAAAjANBgkqhkiG9w0BAQsFAAOCAQEA
J0QElmNA7e5hgDGOfF6x3RpXSmKd9pChWNP+G6f/lsgKlKe1WEfSKeUbdyY3whaG
J1QSzwYWhU1VMyCk8rNsNH3n+nRrl/9R27SUxekre0ij/yPKDC4RXOX0fo1mxB0b
3KLBK15/Ixzxs/IZyWyOQ5hN+VpMcF9p/YuSy8Y50UmHXjq6UD+Vct2yIyJgKP8S
C7A0OmEbqLw+XOO1jG3y4zXM9Vgtf75gwPbsFnp525J8OOcArDEOcpi/Kc24tlj7
sRe4lOKPfjZZYBExXm8oGfevQQjbhpzcZkmeVdlG5lvsyOX28sWrHWf/tyVGgCnP
HAgXRsBeyR1/tXxhXg1lWA==
-----END CERTIFICATE-----
Generated at Thu Jul 4 11:54:10 2024 by rpki-client on console-ams.rpki-client.org