Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/PRj46GS4FRSUdbriVMw_x0uHG1I.roa
File: PRj46GS4FRSUdbriVMw_x0uHG1I.roa (raw, json)
Hash identifier: 5ixJX4E7/RbBSCRKsXc0IY4iM+Ff9d4WyJlULjCg7iI=
Subject key identifier: 3D:18:F8:E8:64:B8:15:14:94:75:BA:E2:54:CC:3F:C7:4B:87:1B:52
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018EC97FE913AB69C613397F7E412451D2DD
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/PRj46GS4FRSUdbriVMw_x0uHG1I.roa
Signing time: Wed 10 Apr 2024 19:33:06 +0000
ROA not before: Wed 10 Apr 2024 19:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 46.149.173.0/24 maxlen: 24
91.246.56.0/24 maxlen: 24
91.246.62.0/24 maxlen: 24
194.59.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c9:7f:e9:13:ab:69:c6:13:39:7f:7e:41:24:51:d2:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 10 19:33:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d18f8e864b815149475bae254cc3fc74b871b52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:9b:ec:db:e6:d1:79:42:06:84:1d:21:c6:aa:
ae:21:62:84:1d:cd:2d:64:30:23:3a:28:36:30:4c:
25:f1:8a:52:41:df:d8:69:d5:0c:8e:7a:d2:e8:04:
4c:3a:e2:1c:ce:ce:bd:64:22:e3:d0:3e:44:e7:d6:
b4:5f:97:6f:4c:09:be:03:e3:73:aa:d2:0d:54:1a:
94:a7:93:40:1d:6c:87:8a:cf:cb:dc:11:6b:a2:e8:
02:c0:d7:a9:4b:e3:e9:ec:99:2f:5c:1b:6b:dc:f7:
87:e1:e8:3a:47:2f:49:e3:87:7d:ff:9f:15:bc:59:
c9:4f:0f:38:7e:47:86:47:55:7d:8e:4a:20:cc:23:
71:30:00:d3:3e:39:e6:eb:8c:82:8e:86:41:0d:6e:
42:42:88:f4:56:30:17:d2:99:68:65:04:e9:6a:39:
51:74:99:be:64:a9:95:89:78:e3:3e:b1:65:b3:b5:
60:30:11:8f:3e:cd:6d:6e:0b:28:d0:26:2e:38:7c:
06:33:05:1c:1a:96:6b:00:1f:85:78:a7:c8:6d:1c:
65:d5:da:00:12:92:84:21:4c:6f:b0:10:ff:d0:56:
13:78:11:0e:7a:b2:08:2f:6c:27:51:07:2a:cf:47:
33:f9:0c:2e:02:20:60:6e:e5:be:1e:75:0a:47:6c:
18:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:18:F8:E8:64:B8:15:14:94:75:BA:E2:54:CC:3F:C7:4B:87:1B:52
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/PRj46GS4FRSUdbriVMw_x0uHG1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.173.0/24
91.246.56.0/24
91.246.62.0/24
194.59.246.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:de:41:34:1b:dc:26:92:f9:ae:c1:74:31:fa:6e:0b:9e:01:
85:d1:be:7e:ee:bf:b2:a7:75:09:0a:cb:80:b5:82:29:e8:14:
83:da:8e:8a:65:cd:b7:9e:06:c1:7f:33:d0:2b:a8:86:d8:e3:
da:f0:3b:a2:2a:e9:74:77:41:c2:41:85:ec:b1:94:3f:37:c8:
c8:43:67:cf:fd:60:e0:8a:df:64:45:74:16:34:3a:6d:72:9f:
c3:e5:f9:35:eb:61:ef:4d:14:6c:b0:42:c7:29:83:b8:4d:7e:
36:1d:d3:fb:09:ce:78:fd:93:a9:24:a6:cb:e4:80:f5:c1:cb:
04:bd:3d:c2:21:bf:6c:37:4d:ea:24:2d:e3:50:5c:05:18:88:
1b:6c:20:26:f9:06:e7:af:37:e3:36:17:51:f1:32:35:fe:f8:
80:9b:82:6e:4b:c5:19:2b:dd:fa:82:c4:ea:8e:e7:a2:5b:e7:
05:c3:70:5a:18:bc:f0:bb:70:98:65:35:60:c4:68:25:9d:b2:
ab:ec:33:27:e2:24:77:b4:bf:3b:4e:cb:70:88:db:8c:21:8b:
5a:b4:85:ee:f7:61:f3:aa:f3:a7:8c:f6:90:a3:3b:3c:fd:2b:
14:51:a5:3d:11:40:83:18:9c:b1:2e:fc:4e:01:94:93:19:9e:
1e:80:db:d6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY7Jf+kTq2nGEzl/fkEkUdLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDEwMTkzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDE4ZjhlODY0YjgxNTE0OTQ3NWJhZTI1NGNjM2ZjNzRiODcxYjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJvs2+bReUIGhB0hxqquIWKEHc0t
ZDAjOig2MEwl8YpSQd/YadUMjnrS6ARMOuIczs69ZCLj0D5E59a0X5dvTAm+A+Nz
qtINVBqUp5NAHWyHis/L3BFrougCwNepS+Pp7JkvXBtr3PeH4eg6Ry9J44d9/58V
vFnJTw84fkeGR1V9jkogzCNxMADTPjnm64yCjoZBDW5CQoj0VjAX0ploZQTpajlR
dJm+ZKmViXjjPrFls7VgMBGPPs1tbgso0CYuOHwGMwUcGpZrAB+FeKfIbRxl1doA
EpKEIUxvsBD/0FYTeBEOerIIL2wnUQcqz0cz+QwuAiBgbuW+HnUKR2wY0QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD0Y+OhkuBUUlHW64lTMP8dLhxtSMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvUFJqNDZHUzRGUlNVZGJyaVZNd194MHVIRzFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALpWtAwQA
W/Y4AwQAW/Y+AwQAwjv2MA0GCSqGSIb3DQEBCwUAA4IBAQBv3kE0G9wmkvmuwXQx
+m4LngGF0b5+7r+yp3UJCsuAtYIp6BSD2o6KZc23ngbBfzPQK6iG2OPa8DuiKul0
d0HCQYXssZQ/N8jIQ2fP/WDgit9kRXQWNDptcp/D5fk162HvTRRssELHKYO4TX42
HdP7Cc54/ZOpJKbL5ID1wcsEvT3CIb9sN03qJC3jUFwFGIgbbCAm+QbnrzfjNhdR
8TI1/viAm4JuS8UZK936gsTqjueiW+cFw3BaGLzwu3CYZTVgxGglnbKr7DMn4iR3
tL87TstwiNuMIYtatIXu92HzqvOnjPaQozs8/SsUUaU9EUCDGJyxLvxOAZSTGZ4e
gNvW
-----END CERTIFICATE-----
Generated at Mon Jun 17 19:06:34 2024 by rpki-client on console-ams.rpki-client.org