Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/aW2pswfyFoRSx1GYnGoKm5n1eXM.roa
File: aW2pswfyFoRSx1GYnGoKm5n1eXM.roa (raw, json)
Hash identifier: KkBxksAcMbyRpgx9+ihsRUjJalQqEOCm1CY7VULFiIg=
Subject key identifier: 69:6D:A9:B3:07:F2:16:84:52:C7:51:98:9C:6A:0A:9B:99:F5:79:73
Certificate issuer: /CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Certificate serial: 019010E2736328488BB91D693440638E9C1B
Authority key identifier: DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/aW2pswfyFoRSx1GYnGoKm5n1eXM.roa
Signing time: Thu 13 Jun 2024 09:16:34 +0000
ROA not before: Thu 13 Jun 2024 09:16:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52145
IP address blocks: 46.253.88.0/21 maxlen: 21
46.253.90.0/24 maxlen: 24
46.253.90.0/25 maxlen: 25
46.253.90.128/25 maxlen: 25
46.253.93.0/24 maxlen: 24
46.253.94.0/24 maxlen: 24
46.253.95.0/24 maxlen: 24
2a04:19c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 15:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:10:e2:73:63:28:48:8b:b9:1d:69:34:40:63:8e:9c:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Validity
Not Before: Jun 13 09:16:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=696da9b307f2168452c751989c6a0a9b99f57973
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1e:62:ae:39:2b:6e:cf:eb:d2:cc:c3:96:cc:
a0:f4:12:92:63:08:ee:a7:55:ba:47:cc:a7:0f:da:
47:b2:03:c5:eb:4b:5d:f0:c6:ab:3c:17:19:b8:9d:
3f:e7:0c:80:45:af:a2:1a:57:e5:16:19:b5:17:fc:
de:c8:3b:7f:ea:a3:23:35:fa:35:84:60:79:17:78:
10:a7:41:93:a6:f8:c6:61:e9:ae:da:c3:83:99:44:
06:d0:09:c9:a5:81:6c:13:41:dd:14:3e:e8:c8:a2:
86:e8:6e:c9:d4:c5:67:22:92:bf:b0:49:de:ed:e3:
8b:07:3e:11:b0:5b:3e:11:c8:7c:b3:d8:65:17:e2:
b8:70:03:d3:3a:69:58:bd:09:fa:1d:37:26:6b:d4:
26:29:c8:19:4e:93:96:69:49:1f:79:cc:f7:bf:73:
38:68:fa:62:72:eb:3e:df:12:2a:5a:ad:6f:9c:80:
41:88:7d:77:d4:f2:59:b2:11:eb:1f:93:96:93:b5:
85:ad:c6:81:28:93:4f:62:00:7a:0f:50:9c:5c:e2:
3f:68:54:53:93:c1:50:85:3b:46:f5:ee:3e:8e:d1:
59:34:54:ed:26:18:df:2d:70:8b:28:d6:1e:1b:27:
6d:1c:01:ea:ca:8a:f4:fa:f0:c2:81:e6:b8:37:31:
59:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:6D:A9:B3:07:F2:16:84:52:C7:51:98:9C:6A:0A:9B:99:F5:79:73
X509v3 Authority Key Identifier:
keyid:DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/aW2pswfyFoRSx1GYnGoKm5n1eXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.88.0/21
IPv6:
2a04:19c0::/29
Signature Algorithm: sha256WithRSAEncryption
83:1e:ed:45:cc:3f:5f:49:71:86:77:7a:ef:b0:c4:c4:bd:3a:
97:19:99:bb:a2:57:8c:45:a9:50:22:dc:96:f9:f5:dc:ce:cf:
29:e5:a7:65:65:b8:07:10:0b:89:0e:c8:fa:b2:d6:14:c8:6e:
79:15:54:14:be:03:70:42:1d:6f:f1:a4:99:81:79:bc:a1:d0:
22:7f:d5:39:64:f5:28:d0:35:ae:4c:05:5f:8c:e4:a5:64:d2:
3b:b2:15:74:a7:4f:f1:66:a9:ef:b3:58:56:bd:a1:76:76:30:
e5:26:32:59:b2:87:34:60:2e:13:4e:51:e7:3c:9c:0b:2a:65:
46:0c:83:20:53:70:4b:1f:67:bd:91:77:94:03:ce:39:7b:30:
38:03:26:89:11:df:35:bc:8d:78:c0:b4:36:37:55:11:bb:7b:
e6:17:7e:49:88:d0:29:c5:ce:70:21:5e:e9:b8:96:e6:39:42:
63:fc:fe:e1:08:48:22:5b:61:d7:eb:99:93:9f:3a:31:13:37:
d7:4f:96:07:4c:88:1d:83:b4:20:c1:2b:25:4b:13:8d:02:6c:
49:49:c3:a5:d4:e6:ae:67:10:0b:19:44:46:36:49:93:22:89:
86:4d:94:e5:63:44:0d:24:54:9a:a8:fa:ce:e8:9d:b3:ec:21:
2e:f5:a4:21
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZAQ4nNjKEiLuR1pNEBjjpwbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTdjN2NhMDViY2MzZDZhMmFkMWJhMjM1YmVkOGZlYWI2
OTQ1NTAwHhcNMjQwNjEzMDkxNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTZkYTliMzA3ZjIxNjg0NTJjNzUxOTg5YzZhMGE5Yjk5ZjU3OTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAux5irjkrbs/r0szDlsyg9BKSYwju
p1W6R8ynD9pHsgPF60td8MarPBcZuJ0/5wyARa+iGlflFhm1F/zeyDt/6qMjNfo1
hGB5F3gQp0GTpvjGYemu2sODmUQG0AnJpYFsE0HdFD7oyKKG6G7J1MVnIpK/sEne
7eOLBz4RsFs+Ech8s9hlF+K4cAPTOmlYvQn6HTcma9QmKcgZTpOWaUkfecz3v3M4
aPpicus+3xIqWq1vnIBBiH131PJZshHrH5OWk7WFrcaBKJNPYgB6D1CcXOI/aFRT
k8FQhTtG9e4+jtFZNFTtJhjfLXCLKNYeGydtHAHqyor0+vDCgea4NzFZuwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGltqbMH8haEUsdRmJxqCpuZ9XlzMB8GA1UdIwQY
MBaAFN2Xx8oFvMPWoq0bojW+2P6raUVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEt
NGQ0YjE2MTQ0ZDY4LzEvYVcycHN3ZnlGb1JTeDFHWW5Hb0ttNW4xZVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEtNGQ0YjE2MTQ0ZDY4
LzEvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLv1YMA0E
AgACMAcDBQMqBBnAMA0GCSqGSIb3DQEBCwUAA4IBAQCDHu1FzD9fSXGGd3rvsMTE
vTqXGZm7oleMRalQItyW+fXczs8p5adlZbgHEAuJDsj6stYUyG55FVQUvgNwQh1v
8aSZgXm8odAif9U5ZPUo0DWuTAVfjOSlZNI7shV0p0/xZqnvs1hWvaF2djDlJjJZ
soc0YC4TTlHnPJwLKmVGDIMgU3BLH2e9kXeUA845ezA4AyaJEd81vI14wLQ2N1UR
u3vmF35JiNApxc5wIV7puJbmOUJj/P7hCEgiW2HX65mTnzoxEzfXT5YHTIgdg7Qg
wSslSxONAmxJScOl1OauZxALGURGNkmTIomGTZTlY0QNJFSaqPrO6J2z7CEu9aQh
-----END CERTIFICATE-----
Generated at Fri Jun 21 20:25:30 2024 by rpki-client on console-fra.rpki-client.org