Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/BxGiTyw6TvjwXN94U4Aswi-XysU.roa
File: BxGiTyw6TvjwXN94U4Aswi-XysU.roa (raw, json)
Hash identifier: FS/6QTxRxT8DQbWkW4bh8Zqoph/sZNHowsIkv//0VVo=
Subject key identifier: 07:11:A2:4F:2C:3A:4E:F8:F0:5C:DF:78:53:80:2C:C2:2F:97:CA:C5
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018CC26D5DE8EE9C2B6274F12DD3593E3633
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/BxGiTyw6TvjwXN94U4Aswi-XysU.roa
Signing time: Mon 01 Jan 2024 00:29:56 +0000
ROA not before: Mon 01 Jan 2024 00:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60457
IP address blocks: 46.10.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:5d:e8:ee:9c:2b:62:74:f1:2d:d3:59:3e:36:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 00:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0711a24f2c3a4ef8f05cdf7853802cc22f97cac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a7:07:e9:ab:d1:bb:ba:03:30:c1:0f:2c:8b:
3b:f2:30:f9:a5:da:bc:7d:44:1f:96:13:a7:12:b1:
82:17:0e:93:45:ef:c0:96:f9:a0:f7:ba:99:54:ff:
5f:20:2a:6b:31:1b:bc:9c:7e:f3:87:ab:58:b2:8d:
f6:a7:e1:e3:8a:63:50:84:ac:0c:d6:2e:70:09:1d:
33:ca:57:56:39:50:8f:4d:07:12:b6:4a:23:dd:81:
6d:ed:c6:48:18:e6:1f:6f:fd:02:54:fa:13:ab:45:
a5:42:dc:44:66:37:12:6b:56:46:89:0e:cf:9b:43:
06:0a:d1:53:e2:a0:96:23:a7:47:e1:df:8f:70:c5:
44:4d:10:13:9b:98:53:ff:29:d0:f9:99:7e:06:f9:
5d:ab:fb:fb:f9:03:60:ff:6f:1b:82:cf:a2:7d:c5:
c2:50:38:7e:57:0a:3b:51:e7:3a:ad:5f:90:2b:84:
ea:a6:15:99:73:d3:fa:44:99:c9:ae:46:7a:23:95:
c4:e5:ef:7d:70:98:73:70:ce:ec:79:c4:84:62:ee:
f4:03:41:1b:5f:70:31:0c:eb:93:cd:e3:72:c7:30:
84:5e:74:92:1a:64:d3:3a:be:25:ed:63:1e:2b:f3:
d1:10:aa:7f:62:87:45:7d:56:17:b9:52:02:58:62:
e1:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:11:A2:4F:2C:3A:4E:F8:F0:5C:DF:78:53:80:2C:C2:2F:97:CA:C5
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/BxGiTyw6TvjwXN94U4Aswi-XysU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.10.156.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:69:df:a4:40:45:3d:b2:de:c1:f8:b1:5f:eb:66:d2:52:65:
ac:d9:c6:09:f6:8d:bc:61:11:ed:f1:af:d7:c0:8c:64:a5:ae:
5f:0e:2d:62:24:a5:4d:5f:1d:81:2d:f4:f2:50:9b:dd:75:c9:
9f:fd:76:cf:1d:ac:f8:f9:05:c3:67:33:26:73:31:3c:24:05:
46:fc:ad:bc:b7:e3:3e:7c:cf:5b:6c:75:fe:4f:25:68:c7:10:
4d:35:1d:d4:ef:45:b8:c7:fc:44:13:b5:17:07:fc:dc:6b:c4:
83:5e:c5:f5:06:d3:79:03:a6:36:55:9d:db:11:b5:ca:eb:3c:
b6:c0:8d:3c:b6:7e:42:b2:40:30:94:56:8c:c0:5e:5c:ba:1e:
4e:09:d2:32:cd:6a:c6:66:73:c6:b3:f1:8e:44:43:1b:ab:9b:
56:85:eb:83:11:e3:8f:bf:0e:f3:69:37:8b:b1:3d:3d:39:73:
97:0f:d9:3f:96:34:de:dd:85:7e:96:00:01:6e:f8:bd:dc:f9:
04:40:b6:32:bd:f0:48:14:e1:fa:d4:77:94:f8:4f:47:d8:37:
7f:a4:f1:32:c2:cf:40:bf:41:5d:f3:a3:2c:4b:8e:4b:b8:68:
51:a9:65:f8:2d:d3:eb:17:e7:84:29:77:d6:8c:68:c6:14:9e:
15:ac:75:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbV3o7pwrYnTxLdNZPjYzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMTAxMDAyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzExYTI0ZjJjM2E0ZWY4ZjA1Y2RmNzg1MzgwMmNjMjJmOTdjYWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6cH6avRu7oDMMEPLIs78jD5pdq8
fUQflhOnErGCFw6TRe/Alvmg97qZVP9fICprMRu8nH7zh6tYso32p+HjimNQhKwM
1i5wCR0zyldWOVCPTQcStkoj3YFt7cZIGOYfb/0CVPoTq0WlQtxEZjcSa1ZGiQ7P
m0MGCtFT4qCWI6dH4d+PcMVETRATm5hT/ynQ+Zl+Bvldq/v7+QNg/28bgs+ifcXC
UDh+Vwo7Uec6rV+QK4TqphWZc9P6RJnJrkZ6I5XE5e99cJhzcM7secSEYu70A0Eb
X3AxDOuTzeNyxzCEXnSSGmTTOr4l7WMeK/PREKp/YodFfVYXuVICWGLhpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAcRok8sOk748FzfeFOALMIvl8rFMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvQnhHaVR5dzZUdmp3WE45NFU0QXN3aS1YeXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALgqcMA0G
CSqGSIb3DQEBCwUAA4IBAQAdad+kQEU9st7B+LFf62bSUmWs2cYJ9o28YRHt8a/X
wIxkpa5fDi1iJKVNXx2BLfTyUJvddcmf/XbPHaz4+QXDZzMmczE8JAVG/K28t+M+
fM9bbHX+TyVoxxBNNR3U70W4x/xEE7UXB/zca8SDXsX1BtN5A6Y2VZ3bEbXK6zy2
wI08tn5CskAwlFaMwF5cuh5OCdIyzWrGZnPGs/GOREMbq5tWheuDEeOPvw7zaTeL
sT09OXOXD9k/ljTe3YV+lgABbvi93PkEQLYyvfBIFOH61HeU+E9H2Dd/pPEyws9A
v0Fd86MsS45LuGhRqWX4LdPrF+eEKXfWjGjGFJ4VrHV1
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:11:17 2024 by rpki-client on console-ams.rpki-client.org