Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/lJmlG-X6gVCiTsBURbFzH32Snco.roa
File: lJmlG-X6gVCiTsBURbFzH32Snco.roa (raw, json)
Hash identifier: M5lY1UhqxXTadub7MYTAOlJ9XslrESXcuetlL2Kn29g=
Subject key identifier: 94:99:A5:1B:E5:FA:81:50:A2:4E:C0:54:45:B1:73:1F:7D:92:9D:CA
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 019355AEA98A895858464575FDDC5DCEA9DA
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/lJmlG-X6gVCiTsBURbFzH32Snco.roa
Signing time: Fri 22 Nov 2024 21:02:10 +0000
ROA not before: Fri 22 Nov 2024 21:02:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209372
IP address blocks: 46.3.10.0/24 maxlen: 24
46.3.11.0/24 maxlen: 24
46.3.12.0/22 maxlen: 24
46.3.20.0/22 maxlen: 24
46.3.31.0/24 maxlen: 24
46.3.48.0/20 maxlen: 24
46.3.76.0/24 maxlen: 24
46.3.77.0/24 maxlen: 24
46.3.78.0/24 maxlen: 24
46.3.79.0/24 maxlen: 24
46.3.84.0/22 maxlen: 24
46.3.84.0/24 maxlen: 24
46.3.86.0/24 maxlen: 24
46.3.87.0/24 maxlen: 24
46.3.88.0/24 maxlen: 24
46.3.116.0/24 maxlen: 24
46.3.128.0/17 maxlen: 24
46.3.135.0/24 maxlen: 24
46.3.136.0/22 maxlen: 22
46.3.144.0/22 maxlen: 22
46.3.148.0/22 maxlen: 22
46.3.152.0/24 maxlen: 24
46.3.153.0/24 maxlen: 24
46.3.154.0/24 maxlen: 24
46.3.155.0/24 maxlen: 24
46.3.156.0/24 maxlen: 24
46.3.157.0/24 maxlen: 24
46.3.158.0/24 maxlen: 24
46.3.159.0/24 maxlen: 24
46.3.164.0/23 maxlen: 23
46.3.166.0/23 maxlen: 23
46.3.168.0/21 maxlen: 24
46.3.205.0/24 maxlen: 24
46.3.232.0/22 maxlen: 22
46.3.238.0/24 maxlen: 24
46.3.239.0/24 maxlen: 24
46.232.0.0/17 maxlen: 24
46.232.21.0/24 maxlen: 24
46.232.22.0/24 maxlen: 24
46.232.23.0/24 maxlen: 24
46.232.112.0/23 maxlen: 23
46.232.114.0/23 maxlen: 23
80.243.128.0/20 maxlen: 24
149.126.192.0/18 maxlen: 24
149.126.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:55:ae:a9:8a:89:58:58:46:45:75:fd:dc:5d:ce:a9:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Nov 22 21:02:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9499a51be5fa8150a24ec05445b1731f7d929dca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:13:a7:b4:a1:1c:ea:97:a6:05:b6:35:c7:55:
c8:fb:fc:2f:20:48:67:24:06:df:d5:6d:1a:56:c3:
34:3a:3e:f8:ac:3b:85:47:7f:2d:bc:86:ac:bc:89:
2d:8f:80:20:7d:16:75:47:20:c1:01:75:eb:0b:47:
fe:2f:42:ca:2d:ec:39:d7:d3:bb:b3:c8:29:e2:40:
18:93:6c:33:04:c6:e9:58:0b:08:22:5c:d5:fe:1e:
3f:1e:54:91:49:27:de:7d:3d:40:2f:b0:9d:cd:48:
af:2c:3c:04:7c:43:19:3b:cf:4a:ee:46:9c:65:03:
15:01:be:ad:25:3f:23:da:a6:af:f0:45:84:e4:68:
f0:a4:58:ad:19:11:68:68:5a:2a:33:9f:6d:54:29:
1d:39:85:72:b1:03:60:50:5e:13:e3:9f:a9:15:00:
f4:24:cd:32:e8:07:26:37:77:dd:0f:9b:89:ad:d9:
79:aa:20:9c:84:5c:b2:b9:d0:71:a7:4c:73:74:0e:
64:23:90:dc:7e:b7:34:3d:da:b1:ea:6d:ca:c6:6c:
5e:37:d2:dd:76:83:97:34:d3:c3:48:a3:a9:fd:08:
3d:fa:c5:5b:b2:e6:fa:c5:ab:96:7a:01:a3:66:75:
54:23:a8:82:47:76:0a:6b:fe:ad:c1:f1:cb:15:49:
c2:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:99:A5:1B:E5:FA:81:50:A2:4E:C0:54:45:B1:73:1F:7D:92:9D:CA
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/lJmlG-X6gVCiTsBURbFzH32Snco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.10.0-46.3.15.255
46.3.20.0/22
46.3.31.0/24
46.3.48.0/20
46.3.76.0/22
46.3.84.0-46.3.88.255
46.3.116.0/24
46.3.128.0/17
46.232.0.0/17
80.243.128.0/20
149.126.192.0/18
Signature Algorithm: sha256WithRSAEncryption
1e:6d:e1:f5:16:66:fc:df:33:9e:a0:6d:df:8b:d7:5e:20:8f:
ad:9e:b1:11:51:1b:1d:29:69:83:d0:43:28:b4:c8:ca:81:50:
aa:2b:3f:ea:74:20:73:26:13:b6:a0:e0:1e:05:c2:1b:d3:89:
37:a9:df:ee:30:c2:68:f4:cd:84:66:52:9a:ca:ac:50:a6:65:
ff:d2:96:69:48:6e:c4:c3:68:2c:6f:dd:5a:cd:7f:ac:26:42:
f1:6f:2c:b1:a9:1a:7b:3b:77:c2:0e:30:0f:1b:3c:cb:4f:f4:
cd:c9:e7:7a:f5:6b:5d:fa:fa:34:0f:81:fa:96:d0:9a:f3:3b:
e3:91:b4:e7:4f:aa:6a:25:c4:28:8c:1d:54:1d:53:03:b4:9c:
93:d6:9d:34:40:ea:d7:f4:fa:87:ac:94:20:18:f6:0a:c5:a0:
fc:1b:30:4e:85:44:33:d9:5f:c1:2c:a6:df:22:67:41:ce:18:
33:b4:ec:41:a7:4f:ed:ed:34:fc:90:ce:4a:a7:8a:25:6e:f8:
69:fa:d5:b5:aa:74:ae:8d:79:2f:a7:55:de:95:18:c0:5f:e2:
29:fe:32:7e:31:86:ac:1d:07:eb:7a:cf:3a:e3:4a:78:54:f9:
4e:58:86:c0:a5:ab:88:37:47:96:c5:9e:73:61:67:5f:93:6a:
11:65:35:e4
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZNVrqmKiVhYRkV1/dxdzqnaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjQxMTIyMjEwMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDk5YTUxYmU1ZmE4MTUwYTI0ZWMwNTQ0NWIxNzMxZjdkOTI5ZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxROntKEc6pemBbY1x1XI+/wvIEhn
JAbf1W0aVsM0Oj74rDuFR38tvIasvIktj4AgfRZ1RyDBAXXrC0f+L0LKLew519O7
s8gp4kAYk2wzBMbpWAsIIlzV/h4/HlSRSSfefT1AL7CdzUivLDwEfEMZO89K7kac
ZQMVAb6tJT8j2qav8EWE5GjwpFitGRFoaFoqM59tVCkdOYVysQNgUF4T45+pFQD0
JM0y6AcmN3fdD5uJrdl5qiCchFyyudBxp0xzdA5kI5Dcfrc0Pdqx6m3KxmxeN9Ld
doOXNNPDSKOp/Qg9+sVbsub6xauWegGjZnVUI6iCR3YKa/6twfHLFUnCHQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFJSZpRvl+oFQok7AVEWxcx99kp3KMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvbEptbEctWDZnVkNpVHNCVVJiRnpIMzJTbmNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSMAwDBAEuAwoD
BAQuAwADBAIuAxQDBAAuAx8DBAQuAzADBAIuA0wwDAMEAi4DVAMEAC4DWAMEAC4D
dAMEBy4DgAMEBy7oAAMEBFDzgAMEBpV+wDANBgkqhkiG9w0BAQsFAAOCAQEAHm3h
9RZm/N8znqBt34vXXiCPrZ6xEVEbHSlpg9BDKLTIyoFQqis/6nQgcyYTtqDgHgXC
G9OJN6nf7jDCaPTNhGZSmsqsUKZl/9KWaUhuxMNoLG/dWs1/rCZC8W8ssakaezt3
wg4wDxs8y0/0zcnnevVrXfr6NA+B+pbQmvM745G050+qaiXEKIwdVB1TA7Sck9ad
NEDq1/T6h6yUIBj2CsWg/BswToVEM9lfwSym3yJnQc4YM7TsQadP7e00/JDOSqeK
JW74afrVtap0ro15L6dV3pUYwF/iKf4yfjGGrB0H63rPOuNKeFT5TliGwKWriDdH
lsWec2FnX5NqEWU15A==
-----END CERTIFICATE-----
Generated at Mon Nov 25 09:35:29 2024 by rpki-client on console-ams.rpki-client.org