Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/7cc183-eba5-4747-8b10-f38c749b6e39/1/1-ZqFBWiY-_IUuE3RidSAQT-m8fE.roa
File: 1-ZqFBWiY-_IUuE3RidSAQT-m8fE.roa (raw, json)
Hash identifier: 45PPgn3fq5T70vQi7z1myh/V0E6u9Jd/I23kmg/8o9o=
Subject key identifier: F9:9A:85:05:68:98:FB:F2:14:B8:4D:D1:89:D4:80:41:3F:A6:F1:F1
Certificate issuer: /CN=44df4fcb8ea51e18d290805c8f50f0df4340dbd5
Certificate serial: 01901715FAFFEB8A1EE9B42A76200EF6EDEE
Authority key identifier: 44:DF:4F:CB:8E:A5:1E:18:D2:90:80:5C:8F:50:F0:DF:43:40:DB:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RN9Py46lHhjSkIBcj1Dw30NA29U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/7cc183-eba5-4747-8b10-f38c749b6e39/1/1-ZqFBWiY-_IUuE3RidSAQT-m8fE.roa
Signing time: Fri 14 Jun 2024 14:10:34 +0000
ROA not before: Fri 14 Jun 2024 14:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49747
IP address blocks: 146.19.1.0/24 maxlen: 24
146.19.238.0/24 maxlen: 24
188.64.141.0/24 maxlen: 24
193.200.206.0/24 maxlen: 24
2001:67c:c6c::/48 maxlen: 48
2a14:5f40:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/7cc183-eba5-4747-8b10-f38c749b6e39/1/RN9Py46lHhjSkIBcj1Dw30NA29U.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/7cc183-eba5-4747-8b10-f38c749b6e39/1/RN9Py46lHhjSkIBcj1Dw30NA29U.mft
rsync://rpki.ripe.net/repository/DEFAULT/RN9Py46lHhjSkIBcj1Dw30NA29U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:17:15:fa:ff:eb:8a:1e:e9:b4:2a:76:20:0e:f6:ed:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44df4fcb8ea51e18d290805c8f50f0df4340dbd5
Validity
Not Before: Jun 14 14:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f99a85056898fbf214b84dd189d480413fa6f1f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:31:86:14:30:0a:e7:57:e0:71:5f:cc:23:29:
c5:22:38:84:ce:3f:da:b6:43:89:39:6b:68:98:e6:
07:30:77:d2:05:ea:ed:8d:cf:8b:c8:01:86:2f:c2:
2d:67:80:10:6a:78:ac:13:a7:4e:3e:7e:7d:a9:f4:
e7:79:7e:a7:c3:2b:88:81:63:50:a7:03:7a:ac:9a:
0f:36:23:dc:6a:5e:44:d9:7f:30:5c:5c:a6:4e:de:
83:91:e3:10:8e:db:60:4c:b0:fc:73:a3:ba:3c:63:
4b:d0:79:26:38:48:5e:ce:3a:da:5f:05:d5:ca:ad:
ef:3a:90:ed:f6:51:23:39:53:03:cb:95:ac:16:07:
3b:74:86:a1:7f:24:4d:c9:4e:16:ef:55:46:c6:be:
bd:5a:45:cc:4f:d6:b6:59:d1:79:9c:32:89:0d:e7:
be:89:30:9a:a3:c2:53:50:bf:fe:46:01:bc:bd:77:
07:d1:fd:eb:cc:56:cb:80:00:6c:6d:ab:82:73:fb:
1c:52:93:ba:7f:d4:99:8f:d9:4c:dd:7e:c8:4e:bc:
52:e2:24:3f:d1:8f:9e:b4:5c:9d:fd:fe:f6:78:80:
0b:f7:5c:ad:c2:20:9c:cc:ff:f7:48:d1:57:fb:4d:
93:ed:09:94:7a:f7:1b:bd:41:85:a1:4c:ab:49:9e:
57:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:9A:85:05:68:98:FB:F2:14:B8:4D:D1:89:D4:80:41:3F:A6:F1:F1
X509v3 Authority Key Identifier:
keyid:44:DF:4F:CB:8E:A5:1E:18:D2:90:80:5C:8F:50:F0:DF:43:40:DB:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RN9Py46lHhjSkIBcj1Dw30NA29U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/7cc183-eba5-4747-8b10-f38c749b6e39/1/1-ZqFBWiY-_IUuE3RidSAQT-m8fE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/7cc183-eba5-4747-8b10-f38c749b6e39/1/RN9Py46lHhjSkIBcj1Dw30NA29U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.1.0/24
146.19.238.0/24
188.64.141.0/24
193.200.206.0/24
IPv6:
2001:67c:c6c::/48
2a14:5f40:1::/48
Signature Algorithm: sha256WithRSAEncryption
68:43:55:64:8b:fd:3b:34:35:69:79:7c:93:f3:98:7e:c2:31:
06:e1:78:5c:34:80:0a:9b:aa:46:15:58:cf:d7:70:ca:9b:e0:
f6:50:a3:ba:dd:91:17:30:0b:4c:9f:d0:0c:3e:f3:c9:3f:3d:
ac:1b:80:d8:1b:ad:a3:a8:a3:4d:36:a6:18:72:8a:d8:78:9e:
99:37:6c:41:db:3b:9d:53:41:93:98:50:3d:64:51:44:ee:95:
fe:3c:b7:22:a6:c8:71:8d:7e:fc:e2:32:50:49:dc:4f:63:27:
f6:fe:0c:6b:4b:67:c8:c9:88:37:32:bc:da:20:26:17:d0:b7:
9e:1c:2a:48:ce:0a:f2:32:5c:73:9a:66:58:56:b6:9c:64:ef:
fa:35:eb:08:a1:82:6b:54:7f:88:ce:ec:06:ae:c7:ce:61:ec:
de:52:ff:6c:0f:42:5a:5d:e3:bb:c6:f7:1e:64:e8:70:6a:8d:
43:40:fb:12:4f:6e:b4:29:ca:5a:c9:03:59:d1:8f:ce:5e:81:
5c:6c:45:e7:a2:77:60:cf:91:40:5d:19:98:93:b5:10:c1:8b:
72:6f:26:34:11:7b:3c:76:ee:96:09:02:31:3f:a7:17:9f:4b:
39:e8:e4:cf:fd:3a:eb:8d:b6:05:06:ef:31:1e:87:5c:18:3b:
7e:68:1f:cd
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZAXFfr/64oe6bQqdiAO9u3uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGY0ZmNiOGVhNTFlMThkMjkwODA1YzhmNTBmMGRmNDM0
MGRiZDUwHhcNMjQwNjE0MTQxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTlhODUwNTY4OThmYmYyMTRiODRkZDE4OWQ0ODA0MTNmYTZmMWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DGGFDAK51fgcV/MIynFIjiEzj/a
tkOJOWtomOYHMHfSBertjc+LyAGGL8ItZ4AQanisE6dOPn59qfTneX6nwyuIgWNQ
pwN6rJoPNiPcal5E2X8wXFymTt6DkeMQjttgTLD8c6O6PGNL0HkmOEhezjraXwXV
yq3vOpDt9lEjOVMDy5WsFgc7dIahfyRNyU4W71VGxr69WkXMT9a2WdF5nDKJDee+
iTCao8JTUL/+RgG8vXcH0f3rzFbLgABsbauCc/scUpO6f9SZj9lM3X7ITrxS4iQ/
0Y+etFyd/f72eIAL91ytwiCczP/3SNFX+02T7QmUevcbvUGFoUyrSZ5XSwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPmahQVomPvyFLhN0YnUgEE/pvHxMB8GA1UdIwQY
MBaAFETfT8uOpR4Y0pCAXI9Q8N9DQNvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk45UHk0NmxIaGpTa0lCY2oxRHczME5BMjlVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS83Y2MxODMtZWJhNS00NzQ3LThiMTAt
ZjM4Yzc0OWI2ZTM5LzEvMS1acUZCV2lZLV9JVXVFM1JpZFNBUVQtbThmRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDEvN2NjMTgzLWViYTUtNDc0Ny04YjEwLWYzOGM3NDliNmUz
OS8xL1JOOVB5NDZsSGhqU2tJQmNqMUR3MzBOQTI5VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBLBggrBgEFBQcBBwEB/wQ8MDowHgQCAAEwGAMEAJITAQME
AJIT7gMEALxAjQMEAMHIzjAYBAIAAjASAwcAIAEGfAxsAwcAKhRfQAABMA0GCSqG
SIb3DQEBCwUAA4IBAQBoQ1Vki/07NDVpeXyT85h+wjEG4XhcNIAKm6pGFVjP13DK
m+D2UKO63ZEXMAtMn9AMPvPJPz2sG4DYG62jqKNNNqYYcorYeJ6ZN2xB2zudU0GT
mFA9ZFFE7pX+PLcipshxjX784jJQSdxPYyf2/gxrS2fIyYg3MrzaICYX0LeeHCpI
zgryMlxzmmZYVracZO/6NesIoYJrVH+IzuwGrsfOYezeUv9sD0JaXeO7xvceZOhw
ao1DQPsST260KcpayQNZ0Y/OXoFcbEXnondgz5FAXRmYk7UQwYtybyY0EXs8du6W
CQIxP6cXn0s56OTP/TrrjbYFBu8xHodcGDt+aB/N
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:12:12 2024 by rpki-client on console-ams.rpki-client.org