Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/1PRrpX8RkutnnpW8uNhu_jjX6zo.roa
File: 1PRrpX8RkutnnpW8uNhu_jjX6zo.roa (raw, json)
Hash identifier: iiOrHUUEtwZnYNoXjzgplWDB+wOVBWHPcSJOzF/HI9k=
Subject key identifier: D4:F4:6B:A5:7F:11:92:EB:67:9E:95:BC:B8:D8:6E:FE:38:D7:EB:3A
Certificate issuer: /CN=8e626c909eb4951154bcee8221e43951b4257624
Certificate serial: 018CC9BC3BAF6615D2414816FFF700B48329
Authority key identifier: 8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/1PRrpX8RkutnnpW8uNhu_jjX6zo.roa
Signing time: Tue 02 Jan 2024 10:33:25 +0000
ROA not before: Tue 02 Jan 2024 10:33:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54103
IP address blocks: 185.51.48.0/22 maxlen: 22
46.244.116.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:3b:af:66:15:d2:41:48:16:ff:f7:00:b4:83:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e626c909eb4951154bcee8221e43951b4257624
Validity
Not Before: Jan 2 10:33:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4f46ba57f1192eb679e95bcb8d86efe38d7eb3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7d:b2:6b:9b:97:7d:22:64:78:4d:f0:58:d5:
51:e7:3a:31:d7:53:2f:9e:50:6c:10:66:d4:e8:a2:
33:97:6d:34:62:32:b4:0c:f2:29:10:76:98:d9:2f:
36:ae:11:cb:49:e1:64:eb:1b:23:04:e8:e5:92:27:
cf:9a:a8:69:ea:8f:87:c5:30:ab:12:a2:13:11:f3:
58:d6:9b:cf:b2:c1:33:65:bc:1f:27:0d:e1:79:34:
f3:f3:73:0c:ae:98:8b:0e:3a:13:b5:cc:65:78:6d:
d6:ee:00:92:15:7c:37:90:a2:dd:98:d5:eb:74:5d:
67:91:eb:5e:50:67:5c:ba:1d:f5:f5:74:bb:dd:0a:
d5:1b:2a:68:5c:c5:54:70:78:5d:fa:2c:8f:ef:b4:
59:bf:41:ff:22:1e:85:3d:45:28:5e:6c:ea:d8:ba:
d7:6e:ca:c5:c4:00:62:d0:33:89:5e:ff:66:27:6a:
54:f9:f4:b6:4f:32:a7:6d:01:dd:bb:08:4e:38:5f:
98:e1:a0:4f:e6:48:94:86:0e:f5:11:e9:cc:79:39:
63:da:1c:31:35:0f:78:f2:e0:20:4b:79:db:22:e2:
d7:0a:c3:59:1c:3e:94:17:c5:31:cd:41:35:8e:18:
78:9e:71:08:69:84:a4:00:3f:0b:95:20:90:bd:e6:
ab:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:F4:6B:A5:7F:11:92:EB:67:9E:95:BC:B8:D8:6E:FE:38:D7:EB:3A
X509v3 Authority Key Identifier:
keyid:8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/1PRrpX8RkutnnpW8uNhu_jjX6zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.244.116.0/22
185.51.48.0/22
Signature Algorithm: sha256WithRSAEncryption
34:85:27:4f:59:ca:91:5b:ac:17:db:06:a7:7b:cc:e2:24:82:
c5:a0:62:67:e0:73:f4:fa:fe:1a:64:08:ba:36:b4:5d:a6:02:
55:f4:87:dc:86:cd:76:1b:ad:58:29:ea:3b:7f:7c:06:4c:a8:
05:c3:77:f3:d9:ba:e7:3a:24:e8:be:86:a2:92:25:df:10:63:
3c:10:c0:de:c0:c7:44:64:92:69:d1:39:dd:9f:f9:f9:85:62:
e3:d9:c5:dc:61:35:15:d0:be:34:36:68:e6:a7:98:0f:9f:ee:
d9:27:13:d5:fb:a7:22:d8:0d:f7:46:ca:0f:52:9a:b3:40:a2:
e0:89:3d:47:a3:04:c1:a1:78:77:d6:69:33:54:68:43:81:fd:
2a:e2:3b:52:09:f6:2c:bf:58:26:02:dd:dc:84:e2:bb:09:71:
36:e9:d9:d3:dd:ee:b9:99:84:20:51:a7:c1:86:b1:58:9a:b0:
a6:dc:f6:0b:69:6e:a6:b6:81:ee:03:ff:3f:63:30:13:8f:03:
a7:42:cd:8e:0f:28:66:ff:ed:53:2f:92:c0:8e:db:52:b3:82:
82:da:46:41:6a:49:90:70:60:ed:53:98:b1:d6:8f:87:55:4f:
55:e6:c4:13:8d:55:10:fd:92:63:1d:50:49:0b:12:49:25:48:
e1:4a:99:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvDuvZhXSQUgW//cAtIMpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjI2YzkwOWViNDk1MTE1NGJjZWU4MjIxZTQzOTUxYjQy
NTc2MjQwHhcNMjQwMTAyMTAzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGY0NmJhNTdmMTE5MmViNjc5ZTk1YmNiOGQ4NmVmZTM4ZDdlYjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn2ya5uXfSJkeE3wWNVR5zox11Mv
nlBsEGbU6KIzl200YjK0DPIpEHaY2S82rhHLSeFk6xsjBOjlkifPmqhp6o+HxTCr
EqITEfNY1pvPssEzZbwfJw3heTTz83MMrpiLDjoTtcxleG3W7gCSFXw3kKLdmNXr
dF1nketeUGdcuh319XS73QrVGypoXMVUcHhd+iyP77RZv0H/Ih6FPUUoXmzq2LrX
bsrFxABi0DOJXv9mJ2pU+fS2TzKnbQHduwhOOF+Y4aBP5kiUhg71EenMeTlj2hwx
NQ948uAgS3nbIuLXCsNZHD6UF8UxzUE1jhh4nnEIaYSkAD8LlSCQvearFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNT0a6V/EZLrZ56VvLjYbv441+s6MB8GA1UdIwQY
MBaAFI5ibJCetJURVLzugiHkOVG0JXYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAt
ZTk3ZDFkMDIyMGFmLzEvMVBScnBYOFJrdXRubnBXOHVOaHVfampYNnpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAtZTk3ZDFkMDIyMGFm
LzEvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLvR0AwQC
uTMwMA0GCSqGSIb3DQEBCwUAA4IBAQA0hSdPWcqRW6wX2wane8ziJILFoGJn4HP0
+v4aZAi6NrRdpgJV9Ifchs12G61YKeo7f3wGTKgFw3fz2brnOiTovoaikiXfEGM8
EMDewMdEZJJp0Tndn/n5hWLj2cXcYTUV0L40Nmjmp5gPn+7ZJxPV+6ci2A33RsoP
UpqzQKLgiT1HowTBoXh31mkzVGhDgf0q4jtSCfYsv1gmAt3chOK7CXE26dnT3e65
mYQgUafBhrFYmrCm3PYLaW6mtoHuA/8/YzATjwOnQs2ODyhm/+1TL5LAjttSs4KC
2kZBakmQcGDtU5ix1o+HVU9V5sQTjVUQ/ZJjHVBJCxJJJUjhSpnW
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:05:54 2024 by rpki-client on console-fra.rpki-client.org