Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/bLUGgRHy3vOeEs1yok4D496cZ8U.roa
File: bLUGgRHy3vOeEs1yok4D496cZ8U.roa (raw, json)
Hash identifier: QSZ3C/763ClyivIGBJDUDqZ6Lf8rwOZe2zHtLi4VZl8=
Subject key identifier: 6C:B5:06:81:11:F2:DE:F3:9E:12:CD:72:A2:4E:03:E3:DE:9C:67:C5
Certificate issuer: /CN=8e626c909eb4951154bcee8221e43951b4257624
Certificate serial: 018CC9BC38CAC1BF5744D02F0348A360382E
Authority key identifier: 8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/bLUGgRHy3vOeEs1yok4D496cZ8U.roa
Signing time: Tue 02 Jan 2024 10:33:24 +0000
ROA not before: Tue 02 Jan 2024 10:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8038
IP address blocks: 46.244.20.0/24 maxlen: 24
178.249.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 16:02:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:38:ca:c1:bf:57:44:d0:2f:03:48:a3:60:38:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e626c909eb4951154bcee8221e43951b4257624
Validity
Not Before: Jan 2 10:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cb5068111f2def39e12cd72a24e03e3de9c67c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:99:7f:d8:db:c6:c4:4d:ae:64:68:57:12:1d:
7f:ed:93:9e:d3:45:b9:64:f3:17:d6:60:ab:14:6a:
ea:7c:52:f9:0b:eb:16:74:58:e4:86:53:99:1a:bd:
2f:f5:4b:0c:f1:f0:bd:84:c8:67:f9:49:6f:61:2a:
a6:49:c0:6c:e8:b6:d8:71:f0:09:1b:51:eb:44:13:
2b:b3:47:df:e4:85:cf:6a:d0:22:29:72:73:a5:45:
df:c2:42:f8:52:1d:f6:9c:d5:10:16:73:92:af:ca:
03:58:aa:7e:4f:86:31:24:4d:08:51:23:2c:cd:1b:
2d:0b:39:18:42:71:66:c7:6d:8c:27:59:2a:28:2e:
d8:d6:d5:4d:07:f3:a1:ed:56:1d:3b:f1:60:ee:da:
d0:57:e8:8a:ac:36:08:fb:a3:92:0d:4f:ee:58:a6:
83:a8:77:a2:b4:a3:1e:51:af:54:ed:4f:7e:85:67:
f9:3e:9d:0a:80:4c:dd:7b:50:7e:a5:0b:48:e4:df:
cd:62:12:c2:28:1f:a7:f8:29:ef:b4:44:83:75:40:
5f:62:29:06:84:10:b9:04:ed:be:b4:4a:43:ce:e3:
55:db:f7:37:2a:5f:1e:fa:6e:20:0a:ce:a6:0a:80:
8a:a4:50:d9:fd:86:98:f5:ef:8e:a1:0d:be:27:d0:
ac:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:B5:06:81:11:F2:DE:F3:9E:12:CD:72:A2:4E:03:E3:DE:9C:67:C5
X509v3 Authority Key Identifier:
keyid:8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/bLUGgRHy3vOeEs1yok4D496cZ8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.244.20.0/24
178.249.157.0/24
Signature Algorithm: sha256WithRSAEncryption
63:c2:0a:3d:f2:b9:9f:02:75:98:4a:c8:da:f8:cc:43:9f:69:
05:f1:9b:c9:6c:9a:05:6a:7f:d2:c7:12:38:13:7d:7b:2f:89:
da:92:fb:9f:20:09:5c:7f:8b:0d:0f:bf:c8:17:b2:45:3a:3f:
44:39:57:ca:bc:21:7a:de:43:0d:82:de:65:9c:37:20:9c:4f:
84:f9:32:80:57:65:bb:c0:49:23:96:b7:36:7e:b0:37:b9:5f:
a2:6f:90:8b:a9:20:51:df:94:ca:7b:43:0a:55:74:2b:7d:f8:
a8:39:81:24:1b:78:90:c9:1b:35:12:5f:ae:7c:3a:36:e0:27:
5a:8b:be:80:9b:42:7d:08:6a:6f:b6:3a:26:0a:2c:7a:2e:54:
a1:0e:9e:11:47:96:68:14:ce:40:91:2e:86:03:47:3c:fd:a3:
49:a5:eb:3c:2e:e6:51:a3:6b:e6:8a:67:20:98:ee:75:4a:4b:
22:09:40:68:c6:d7:d0:c3:40:4d:13:c2:1a:ee:e6:a6:a9:26:
e0:0e:4d:25:ae:3e:60:74:d4:ab:98:27:dc:41:62:15:25:16:
47:df:10:3d:0c:5e:c6:2c:f3:13:4c:56:30:da:cf:41:e3:19:
7a:46:b4:f1:b1:af:c8:69:45:14:ea:2e:c9:ff:24:95:9e:d0:
4c:5b:a1:c5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvDjKwb9XRNAvA0ijYDguMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjI2YzkwOWViNDk1MTE1NGJjZWU4MjIxZTQzOTUxYjQy
NTc2MjQwHhcNMjQwMTAyMTAzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2I1MDY4MTExZjJkZWYzOWUxMmNkNzJhMjRlMDNlM2RlOWM2N2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpl/2NvGxE2uZGhXEh1/7ZOe00W5
ZPMX1mCrFGrqfFL5C+sWdFjkhlOZGr0v9UsM8fC9hMhn+UlvYSqmScBs6LbYcfAJ
G1HrRBMrs0ff5IXPatAiKXJzpUXfwkL4Uh32nNUQFnOSr8oDWKp+T4YxJE0IUSMs
zRstCzkYQnFmx22MJ1kqKC7Y1tVNB/Oh7VYdO/Fg7trQV+iKrDYI+6OSDU/uWKaD
qHeitKMeUa9U7U9+hWf5Pp0KgEzde1B+pQtI5N/NYhLCKB+n+CnvtESDdUBfYikG
hBC5BO2+tEpDzuNV2/c3Kl8e+m4gCs6mCoCKpFDZ/YaY9e+OoQ2+J9Cs8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGy1BoER8t7znhLNcqJOA+PenGfFMB8GA1UdIwQY
MBaAFI5ibJCetJURVLzugiHkOVG0JXYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAt
ZTk3ZDFkMDIyMGFmLzEvYkxVR2dSSHkzdk9lRXMxeW9rNEQ0OTZjWjhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAtZTk3ZDFkMDIyMGFm
LzEvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALvQUAwQA
svmdMA0GCSqGSIb3DQEBCwUAA4IBAQBjwgo98rmfAnWYSsja+MxDn2kF8ZvJbJoF
an/SxxI4E317L4nakvufIAlcf4sND7/IF7JFOj9EOVfKvCF63kMNgt5lnDcgnE+E
+TKAV2W7wEkjlrc2frA3uV+ib5CLqSBR35TKe0MKVXQrffioOYEkG3iQyRs1El+u
fDo24Cdai76Am0J9CGpvtjomCix6LlShDp4RR5ZoFM5AkS6GA0c8/aNJpes8LuZR
o2vmimcgmO51SksiCUBoxtfQw0BNE8Ia7uamqSbgDk0lrj5gdNSrmCfcQWIVJRZH
3xA9DF7GLPMTTFYw2s9B4xl6RrTxsa/IaUUU6i7J/ySVntBMW6HF
-----END CERTIFICATE-----
Generated at Sun May 5 19:10:02 2024 by rpki-client on console-ams.rpki-client.org