Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/990595-5157-4036-b601-60843b5bbb81/1/fw8uykgIY4tOQb8c3QB_p7mk1XY.roa
File: fw8uykgIY4tOQb8c3QB_p7mk1XY.roa (raw, json)
Hash identifier: p0WQlNSnMYI38W6R7gb/bDCXF2jWsSh5tLiV9m+XBbc=
Subject key identifier: 7F:0F:2E:CA:48:08:63:8B:4E:41:BF:1C:DD:00:7F:A7:B9:A4:D5:76
Certificate issuer: /CN=4a75fa95475badeeb71f844e0b0b44b6a8fea9fe
Certificate serial: 019251A657E79EF43915105F7E2770B0878C
Authority key identifier: 4A:75:FA:95:47:5B:AD:EE:B7:1F:84:4E:0B:0B:44:B6:A8:FE:A9:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SnX6lUdbre63H4ROCwtEtqj-qf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/990595-5157-4036-b601-60843b5bbb81/1/fw8uykgIY4tOQb8c3QB_p7mk1XY.roa
Signing time: Thu 03 Oct 2024 09:11:48 +0000
ROA not before: Thu 03 Oct 2024 09:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42755
IP address blocks: 46.21.160.0/20 maxlen: 24
46.21.164.0/24 maxlen: 24
46.21.165.0/24 maxlen: 24
91.195.200.0/23 maxlen: 24
91.195.200.0/24 maxlen: 24
91.195.201.0/24 maxlen: 24
91.196.168.0/22 maxlen: 24
91.198.27.0/24 maxlen: 24
91.199.206.0/24 maxlen: 24
185.138.208.0/22 maxlen: 24
195.184.64.0/23 maxlen: 24
195.184.64.0/24 maxlen: 24
195.184.65.0/24 maxlen: 24
2a02:27f8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/990595-5157-4036-b601-60843b5bbb81/1/SnX6lUdbre63H4ROCwtEtqj-qf4.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/990595-5157-4036-b601-60843b5bbb81/1/SnX6lUdbre63H4ROCwtEtqj-qf4.mft
rsync://rpki.ripe.net/repository/DEFAULT/SnX6lUdbre63H4ROCwtEtqj-qf4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:a6:57:e7:9e:f4:39:15:10:5f:7e:27:70:b0:87:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a75fa95475badeeb71f844e0b0b44b6a8fea9fe
Validity
Not Before: Oct 3 09:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f0f2eca4808638b4e41bf1cdd007fa7b9a4d576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:2b:f8:3a:40:39:f0:35:df:69:b5:c7:f2:29:
98:41:5e:26:51:26:61:c7:b8:c6:6a:f1:df:00:be:
75:b9:4c:57:5d:ac:f5:7b:39:09:75:4a:82:ac:94:
0c:12:3e:95:f9:5a:b6:2c:81:53:dd:f4:4e:0c:a2:
fb:8a:02:d0:80:ff:c5:e8:79:87:b6:40:d9:96:ee:
7e:97:18:39:ac:bb:1d:cc:d5:b2:57:8d:fb:fa:f3:
62:e7:ba:d5:9f:70:00:92:fc:01:e5:8d:72:21:08:
68:d6:67:96:15:1d:7d:1c:e5:df:0a:6b:9c:52:bb:
68:51:30:c6:58:a5:99:16:bc:58:66:fc:16:35:ac:
96:cc:ae:38:ef:14:f5:6e:b4:ef:4e:76:42:3a:88:
93:5c:0f:7e:5b:33:1e:54:c5:77:eb:fa:dc:35:aa:
a1:42:27:e9:4c:f7:09:90:dd:32:5e:b6:f8:31:88:
4a:80:a1:77:52:a7:9b:a9:1c:9d:cd:63:ea:44:0c:
ec:de:4b:27:21:93:ea:a3:f1:ab:c8:06:f0:1a:a4:
9f:62:a7:99:8e:c1:b9:01:ae:21:85:14:b5:73:3f:
d3:3d:38:91:09:c2:ea:04:fd:94:5d:9e:83:11:65:
c3:95:42:fb:f9:0f:62:8e:4c:a8:b6:de:01:0d:f8:
63:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:0F:2E:CA:48:08:63:8B:4E:41:BF:1C:DD:00:7F:A7:B9:A4:D5:76
X509v3 Authority Key Identifier:
keyid:4A:75:FA:95:47:5B:AD:EE:B7:1F:84:4E:0B:0B:44:B6:A8:FE:A9:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SnX6lUdbre63H4ROCwtEtqj-qf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/990595-5157-4036-b601-60843b5bbb81/1/fw8uykgIY4tOQb8c3QB_p7mk1XY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/990595-5157-4036-b601-60843b5bbb81/1/SnX6lUdbre63H4ROCwtEtqj-qf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.160.0/20
91.195.200.0/23
91.196.168.0/22
91.198.27.0/24
91.199.206.0/24
185.138.208.0/22
195.184.64.0/23
IPv6:
2a02:27f8::/32
Signature Algorithm: sha256WithRSAEncryption
53:0c:dd:ce:fb:26:8d:9f:3f:6a:13:07:c0:9c:9d:fe:b6:5e:
56:30:29:c1:a5:6b:69:9b:e3:17:d7:8b:f1:1a:54:31:eb:58:
da:9e:56:05:94:b4:d3:9f:cb:3e:f0:bd:59:4a:ed:08:24:fa:
08:63:05:cc:92:40:05:c5:d8:3d:0f:3b:dd:f1:31:2b:d8:6a:
d7:6e:09:a1:90:ad:d6:1f:01:ed:b3:77:52:f4:10:d8:4f:93:
98:66:8f:31:82:9d:c9:dc:13:7f:49:27:9e:04:99:83:7d:24:
9d:b0:39:1c:a5:56:99:a3:39:9e:bb:b3:76:e5:14:8a:30:b8:
ff:04:ce:70:38:b6:4d:3c:d7:64:a7:7a:0f:ae:85:f2:b3:9d:
62:db:54:78:61:9a:78:58:b2:e1:c1:e5:97:8f:d7:52:03:15:
3f:fd:ad:fc:bb:1c:f2:51:6a:8a:78:a1:1a:ea:79:4d:ed:7d:
d7:38:73:33:3d:b4:ae:7c:84:01:03:24:6d:0d:16:c1:b0:50:
07:d5:8a:7a:6d:07:0e:fa:16:72:95:6d:39:bf:ce:2b:b9:05:
ed:8b:d0:78:bb:37:34:85:da:ef:1c:e6:41:1f:3c:2e:74:bf:
ab:f5:5b:a0:87:7d:30:cc:7b:9c:79:d6:36:68:17:04:08:56:
ce:55:e8:3a
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZJRplfnnvQ5FRBffidwsIeMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNzVmYTk1NDc1YmFkZWViNzFmODQ0ZTBiMGI0NGI2YThm
ZWE5ZmUwHhcNMjQxMDAzMDkxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjBmMmVjYTQ4MDg2MzhiNGU0MWJmMWNkZDAwN2ZhN2I5YTRkNTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Cv4OkA58DXfabXH8imYQV4mUSZh
x7jGavHfAL51uUxXXaz1ezkJdUqCrJQMEj6V+Vq2LIFT3fRODKL7igLQgP/F6HmH
tkDZlu5+lxg5rLsdzNWyV437+vNi57rVn3AAkvwB5Y1yIQho1meWFR19HOXfCmuc
UrtoUTDGWKWZFrxYZvwWNayWzK447xT1brTvTnZCOoiTXA9+WzMeVMV36/rcNaqh
QifpTPcJkN0yXrb4MYhKgKF3UqebqRydzWPqRAzs3ksnIZPqo/GryAbwGqSfYqeZ
jsG5Aa4hhRS1cz/TPTiRCcLqBP2UXZ6DEWXDlUL7+Q9ijkyott4BDfhjSwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFH8PLspICGOLTkG/HN0Af6e5pNV2MB8GA1UdIwQY
MBaAFEp1+pVHW63utx+ETgsLRLao/qn+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU25YNmxVZGJyZTYzSDRST0N3dEV0cWotcWY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy85OTA1OTUtNTE1Ny00MDM2LWI2MDEt
NjA4NDNiNWJiYjgxLzEvZnc4dXlrZ0lZNHRPUWI4YzNRQl9wN21rMVhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy85OTA1OTUtNTE1Ny00MDM2LWI2MDEtNjA4NDNiNWJiYjgx
LzEvU25YNmxVZGJyZTYzSDRST0N3dEV0cWotcWY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQELhWgAwQB
W8PIAwQCW8SoAwQAW8YbAwQAW8fOAwQCuYrQAwQBw7hAMA0EAgACMAcDBQAqAif4
MA0GCSqGSIb3DQEBCwUAA4IBAQBTDN3O+yaNnz9qEwfAnJ3+tl5WMCnBpWtpm+MX
14vxGlQx61janlYFlLTTn8s+8L1ZSu0IJPoIYwXMkkAFxdg9Dzvd8TEr2GrXbgmh
kK3WHwHts3dS9BDYT5OYZo8xgp3J3BN/SSeeBJmDfSSdsDkcpVaZozmeu7N25RSK
MLj/BM5wOLZNPNdkp3oProXys51i21R4YZp4WLLhweWXj9dSAxU//a38uxzyUWqK
eKEa6nlN7X3XOHMzPbSufIQBAyRtDRbBsFAH1Yp6bQcO+hZylW05v84ruQXti9B4
uzc0hdrvHOZBHzwudL+r9Vugh30wzHucedY2aBcECFbOVeg6
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:34:20 2024 by rpki-client on console-ams.rpki-client.org