Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/607721-00ff-4581-80e5-6fa84402d6a0/1/CJuMNFIiBS1vwPm4DobHua8w-10.roa
File: CJuMNFIiBS1vwPm4DobHua8w-10.roa (raw, json)
Hash identifier: WkRHl/jd/siB+I0EHC4EViKlSraXZqc8SAjUP14/2jU=
Subject key identifier: 08:9B:8C:34:52:22:05:2D:6F:C0:F9:B8:0E:86:C7:B9:AF:30:FB:5D
Certificate issuer: /CN=7c86f13a9b721cd1869fbb974ee53d90022eaa2c
Certificate serial: 018CC64B32AB4EB84D8D3878FB6C03654638
Authority key identifier: 7C:86:F1:3A:9B:72:1C:D1:86:9F:BB:97:4E:E5:3D:90:02:2E:AA:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fIbxOptyHNGGn7uXTuU9kAIuqiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/607721-00ff-4581-80e5-6fa84402d6a0/1/CJuMNFIiBS1vwPm4DobHua8w-10.roa
Signing time: Mon 01 Jan 2024 18:31:06 +0000
ROA not before: Mon 01 Jan 2024 18:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44887
IP address blocks: 185.46.165.0/24 maxlen: 24
2a14:3e00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/607721-00ff-4581-80e5-6fa84402d6a0/1/fIbxOptyHNGGn7uXTuU9kAIuqiw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/607721-00ff-4581-80e5-6fa84402d6a0/1/fIbxOptyHNGGn7uXTuU9kAIuqiw.mft
rsync://rpki.ripe.net/repository/DEFAULT/fIbxOptyHNGGn7uXTuU9kAIuqiw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:32:ab:4e:b8:4d:8d:38:78:fb:6c:03:65:46:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c86f13a9b721cd1869fbb974ee53d90022eaa2c
Validity
Not Before: Jan 1 18:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=089b8c345222052d6fc0f9b80e86c7b9af30fb5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:99:89:06:62:84:0c:1e:4d:3a:95:5f:a4:dc:
77:25:fc:d3:d6:67:5d:dd:3f:d6:3e:e0:d6:6a:62:
25:84:db:e7:ae:0b:61:3b:51:ff:33:32:17:ac:29:
ff:75:a4:90:4d:86:50:8e:33:e7:f9:c7:4d:7f:8a:
a5:15:5a:93:d9:a2:cc:f3:93:25:c4:cd:00:87:3f:
66:05:aa:32:2a:c2:08:7a:09:59:2d:e8:73:49:cc:
1f:3f:b4:e5:2e:c3:67:3e:6d:5c:08:27:b7:eb:6b:
d8:0e:9e:aa:3a:f1:27:94:cf:d2:06:7d:f9:fb:f2:
b5:f2:58:f4:90:51:7e:03:93:c0:86:92:05:82:ae:
07:b3:fe:86:cc:9e:40:fc:47:9c:02:90:c2:6f:33:
a6:b0:1d:35:99:2f:d6:98:cb:4a:c9:6a:b3:4e:38:
c6:3c:8c:81:6f:59:f0:e2:f6:0e:6f:57:af:1c:be:
8c:b9:59:bc:b0:e6:3b:7b:61:a2:16:85:33:96:ac:
43:6e:27:0b:ee:99:02:ee:5e:75:d1:68:c1:39:72:
44:fc:ad:ec:24:8c:bc:f8:a4:eb:78:94:e5:be:85:
33:50:14:c5:1e:04:89:6a:91:1a:d9:34:7c:41:e3:
53:0c:af:71:98:c5:bc:f6:c5:db:0d:69:40:09:0b:
82:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:9B:8C:34:52:22:05:2D:6F:C0:F9:B8:0E:86:C7:B9:AF:30:FB:5D
X509v3 Authority Key Identifier:
keyid:7C:86:F1:3A:9B:72:1C:D1:86:9F:BB:97:4E:E5:3D:90:02:2E:AA:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fIbxOptyHNGGn7uXTuU9kAIuqiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/607721-00ff-4581-80e5-6fa84402d6a0/1/CJuMNFIiBS1vwPm4DobHua8w-10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/607721-00ff-4581-80e5-6fa84402d6a0/1/fIbxOptyHNGGn7uXTuU9kAIuqiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.165.0/24
IPv6:
2a14:3e00::/29
Signature Algorithm: sha256WithRSAEncryption
5d:fb:07:b7:41:a0:40:ea:cd:e2:21:f1:57:6d:18:35:f7:9c:
9e:cf:a5:ff:ab:a0:30:e6:fb:85:c9:9a:70:b8:22:db:18:ec:
90:35:ab:6b:d8:a7:66:4b:5d:90:19:f4:5b:f3:9b:b9:00:89:
6f:4d:94:8f:29:50:67:8f:db:98:11:f0:75:19:3a:be:84:3e:
24:0b:5c:1b:94:84:8f:2f:ab:95:1f:35:f9:92:52:a8:fc:f6:
32:24:dd:26:ae:00:5a:11:bb:77:02:ab:d8:68:6f:87:34:99:
2f:69:8f:29:1f:6f:07:1b:24:49:e5:dc:3c:6a:90:6d:41:9c:
d8:d5:d1:5d:58:bf:28:52:8c:0a:06:67:1a:ae:5a:af:71:09:
a2:b0:ea:6c:dc:4d:11:fd:2e:d7:06:1c:45:76:49:41:f4:43:
33:9e:ef:11:04:3f:fe:1f:a2:9f:02:03:67:81:41:46:b8:3d:
d7:7f:b6:8f:5e:6c:67:d1:af:e6:25:19:6a:b5:a7:f2:11:2a:
a2:a6:7b:6d:ef:b5:bb:06:d6:92:62:19:4a:96:31:b4:ed:cc:
cb:80:59:fa:04:74:e6:17:26:c6:ce:71:3e:08:a2:0a:90:85:
ae:72:48:d6:07:c0:71:51:53:ad:33:1c:34:c3:93:e7:91:bf:
d5:32:04:08
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGSzKrTrhNjTh4+2wDZUY4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjODZmMTNhOWI3MjFjZDE4NjlmYmI5NzRlZTUzZDkwMDIy
ZWFhMmMwHhcNMjQwMTAxMTgzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODliOGMzNDUyMjIwNTJkNmZjMGY5YjgwZTg2YzdiOWFmMzBmYjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJmJBmKEDB5NOpVfpNx3JfzT1mdd
3T/WPuDWamIlhNvnrgthO1H/MzIXrCn/daSQTYZQjjPn+cdNf4qlFVqT2aLM85Ml
xM0Ahz9mBaoyKsIIeglZLehzScwfP7TlLsNnPm1cCCe362vYDp6qOvEnlM/SBn35
+/K18lj0kFF+A5PAhpIFgq4Hs/6GzJ5A/EecApDCbzOmsB01mS/WmMtKyWqzTjjG
PIyBb1nw4vYOb1evHL6MuVm8sOY7e2GiFoUzlqxDbicL7pkC7l510WjBOXJE/K3s
JIy8+KTreJTlvoUzUBTFHgSJapEa2TR8QeNTDK9xmMW89sXbDWlACQuCBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAibjDRSIgUtb8D5uA6Gx7mvMPtdMB8GA1UdIwQY
MBaAFHyG8TqbchzRhp+7l07lPZACLqosMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZklieE9wdHlITkdHbjd1WFR1VTlrQUl1cWl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi82MDc3MjEtMDBmZi00NTgxLTgwZTUt
NmZhODQ0MDJkNmEwLzEvQ0p1TU5GSWlCUzF2d1BtNERvYkh1YTh3LTEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi82MDc3MjEtMDBmZi00NTgxLTgwZTUtNmZhODQ0MDJkNmEw
LzEvZklieE9wdHlITkdHbjd1WFR1VTlrQUl1cWl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuS6lMA0E
AgACMAcDBQMqFD4AMA0GCSqGSIb3DQEBCwUAA4IBAQBd+we3QaBA6s3iIfFXbRg1
95yez6X/q6Aw5vuFyZpwuCLbGOyQNatr2KdmS12QGfRb85u5AIlvTZSPKVBnj9uY
EfB1GTq+hD4kC1wblISPL6uVHzX5klKo/PYyJN0mrgBaEbt3AqvYaG+HNJkvaY8p
H28HGyRJ5dw8apBtQZzY1dFdWL8oUowKBmcarlqvcQmisOps3E0R/S7XBhxFdklB
9EMznu8RBD/+H6KfAgNngUFGuD3Xf7aPXmxn0a/mJRlqtafyESqipntt77W7BtaS
YhlKljG07czLgFn6BHTmFybGznE+CKIKkIWuckjWB8BxUVOtMxw0w5Pnkb/VMgQI
-----END CERTIFICATE-----
Generated at Sun Sep 29 00:10:31 2024 by rpki-client on console-fra.rpki-client.org