Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/aF8WIPwG_4cP4B1GASJ0_uZpWvU.roa
File: aF8WIPwG_4cP4B1GASJ0_uZpWvU.roa (raw, json)
Hash identifier: sxj2oM310pOcs8tAqDpIERjqA8GRiCqz6issaF+nJvA=
Subject key identifier: 68:5F:16:20:FC:06:FF:87:0F:E0:1D:46:01:22:74:FE:E6:69:5A:F5
Certificate issuer: /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial: 0191FF716CB35DF889272F2DE0BAA056455D
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/aF8WIPwG_4cP4B1GASJ0_uZpWvU.roa
Signing time: Tue 17 Sep 2024 10:05:09 +0000
ROA not before: Tue 17 Sep 2024 10:05:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51759
IP address blocks: 46.36.96.0/24 maxlen: 24
46.36.104.0/24 maxlen: 24
46.36.107.0/24 maxlen: 24
46.36.108.0/24 maxlen: 24
46.36.109.0/24 maxlen: 24
46.36.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:71:6c:b3:5d:f8:89:27:2f:2d:e0:ba:a0:56:45:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Validity
Not Before: Sep 17 10:05:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=685f1620fc06ff870fe01d46012274fee6695af5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e8:44:c4:62:c3:1b:17:da:44:24:48:d0:84:
de:3f:3c:7b:0a:9b:28:91:d6:2c:29:3b:6c:56:4d:
b7:8b:5a:b0:9d:a3:25:56:87:6d:55:d4:5c:34:03:
cf:b7:75:73:5d:67:84:8c:9c:62:c1:70:a4:8a:3d:
17:7e:f0:bc:df:da:68:02:ca:d9:51:6b:73:56:31:
3e:36:bd:73:89:d4:37:93:31:b0:31:db:73:56:a5:
dd:70:61:4f:2c:aa:f5:22:a5:a6:12:28:5a:7e:0a:
9d:8f:32:6d:b6:10:ef:31:f4:08:75:f7:85:d7:fd:
c5:45:ba:32:90:60:6c:eb:09:ff:4a:17:92:26:ea:
7b:cf:df:f8:af:f5:ab:b9:69:b6:a2:da:fc:9b:fb:
a2:b1:66:31:72:eb:e6:56:16:cf:19:69:22:dc:9c:
25:b4:96:9f:4d:af:52:d3:59:3a:9c:4b:3e:07:aa:
db:90:9f:41:34:34:8a:7a:3d:0e:ac:7a:64:3d:11:
81:c2:5e:eb:35:53:ab:ef:b9:4c:93:fb:84:54:f0:
82:dd:9b:20:e9:f6:7d:8c:36:39:4d:25:47:ef:10:
a8:11:d3:56:55:b1:b4:d1:d8:1a:0d:48:1f:81:4c:
7a:86:9a:e2:26:c6:76:39:55:a9:bd:6d:53:e0:f8:
d8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5F:16:20:FC:06:FF:87:0F:E0:1D:46:01:22:74:FE:E6:69:5A:F5
X509v3 Authority Key Identifier:
keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/aF8WIPwG_4cP4B1GASJ0_uZpWvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.96.0/24
46.36.104.0/24
46.36.107.0-46.36.110.255
Signature Algorithm: sha256WithRSAEncryption
3b:3f:e0:52:4d:18:f0:73:4c:7e:8b:88:5b:8f:de:3c:d4:29:
14:0a:f1:ca:56:82:ec:db:8a:3a:12:d6:f7:07:e3:ac:ba:d5:
ab:d8:6b:57:bf:10:86:ad:23:f8:7d:50:d9:bf:34:28:ef:10:
2f:29:50:26:09:b4:69:25:6c:b2:f9:11:f6:7f:e3:8e:cf:52:
9b:7d:98:ee:b9:c4:39:70:63:c2:5c:1f:25:b9:ce:87:43:a9:
60:82:2d:c5:cb:a6:8e:5c:af:89:14:91:02:24:63:9d:c5:7b:
e7:b5:93:ad:c4:36:a8:ea:6f:b5:63:31:46:59:8f:18:2f:ab:
35:0a:df:59:7a:d1:f6:df:4a:6a:45:9e:67:05:dc:27:f6:0a:
a3:31:c4:7c:36:43:73:d4:14:23:c7:57:03:50:b2:57:86:9c:
49:6c:30:56:60:c6:f5:c7:e6:ab:66:a3:fb:60:1c:e1:f5:70:
49:02:0a:b7:bc:47:76:18:86:a8:7c:0f:f3:db:b3:72:7f:23:
38:72:64:77:0a:d1:42:56:4f:66:e7:a8:a2:98:72:04:c9:5f:
83:46:fd:30:a3:5e:47:f9:74:2b:86:99:72:2a:27:dd:60:00:
a3:69:60:f4:0e:ee:2d:3b:3a:97:d2:94:0d:bf:6b:90:d6:ed:
14:95:1a:59
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZH/cWyzXfiJJy8t4LqgVkVdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjQwOTE3MTAwNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODVmMTYyMGZjMDZmZjg3MGZlMDFkNDYwMTIyNzRmZWU2Njk1YWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+hExGLDGxfaRCRI0ITePzx7Cpso
kdYsKTtsVk23i1qwnaMlVodtVdRcNAPPt3VzXWeEjJxiwXCkij0XfvC839poAsrZ
UWtzVjE+Nr1zidQ3kzGwMdtzVqXdcGFPLKr1IqWmEihafgqdjzJtthDvMfQIdfeF
1/3FRboykGBs6wn/SheSJup7z9/4r/WruWm2otr8m/uisWYxcuvmVhbPGWki3Jwl
tJafTa9S01k6nEs+B6rbkJ9BNDSKej0OrHpkPRGBwl7rNVOr77lMk/uEVPCC3Zsg
6fZ9jDY5TSVH7xCoEdNWVbG00dgaDUgfgUx6hpriJsZ2OVWpvW1T4PjY9wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGhfFiD8Bv+HD+AdRgEidP7maVr1MB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEvYUY4V0lQd0dfNGNQNEIxR0FTSjBfdVpwV3ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALiRgAwQA
LiRoMAwDBAAuJGsDBAAuJG4wDQYJKoZIhvcNAQELBQADggEBADs/4FJNGPBzTH6L
iFuP3jzUKRQK8cpWguzbijoS1vcH46y61avYa1e/EIatI/h9UNm/NCjvEC8pUCYJ
tGklbLL5EfZ/447PUpt9mO65xDlwY8JcHyW5zodDqWCCLcXLpo5cr4kUkQIkY53F
e+e1k63ENqjqb7VjMUZZjxgvqzUK31l60fbfSmpFnmcF3Cf2CqMxxHw2Q3PUFCPH
VwNQsleGnElsMFZgxvXH5qtmo/tgHOH1cEkCCre8R3YYhqh8D/Pbs3J/IzhyZHcK
0UJWT2bnqKKYcgTJX4NG/TCjXkf5dCuGmXIqJ91gAKNpYPQO7i07OpfSlA2/a5DW
7RSVGlk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:01:31 2024 by rpki-client on console-ams.rpki-client.org