Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/afcf64-0051-4da7-9b12-50e333384669/1/fRtPNG2b1ooVK9r_BiTFYcg8ChA.roa
File: fRtPNG2b1ooVK9r_BiTFYcg8ChA.roa (raw, json)
Hash identifier: GR/gRm8/nCYUe0r64zdMxij9YWK+X7ZccxWvKgMndaE=
Subject key identifier: 7D:1B:4F:34:6D:9B:D6:8A:15:2B:DA:FF:06:24:C5:61:C8:3C:0A:10
Certificate issuer: /CN=c811029686b2c80a7f0460b6c6ef1b9086728097
Certificate serial: 018F341A47C84F254A17AAB61910714A6FAF
Authority key identifier: C8:11:02:96:86:B2:C8:0A:7F:04:60:B6:C6:EF:1B:90:86:72:80:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yBECloayyAp_BGC2xu8bkIZygJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/afcf64-0051-4da7-9b12-50e333384669/1/fRtPNG2b1ooVK9r_BiTFYcg8ChA.roa
Signing time: Wed 01 May 2024 12:21:28 +0000
ROA not before: Wed 01 May 2024 12:21:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202013
IP address blocks: 46.235.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/afcf64-0051-4da7-9b12-50e333384669/1/yBECloayyAp_BGC2xu8bkIZygJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/afcf64-0051-4da7-9b12-50e333384669/1/yBECloayyAp_BGC2xu8bkIZygJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/yBECloayyAp_BGC2xu8bkIZygJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 09:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:34:1a:47:c8:4f:25:4a:17:aa:b6:19:10:71:4a:6f:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c811029686b2c80a7f0460b6c6ef1b9086728097
Validity
Not Before: May 1 12:21:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d1b4f346d9bd68a152bdaff0624c561c83c0a10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4c:b7:1c:b3:3c:48:23:18:63:e2:c5:bc:82:
72:06:dc:df:da:10:e2:d4:46:ba:6e:32:2c:b7:ff:
22:3c:52:4c:59:d0:63:29:88:34:c8:78:63:1c:22:
72:93:18:ff:59:87:fe:e5:dd:e0:f0:80:5c:61:dc:
81:7f:a0:54:d4:78:98:8c:d1:65:42:78:73:48:76:
8a:db:8a:ee:d8:f1:8c:5f:43:b6:fc:01:a0:53:d2:
bf:ef:85:b2:45:ed:4d:25:0a:8c:94:44:ba:ab:6b:
52:2f:79:31:8e:3d:4d:8c:cc:6f:3b:0d:7f:83:9a:
0a:fd:67:07:35:6c:6e:f7:b7:2a:ef:9f:63:47:2c:
a0:55:7d:a6:ca:b9:57:ac:68:f2:3c:bc:84:04:64:
6b:c6:c4:ce:37:e2:6a:70:d2:0f:e8:06:70:78:c7:
b5:3b:02:0c:fc:06:79:fe:ef:e6:0a:79:0b:6f:1d:
af:05:18:0a:43:d1:a0:16:ad:64:a3:49:b8:14:8a:
76:17:4c:e2:47:18:7f:95:e5:35:cb:78:35:13:76:
37:65:3f:51:2b:38:b8:6b:09:a7:b9:d1:e9:8d:7e:
55:6d:9b:f3:9f:fb:d1:ed:d5:58:c6:b7:80:34:4b:
f6:c6:ca:2e:c4:c1:5e:de:da:c9:63:71:50:a7:f9:
0a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:1B:4F:34:6D:9B:D6:8A:15:2B:DA:FF:06:24:C5:61:C8:3C:0A:10
X509v3 Authority Key Identifier:
keyid:C8:11:02:96:86:B2:C8:0A:7F:04:60:B6:C6:EF:1B:90:86:72:80:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yBECloayyAp_BGC2xu8bkIZygJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/afcf64-0051-4da7-9b12-50e333384669/1/fRtPNG2b1ooVK9r_BiTFYcg8ChA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/afcf64-0051-4da7-9b12-50e333384669/1/yBECloayyAp_BGC2xu8bkIZygJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.7.0/24
Signature Algorithm: sha256WithRSAEncryption
29:7a:d1:e5:55:73:19:72:ec:fb:06:9a:63:a5:2b:df:ac:a0:
e4:e6:de:36:48:1c:6b:b4:f0:07:b1:d8:45:d9:e4:7a:50:6c:
2b:6b:7c:99:4e:de:07:32:3f:cd:b2:a4:1b:fe:16:20:f4:bf:
78:b6:a4:25:c6:47:1c:17:0d:3d:5d:a1:09:b8:12:a4:bb:fa:
d2:57:b7:47:b5:ee:12:39:69:8a:09:c4:51:d0:fb:57:5f:d3:
5b:6a:0d:f3:2f:a1:67:51:dc:08:ee:d0:31:ed:0e:a4:17:4a:
d2:45:6f:59:73:e5:04:ac:bf:ee:04:bd:f9:f4:b1:b1:49:49:
55:a4:2a:0d:b9:b2:bd:45:8a:65:1d:fa:41:9a:e7:06:e9:e0:
f6:b1:08:2b:b8:21:ed:27:da:2e:7c:17:fd:27:cf:5a:70:f6:
c6:4b:eb:95:70:d6:f1:66:1e:be:ae:93:96:7b:50:f3:bf:7f:
5e:92:b6:41:db:74:6f:64:66:0e:96:e0:b2:d0:3a:3c:6b:34:
4e:7b:7c:ff:e5:59:1a:cf:75:10:14:41:62:28:94:f3:a0:e2:
61:f3:55:11:30:ab:0f:a4:6a:dc:bd:6d:d9:59:2e:5d:5f:8c:
1a:8f:a5:8d:e7:19:bd:34:97:1c:1b:b6:17:ac:bc:68:98:28:
55:23:89:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY80GkfITyVKF6q2GRBxSm+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MTEwMjk2ODZiMmM4MGE3ZjA0NjBiNmM2ZWYxYjkwODY3
MjgwOTcwHhcNMjQwNTAxMTIyMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDFiNGYzNDZkOWJkNjhhMTUyYmRhZmYwNjI0YzU2MWM4M2MwYTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUy3HLM8SCMYY+LFvIJyBtzf2hDi
1Ea6bjIst/8iPFJMWdBjKYg0yHhjHCJykxj/WYf+5d3g8IBcYdyBf6BU1HiYjNFl
QnhzSHaK24ru2PGMX0O2/AGgU9K/74WyRe1NJQqMlES6q2tSL3kxjj1NjMxvOw1/
g5oK/WcHNWxu97cq759jRyygVX2myrlXrGjyPLyEBGRrxsTON+JqcNIP6AZweMe1
OwIM/AZ5/u/mCnkLbx2vBRgKQ9GgFq1ko0m4FIp2F0ziRxh/leU1y3g1E3Y3ZT9R
Kzi4awmnudHpjX5VbZvzn/vR7dVYxreANEv2xsouxMFe3trJY3FQp/kKkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH0bTzRtm9aKFSva/wYkxWHIPAoQMB8GA1UdIwQY
MBaAFMgRApaGssgKfwRgtsbvG5CGcoCXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUJFQ2xvYXl5QXBfQkdDMnh1OGJrSVp5Z0pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hZmNmNjQtMDA1MS00ZGE3LTliMTIt
NTBlMzMzMzg0NjY5LzEvZlJ0UE5HMmIxb29WSzlyX0JpVEZZY2c4Q2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hZmNmNjQtMDA1MS00ZGE3LTliMTItNTBlMzMzMzg0NjY5
LzEveUJFQ2xvYXl5QXBfQkdDMnh1OGJrSVp5Z0pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALusHMA0G
CSqGSIb3DQEBCwUAA4IBAQApetHlVXMZcuz7BppjpSvfrKDk5t42SBxrtPAHsdhF
2eR6UGwra3yZTt4HMj/NsqQb/hYg9L94tqQlxkccFw09XaEJuBKku/rSV7dHte4S
OWmKCcRR0PtXX9Nbag3zL6FnUdwI7tAx7Q6kF0rSRW9Zc+UErL/uBL359LGxSUlV
pCoNubK9RYplHfpBmucG6eD2sQgruCHtJ9oufBf9J89acPbGS+uVcNbxZh6+rpOW
e1Dzv39ekrZB23RvZGYOluCy0Do8azROe3z/5Vkaz3UQFEFiKJTzoOJh81URMKsP
pGrcvW3ZWS5dX4waj6WN5xm9NJccG7YXrLxomChVI4lG
-----END CERTIFICATE-----
Generated at Tue Nov 26 14:31:33 2024 by rpki-client on console-ams.rpki-client.org