Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/afcf64-0051-4da7-9b12-50e333384669/1/jIuq4bHs7cglQF3FSlGy5eZYBY0.roa
File: jIuq4bHs7cglQF3FSlGy5eZYBY0.roa (raw, json)
Hash identifier: GcuJ44M9z2r8HjZijB7ADwqXfKmxK6NA7MQWczCv9nk=
Subject key identifier: 8C:8B:AA:E1:B1:EC:ED:C8:25:40:5D:C5:4A:51:B2:E5:E6:58:05:8D
Certificate issuer: /CN=c811029686b2c80a7f0460b6c6ef1b9086728097
Certificate serial: 018F34396736C71067692725160B73FF4FE1
Authority key identifier: C8:11:02:96:86:B2:C8:0A:7F:04:60:B6:C6:EF:1B:90:86:72:80:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yBECloayyAp_BGC2xu8bkIZygJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/afcf64-0051-4da7-9b12-50e333384669/1/jIuq4bHs7cglQF3FSlGy5eZYBY0.roa
Signing time: Wed 01 May 2024 12:55:28 +0000
ROA not before: Wed 01 May 2024 12:55:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57740
IP address blocks: 46.235.0.0/24 maxlen: 24
46.235.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/afcf64-0051-4da7-9b12-50e333384669/1/yBECloayyAp_BGC2xu8bkIZygJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/afcf64-0051-4da7-9b12-50e333384669/1/yBECloayyAp_BGC2xu8bkIZygJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/yBECloayyAp_BGC2xu8bkIZygJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:34:39:67:36:c7:10:67:69:27:25:16:0b:73:ff:4f:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c811029686b2c80a7f0460b6c6ef1b9086728097
Validity
Not Before: May 1 12:55:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c8baae1b1ecedc825405dc54a51b2e5e658058d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:6b:65:e5:b9:b1:bb:8c:43:09:05:25:37:7d:
cf:5d:ed:2d:af:44:55:ad:08:f3:4d:2c:07:28:ff:
12:c1:d5:f3:ea:a5:26:ab:7e:7f:e7:2b:15:3e:16:
9f:41:01:6a:c1:53:74:34:b3:2b:8a:2f:60:4f:7f:
29:f6:bb:b1:e8:eb:29:ae:6d:d1:7f:b8:fd:7e:d3:
94:18:2b:07:8b:71:53:a5:f0:0f:db:d0:bc:87:f2:
96:22:40:86:01:08:c5:3e:03:75:ff:54:47:04:7f:
3a:3c:b3:25:0d:de:db:50:1e:28:ac:a9:09:b0:88:
03:c9:18:8e:e0:eb:9f:95:f8:3a:bb:f4:5c:25:53:
89:d4:31:6b:a8:36:06:2c:b5:2c:8c:c1:28:46:91:
ac:36:7e:bf:66:df:41:f1:cf:88:18:6e:8a:b1:af:
0d:29:53:0c:76:37:cb:b5:6a:1e:31:0c:fa:b1:5e:
04:5b:fc:73:e8:ce:de:02:b1:39:6b:ff:d8:06:5b:
bb:76:91:93:f1:91:37:62:f1:bb:de:91:e4:f1:9b:
e9:0d:85:40:01:50:3c:cb:82:85:a2:b9:42:b5:27:
53:94:0a:8c:28:df:0a:34:a3:35:16:6b:e6:c3:e2:
63:4d:83:5c:29:65:3d:ff:be:f1:f5:22:f3:39:73:
80:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:8B:AA:E1:B1:EC:ED:C8:25:40:5D:C5:4A:51:B2:E5:E6:58:05:8D
X509v3 Authority Key Identifier:
keyid:C8:11:02:96:86:B2:C8:0A:7F:04:60:B6:C6:EF:1B:90:86:72:80:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yBECloayyAp_BGC2xu8bkIZygJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/afcf64-0051-4da7-9b12-50e333384669/1/jIuq4bHs7cglQF3FSlGy5eZYBY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/afcf64-0051-4da7-9b12-50e333384669/1/yBECloayyAp_BGC2xu8bkIZygJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.0.0/24
46.235.3.0/24
Signature Algorithm: sha256WithRSAEncryption
61:3d:1c:f1:25:b7:73:b2:7a:86:c5:a0:69:98:34:b4:db:3b:
96:32:da:8b:c3:62:13:f4:14:f2:06:85:2c:e5:b8:3f:9f:8e:
36:98:82:f5:c8:73:d6:28:c8:f8:35:e6:46:dc:dd:63:db:80:
2b:d9:c6:03:35:00:ea:9d:f8:cb:95:b5:34:b9:86:82:c1:5c:
87:52:60:d2:55:64:19:c5:d8:c8:85:58:35:6b:5a:82:fa:ef:
46:49:cb:69:5c:cc:c5:0f:c1:93:7b:7d:7f:a7:d9:d4:15:78:
0d:f5:79:5c:f6:ce:fe:13:c1:66:bf:88:33:c3:41:9f:9f:78:
6a:c2:36:b3:8c:95:af:7c:36:57:02:15:45:19:45:2a:da:11:
8c:93:fd:59:34:d9:21:a6:02:1b:8f:67:fe:bb:3e:2b:e9:36:
cc:7a:e6:b2:23:ac:75:36:2d:e0:46:06:e4:f5:2a:a2:1f:b3:
b7:41:dd:10:d7:ad:4f:d7:6d:32:91:d8:aa:60:fd:07:6c:b9:
35:6e:f9:77:f7:ca:23:da:8c:82:0c:e0:4a:b9:5b:6a:5b:82:
54:d3:66:be:4b:d1:4f:ff:81:d5:46:d1:ed:af:3d:8e:9f:46:
6d:a9:f2:f9:98:43:ae:90:c8:e0:3b:d3:98:5c:c6:76:74:4e:
19:93:c9:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY80OWc2xxBnaSclFgtz/0/hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MTEwMjk2ODZiMmM4MGE3ZjA0NjBiNmM2ZWYxYjkwODY3
MjgwOTcwHhcNMjQwNTAxMTI1NTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzhiYWFlMWIxZWNlZGM4MjU0MDVkYzU0YTUxYjJlNWU2NTgwNThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Wtl5bmxu4xDCQUlN33PXe0tr0RV
rQjzTSwHKP8SwdXz6qUmq35/5ysVPhafQQFqwVN0NLMrii9gT38p9rux6Osprm3R
f7j9ftOUGCsHi3FTpfAP29C8h/KWIkCGAQjFPgN1/1RHBH86PLMlDd7bUB4orKkJ
sIgDyRiO4Ouflfg6u/RcJVOJ1DFrqDYGLLUsjMEoRpGsNn6/Zt9B8c+IGG6Ksa8N
KVMMdjfLtWoeMQz6sV4EW/xz6M7eArE5a//YBlu7dpGT8ZE3YvG73pHk8ZvpDYVA
AVA8y4KForlCtSdTlAqMKN8KNKM1Fmvmw+JjTYNcKWU9/77x9SLzOXOAxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIyLquGx7O3IJUBdxUpRsuXmWAWNMB8GA1UdIwQY
MBaAFMgRApaGssgKfwRgtsbvG5CGcoCXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUJFQ2xvYXl5QXBfQkdDMnh1OGJrSVp5Z0pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hZmNmNjQtMDA1MS00ZGE3LTliMTIt
NTBlMzMzMzg0NjY5LzEvakl1cTRiSHM3Y2dsUUYzRlNsR3k1ZVpZQlkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hZmNmNjQtMDA1MS00ZGE3LTliMTItNTBlMzMzMzg0NjY5
LzEveUJFQ2xvYXl5QXBfQkdDMnh1OGJrSVp5Z0pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALusAAwQA
LusDMA0GCSqGSIb3DQEBCwUAA4IBAQBhPRzxJbdzsnqGxaBpmDS02zuWMtqLw2IT
9BTyBoUs5bg/n442mIL1yHPWKMj4NeZG3N1j24Ar2cYDNQDqnfjLlbU0uYaCwVyH
UmDSVWQZxdjIhVg1a1qC+u9GSctpXMzFD8GTe31/p9nUFXgN9Xlc9s7+E8Fmv4gz
w0Gfn3hqwjazjJWvfDZXAhVFGUUq2hGMk/1ZNNkhpgIbj2f+uz4r6TbMeuayI6x1
Ni3gRgbk9SqiH7O3Qd0Q161P120ykdiqYP0HbLk1bvl398oj2oyCDOBKuVtqW4JU
02a+S9FP/4HVRtHtrz2On0ZtqfL5mEOukMjgO9OYXMZ2dE4Zk8mN
-----END CERTIFICATE-----
Generated at Sat Jun 1 15:46:09 2024 by rpki-client on console-fra.rpki-client.org