Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3d579f-815a-446e-8ed9-d16691ad69fa/1/b-XYmyoT0ZOJx7YA5WZt2fVIDF4.roa
File: b-XYmyoT0ZOJx7YA5WZt2fVIDF4.roa (raw, json)
Hash identifier: 1Si6TomVoubzsw6YbQqT5Y4IenCfeNMwcTQXCDrETnc=
Subject key identifier: 6F:E5:D8:9B:2A:13:D1:93:89:C7:B6:00:E5:66:6D:D9:F5:48:0C:5E
Certificate issuer: /CN=480aaeb53792d520169bce280c3dd86f8376ec63
Certificate serial: 018CC80175C4098BABE816E51A106FBA8651
Authority key identifier: 48:0A:AE:B5:37:92:D5:20:16:9B:CE:28:0C:3D:D8:6F:83:76:EC:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAqutTeS1SAWm84oDD3Yb4N27GM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3d579f-815a-446e-8ed9-d16691ad69fa/1/b-XYmyoT0ZOJx7YA5WZt2fVIDF4.roa
Signing time: Tue 02 Jan 2024 02:29:48 +0000
ROA not before: Tue 02 Jan 2024 02:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197403
IP address blocks: 46.28.152.0/24 maxlen: 24
46.28.152.0/21 maxlen: 21
46.28.155.0/24 maxlen: 24
46.28.158.0/24 maxlen: 24
46.28.159.0/24 maxlen: 24
46.28.153.0/24 maxlen: 24
46.28.156.0/24 maxlen: 24
46.28.154.0/24 maxlen: 24
46.28.157.0/24 maxlen: 24
2a00:7840::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/3d579f-815a-446e-8ed9-d16691ad69fa/1/SAqutTeS1SAWm84oDD3Yb4N27GM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/3d579f-815a-446e-8ed9-d16691ad69fa/1/SAqutTeS1SAWm84oDD3Yb4N27GM.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAqutTeS1SAWm84oDD3Yb4N27GM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:75:c4:09:8b:ab:e8:16:e5:1a:10:6f:ba:86:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=480aaeb53792d520169bce280c3dd86f8376ec63
Validity
Not Before: Jan 2 02:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fe5d89b2a13d19389c7b600e5666dd9f5480c5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8e:b5:55:e9:dd:fb:2b:65:b0:97:79:26:5f:
cf:4f:d2:c3:b3:53:59:36:43:1e:64:10:e1:e6:e4:
58:1f:7c:04:8e:4f:04:23:51:56:39:38:cb:44:ef:
2d:db:cc:f0:8e:5b:c2:96:06:6e:27:02:98:16:3f:
8d:35:0e:61:d3:d9:fb:45:e6:c5:ac:9f:8a:28:84:
8a:5a:0c:8c:10:1f:fb:e1:87:9a:c0:f8:d1:4d:52:
5c:37:e3:12:e5:5c:96:65:fb:49:7b:c4:44:a7:8d:
01:84:f5:24:81:6c:57:c2:b2:9e:9e:f0:b3:bd:f8:
44:a8:d6:8b:c6:5a:26:e0:6a:be:d8:db:71:17:f1:
47:91:1d:e1:ae:18:87:a8:af:2c:dd:2f:dc:45:64:
42:b2:52:dd:52:2f:1c:d9:aa:87:84:08:ad:62:b3:
56:c0:bc:2b:2b:1e:dc:ab:e2:6d:e0:ab:83:44:a3:
d6:62:a4:51:ec:f4:f6:9d:a7:f8:c9:8a:3e:89:bb:
56:c8:01:48:e9:b3:0b:2a:ef:52:28:10:4a:40:bd:
40:0d:c4:35:6e:f7:f6:87:73:60:2a:97:d7:6f:af:
80:ca:10:59:f5:7f:a5:9b:3b:49:31:af:d2:cc:31:
ca:20:01:43:ed:66:a3:9d:05:7f:a3:47:c0:d7:2a:
11:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:E5:D8:9B:2A:13:D1:93:89:C7:B6:00:E5:66:6D:D9:F5:48:0C:5E
X509v3 Authority Key Identifier:
keyid:48:0A:AE:B5:37:92:D5:20:16:9B:CE:28:0C:3D:D8:6F:83:76:EC:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAqutTeS1SAWm84oDD3Yb4N27GM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3d579f-815a-446e-8ed9-d16691ad69fa/1/b-XYmyoT0ZOJx7YA5WZt2fVIDF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3d579f-815a-446e-8ed9-d16691ad69fa/1/SAqutTeS1SAWm84oDD3Yb4N27GM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.152.0/21
IPv6:
2a00:7840::/32
Signature Algorithm: sha256WithRSAEncryption
82:bf:a6:80:01:e0:a1:e4:5e:1a:d2:99:72:d0:2d:95:15:61:
c7:5b:1d:5f:43:05:e3:ca:9a:5e:32:44:87:96:9f:a5:06:94:
79:04:5f:4c:a6:56:65:c9:d5:ad:97:0d:ff:5d:65:e3:9b:34:
26:90:b9:a3:5e:18:73:31:e3:3d:ef:b4:ac:f8:ab:27:37:2c:
4b:e3:d9:ce:cb:2b:50:06:81:be:d5:6e:24:6c:e8:9e:7a:0d:
ff:d4:98:a1:a7:17:db:73:7a:09:64:6e:90:0e:91:78:c9:82:
5b:d7:76:ae:9f:2b:4c:df:a7:95:4e:67:d4:ec:f4:7c:9e:6b:
d1:ee:78:91:82:e4:00:cf:98:59:07:cd:e8:85:cb:b9:f3:5b:
08:9b:b1:87:10:57:f2:e2:93:7a:1f:83:04:74:5c:52:8d:aa:
b3:44:06:84:ca:93:c8:1a:57:4e:1a:54:75:ac:13:8d:e1:be:
6c:aa:0d:85:d2:96:e0:94:59:55:4d:68:64:41:e5:48:53:42:
27:e4:f9:e3:a7:0b:b1:18:7b:48:34:36:51:ff:d4:f2:8a:d0:
06:b8:7d:ed:aa:20:09:f6:50:c6:11:c7:8f:76:84:0b:77:ae:
a4:e6:94:54:fc:f0:1f:93:4d:c9:24:80:fd:a7:ec:17:be:4b:
75:99:29:1b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAXXECYur6BblGhBvuoZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MGFhZWI1Mzc5MmQ1MjAxNjliY2UyODBjM2RkODZmODM3
NmVjNjMwHhcNMjQwMTAyMDIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmU1ZDg5YjJhMTNkMTkzODljN2I2MDBlNTY2NmRkOWY1NDgwYzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuY61Vend+ytlsJd5Jl/PT9LDs1NZ
NkMeZBDh5uRYH3wEjk8EI1FWOTjLRO8t28zwjlvClgZuJwKYFj+NNQ5h09n7RebF
rJ+KKISKWgyMEB/74YeawPjRTVJcN+MS5VyWZftJe8REp40BhPUkgWxXwrKenvCz
vfhEqNaLxlom4Gq+2NtxF/FHkR3hrhiHqK8s3S/cRWRCslLdUi8c2aqHhAitYrNW
wLwrKx7cq+Jt4KuDRKPWYqRR7PT2naf4yYo+ibtWyAFI6bMLKu9SKBBKQL1ADcQ1
bvf2h3NgKpfXb6+AyhBZ9X+lmztJMa/SzDHKIAFD7WajnQV/o0fA1yoRQQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG/l2JsqE9GTice2AOVmbdn1SAxeMB8GA1UdIwQY
MBaAFEgKrrU3ktUgFpvOKAw92G+DduxjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FxdXRUZVMxU0FXbTg0b0REM1liNE4yN0dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zZDU3OWYtODE1YS00NDZlLThlZDkt
ZDE2NjkxYWQ2OWZhLzEvYi1YWW15b1QwWk9KeDdZQTVXWnQyZlZJREY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zZDU3OWYtODE1YS00NDZlLThlZDktZDE2NjkxYWQ2OWZh
LzEvU0FxdXRUZVMxU0FXbTg0b0REM1liNE4yN0dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLhyYMA0E
AgACMAcDBQAqAHhAMA0GCSqGSIb3DQEBCwUAA4IBAQCCv6aAAeCh5F4a0ply0C2V
FWHHWx1fQwXjyppeMkSHlp+lBpR5BF9MplZlydWtlw3/XWXjmzQmkLmjXhhzMeM9
77Ss+KsnNyxL49nOyytQBoG+1W4kbOieeg3/1Jihpxfbc3oJZG6QDpF4yYJb13au
nytM36eVTmfU7PR8nmvR7niRguQAz5hZB83ohcu581sIm7GHEFfy4pN6H4MEdFxS
jaqzRAaEypPIGldOGlR1rBON4b5sqg2F0pbglFlVTWhkQeVIU0In5PnjpwuxGHtI
NDZR/9TyitAGuH3tqiAJ9lDGEcePdoQLd66k5pRU/PAfk03JJID9p+wXvkt1mSkb
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:37:42 2024 by rpki-client on console-fra.rpki-client.org