Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/4429a4-0b36-4ced-846f-e20a654fca95/1/5o7FBj9yC-G9HKVW34zwkDPlwSo.roa
File: 5o7FBj9yC-G9HKVW34zwkDPlwSo.roa (raw, json)
Hash identifier: AAQ4Fv9mPYmSP1ub/2yep3nOS8rnK4PAo4f1nIe4kqE=
Subject key identifier: E6:8E:C5:06:3F:72:0B:E1:BD:1C:A5:56:DF:8C:F0:90:33:E5:C1:2A
Certificate issuer: /CN=731d9ad404ecdafa70ea9a4c9d10b9801829ea1f
Certificate serial: 018CC4252E8BF443B2BD86257F9A677B85F9
Authority key identifier: 73:1D:9A:D4:04:EC:DA:FA:70:EA:9A:4C:9D:10:B9:80:18:29:EA:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cx2a1ATs2vpw6ppMnRC5gBgp6h8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/4429a4-0b36-4ced-846f-e20a654fca95/1/5o7FBj9yC-G9HKVW34zwkDPlwSo.roa
Signing time: Mon 01 Jan 2024 08:30:20 +0000
ROA not before: Mon 01 Jan 2024 08:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24631
IP address blocks: 46.54.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/4429a4-0b36-4ced-846f-e20a654fca95/1/cx2a1ATs2vpw6ppMnRC5gBgp6h8.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/4429a4-0b36-4ced-846f-e20a654fca95/1/cx2a1ATs2vpw6ppMnRC5gBgp6h8.mft
rsync://rpki.ripe.net/repository/DEFAULT/cx2a1ATs2vpw6ppMnRC5gBgp6h8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:2e:8b:f4:43:b2:bd:86:25:7f:9a:67:7b:85:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=731d9ad404ecdafa70ea9a4c9d10b9801829ea1f
Validity
Not Before: Jan 1 08:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e68ec5063f720be1bd1ca556df8cf09033e5c12a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3b:f5:a3:e6:65:78:92:9e:db:27:2d:58:d1:
e0:87:da:16:6e:43:66:34:24:0b:39:42:10:b4:95:
16:1c:07:49:bb:72:43:fe:9c:14:88:60:09:2e:a1:
91:fc:4b:2c:32:b4:7c:24:91:69:3e:73:0c:64:67:
b4:52:58:7d:83:10:80:60:22:d5:85:75:65:78:d7:
24:fa:64:96:1e:62:34:48:b6:fd:1c:98:52:42:89:
bd:b4:75:2f:8d:10:37:16:0f:e3:71:8f:8f:ca:39:
1a:53:f7:8b:f5:e7:c6:a7:f1:a0:67:68:97:68:53:
a4:bd:5b:2d:fd:bf:f8:43:e2:0f:d7:8d:cb:de:9b:
ad:ff:54:87:0b:81:e1:67:ee:ac:81:99:a8:8c:27:
65:1c:a5:17:3d:d4:09:5c:34:c3:71:be:45:ef:5f:
29:95:dd:89:ac:1e:ae:67:58:e0:71:5b:3a:32:75:
39:c4:67:df:bc:bc:c4:64:0e:60:cc:c3:e9:59:fb:
3d:60:af:29:f9:89:91:07:f4:57:19:ee:b8:30:67:
8e:86:80:95:88:a2:a9:a9:2f:02:81:67:0a:59:4b:
62:7d:30:15:f9:51:63:03:f2:6f:c9:30:93:00:fe:
e1:1a:45:ab:d5:2c:7f:01:5a:bb:68:97:a6:6f:d6:
b0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:8E:C5:06:3F:72:0B:E1:BD:1C:A5:56:DF:8C:F0:90:33:E5:C1:2A
X509v3 Authority Key Identifier:
keyid:73:1D:9A:D4:04:EC:DA:FA:70:EA:9A:4C:9D:10:B9:80:18:29:EA:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cx2a1ATs2vpw6ppMnRC5gBgp6h8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/4429a4-0b36-4ced-846f-e20a654fca95/1/5o7FBj9yC-G9HKVW34zwkDPlwSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/4429a4-0b36-4ced-846f-e20a654fca95/1/cx2a1ATs2vpw6ppMnRC5gBgp6h8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.54.139.0/24
Signature Algorithm: sha256WithRSAEncryption
29:22:15:6a:e1:64:dc:04:8f:a1:9d:9f:b9:d8:ce:e4:4b:28:
f2:b9:b8:73:f9:a3:e6:98:bc:2f:99:47:1b:b4:c4:d0:ba:d0:
4a:5a:b0:a3:18:30:11:11:96:03:fc:7b:80:23:66:8a:c7:83:
7b:79:aa:09:18:5b:fe:c8:fa:7e:d2:ad:4a:7b:c6:5a:99:24:
e1:1b:01:a3:30:8d:e5:8c:ba:6b:fd:4d:68:cc:19:5d:48:48:
64:ce:4a:39:4b:17:b2:f7:4f:be:5b:f7:63:7b:01:ab:d6:a7:
40:6a:3b:9d:60:b6:4d:30:72:d8:68:54:c4:71:10:f5:90:1e:
c5:38:3d:66:26:c0:47:dc:09:d7:ae:d5:97:7c:65:d9:64:b9:
ca:ca:24:77:26:3b:24:ed:fc:f9:60:b7:cc:3b:23:a1:62:f0:
fc:af:bd:3a:a6:7e:b1:df:48:e9:e3:05:1c:e9:8b:04:87:ae:
24:d5:0e:a8:75:21:81:0b:86:c4:97:7e:73:2f:50:2a:a8:7e:
56:f7:f2:27:0a:ae:81:fa:86:ad:bf:e0:63:21:6c:9a:c3:a9:
af:a1:15:17:68:36:d2:7b:70:01:75:56:cb:9e:ea:76:7a:45:
72:f4:9d:71:fa:94:60:ce:45:34:37:1e:33:6b:4a:b4:6a:38:
5d:90:12:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJS6L9EOyvYYlf5pne4X5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMWQ5YWQ0MDRlY2RhZmE3MGVhOWE0YzlkMTBiOTgwMTgy
OWVhMWYwHhcNMjQwMTAxMDgzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjhlYzUwNjNmNzIwYmUxYmQxY2E1NTZkZjhjZjA5MDMzZTVjMTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjv1o+ZleJKe2yctWNHgh9oWbkNm
NCQLOUIQtJUWHAdJu3JD/pwUiGAJLqGR/EssMrR8JJFpPnMMZGe0Ulh9gxCAYCLV
hXVleNck+mSWHmI0SLb9HJhSQom9tHUvjRA3Fg/jcY+PyjkaU/eL9efGp/GgZ2iX
aFOkvVst/b/4Q+IP143L3put/1SHC4HhZ+6sgZmojCdlHKUXPdQJXDTDcb5F718p
ld2JrB6uZ1jgcVs6MnU5xGffvLzEZA5gzMPpWfs9YK8p+YmRB/RXGe64MGeOhoCV
iKKpqS8CgWcKWUtifTAV+VFjA/JvyTCTAP7hGkWr1Sx/AVq7aJemb9awIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOaOxQY/cgvhvRylVt+M8JAz5cEqMB8GA1UdIwQY
MBaAFHMdmtQE7Nr6cOqaTJ0QuYAYKeofMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3gyYTFBVHMydnB3NnBwTW5SQzVnQmdwNmg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80NDI5YTQtMGIzNi00Y2VkLTg0NmYt
ZTIwYTY1NGZjYTk1LzEvNW83RkJqOXlDLUc5SEtWVzM0endrRFBsd1NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80NDI5YTQtMGIzNi00Y2VkLTg0NmYtZTIwYTY1NGZjYTk1
LzEvY3gyYTFBVHMydnB3NnBwTW5SQzVnQmdwNmg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALjaLMA0G
CSqGSIb3DQEBCwUAA4IBAQApIhVq4WTcBI+hnZ+52M7kSyjyubhz+aPmmLwvmUcb
tMTQutBKWrCjGDAREZYD/HuAI2aKx4N7eaoJGFv+yPp+0q1Ke8ZamSThGwGjMI3l
jLpr/U1ozBldSEhkzko5Sxey90++W/djewGr1qdAajudYLZNMHLYaFTEcRD1kB7F
OD1mJsBH3AnXrtWXfGXZZLnKyiR3Jjsk7fz5YLfMOyOhYvD8r706pn6x30jp4wUc
6YsEh64k1Q6odSGBC4bEl35zL1AqqH5W9/InCq6B+oatv+BjIWyaw6mvoRUXaDbS
e3ABdVbLnup2ekVy9J1x+pRgzkU0Nx4za0q0ajhdkBLK
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:40:10 2024 by rpki-client on console-ams.rpki-client.org