Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/4429a4-0b36-4ced-846f-e20a654fca95/1/pdS3dsTfvJroC3bJydOxa6e3Nlo.roa
File: pdS3dsTfvJroC3bJydOxa6e3Nlo.roa (raw, json)
Hash identifier: ISqwIuqh0vZj5CyzGV1KGtDMfH4xXhfw2WOT1Q1ra/E=
Subject key identifier: A5:D4:B7:76:C4:DF:BC:9A:E8:0B:76:C9:C9:D3:B1:6B:A7:B7:36:5A
Certificate issuer: /CN=731d9ad404ecdafa70ea9a4c9d10b9801829ea1f
Certificate serial: 018CC4252EBAF530F8071C22687103A41B56
Authority key identifier: 73:1D:9A:D4:04:EC:DA:FA:70:EA:9A:4C:9D:10:B9:80:18:29:EA:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cx2a1ATs2vpw6ppMnRC5gBgp6h8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/4429a4-0b36-4ced-846f-e20a654fca95/1/pdS3dsTfvJroC3bJydOxa6e3Nlo.roa
Signing time: Mon 01 Jan 2024 08:30:20 +0000
ROA not before: Mon 01 Jan 2024 08:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51615
IP address blocks: 46.54.192.0/19 maxlen: 19
46.54.224.0/20 maxlen: 20
46.54.128.0/18 maxlen: 18
2a02:2590::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/4429a4-0b36-4ced-846f-e20a654fca95/1/cx2a1ATs2vpw6ppMnRC5gBgp6h8.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/4429a4-0b36-4ced-846f-e20a654fca95/1/cx2a1ATs2vpw6ppMnRC5gBgp6h8.mft
rsync://rpki.ripe.net/repository/DEFAULT/cx2a1ATs2vpw6ppMnRC5gBgp6h8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:2e:ba:f5:30:f8:07:1c:22:68:71:03:a4:1b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=731d9ad404ecdafa70ea9a4c9d10b9801829ea1f
Validity
Not Before: Jan 1 08:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5d4b776c4dfbc9ae80b76c9c9d3b16ba7b7365a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d4:3d:3a:a7:73:1b:30:d5:00:92:b8:98:e1:
97:d3:5b:c9:d1:da:64:f1:65:bf:88:e1:fa:ef:76:
3c:61:b1:fa:90:23:c8:de:aa:2e:ed:5a:7b:43:e0:
25:3d:67:d6:8f:e9:a3:07:39:ce:23:0c:fe:a4:b2:
11:d8:ff:e2:d7:05:62:fd:89:f7:4a:90:5c:82:4d:
1c:27:f8:71:12:5f:99:73:04:7b:9d:11:eb:e3:b7:
1b:04:a4:b1:dc:e2:cf:01:6b:dc:30:8d:b6:ec:29:
01:58:71:70:c6:04:8a:4c:c5:a8:1d:07:a6:8a:9a:
ec:de:6e:10:25:c3:c2:36:23:76:f4:47:cb:89:88:
1a:a1:5e:fd:74:51:1c:a4:13:22:9a:f9:b8:7e:b5:
8e:e6:52:94:3b:ee:0d:32:1b:63:59:ef:2c:6b:86:
fb:41:c4:75:e3:f7:b0:16:ae:e6:a1:9f:fd:9d:42:
0c:1a:3b:29:ce:ce:aa:23:0e:32:f0:bb:12:18:29:
cd:a9:9b:4e:48:37:88:3e:0f:26:e5:86:d9:1b:7c:
0d:6d:8e:40:ef:b8:37:05:66:ac:0f:9e:0c:a3:be:
25:93:7e:de:11:d7:94:a1:6e:d2:a2:f3:32:29:d0:
03:f7:12:94:ed:b4:64:f9:03:36:8e:24:25:df:e7:
2b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:D4:B7:76:C4:DF:BC:9A:E8:0B:76:C9:C9:D3:B1:6B:A7:B7:36:5A
X509v3 Authority Key Identifier:
keyid:73:1D:9A:D4:04:EC:DA:FA:70:EA:9A:4C:9D:10:B9:80:18:29:EA:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cx2a1ATs2vpw6ppMnRC5gBgp6h8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/4429a4-0b36-4ced-846f-e20a654fca95/1/pdS3dsTfvJroC3bJydOxa6e3Nlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/4429a4-0b36-4ced-846f-e20a654fca95/1/cx2a1ATs2vpw6ppMnRC5gBgp6h8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.54.128.0-46.54.239.255
IPv6:
2a02:2590::/32
Signature Algorithm: sha256WithRSAEncryption
02:53:65:69:14:3c:95:37:52:32:09:6e:4f:c1:4a:09:d7:f0:
a5:5a:18:00:14:22:91:ed:89:9d:a9:52:1e:62:e5:b9:93:01:
34:64:fc:52:25:48:bb:51:c0:c5:75:34:65:27:6e:78:78:67:
2d:b8:52:48:46:07:c3:a7:e1:a6:97:d7:87:e0:e2:3f:6c:6c:
1c:47:b6:b9:f8:5c:82:4d:9a:c5:6c:08:92:92:d3:5f:c8:7b:
da:b7:a8:8f:83:c8:bb:90:ff:1b:1c:5c:3e:bc:68:81:8e:f2:
86:3e:a7:4e:76:18:40:98:2d:f3:61:a7:88:f3:74:ad:40:48:
97:84:83:71:db:89:d3:11:bd:25:be:e1:47:8d:82:6a:17:28:
fd:9b:35:48:27:1e:7e:3b:99:c1:8a:cf:dd:f9:24:f2:f0:a5:
7f:dd:55:45:b2:d1:f4:cc:3e:f1:0e:af:2d:81:e3:4a:eb:0f:
bf:0d:93:e9:5a:33:d3:bb:a9:d2:67:dc:8d:71:06:7d:35:1b:
66:8d:17:95:aa:6f:da:d8:fa:fa:23:0f:d2:4c:9f:f9:31:cb:
9d:2e:d4:7a:61:dc:cd:1f:4f:e8:58:39:50:c9:3b:4d:87:18:
72:e3:7b:54:5a:24:bc:09:6f:06:2b:ae:e2:35:21:14:05:58:
ec:d4:dc:fe
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzEJS669TD4BxwiaHEDpBtWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMWQ5YWQ0MDRlY2RhZmE3MGVhOWE0YzlkMTBiOTgwMTgy
OWVhMWYwHhcNMjQwMTAxMDgzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWQ0Yjc3NmM0ZGZiYzlhZTgwYjc2YzljOWQzYjE2YmE3YjczNjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9Q9OqdzGzDVAJK4mOGX01vJ0dpk
8WW/iOH673Y8YbH6kCPI3qou7Vp7Q+AlPWfWj+mjBznOIwz+pLIR2P/i1wVi/Yn3
SpBcgk0cJ/hxEl+ZcwR7nRHr47cbBKSx3OLPAWvcMI227CkBWHFwxgSKTMWoHQem
iprs3m4QJcPCNiN29EfLiYgaoV79dFEcpBMimvm4frWO5lKUO+4NMhtjWe8sa4b7
QcR14/ewFq7moZ/9nUIMGjspzs6qIw4y8LsSGCnNqZtOSDeIPg8m5YbZG3wNbY5A
77g3BWasD54Mo74lk37eEdeUoW7SovMyKdAD9xKU7bRk+QM2jiQl3+crxQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKXUt3bE37ya6At2ycnTsWuntzZaMB8GA1UdIwQY
MBaAFHMdmtQE7Nr6cOqaTJ0QuYAYKeofMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3gyYTFBVHMydnB3NnBwTW5SQzVnQmdwNmg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80NDI5YTQtMGIzNi00Y2VkLTg0NmYt
ZTIwYTY1NGZjYTk1LzEvcGRTM2RzVGZ2SnJvQzNiSnlkT3hhNmUzTmxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80NDI5YTQtMGIzNi00Y2VkLTg0NmYtZTIwYTY1NGZjYTk1
LzEvY3gyYTFBVHMydnB3NnBwTW5SQzVnQmdwNmg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAcuNoAD
BAQuNuAwDQQCAAIwBwMFACoCJZAwDQYJKoZIhvcNAQELBQADggEBAAJTZWkUPJU3
UjIJbk/BSgnX8KVaGAAUIpHtiZ2pUh5i5bmTATRk/FIlSLtRwMV1NGUnbnh4Zy24
UkhGB8On4aaX14fg4j9sbBxHtrn4XIJNmsVsCJKS01/Ie9q3qI+DyLuQ/xscXD68
aIGO8oY+p052GECYLfNhp4jzdK1ASJeEg3HbidMRvSW+4UeNgmoXKP2bNUgnHn47
mcGKz935JPLwpX/dVUWy0fTMPvEOry2B40rrD78Nk+laM9O7qdJn3I1xBn01G2aN
F5Wqb9rY+vojD9JMn/kxy50u1Hph3M0fT+hYOVDJO02HGHLje1RaJLwJbwYrruI1
IRQFWOzU3P4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:36:11 2024 by rpki-client on console-ams.rpki-client.org