Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/Snevnmk16oZj7SLsQHP9oTgzvUI.roa
File: Snevnmk16oZj7SLsQHP9oTgzvUI.roa (raw, json)
Hash identifier: y9dAYxd6QfmhRPHkWrNoRXtPMVbvHOw2atOZmLfZWn0=
Subject key identifier: 4A:77:AF:9E:69:35:EA:86:63:ED:22:EC:40:73:FD:A1:38:33:BD:42
Certificate issuer: /CN=40e3953c5cb452f159f8e1505fc702e883657e72
Certificate serial: 018CC500B9C8ADAE6849128AF659F2852BEA
Authority key identifier: 40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/Snevnmk16oZj7SLsQHP9oTgzvUI.roa
Signing time: Mon 01 Jan 2024 12:30:08 +0000
ROA not before: Mon 01 Jan 2024 12:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60261
IP address blocks: 46.183.92.0/24 maxlen: 24
178.79.216.0/24 maxlen: 24
178.79.216.0/23 maxlen: 23
178.79.217.0/24 maxlen: 24
178.249.109.0/24 maxlen: 24
46.183.91.0/24 maxlen: 24
46.183.90.0/24 maxlen: 24
2a02:3d0:a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/QOOVPFy0UvFZ-OFQX8cC6INlfnI.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/QOOVPFy0UvFZ-OFQX8cC6INlfnI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:b9:c8:ad:ae:68:49:12:8a:f6:59:f2:85:2b:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40e3953c5cb452f159f8e1505fc702e883657e72
Validity
Not Before: Jan 1 12:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a77af9e6935ea8663ed22ec4073fda13833bd42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:5c:72:57:d8:f5:4a:e7:bf:8a:f2:cc:1b:c2:
d0:af:b5:a6:aa:5c:0d:eb:1a:38:9d:1b:19:2c:72:
43:e3:ef:78:29:34:0c:98:2f:65:b3:4f:9d:53:53:
09:5f:ee:5c:56:0a:21:b9:e0:78:5f:89:c0:dd:80:
b5:d2:db:43:39:27:78:dd:75:28:56:e1:e8:9b:93:
2c:14:6a:10:db:8a:89:1e:e4:44:5e:34:de:c3:e7:
84:50:15:bb:22:ee:51:a0:10:a9:ab:c1:8f:a8:30:
1c:fe:5d:4e:0d:02:a6:58:94:18:b3:28:05:c4:04:
9a:d7:0f:78:72:9c:83:7b:c3:26:45:67:21:15:77:
2a:b8:04:ef:95:01:07:84:bd:cc:90:49:d3:58:ea:
e5:57:5b:cc:e4:93:fa:36:60:16:e8:87:65:cd:96:
ec:4d:3b:9e:76:d5:2b:7d:21:6c:bf:6a:0d:94:5f:
d0:9e:b4:5e:ac:21:8d:f6:8c:b1:92:c8:fe:3e:da:
1a:2f:02:1c:3c:9a:a9:63:b0:76:db:c9:cd:c7:b9:
a9:9e:23:84:c2:d4:1a:c7:c2:f5:55:40:22:d6:cf:
33:d3:f6:1b:72:3a:95:c5:c9:02:0c:bb:47:8c:b1:
24:55:98:b4:59:f0:02:bc:7e:32:0a:23:26:82:2f:
0d:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:77:AF:9E:69:35:EA:86:63:ED:22:EC:40:73:FD:A1:38:33:BD:42
X509v3 Authority Key Identifier:
keyid:40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/Snevnmk16oZj7SLsQHP9oTgzvUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/QOOVPFy0UvFZ-OFQX8cC6INlfnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.90.0-46.183.92.255
178.79.216.0/23
178.249.109.0/24
IPv6:
2a02:3d0:a::/48
Signature Algorithm: sha256WithRSAEncryption
7d:55:36:ba:39:9b:9e:1e:e8:71:77:b4:7a:5f:dd:1b:57:fd:
6b:67:dc:29:2b:e0:ef:3c:ee:18:a4:49:1f:dd:92:82:af:69:
0f:28:76:ee:bd:38:41:39:9d:b0:27:16:a0:0a:ce:98:a9:b8:
54:eb:29:f8:05:e7:d9:4d:d2:b6:f8:ff:52:02:ea:67:51:91:
ac:c9:2f:0d:90:ec:e9:9e:24:53:53:df:be:69:92:9b:0b:b7:
1b:80:b1:76:3b:92:44:8e:ba:76:b8:19:a7:8a:8c:dc:2d:03:
c2:82:59:88:55:c7:0c:98:b1:34:3e:49:f6:66:4a:16:42:66:
7a:45:6b:29:d6:35:86:e7:41:9f:a2:41:af:a3:61:3a:5d:85:
d5:27:74:57:b3:49:2e:ab:43:5d:a5:a3:08:f1:c6:ac:fc:5d:
72:b7:9a:5b:40:ac:d4:02:05:fb:cc:47:3f:5b:a7:4b:32:6b:
1e:09:08:1e:be:70:db:f6:f3:d3:49:fa:79:61:a3:b5:a3:14:
c7:38:04:f5:ae:16:a5:c6:c3:f5:e8:7b:53:85:f8:86:9a:ef:
c3:f2:ac:7f:80:83:8b:07:d7:01:a3:8f:1d:9b:52:53:2a:20:
93:85:15:c2:a8:4c:5f:7b:03:20:62:cd:8d:6a:46:67:b8:e1:
7f:f6:a7:6a
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYzFALnIra5oSRKK9lnyhSvqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZTM5NTNjNWNiNDUyZjE1OWY4ZTE1MDVmYzcwMmU4ODM2
NTdlNzIwHhcNMjQwMTAxMTIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTc3YWY5ZTY5MzVlYTg2NjNlZDIyZWM0MDczZmRhMTM4MzNiZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8lxyV9j1Sue/ivLMG8LQr7WmqlwN
6xo4nRsZLHJD4+94KTQMmC9ls0+dU1MJX+5cVgohueB4X4nA3YC10ttDOSd43XUo
VuHom5MsFGoQ24qJHuREXjTew+eEUBW7Iu5RoBCpq8GPqDAc/l1ODQKmWJQYsygF
xASa1w94cpyDe8MmRWchFXcquATvlQEHhL3MkEnTWOrlV1vM5JP6NmAW6IdlzZbs
TTuedtUrfSFsv2oNlF/QnrRerCGN9oyxksj+PtoaLwIcPJqpY7B228nNx7mpniOE
wtQax8L1VUAi1s8z0/YbcjqVxckCDLtHjLEkVZi0WfACvH4yCiMmgi8NswIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFEp3r55pNeqGY+0i7EBz/aE4M71CMB8GA1UdIwQY
MBaAFEDjlTxctFLxWfjhUF/HAuiDZX5yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9PVlBGeTBVdkZaLU9GUVg4Y0M2SU5sZm5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83ZDg1MDUtMzg5OS00YTllLThjZjEt
ZmE1YWYzOGRlYjVlLzEvU25ldm5tazE2b1pqN1NMc1FIUDlvVGd6dlVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi83ZDg1MDUtMzg5OS00YTllLThjZjEtZmE1YWYzOGRlYjVl
LzEvUU9PVlBGeTBVdkZaLU9GUVg4Y0M2SU5sZm5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaMAwDBAEut1oD
BAAut1wDBAGyT9gDBACy+W0wDwQCAAIwCQMHACoCA9AACjANBgkqhkiG9w0BAQsF
AAOCAQEAfVU2ujmbnh7ocXe0el/dG1f9a2fcKSvg7zzuGKRJH92Sgq9pDyh27r04
QTmdsCcWoArOmKm4VOsp+AXn2U3Stvj/UgLqZ1GRrMkvDZDs6Z4kU1PfvmmSmwu3
G4CxdjuSRI66drgZp4qM3C0DwoJZiFXHDJixND5J9mZKFkJmekVrKdY1hudBn6JB
r6NhOl2F1Sd0V7NJLqtDXaWjCPHGrPxdcreaW0Cs1AIF+8xHP1unSzJrHgkIHr5w
2/bz00n6eWGjtaMUxzgE9a4WpcbD9eh7U4X4hprvw/Ksf4CDiwfXAaOPHZtSUyog
k4UVwqhMX3sDIGLNjWpGZ7jhf/anag==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:45:45 2024 by rpki-client on console-ams.rpki-client.org