Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/4mnyKmSV8kyoZDf4KGc8BcVkFEY.roa
File: 4mnyKmSV8kyoZDf4KGc8BcVkFEY.roa (raw, json)
Hash identifier: Tb0E1fByUgUuWFMK+84pznYsjJ2c2rg/Sp3Y9PBr31I=
Subject key identifier: E2:69:F2:2A:64:95:F2:4C:A8:64:37:F8:28:67:3C:05:C5:64:14:46
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 018CC492DECD957C15401F2A456D554E278A
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/4mnyKmSV8kyoZDf4KGc8BcVkFEY.roa
Signing time: Mon 01 Jan 2024 10:30:08 +0000
ROA not before: Mon 01 Jan 2024 10:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59962
IP address blocks: 46.209.32.0/21 maxlen: 24
46.209.168.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 May 2024 05:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:de:cd:95:7c:15:40:1f:2a:45:6d:55:4e:27:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 10:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e269f22a6495f24ca86437f828673c05c5641446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1a:76:19:24:2c:b5:40:d0:d5:5c:af:34:36:
3c:ca:47:ae:78:ec:86:fc:3e:79:13:58:bd:b8:33:
a7:c5:95:c5:2c:b2:cb:bb:05:f7:88:d9:3f:6f:28:
5f:4f:77:86:cf:18:fc:85:a3:b7:28:80:03:33:7a:
14:e9:2f:1a:d6:6d:3f:4c:1f:3f:e0:d3:21:a0:91:
64:0e:97:dd:d6:f4:75:47:17:fa:cd:c4:96:59:f0:
1f:38:29:e1:be:47:cf:5b:f3:51:2f:62:20:d2:f4:
b1:ec:aa:46:41:0f:09:02:0d:96:da:7b:56:64:54:
3e:ef:7e:14:56:1a:6d:31:f2:b9:f1:fe:02:b2:cc:
60:30:de:e5:1d:03:ac:56:7b:2f:f0:8b:02:1c:14:
e5:a7:49:74:d5:b2:8d:a6:4a:2e:ee:a6:3f:a1:cf:
ff:2b:9b:e9:a1:03:ed:6b:2e:5c:a4:1e:4c:52:28:
5c:39:cd:e2:e4:c2:5c:8c:a3:cf:5f:ea:ca:12:ad:
21:ed:62:6e:9e:84:0f:33:b2:3c:37:b4:be:61:61:
4d:1c:75:46:a2:91:5a:04:05:a0:a1:89:6c:49:59:
73:66:22:58:82:46:50:63:25:56:ec:4d:1d:a0:69:
c4:c9:d8:bb:4f:ed:5f:67:0f:9e:2b:63:70:21:22:
19:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:69:F2:2A:64:95:F2:4C:A8:64:37:F8:28:67:3C:05:C5:64:14:46
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/4mnyKmSV8kyoZDf4KGc8BcVkFEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.209.32.0/21
46.209.168.0/21
Signature Algorithm: sha256WithRSAEncryption
11:e3:2f:28:1c:1c:b1:fb:ed:95:2b:a0:73:ea:c3:6b:62:40:
4e:e2:ed:c6:e9:d9:23:c0:40:08:ef:95:06:55:ac:f9:6d:cb:
dd:85:5e:f0:a0:c3:3a:b2:7e:9f:f1:e0:fb:d3:13:29:f0:90:
21:63:0c:1f:76:1b:15:5c:81:f3:b5:0a:33:8e:20:0c:d4:d6:
e4:c7:e8:ac:fa:1d:19:bd:75:ec:ab:06:09:47:e8:57:e6:fc:
88:86:8f:67:24:03:6a:c4:2d:2f:5d:05:46:90:9b:bc:bf:8e:
eb:2e:83:ee:77:6b:80:a4:36:36:1b:df:5d:d0:f9:1e:d5:d7:
c9:86:5b:75:a0:f0:53:5a:dc:bd:a1:36:b9:77:7a:f4:dd:cd:
33:f9:19:cc:2f:8d:3b:b7:8c:29:aa:dc:c0:eb:34:65:72:f7:
36:73:3b:d8:aa:48:ad:1b:54:29:73:ac:41:93:aa:e9:9e:98:
d0:fd:e4:2c:d4:7b:1d:61:58:1c:c7:96:70:0a:11:56:53:a4:
7d:4a:71:3d:78:48:c3:57:51:b6:5c:7c:7d:44:70:59:e3:8e:
d6:42:18:5f:f0:f2:f2:b6:94:58:84:3e:58:ea:af:26:6d:55:
13:e8:f0:a0:09:4e:ca:2d:24:0a:9a:56:c9:58:ba:c0:60:f1:
ac:bb:f3:73
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEkt7NlXwVQB8qRW1VTieKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjQwMTAxMTAzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjY5ZjIyYTY0OTVmMjRjYTg2NDM3ZjgyODY3M2MwNWM1NjQxNDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxp2GSQstUDQ1VyvNDY8ykeueOyG
/D55E1i9uDOnxZXFLLLLuwX3iNk/byhfT3eGzxj8haO3KIADM3oU6S8a1m0/TB8/
4NMhoJFkDpfd1vR1Rxf6zcSWWfAfOCnhvkfPW/NRL2Ig0vSx7KpGQQ8JAg2W2ntW
ZFQ+734UVhptMfK58f4CssxgMN7lHQOsVnsv8IsCHBTlp0l01bKNpkou7qY/oc//
K5vpoQPtay5cpB5MUihcOc3i5MJcjKPPX+rKEq0h7WJunoQPM7I8N7S+YWFNHHVG
opFaBAWgoYlsSVlzZiJYgkZQYyVW7E0doGnEydi7T+1fZw+eK2NwISIZ9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOJp8ipklfJMqGQ3+ChnPAXFZBRGMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvNG1ueUttU1Y4a3lvWkRmNEtHYzhCY1ZrRkVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLtEgAwQD
LtGoMA0GCSqGSIb3DQEBCwUAA4IBAQAR4y8oHByx++2VK6Bz6sNrYkBO4u3G6dkj
wEAI75UGVaz5bcvdhV7woMM6sn6f8eD70xMp8JAhYwwfdhsVXIHztQozjiAM1Nbk
x+is+h0ZvXXsqwYJR+hX5vyIho9nJANqxC0vXQVGkJu8v47rLoPud2uApDY2G99d
0Pke1dfJhlt1oPBTWty9oTa5d3r03c0z+RnML407t4wpqtzA6zRlcvc2czvYqkit
G1Qpc6xBk6rpnpjQ/eQs1HsdYVgcx5ZwChFWU6R9SnE9eEjDV1G2XHx9RHBZ447W
Qhhf8PLytpRYhD5Y6q8mbVUT6PCgCU7KLSQKmlbJWLrAYPGsu/Nz
-----END CERTIFICATE-----
Generated at Thu May 30 08:31:05 2024 by rpki-client on console-ams.rpki-client.org