Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/CwN9B3EAPHbQXwCvAayQAR4ImCo.roa
File: CwN9B3EAPHbQXwCvAayQAR4ImCo.roa (raw, json)
Hash identifier: 1kauc/KUGn3wer90jNwazwvYOAny5BdHE60TeIX1h64=
Subject key identifier: 0B:03:7D:07:71:00:3C:76:D0:5F:00:AF:01:AC:90:01:1E:08:98:2A
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 018CC492D48A39FB65154459A70F16A5DCFB
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/CwN9B3EAPHbQXwCvAayQAR4ImCo.roa
Signing time: Mon 01 Jan 2024 10:30:06 +0000
ROA not before: Mon 01 Jan 2024 10:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47843
IP address blocks: 46.209.145.0/24 maxlen: 24
46.209.146.0/24 maxlen: 24
46.209.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:d4:8a:39:fb:65:15:44:59:a7:0f:16:a5:dc:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 10:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b037d0771003c76d05f00af01ac90011e08982a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:30:50:e8:60:22:0b:db:30:18:81:ac:15:bc:
fb:b0:95:f4:ad:5e:3e:98:ba:9b:03:af:b4:07:f8:
23:ce:ec:84:0d:ec:a7:76:ad:5a:f3:5f:b0:85:a3:
e4:e1:44:5a:c8:6e:4c:1f:fc:0a:aa:2d:fa:40:cc:
d2:dc:8b:49:5a:5b:85:18:6b:8a:c7:01:df:5c:d5:
6e:66:68:db:e4:52:d4:14:2c:05:8c:29:0c:06:15:
9b:01:09:f0:b5:06:b5:1d:64:63:e5:19:90:aa:76:
5c:e4:61:2f:07:68:e3:e1:17:12:c5:a8:01:a6:ec:
1e:cc:74:61:0e:cf:72:0c:55:06:93:0e:5e:06:5f:
4f:da:65:4e:31:cd:ee:57:ad:31:29:38:34:63:20:
35:a2:84:b1:1a:d2:15:8b:ba:02:a2:b6:ad:43:8d:
6f:50:4a:1a:f3:f1:32:ae:e0:5c:0a:a3:e1:bd:7e:
a3:7e:50:e1:78:55:17:0d:b6:7c:75:06:9f:0c:3e:
00:57:42:f5:6c:42:40:9e:e8:68:b8:6b:1d:d9:8a:
e3:9d:d7:f5:a3:a1:15:fb:a2:9a:2a:5b:8f:37:b3:
98:be:4b:ad:fc:fc:62:3f:cb:68:1d:b2:cc:fe:0d:
79:9e:e6:0f:91:f6:28:d6:c5:8e:06:12:8b:0e:2a:
d7:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:03:7D:07:71:00:3C:76:D0:5F:00:AF:01:AC:90:01:1E:08:98:2A
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/CwN9B3EAPHbQXwCvAayQAR4ImCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.209.145.0-46.209.147.255
Signature Algorithm: sha256WithRSAEncryption
65:0d:bf:df:c3:bb:b1:ff:77:21:2a:64:4e:c5:ea:8d:bb:3b:
46:22:4d:44:d6:6a:ee:65:db:3f:89:1b:ae:9a:76:6c:36:32:
90:f5:3f:dd:84:75:e6:36:c3:d2:bc:11:93:0c:9a:25:ee:b0:
96:6c:ea:28:1f:2e:ad:60:e0:c6:3b:6a:93:fa:50:86:dd:b1:
e4:84:09:2d:57:07:1c:cc:a7:b3:5b:1d:4e:5c:aa:99:a7:b2:
ea:ad:92:11:53:50:12:a4:60:a8:8e:37:65:b6:b9:e8:b9:47:
27:c3:39:e9:0e:13:87:c6:20:ad:25:72:89:88:e0:4c:b4:8e:
10:cc:40:98:8c:2f:76:98:b8:f7:b6:4d:d6:e2:1e:be:a7:a6:
83:be:60:c0:e7:ff:31:2e:28:45:31:ee:03:0b:b3:4e:d3:77:
3c:4d:f4:3b:e9:47:63:f3:5f:3e:de:85:21:1b:b2:a6:48:ba:
2b:a6:dd:cf:e6:96:7a:17:61:98:9c:d1:96:e6:53:35:05:7a:
65:cb:18:9d:a9:ff:a3:4d:14:59:f9:59:91:34:3c:bc:de:75:
19:0b:b8:40:b5:37:58:04:01:6a:c0:9e:cb:54:61:2b:21:d1:
34:46:65:9c:f6:b5:f2:71:51:9e:c8:29:e1:fa:c3:0b:13:d1:
7c:15:8f:4b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzEktSKOftlFURZpw8Wpdz7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjQwMTAxMTAzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjAzN2QwNzcxMDAzYzc2ZDA1ZjAwYWYwMWFjOTAwMTFlMDg5ODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTBQ6GAiC9swGIGsFbz7sJX0rV4+
mLqbA6+0B/gjzuyEDeyndq1a81+whaPk4URayG5MH/wKqi36QMzS3ItJWluFGGuK
xwHfXNVuZmjb5FLUFCwFjCkMBhWbAQnwtQa1HWRj5RmQqnZc5GEvB2jj4RcSxagB
puwezHRhDs9yDFUGkw5eBl9P2mVOMc3uV60xKTg0YyA1ooSxGtIVi7oCoratQ41v
UEoa8/EyruBcCqPhvX6jflDheFUXDbZ8dQafDD4AV0L1bEJAnuhouGsd2Yrjndf1
o6EV+6KaKluPN7OYvkut/PxiP8toHbLM/g15nuYPkfYo1sWOBhKLDirXlwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAsDfQdxADx20F8ArwGskAEeCJgqMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvQ3dOOUIzRUFQSGJRWHdDdkFheVFBUjRJbUNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAu0ZED
BAIu0ZAwDQYJKoZIhvcNAQELBQADggEBAGUNv9/Du7H/dyEqZE7F6o27O0YiTUTW
au5l2z+JG66admw2MpD1P92EdeY2w9K8EZMMmiXusJZs6igfLq1g4MY7apP6UIbd
seSECS1XBxzMp7NbHU5cqpmnsuqtkhFTUBKkYKiON2W2uei5RyfDOekOE4fGIK0l
comI4Ey0jhDMQJiML3aYuPe2TdbiHr6npoO+YMDn/zEuKEUx7gMLs07TdzxN9Dvp
R2PzXz7ehSEbsqZIuium3c/mlnoXYZic0ZbmUzUFemXLGJ2p/6NNFFn5WZE0PLze
dRkLuEC1N1gEAWrAnstUYSsh0TRGZZz2tfJxUZ7IKeH6wwsT0XwVj0s=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:02:25 2024 by rpki-client on console-ams.rpki-client.org