Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/6568c6-7dd8-441a-802f-63abf6198f58/1/Rt7gy4_Hj72oWc1Rif3LlsXwpl8.roa
File: Rt7gy4_Hj72oWc1Rif3LlsXwpl8.roa (raw, json)
Hash identifier: oVq6YKsbdIJZ1e5OP8EV9Gm1nLyNeGzknR0Zd/B6kpY=
Subject key identifier: 46:DE:E0:CB:8F:C7:8F:BD:A8:59:CD:51:89:FD:CB:96:C5:F0:A6:5F
Certificate issuer: /CN=f77390fc61608c01785d1a80685ae9e56a5b2583
Certificate serial: 018CC64AFE230C982A3F7A26CEF4DE672068
Authority key identifier: F7:73:90:FC:61:60:8C:01:78:5D:1A:80:68:5A:E9:E5:6A:5B:25:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93OQ_GFgjAF4XRqAaFrp5WpbJYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/6568c6-7dd8-441a-802f-63abf6198f58/1/Rt7gy4_Hj72oWc1Rif3LlsXwpl8.roa
Signing time: Mon 01 Jan 2024 18:30:52 +0000
ROA not before: Mon 01 Jan 2024 18:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57024
IP address blocks: 146.0.24.0/24 maxlen: 24
2a01:9680::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/6568c6-7dd8-441a-802f-63abf6198f58/1/93OQ_GFgjAF4XRqAaFrp5WpbJYM.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/6568c6-7dd8-441a-802f-63abf6198f58/1/93OQ_GFgjAF4XRqAaFrp5WpbJYM.mft
rsync://rpki.ripe.net/repository/DEFAULT/93OQ_GFgjAF4XRqAaFrp5WpbJYM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 01:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:fe:23:0c:98:2a:3f:7a:26:ce:f4:de:67:20:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77390fc61608c01785d1a80685ae9e56a5b2583
Validity
Not Before: Jan 1 18:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46dee0cb8fc78fbda859cd5189fdcb96c5f0a65f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:39:86:3a:5a:24:28:a4:25:ed:3c:46:20:59:
c4:e0:ac:d6:52:ea:67:bf:75:e1:05:55:70:95:d1:
a6:da:8c:b0:ec:f5:ba:fd:e6:88:db:3f:d1:2e:d0:
74:e0:9f:54:35:89:4d:8b:d5:66:6d:b9:fa:de:3e:
23:5b:da:c7:a0:4a:b5:5a:1c:d6:92:83:c2:0e:9f:
7f:d8:5c:f4:b0:d5:dc:88:bc:c6:65:a8:50:c8:c1:
a8:eb:cc:67:30:d0:8f:16:08:bb:62:48:32:00:f2:
ba:df:ed:ae:97:34:24:82:df:6a:c3:c6:92:02:03:
d2:a8:7a:2a:ed:8a:59:56:fa:30:cd:da:93:db:68:
a4:c4:6c:3f:1b:2e:69:91:12:b7:bb:6d:ec:b2:99:
2b:b7:d6:2a:ef:29:ad:6f:e4:c6:d3:56:1b:f5:b3:
7d:33:e3:cd:44:f7:41:b7:44:a3:84:f6:7f:b5:87:
58:17:fc:01:c0:69:b7:4f:c0:0c:b3:84:38:4c:01:
c8:76:e1:9f:cf:d1:2c:a6:78:98:fb:6f:5c:c6:1d:
5e:47:24:38:8e:25:03:14:58:04:50:4a:78:8d:08:
d8:95:45:6c:01:13:22:2b:4d:ba:5c:66:49:15:a8:
27:02:ba:8a:1e:5a:58:02:70:bb:cf:c6:15:21:e9:
19:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:DE:E0:CB:8F:C7:8F:BD:A8:59:CD:51:89:FD:CB:96:C5:F0:A6:5F
X509v3 Authority Key Identifier:
keyid:F7:73:90:FC:61:60:8C:01:78:5D:1A:80:68:5A:E9:E5:6A:5B:25:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93OQ_GFgjAF4XRqAaFrp5WpbJYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/6568c6-7dd8-441a-802f-63abf6198f58/1/Rt7gy4_Hj72oWc1Rif3LlsXwpl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/6568c6-7dd8-441a-802f-63abf6198f58/1/93OQ_GFgjAF4XRqAaFrp5WpbJYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.0.24.0/24
IPv6:
2a01:9680::/32
Signature Algorithm: sha256WithRSAEncryption
5d:45:2e:5f:47:92:22:28:2d:8f:76:5f:f7:95:1a:82:f8:ed:
2e:da:7c:04:2a:d1:0e:52:f8:a1:34:1c:25:de:7c:cf:d3:58:
ac:ba:6e:59:85:56:67:c1:30:ac:e9:3a:e9:0a:30:ea:20:53:
f7:6e:6b:4c:07:05:4b:78:21:56:03:b9:70:ee:59:60:f8:3f:
17:ef:f5:3f:bf:83:bd:37:65:e2:7b:28:ef:a0:d3:a3:8b:cb:
d7:56:39:cb:5d:61:6e:7c:70:ba:ce:57:95:9c:90:16:24:69:
b2:56:3b:c3:c1:bf:7a:d0:24:08:56:4c:fe:6f:92:33:e6:f8:
27:57:04:8d:87:fd:7f:e3:35:52:a7:88:ad:79:96:92:d9:8a:
18:67:fc:09:de:b2:ba:18:f0:b3:76:e5:f2:60:a2:c3:7b:3c:
08:bf:b1:e9:3a:13:ac:ba:6d:e2:ba:c9:27:a5:6d:dd:42:25:
a4:5d:f9:56:ae:38:6a:3e:45:ce:49:56:ba:0a:d0:3a:e1:9d:
e4:47:36:78:b2:90:56:9a:a9:11:73:2e:5c:ee:19:3d:e1:ca:
33:6c:fb:33:79:a9:ce:0d:2b:38:fc:85:d7:c2:bd:2d:15:66:
a7:9c:e1:8e:70:0f:4f:f2:79:65:c2:d4:ed:92:a8:26:fa:01:
69:49:f0:1b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGSv4jDJgqP3omzvTeZyBoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzM5MGZjNjE2MDhjMDE3ODVkMWE4MDY4NWFlOWU1NmE1
YjI1ODMwHhcNMjQwMTAxMTgzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmRlZTBjYjhmYzc4ZmJkYTg1OWNkNTE4OWZkY2I5NmM1ZjBhNjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjmGOlokKKQl7TxGIFnE4KzWUupn
v3XhBVVwldGm2oyw7PW6/eaI2z/RLtB04J9UNYlNi9Vmbbn63j4jW9rHoEq1WhzW
koPCDp9/2Fz0sNXciLzGZahQyMGo68xnMNCPFgi7YkgyAPK63+2ulzQkgt9qw8aS
AgPSqHoq7YpZVvowzdqT22ikxGw/Gy5pkRK3u23sspkrt9Yq7ymtb+TG01Yb9bN9
M+PNRPdBt0SjhPZ/tYdYF/wBwGm3T8AMs4Q4TAHIduGfz9EspniY+29cxh1eRyQ4
jiUDFFgEUEp4jQjYlUVsARMiK026XGZJFagnArqKHlpYAnC7z8YVIekZ1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEbe4MuPx4+9qFnNUYn9y5bF8KZfMB8GA1UdIwQY
MBaAFPdzkPxhYIwBeF0agGha6eVqWyWDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNPUV9HRmdqQUY0WFJxQWFGcnA1V3BiSllNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy82NTY4YzYtN2RkOC00NDFhLTgwMmYt
NjNhYmY2MTk4ZjU4LzEvUnQ3Z3k0X0hqNzJvV2MxUmlmM0xsc1h3cGw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy82NTY4YzYtN2RkOC00NDFhLTgwMmYtNjNhYmY2MTk4ZjU4
LzEvOTNPUV9HRmdqQUY0WFJxQWFGcnA1V3BiSllNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAkgAYMA0E
AgACMAcDBQAqAZaAMA0GCSqGSIb3DQEBCwUAA4IBAQBdRS5fR5IiKC2Pdl/3lRqC
+O0u2nwEKtEOUvihNBwl3nzP01isum5ZhVZnwTCs6TrpCjDqIFP3bmtMBwVLeCFW
A7lw7llg+D8X7/U/v4O9N2XieyjvoNOji8vXVjnLXWFufHC6zleVnJAWJGmyVjvD
wb960CQIVkz+b5Iz5vgnVwSNh/1/4zVSp4iteZaS2YoYZ/wJ3rK6GPCzduXyYKLD
ezwIv7HpOhOsum3iusknpW3dQiWkXflWrjhqPkXOSVa6CtA64Z3kRzZ4spBWmqkR
cy5c7hk94cozbPszeanODSs4/IXXwr0tFWannOGOcA9P8nllwtTtkqgm+gFpSfAb
-----END CERTIFICATE-----
Generated at Sat May 18 05:46:42 2024 by rpki-client on console-ams.rpki-client.org