Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/aG7r0THwy7cpiTVAbkGnEdeJrF0.roa
File: aG7r0THwy7cpiTVAbkGnEdeJrF0.roa (raw, json)
Hash identifier: IGn0+oYSuQejqTsO0SICiVzVVPQPPdWXi5jh1dD83J4=
Subject key identifier: 68:6E:EB:D1:31:F0:CB:B7:29:89:35:40:6E:41:A7:11:D7:89:AC:5D
Certificate issuer: /CN=844a1791cb07f1d86123c63dc3adcfd754db101b
Certificate serial: 018CC3B674143C8A27D862006B546EED1670
Authority key identifier: 84:4A:17:91:CB:07:F1:D8:61:23:C6:3D:C3:AD:CF:D7:54:DB:10:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/aG7r0THwy7cpiTVAbkGnEdeJrF0.roa
Signing time: Mon 01 Jan 2024 06:29:23 +0000
ROA not before: Mon 01 Jan 2024 06:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35624
IP address blocks: 185.46.84.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:74:14:3c:8a:27:d8:62:00:6b:54:6e:ed:16:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844a1791cb07f1d86123c63dc3adcfd754db101b
Validity
Not Before: Jan 1 06:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=686eebd131f0cbb7298935406e41a711d789ac5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:86:c6:b6:50:2b:7f:82:80:ba:dc:f9:bf:83:
a7:09:5d:c0:05:e0:29:d2:ab:13:0e:52:90:f8:62:
8e:95:44:ec:ca:cf:f2:3d:7b:db:31:a7:ca:91:6f:
61:09:0d:5b:f4:3d:a4:cd:27:ce:9f:dd:6f:5c:3a:
62:7b:67:dc:e2:ea:79:02:72:77:33:ad:25:75:2b:
25:15:ec:81:55:4d:97:be:0c:07:93:ed:26:41:22:
75:f4:5d:49:8d:5f:7a:e3:1a:a1:88:58:ea:5b:8b:
c9:5b:38:96:4e:0b:2b:8d:9a:b0:e9:67:84:1d:bd:
56:40:7d:ee:68:07:9c:88:61:fa:8d:3d:3a:c5:4d:
9d:f1:a2:f6:e5:65:c1:73:f3:6f:5f:2a:2e:1e:4e:
19:e9:c1:e7:46:41:27:8e:88:8b:29:71:8a:e1:4d:
f4:2f:7b:92:24:83:81:b6:15:f3:be:48:78:5d:bf:
80:27:da:5c:c3:d4:4f:14:6e:d6:b8:9b:1f:7f:0b:
a0:a9:82:15:22:da:a9:cc:39:8e:39:2c:45:32:0f:
a2:8a:be:66:20:05:c2:d2:78:8d:79:d7:db:27:f3:
aa:54:e5:ba:97:97:1a:0d:c2:43:51:08:69:a2:ee:
42:35:e5:1c:59:0f:1e:bb:2c:1b:b4:02:f8:10:78:
50:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:6E:EB:D1:31:F0:CB:B7:29:89:35:40:6E:41:A7:11:D7:89:AC:5D
X509v3 Authority Key Identifier:
keyid:84:4A:17:91:CB:07:F1:D8:61:23:C6:3D:C3:AD:CF:D7:54:DB:10:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/aG7r0THwy7cpiTVAbkGnEdeJrF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.84.0/22
Signature Algorithm: sha256WithRSAEncryption
98:7a:f3:23:16:3f:a9:01:e5:11:12:44:04:a4:c8:cf:d8:6a:
ab:c0:46:39:eb:40:1f:1c:c9:84:ea:78:0f:d7:39:28:88:ef:
69:3c:90:44:55:22:56:59:28:18:d6:dd:4c:0f:ab:6f:af:4a:
55:04:fb:93:8d:e0:c7:12:ed:f2:64:7b:22:26:14:f4:6b:6b:
4c:69:80:3b:91:27:dc:ba:39:fa:c3:96:9b:dc:0d:c8:a5:3d:
73:79:fe:f6:92:70:42:67:f8:02:dd:72:c5:7c:7d:53:1a:68:
21:c6:83:fb:3f:64:64:99:74:16:3d:bc:13:90:7f:90:8a:2d:
a8:e1:be:09:ca:f3:87:2c:74:94:7b:7f:56:a0:f6:43:ac:9a:
48:f1:80:b8:5b:f3:78:4a:38:80:ea:10:4d:27:f3:69:76:c6:
be:4f:61:2a:d2:8a:8b:db:92:27:0c:eb:37:98:f8:7d:45:15:
ae:b6:0b:29:64:8f:d6:1c:02:aa:dd:ba:8c:f9:71:f1:da:8a:
85:70:38:d0:51:32:6b:48:79:3c:6c:cc:37:46:66:51:7b:84:
2e:2e:ce:b2:14:5c:c6:89:62:98:de:09:9f:82:a5:0c:8e:12:
aa:6f:96:64:63:47:8c:c9:d2:db:11:97:10:12:5e:f9:e6:e7:
ee:93:d4:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtnQUPIon2GIAa1Ru7RZwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NGExNzkxY2IwN2YxZDg2MTIzYzYzZGMzYWRjZmQ3NTRk
YjEwMWIwHhcNMjQwMTAxMDYyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODZlZWJkMTMxZjBjYmI3Mjk4OTM1NDA2ZTQxYTcxMWQ3ODlhYzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24bGtlArf4KAutz5v4OnCV3ABeAp
0qsTDlKQ+GKOlUTsys/yPXvbMafKkW9hCQ1b9D2kzSfOn91vXDpie2fc4up5AnJ3
M60ldSslFeyBVU2XvgwHk+0mQSJ19F1JjV964xqhiFjqW4vJWziWTgsrjZqw6WeE
Hb1WQH3uaAeciGH6jT06xU2d8aL25WXBc/NvXyouHk4Z6cHnRkEnjoiLKXGK4U30
L3uSJIOBthXzvkh4Xb+AJ9pcw9RPFG7WuJsffwugqYIVItqpzDmOOSxFMg+iir5m
IAXC0niNedfbJ/OqVOW6l5caDcJDUQhpou5CNeUcWQ8euywbtAL4EHhQGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhu69Ex8Mu3KYk1QG5BpxHXiaxdMB8GA1UdIwQY
MBaAFIRKF5HLB/HYYSPGPcOtz9dU2xAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mMTM3MGEtNTdjYS00NmEwLThhZjQt
NzhiYTZkYzUwMDg2LzEvYUc3cjBUSHd5N2NwaVRWQWJrR25FZGVKckYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mMTM3MGEtNTdjYS00NmEwLThhZjQtNzhiYTZkYzUwMDg2
LzEvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuS5UMA0G
CSqGSIb3DQEBCwUAA4IBAQCYevMjFj+pAeUREkQEpMjP2GqrwEY560AfHMmE6ngP
1zkoiO9pPJBEVSJWWSgY1t1MD6tvr0pVBPuTjeDHEu3yZHsiJhT0a2tMaYA7kSfc
ujn6w5ab3A3IpT1zef72knBCZ/gC3XLFfH1TGmghxoP7P2RkmXQWPbwTkH+Qii2o
4b4JyvOHLHSUe39WoPZDrJpI8YC4W/N4SjiA6hBNJ/Npdsa+T2Eq0oqL25InDOs3
mPh9RRWutgspZI/WHAKq3bqM+XHx2oqFcDjQUTJrSHk8bMw3RmZRe4QuLs6yFFzG
iWKY3gmfgqUMjhKqb5ZkY0eMydLbEZcQEl755ufuk9Qp
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:37:28 2024 by rpki-client on console-ams.rpki-client.org