Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/6d6b76-b4b7-4f7e-8628-cf794658f5be/1/AXlInJ1WPCB7IRiiooDTi3v-M4g.roa
File: AXlInJ1WPCB7IRiiooDTi3v-M4g.roa (raw, json)
Hash identifier: HmcZNmMLQ7Hsy76UF4pJbiL7EGATkXG06w6iGdOCvu0=
Subject key identifier: 01:79:48:9C:9D:56:3C:20:7B:21:18:A2:A2:80:D3:8B:7B:FE:33:88
Certificate issuer: /CN=e76210e38b16909a7ee8fe3b8d06647f0665292b
Certificate serial: 018CC803116031C69D3CFE1BC44E32B25492
Authority key identifier: E7:62:10:E3:8B:16:90:9A:7E:E8:FE:3B:8D:06:64:7F:06:65:29:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/52IQ44sWkJp-6P47jQZkfwZlKSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/6d6b76-b4b7-4f7e-8628-cf794658f5be/1/AXlInJ1WPCB7IRiiooDTi3v-M4g.roa
Signing time: Tue 02 Jan 2024 02:31:33 +0000
ROA not before: Tue 02 Jan 2024 02:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15726
IP address blocks: 46.231.232.0/21 maxlen: 24
217.14.160.0/20 maxlen: 24
213.149.64.0/20 maxlen: 24
2a00:f88::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/6d6b76-b4b7-4f7e-8628-cf794658f5be/1/52IQ44sWkJp-6P47jQZkfwZlKSs.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/6d6b76-b4b7-4f7e-8628-cf794658f5be/1/52IQ44sWkJp-6P47jQZkfwZlKSs.mft
rsync://rpki.ripe.net/repository/DEFAULT/52IQ44sWkJp-6P47jQZkfwZlKSs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:03:11:60:31:c6:9d:3c:fe:1b:c4:4e:32:b2:54:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e76210e38b16909a7ee8fe3b8d06647f0665292b
Validity
Not Before: Jan 2 02:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0179489c9d563c207b2118a2a280d38b7bfe3388
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5a:0e:d8:68:21:0d:bf:17:cc:eb:e6:9e:9a:
15:83:7e:65:03:cd:1b:05:e8:e5:98:5e:49:95:f6:
2d:47:b3:96:67:ae:1c:cd:fb:14:92:37:fe:1f:a4:
ca:a4:8b:99:15:f3:0f:e3:64:f6:bc:e0:b0:1a:99:
03:9f:bd:c0:c7:6d:4a:ab:c3:ad:b1:c2:6c:b3:89:
0b:74:31:70:f5:a4:c3:ff:8a:1a:f2:ad:27:00:cb:
4f:5a:cd:bc:b3:44:99:d0:cb:88:eb:5d:00:b9:8f:
f0:0d:56:21:af:0d:d9:60:e1:22:a6:da:10:66:48:
b6:da:0a:14:fb:45:b7:1e:47:4f:e1:df:f6:e8:f8:
4e:3d:a2:59:d5:c0:8f:44:57:98:83:2b:6c:70:d9:
d1:e3:89:c7:64:28:02:ee:6f:7b:b2:c6:bd:6c:9f:
39:f3:ae:2a:76:5b:22:85:4d:32:bf:f8:32:a5:5b:
b3:65:52:71:63:3b:77:35:01:2c:24:90:07:3c:50:
36:44:15:14:bd:72:9f:a6:0d:15:7f:e2:9a:6d:e7:
20:56:d8:15:f4:42:e3:f7:ca:86:62:03:1f:58:3f:
20:a6:fe:06:b1:ee:49:96:8c:80:62:9c:20:13:93:
90:d0:03:14:c2:5e:67:95:db:b9:26:03:59:22:8e:
c3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:79:48:9C:9D:56:3C:20:7B:21:18:A2:A2:80:D3:8B:7B:FE:33:88
X509v3 Authority Key Identifier:
keyid:E7:62:10:E3:8B:16:90:9A:7E:E8:FE:3B:8D:06:64:7F:06:65:29:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52IQ44sWkJp-6P47jQZkfwZlKSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/6d6b76-b4b7-4f7e-8628-cf794658f5be/1/AXlInJ1WPCB7IRiiooDTi3v-M4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/6d6b76-b4b7-4f7e-8628-cf794658f5be/1/52IQ44sWkJp-6P47jQZkfwZlKSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.231.232.0/21
213.149.64.0/20
217.14.160.0/20
IPv6:
2a00:f88::/32
Signature Algorithm: sha256WithRSAEncryption
67:a7:42:09:4d:4b:2a:34:cb:43:33:c5:d2:3d:c3:a9:d3:f3:
71:55:6d:79:a3:51:23:8d:4d:12:3e:f2:e0:97:de:3d:13:2c:
82:67:47:af:38:bc:bf:63:34:c9:aa:1a:3e:08:c8:d4:72:0a:
7d:c8:bb:d5:c6:ee:4a:ff:13:48:0f:fc:25:2a:08:0b:dc:b8:
63:82:f8:66:eb:e6:e8:7f:2e:c9:2d:5b:6d:d7:cc:aa:9e:7f:
0e:f4:aa:35:4f:46:71:5e:40:c7:79:21:5f:01:73:ec:05:9d:
b2:78:c3:ce:d0:f6:42:f4:01:3b:8d:e4:ff:1c:e0:cc:42:5f:
81:61:d0:c3:07:14:61:57:63:49:7d:cb:75:12:13:b8:ab:2e:
60:2b:b5:bc:0d:e8:5a:5c:cb:67:9d:6a:a8:8a:d6:a3:13:3b:
45:89:74:f6:5c:4c:a9:50:91:bb:16:50:66:3a:43:1b:b4:d9:
65:57:a8:ca:22:85:69:fa:7e:87:1b:28:35:4f:e1:dd:b1:16:
58:90:a4:ec:4a:5d:5a:87:61:c9:fa:d1:e5:5a:f5:71:d9:b0:
18:81:79:12:87:f7:f0:6e:83:d6:09:84:67:08:95:d5:5b:7a:
c3:46:dc:80:9d:43:a4:46:af:67:83:4b:c6:d4:89:12:2a:f7:
7b:7d:a8:92
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIAxFgMcadPP4bxE4yslSSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjIxMGUzOGIxNjkwOWE3ZWU4ZmUzYjhkMDY2NDdmMDY2
NTI5MmIwHhcNMjQwMTAyMDIzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTc5NDg5YzlkNTYzYzIwN2IyMTE4YTJhMjgwZDM4YjdiZmUzMzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1oO2GghDb8XzOvmnpoVg35lA80b
BejlmF5JlfYtR7OWZ64czfsUkjf+H6TKpIuZFfMP42T2vOCwGpkDn73Ax21Kq8Ot
scJss4kLdDFw9aTD/4oa8q0nAMtPWs28s0SZ0MuI610AuY/wDVYhrw3ZYOEiptoQ
Zki22goU+0W3HkdP4d/26PhOPaJZ1cCPRFeYgytscNnR44nHZCgC7m97ssa9bJ85
864qdlsihU0yv/gypVuzZVJxYzt3NQEsJJAHPFA2RBUUvXKfpg0Vf+KabecgVtgV
9ELj98qGYgMfWD8gpv4Gse5JloyAYpwgE5OQ0AMUwl5nldu5JgNZIo7DuwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAF5SJydVjwgeyEYoqKA04t7/jOIMB8GA1UdIwQY
MBaAFOdiEOOLFpCafuj+O40GZH8GZSkrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJJUTQ0c1drSnAtNlA0N2pRWmtmd1psS1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82ZDZiNzYtYjRiNy00ZjdlLTg2Mjgt
Y2Y3OTQ2NThmNWJlLzEvQVhsSW5KMVdQQ0I3SVJpaW9vRFRpM3YtTTRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82ZDZiNzYtYjRiNy00ZjdlLTg2MjgtY2Y3OTQ2NThmNWJl
LzEvNTJJUTQ0c1drSnAtNlA0N2pRWmtmd1psS1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLufoAwQE
1ZVAAwQE2Q6gMA0EAgACMAcDBQAqAA+IMA0GCSqGSIb3DQEBCwUAA4IBAQBnp0IJ
TUsqNMtDM8XSPcOp0/NxVW15o1EjjU0SPvLgl949EyyCZ0evOLy/YzTJqho+CMjU
cgp9yLvVxu5K/xNID/wlKggL3Lhjgvhm6+bofy7JLVtt18yqnn8O9Ko1T0ZxXkDH
eSFfAXPsBZ2yeMPO0PZC9AE7jeT/HODMQl+BYdDDBxRhV2NJfct1EhO4qy5gK7W8
DehaXMtnnWqoitajEztFiXT2XEypUJG7FlBmOkMbtNllV6jKIoVp+n6HGyg1T+Hd
sRZYkKTsSl1ah2HJ+tHlWvVx2bAYgXkSh/fwboPWCYRnCJXVW3rDRtyAnUOkRq9n
g0vG1IkSKvd7faiS
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:59:56 2024 by rpki-client on console-fra.rpki-client.org