Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/FO9wlKOPjB1-PITRsYWImwdD-0k.roa
File: FO9wlKOPjB1-PITRsYWImwdD-0k.roa (raw, json)
Hash identifier: oOXJ+6RNLiUtuhQZikUx5B9MyvGpy5fIxYXCx372oB4=
Subject key identifier: 14:EF:70:94:A3:8F:8C:1D:7E:3C:84:D1:B1:85:88:9B:07:43:FB:49
Certificate issuer: /CN=1cee91296c94992d151a232240e6cf3a176d2039
Certificate serial: 018CC794971C28D26F40599E55D9DEC3437B
Authority key identifier: 1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/FO9wlKOPjB1-PITRsYWImwdD-0k.roa
Signing time: Tue 02 Jan 2024 00:30:53 +0000
ROA not before: Tue 02 Jan 2024 00:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48422
IP address blocks: 46.172.67.0/24 maxlen: 24
46.172.68.0/24 maxlen: 24
46.172.75.0/24 maxlen: 24
46.172.77.0/24 maxlen: 24
46.172.72.0/24 maxlen: 24
46.172.73.0/24 maxlen: 24
46.172.79.0/24 maxlen: 24
46.172.81.0/24 maxlen: 24
46.172.85.0/24 maxlen: 24
46.172.83.0/24 maxlen: 24
46.172.82.0/24 maxlen: 24
46.172.84.0/24 maxlen: 24
46.172.89.0/24 maxlen: 24
46.172.91.0/24 maxlen: 24
46.172.88.0/24 maxlen: 24
2a04:5e40:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:97:1c:28:d2:6f:40:59:9e:55:d9:de:c3:43:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cee91296c94992d151a232240e6cf3a176d2039
Validity
Not Before: Jan 2 00:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14ef7094a38f8c1d7e3c84d1b185889b0743fb49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9c:0f:b9:11:4c:ff:e5:25:a9:f1:cc:b6:a8:
82:68:26:92:a9:77:0e:93:5a:a5:f2:54:cf:14:8c:
62:3f:a3:e2:50:fe:3d:04:23:c5:55:93:75:75:06:
35:86:76:ee:95:88:9e:e9:1b:32:98:6f:f9:e9:7e:
e5:84:1c:2d:8d:43:b2:a9:08:be:c8:bd:a3:93:e9:
46:97:70:ba:61:c0:03:dd:8b:bf:0b:d9:30:71:f6:
79:13:45:62:5d:db:8d:1f:95:39:df:05:94:0f:07:
31:bc:e5:aa:21:5e:a4:cd:04:4d:31:d7:98:ab:8b:
c8:06:56:5c:4f:6b:b2:07:10:84:86:65:ee:e1:20:
8f:0a:02:df:07:46:cc:70:bb:d0:b7:b2:97:e6:0b:
1d:3f:d7:c9:ee:d9:17:9a:34:38:f4:5a:6a:9c:46:
64:48:c4:f0:34:ff:37:f6:63:e0:90:9a:f5:47:f0:
11:e2:20:20:bc:69:41:12:49:96:d5:e5:a7:ec:74:
27:df:7d:42:eb:3f:08:ed:16:27:d5:49:0e:e4:e6:
8b:bd:af:9b:d2:14:26:73:27:66:d5:fd:ce:ff:32:
4e:c6:c1:9d:44:c8:dc:6f:04:6b:53:31:04:4f:ee:
ab:87:ad:fd:c0:c2:c8:a5:73:c7:df:de:03:01:26:
d2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:EF:70:94:A3:8F:8C:1D:7E:3C:84:D1:B1:85:88:9B:07:43:FB:49
X509v3 Authority Key Identifier:
keyid:1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/FO9wlKOPjB1-PITRsYWImwdD-0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.172.67.0-46.172.68.255
46.172.72.0/23
46.172.75.0/24
46.172.77.0/24
46.172.79.0/24
46.172.81.0-46.172.85.255
46.172.88.0/23
46.172.91.0/24
IPv6:
2a04:5e40:1::/48
Signature Algorithm: sha256WithRSAEncryption
10:07:27:b3:8a:b7:fc:15:14:1f:9e:d6:af:75:17:df:7f:8f:
52:55:30:f7:1e:30:ba:f4:11:48:9e:83:94:7e:30:f2:34:e2:
6d:54:ef:3e:c4:39:8b:73:39:2f:9a:f2:c0:46:9f:26:43:c9:
8e:56:a4:1d:fe:fa:84:bd:19:20:ec:3e:89:8d:31:48:3c:43:
44:1e:c6:21:c1:1e:ca:c1:16:26:12:2b:10:d9:06:f7:3e:25:
bb:5a:c6:f8:b6:5a:4e:3e:98:eb:c2:04:34:29:e6:69:4f:fc:
4d:2c:64:b2:13:67:f0:f3:12:f9:82:3b:a7:1a:87:e3:c4:bb:
bc:ec:61:78:c1:40:bf:a9:06:f9:fe:f6:91:5d:d6:d4:6c:3c:
a6:d8:32:e6:36:bd:24:80:5b:7c:bb:12:74:05:20:5a:02:66:
4d:10:f6:e1:d9:d8:7a:5b:aa:7d:9a:06:25:ae:a6:41:6a:75:
52:4a:84:5b:0f:ee:fb:dc:3f:73:75:db:4a:1b:5a:13:b1:04:
5a:d3:44:9a:cc:e5:58:ab:e0:7d:57:c4:98:1e:31:88:62:3e:
67:59:85:5b:f6:a2:2c:39:06:33:80:76:8d:1f:ef:61:7f:1e:
32:65:5e:f1:c0:47:1a:91:32:cc:14:f2:39:fb:4e:62:36:f8:
db:1b:77:43
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYzHlJccKNJvQFmeVdnew0N7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZWU5MTI5NmM5NDk5MmQxNTFhMjMyMjQwZTZjZjNhMTc2
ZDIwMzkwHhcNMjQwMTAyMDAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGVmNzA5NGEzOGY4YzFkN2UzYzg0ZDFiMTg1ODg5YjA3NDNmYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZwPuRFM/+UlqfHMtqiCaCaSqXcO
k1ql8lTPFIxiP6PiUP49BCPFVZN1dQY1hnbulYie6RsymG/56X7lhBwtjUOyqQi+
yL2jk+lGl3C6YcAD3Yu/C9kwcfZ5E0ViXduNH5U53wWUDwcxvOWqIV6kzQRNMdeY
q4vIBlZcT2uyBxCEhmXu4SCPCgLfB0bMcLvQt7KX5gsdP9fJ7tkXmjQ49FpqnEZk
SMTwNP839mPgkJr1R/AR4iAgvGlBEkmW1eWn7HQn331C6z8I7RYn1UkO5OaLva+b
0hQmcydm1f3O/zJOxsGdRMjcbwRrUzEET+6rh639wMLIpXPH394DASbSBQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFBTvcJSjj4wdfjyE0bGFiJsHQ/tJMB8GA1UdIwQY
MBaAFBzukSlslJktFRojIkDmzzoXbSA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE82UktXeVVtUzBWR2lNaVFPYlBPaGR0SURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9jOTFlYzMtMjgyMC00MTdiLTlhYWQt
YmFjYWI0NzVlNmNjLzEvRk85d2xLT1BqQjEtUElUUnNZV0ltd2RELTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9jOTFlYzMtMjgyMC00MTdiLTlhYWQtYmFjYWI0NzVlNmNj
LzEvSE82UktXeVVtUzBWR2lNaVFPYlBPaGR0SURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBGBAIAATBAMAwDBAAurEMD
BAAurEQDBAEurEgDBAAurEsDBAAurE0DBAAurE8wDAMEAC6sUQMEAS6sVAMEAS6s
WAMEAC6sWzAPBAIAAjAJAwcAKgReQAABMA0GCSqGSIb3DQEBCwUAA4IBAQAQByez
irf8FRQfntavdRfff49SVTD3HjC69BFInoOUfjDyNOJtVO8+xDmLczkvmvLARp8m
Q8mOVqQd/vqEvRkg7D6JjTFIPENEHsYhwR7KwRYmEisQ2Qb3PiW7Wsb4tlpOPpjr
wgQ0KeZpT/xNLGSyE2fw8xL5gjunGofjxLu87GF4wUC/qQb5/vaRXdbUbDym2DLm
Nr0kgFt8uxJ0BSBaAmZNEPbh2dh6W6p9mgYlrqZBanVSSoRbD+773D9zddtKG1oT
sQRa00SazOVYq+B9V8SYHjGIYj5nWYVb9qIsOQYzgHaNH+9hfx4yZV7xwEcakTLM
FPI5+05iNvjbG3dD
-----END CERTIFICATE-----
Generated at Tue Nov 26 05:16:16 2024 by rpki-client on console-fra.rpki-client.org