Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/IfEgbzid4NxF4c2lrfmcVFiaRw8.roa
File: IfEgbzid4NxF4c2lrfmcVFiaRw8.roa (raw, json)
Hash identifier: HsNZRdKC61R+lmjFS6dVDOvhW/iWJ7QiVr7zSatBi1U=
Subject key identifier: 21:F1:20:6F:38:9D:E0:DC:45:E1:CD:A5:AD:F9:9C:54:58:9A:47:0F
Certificate issuer: /CN=1cee91296c94992d151a232240e6cf3a176d2039
Certificate serial: 018CC79496BC202A230096353F0D58EFEFA5
Authority key identifier: 1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/IfEgbzid4NxF4c2lrfmcVFiaRw8.roa
Signing time: Tue 02 Jan 2024 00:30:52 +0000
ROA not before: Tue 02 Jan 2024 00:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43110
IP address blocks: 46.172.64.0/24 maxlen: 24
46.172.70.0/24 maxlen: 24
46.172.69.0/24 maxlen: 24
46.172.65.0/24 maxlen: 24
46.172.66.0/24 maxlen: 24
46.172.71.0/24 maxlen: 24
46.172.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 14:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:96:bc:20:2a:23:00:96:35:3f:0d:58:ef:ef:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cee91296c94992d151a232240e6cf3a176d2039
Validity
Not Before: Jan 2 00:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21f1206f389de0dc45e1cda5adf99c54589a470f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:71:d7:52:d0:5b:75:2b:8f:5f:ac:21:34:08:
d8:0d:54:88:4e:70:95:4f:79:1e:f8:75:d9:af:30:
97:e0:a9:d5:6c:fe:c1:7f:79:5e:f3:94:db:88:54:
ab:37:e5:3a:ee:e2:b2:21:26:9e:ec:9c:8a:2d:c1:
20:6d:b8:0e:dd:f5:7f:f5:80:c0:2e:70:0d:20:13:
34:7f:03:4b:15:53:5b:ec:8c:84:24:64:9a:b0:9b:
2b:0b:3d:65:24:40:2c:f3:41:96:c9:21:84:e2:22:
89:74:cf:d4:48:89:d2:df:6e:3e:a0:8d:ad:72:31:
ce:12:78:a9:14:1f:36:17:1f:e6:2d:63:7a:60:6f:
2a:92:6d:1f:92:5d:fb:5c:67:3c:49:14:8e:83:48:
ef:0d:19:28:df:92:f7:f0:cc:6d:43:65:6f:19:d2:
45:12:9c:aa:b5:48:c5:6b:1e:9c:b5:57:c1:44:01:
82:f8:48:d8:63:6b:09:db:67:a7:25:df:d6:64:da:
36:9b:57:f4:a1:98:d6:c9:de:18:79:6d:23:0e:32:
e6:4b:e2:84:6e:94:7e:6a:b1:41:77:87:53:77:6f:
cd:69:4c:ba:72:6e:d0:5d:a3:15:3f:60:77:77:aa:
3a:ce:cb:5e:c4:b8:d3:59:6a:b3:24:9a:71:fa:ad:
a3:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F1:20:6F:38:9D:E0:DC:45:E1:CD:A5:AD:F9:9C:54:58:9A:47:0F
X509v3 Authority Key Identifier:
keyid:1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/IfEgbzid4NxF4c2lrfmcVFiaRw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.172.64.0-46.172.66.255
46.172.69.0-46.172.71.255
46.172.92.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:1d:2d:d3:72:62:c1:ab:02:48:b8:a8:f1:0b:23:ea:64:55:
84:18:b6:dc:15:67:ee:63:17:34:b7:1d:77:e4:62:6d:e1:96:
39:92:50:91:32:27:30:bd:25:6c:96:e0:56:ec:c2:7a:7a:55:
1f:10:9a:5e:02:d8:83:c9:90:b6:7e:28:ce:1f:2c:b1:e7:42:
1c:bf:f4:a5:35:15:d3:d6:5e:ca:73:80:cc:67:49:83:a6:7b:
93:2e:8c:0a:41:cf:e1:0b:8c:02:6c:1a:fc:eb:03:f9:32:0c:
4a:81:ea:60:02:cb:86:56:78:99:f0:a4:be:fd:a2:22:1a:9e:
b6:84:99:b1:e3:9c:a7:9c:e1:83:5f:3a:96:85:09:ef:47:4e:
e7:8e:ff:9b:ad:e3:e2:e5:8c:a5:6c:b1:5a:c4:a9:12:26:49:
00:83:e7:ca:bb:32:56:a2:a4:65:8e:47:c7:e6:60:07:bb:60:
55:82:46:55:02:9d:a5:1b:36:6a:d0:ad:c4:72:20:d3:6a:7c:
47:ae:c5:b0:ef:05:4a:70:ae:f3:11:16:b4:db:e3:ec:a6:ec:
ca:d5:e4:37:b0:e2:47:b9:55:9a:35:eb:5d:92:e8:c4:6e:94:
93:01:28:44:69:7b:45:a1:5a:dd:27:ed:22:e1:94:01:43:49:
5a:79:5e:64
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzHlJa8ICojAJY1Pw1Y7++lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZWU5MTI5NmM5NDk5MmQxNTFhMjMyMjQwZTZjZjNhMTc2
ZDIwMzkwHhcNMjQwMTAyMDAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWYxMjA2ZjM4OWRlMGRjNDVlMWNkYTVhZGY5OWM1NDU4OWE0NzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXHXUtBbdSuPX6whNAjYDVSITnCV
T3ke+HXZrzCX4KnVbP7Bf3le85TbiFSrN+U67uKyISae7JyKLcEgbbgO3fV/9YDA
LnANIBM0fwNLFVNb7IyEJGSasJsrCz1lJEAs80GWySGE4iKJdM/USInS324+oI2t
cjHOEnipFB82Fx/mLWN6YG8qkm0fkl37XGc8SRSOg0jvDRko35L38MxtQ2VvGdJF
EpyqtUjFax6ctVfBRAGC+EjYY2sJ22enJd/WZNo2m1f0oZjWyd4YeW0jDjLmS+KE
bpR+arFBd4dTd2/NaUy6cm7QXaMVP2B3d6o6zstexLjTWWqzJJpx+q2jvwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCHxIG84neDcReHNpa35nFRYmkcPMB8GA1UdIwQY
MBaAFBzukSlslJktFRojIkDmzzoXbSA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE82UktXeVVtUzBWR2lNaVFPYlBPaGR0SURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9jOTFlYzMtMjgyMC00MTdiLTlhYWQt
YmFjYWI0NzVlNmNjLzEvSWZFZ2J6aWQ0TnhGNGMybHJmbWNWRmlhUnc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9jOTFlYzMtMjgyMC00MTdiLTlhYWQtYmFjYWI0NzVlNmNj
LzEvSE82UktXeVVtUzBWR2lNaVFPYlBPaGR0SURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAYurEAD
BAAurEIwDAMEAC6sRQMEAy6sQAMEAC6sXDANBgkqhkiG9w0BAQsFAAOCAQEASh0t
03JiwasCSLio8Qsj6mRVhBi23BVn7mMXNLcdd+RibeGWOZJQkTInML0lbJbgVuzC
enpVHxCaXgLYg8mQtn4ozh8ssedCHL/0pTUV09ZeynOAzGdJg6Z7ky6MCkHP4QuM
Amwa/OsD+TIMSoHqYALLhlZ4mfCkvv2iIhqetoSZseOcp5zhg186loUJ70dO547/
m63j4uWMpWyxWsSpEiZJAIPnyrsyVqKkZY5Hx+ZgB7tgVYJGVQKdpRs2atCtxHIg
02p8R67FsO8FSnCu8xEWtNvj7KbsytXkN7DiR7lVmjXrXZLoxG6UkwEoRGl7RaFa
3SftIuGUAUNJWnleZA==
-----END CERTIFICATE-----
Generated at Thu May 16 20:03:32 2024 by rpki-client on console-fra.rpki-client.org