Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/QW76TIJpCXZgXAMOJZ4y2W2vnlY.roa
File: QW76TIJpCXZgXAMOJZ4y2W2vnlY.roa (raw, json)
Hash identifier: MXsMfNc22+CfVyGR9NF4tU0kekT23c1FpznYkp4i4uc=
Subject key identifier: 41:6E:FA:4C:82:69:09:76:60:5C:03:0E:25:9E:32:D9:6D:AF:9E:56
Certificate issuer: /CN=1cee91296c94992d151a232240e6cf3a176d2039
Certificate serial: 018CC79498A983E53F0288976CAA4E58A25C
Authority key identifier: 1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/QW76TIJpCXZgXAMOJZ4y2W2vnlY.roa
Signing time: Tue 02 Jan 2024 00:30:53 +0000
ROA not before: Tue 02 Jan 2024 00:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212621
IP address blocks: 46.172.90.0/24 maxlen: 24
46.172.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 14:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:98:a9:83:e5:3f:02:88:97:6c:aa:4e:58:a2:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cee91296c94992d151a232240e6cf3a176d2039
Validity
Not Before: Jan 2 00:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=416efa4c82690976605c030e259e32d96daf9e56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:26:24:1e:b9:b1:41:4a:2d:50:29:15:9f:d2:
96:e9:1b:56:de:65:fd:70:be:9a:54:d7:f8:27:5f:
5c:30:a1:a7:66:0c:77:27:65:f6:b1:72:87:32:0e:
09:fc:ce:01:7a:dd:74:78:a5:f1:88:8a:bb:d3:12:
52:ec:bf:9e:06:e8:d3:af:ac:73:b4:24:d9:78:f5:
fb:9c:38:99:5f:ce:b7:22:27:21:8f:4c:2f:92:53:
5b:d6:ae:85:66:4b:a7:c5:c5:71:d0:61:be:a2:96:
24:72:08:ff:d2:5c:54:7a:d5:fb:c7:54:f4:d6:19:
3b:84:fe:60:46:4f:c4:57:6c:fb:31:74:65:8e:43:
f3:36:27:22:1a:1f:34:15:53:10:02:03:f6:4a:5f:
c6:69:c3:00:d3:c7:fd:5d:33:b0:c6:89:1b:93:9d:
7b:be:02:0b:6d:b0:9f:87:04:a6:65:94:7e:47:a8:
32:ab:af:44:d7:6c:fe:3d:3b:2a:2c:66:f6:ac:0b:
b3:1b:86:fa:1e:80:83:d9:92:51:df:ab:1c:ba:78:
2c:41:79:04:5b:b4:00:66:7c:39:8d:75:fc:cc:4c:
f3:3a:71:f1:d2:96:f1:09:bb:a7:cd:04:62:af:11:
2f:e6:69:97:63:f5:94:b6:05:b4:ad:4c:76:e5:94:
ac:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:6E:FA:4C:82:69:09:76:60:5C:03:0E:25:9E:32:D9:6D:AF:9E:56
X509v3 Authority Key Identifier:
keyid:1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/QW76TIJpCXZgXAMOJZ4y2W2vnlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.172.90.0/24
46.172.93.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:45:8a:c5:4f:3a:88:65:c2:ab:96:fe:0a:2b:7c:08:d6:e9:
41:a9:b0:ad:71:d7:5e:7c:b8:11:27:8c:e0:25:79:89:c3:a6:
19:a4:35:9c:3d:e1:5e:0c:f6:88:0f:91:f3:e1:54:7b:f2:33:
a8:08:b0:7b:11:cf:3b:22:bc:28:c4:4c:c2:10:0e:04:d2:21:
55:69:53:0d:9e:f8:f5:b7:12:34:49:94:04:f4:01:90:30:e0:
ae:fa:da:9a:64:ea:b4:93:29:e9:af:ce:7b:58:92:91:74:5c:
50:af:c4:e9:e7:78:c3:71:af:ae:b8:38:1f:fa:0a:73:56:1d:
64:3b:fb:41:28:10:b1:70:5f:7f:f6:d8:02:4e:bf:7e:dd:ef:
08:97:97:85:3c:28:37:af:7c:cf:5f:b9:c6:47:6b:74:20:a1:
2e:9c:95:41:7b:fe:53:83:8c:bc:b3:a5:81:4a:79:8f:e2:f8:
71:f0:d9:47:dc:d2:78:ec:0e:21:e6:5a:35:e9:43:74:35:d6:
cd:79:75:df:8c:0d:a3:2d:b6:92:74:0a:05:12:a0:ca:4b:d7:
e8:b7:20:de:29:5c:57:3a:c5:99:27:0c:72:bd:f4:d3:d8:39:
f0:39:de:d8:1f:2d:8f:d3:3f:bc:d8:ca:69:0d:e2:36:f2:ff:
0b:a8:5d:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlJipg+U/AoiXbKpOWKJcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZWU5MTI5NmM5NDk5MmQxNTFhMjMyMjQwZTZjZjNhMTc2
ZDIwMzkwHhcNMjQwMTAyMDAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTZlZmE0YzgyNjkwOTc2NjA1YzAzMGUyNTllMzJkOTZkYWY5ZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSYkHrmxQUotUCkVn9KW6RtW3mX9
cL6aVNf4J19cMKGnZgx3J2X2sXKHMg4J/M4Bet10eKXxiIq70xJS7L+eBujTr6xz
tCTZePX7nDiZX863Iichj0wvklNb1q6FZkunxcVx0GG+opYkcgj/0lxUetX7x1T0
1hk7hP5gRk/EV2z7MXRljkPzNiciGh80FVMQAgP2Sl/GacMA08f9XTOwxokbk517
vgILbbCfhwSmZZR+R6gyq69E12z+PTsqLGb2rAuzG4b6HoCD2ZJR36scungsQXkE
W7QAZnw5jXX8zEzzOnHx0pbxCbunzQRirxEv5mmXY/WUtgW0rUx25ZSsGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEFu+kyCaQl2YFwDDiWeMtltr55WMB8GA1UdIwQY
MBaAFBzukSlslJktFRojIkDmzzoXbSA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE82UktXeVVtUzBWR2lNaVFPYlBPaGR0SURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9jOTFlYzMtMjgyMC00MTdiLTlhYWQt
YmFjYWI0NzVlNmNjLzEvUVc3NlRJSnBDWFpnWEFNT0paNHkyVzJ2bmxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9jOTFlYzMtMjgyMC00MTdiLTlhYWQtYmFjYWI0NzVlNmNj
LzEvSE82UktXeVVtUzBWR2lNaVFPYlBPaGR0SURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALqxaAwQA
LqxdMA0GCSqGSIb3DQEBCwUAA4IBAQA8RYrFTzqIZcKrlv4KK3wI1ulBqbCtcdde
fLgRJ4zgJXmJw6YZpDWcPeFeDPaID5Hz4VR78jOoCLB7Ec87IrwoxEzCEA4E0iFV
aVMNnvj1txI0SZQE9AGQMOCu+tqaZOq0kynpr857WJKRdFxQr8Tp53jDca+uuDgf
+gpzVh1kO/tBKBCxcF9/9tgCTr9+3e8Il5eFPCg3r3zPX7nGR2t0IKEunJVBe/5T
g4y8s6WBSnmP4vhx8NlH3NJ47A4h5lo16UN0NdbNeXXfjA2jLbaSdAoFEqDKS9fo
tyDeKVxXOsWZJwxyvfTT2DnwOd7YHy2P0z+82MppDeI28v8LqF2r
-----END CERTIFICATE-----
Generated at Thu May 16 20:41:44 2024 by rpki-client on console-ams.rpki-client.org