Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/ul54Q_5lWkG2iUKOs-S9GIYQ9sY.roa
File: ul54Q_5lWkG2iUKOs-S9GIYQ9sY.roa (raw, json)
Hash identifier: Thav4iljklT8sH8oasougZcSfXbun5GuFhNrImEvsFc=
Subject key identifier: BA:5E:78:43:FE:65:5A:41:B6:89:42:8E:B3:E4:BD:18:86:10:F6:C6
Certificate issuer: /CN=1cee91296c94992d151a232240e6cf3a176d2039
Certificate serial: 018CC79497788926640B43992187760EBC07
Authority key identifier: 1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/ul54Q_5lWkG2iUKOs-S9GIYQ9sY.roa
Signing time: Tue 02 Jan 2024 00:30:53 +0000
ROA not before: Tue 02 Jan 2024 00:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203088
IP address blocks: 46.172.80.0/24 maxlen: 24
46.172.87.0/24 maxlen: 24
46.172.86.0/24 maxlen: 24
46.172.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:97:78:89:26:64:0b:43:99:21:87:76:0e:bc:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cee91296c94992d151a232240e6cf3a176d2039
Validity
Not Before: Jan 2 00:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba5e7843fe655a41b689428eb3e4bd188610f6c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8b:e1:ca:2c:7f:99:dd:78:a6:71:3d:eb:87:
d5:1c:f7:83:58:ca:ab:83:47:f0:56:14:08:62:61:
e2:ab:45:10:95:b5:ee:bc:ac:73:26:18:e9:8f:eb:
55:d8:70:5f:9f:15:30:a1:c6:75:a8:00:25:19:ec:
a6:07:9a:e2:98:54:5a:77:06:9b:09:74:15:51:50:
76:ce:e7:7f:80:84:98:85:95:f1:78:48:52:61:34:
46:ca:18:35:db:65:d8:c9:3b:cf:25:fd:09:93:7d:
2b:d5:6e:d3:ff:d1:fe:f9:70:9c:c5:fc:01:94:0e:
d4:de:d9:bd:35:73:9b:f1:70:87:a1:f5:94:7e:c4:
d7:4b:82:b4:4a:f3:c9:a0:2a:1a:d2:f5:54:f4:21:
17:ba:db:f6:ab:3c:12:ab:11:c5:88:22:7b:57:6d:
78:75:0a:a2:c6:4e:52:14:16:9a:a6:f2:ba:a6:cb:
c7:c6:d4:c4:2e:25:0c:7c:a8:55:cb:53:6a:59:7d:
e6:e9:14:3f:d5:8e:0c:89:74:3f:36:6f:d6:8a:39:
0a:c1:b1:f6:14:57:74:38:8f:ed:e4:82:c0:02:8a:
28:c5:37:99:1c:33:5f:3e:c3:75:33:6f:f1:5a:1d:
76:3e:0b:8d:7e:4b:72:1e:94:1d:a7:68:c9:df:13:
c9:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:5E:78:43:FE:65:5A:41:B6:89:42:8E:B3:E4:BD:18:86:10:F6:C6
X509v3 Authority Key Identifier:
keyid:1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/ul54Q_5lWkG2iUKOs-S9GIYQ9sY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.172.80.0/24
46.172.86.0/23
46.172.94.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:d1:09:05:55:e8:96:54:bb:aa:37:ff:d4:0f:62:cf:66:8a:
ef:1a:e2:90:33:54:d6:0d:2b:8b:fd:42:59:45:5d:7c:89:cb:
48:7f:81:23:c9:a7:aa:8e:e8:08:67:1f:85:e7:6b:40:c9:64:
a3:af:b9:b4:f3:6b:31:6f:50:26:43:02:61:f6:6a:6a:98:8c:
d6:ae:a5:b3:16:ba:c0:1a:58:c9:2f:40:a8:28:fa:04:32:cf:
43:a0:f5:f5:7f:44:d2:1b:75:87:e1:83:76:1b:5e:0d:59:72:
4b:e0:0a:4b:31:53:3c:e1:98:03:5c:57:c7:e7:41:9d:b2:72:
bf:c5:8b:36:fd:05:6e:bd:07:8d:23:58:27:3e:be:1e:c6:42:
3f:37:61:ce:a4:d3:53:7c:99:eb:14:a9:c5:a0:30:cf:1e:97:
37:c6:b1:7c:a0:44:6c:c2:1a:ff:40:3a:02:c7:39:02:9e:3a:
25:6e:12:6f:27:9a:77:10:64:ac:57:08:a5:4b:7a:c8:9b:06:
d1:3b:77:2d:c2:5d:42:22:88:d9:bc:11:4c:1c:ec:a9:91:43:
2f:42:15:e2:5d:c4:80:ce:5e:6d:8e:72:e3:89:e0:45:d8:35:
a2:00:f6:3a:74:45:19:ec:57:fc:50:dd:aa:7e:0d:9e:5c:0a:
4f:4e:91:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHlJd4iSZkC0OZIYd2DrwHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZWU5MTI5NmM5NDk5MmQxNTFhMjMyMjQwZTZjZjNhMTc2
ZDIwMzkwHhcNMjQwMTAyMDAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTVlNzg0M2ZlNjU1YTQxYjY4OTQyOGViM2U0YmQxODg2MTBmNmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYvhyix/md14pnE964fVHPeDWMqr
g0fwVhQIYmHiq0UQlbXuvKxzJhjpj+tV2HBfnxUwocZ1qAAlGeymB5rimFRadwab
CXQVUVB2zud/gISYhZXxeEhSYTRGyhg122XYyTvPJf0Jk30r1W7T/9H++XCcxfwB
lA7U3tm9NXOb8XCHofWUfsTXS4K0SvPJoCoa0vVU9CEXutv2qzwSqxHFiCJ7V214
dQqixk5SFBaapvK6psvHxtTELiUMfKhVy1NqWX3m6RQ/1Y4MiXQ/Nm/WijkKwbH2
FFd0OI/t5ILAAoooxTeZHDNfPsN1M2/xWh12PguNfktyHpQdp2jJ3xPJOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLpeeEP+ZVpBtolCjrPkvRiGEPbGMB8GA1UdIwQY
MBaAFBzukSlslJktFRojIkDmzzoXbSA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE82UktXeVVtUzBWR2lNaVFPYlBPaGR0SURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9jOTFlYzMtMjgyMC00MTdiLTlhYWQt
YmFjYWI0NzVlNmNjLzEvdWw1NFFfNWxXa0cyaVVLT3MtUzlHSVlROXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9jOTFlYzMtMjgyMC00MTdiLTlhYWQtYmFjYWI0NzVlNmNj
LzEvSE82UktXeVVtUzBWR2lNaVFPYlBPaGR0SURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALqxQAwQB
LqxWAwQALqxeMA0GCSqGSIb3DQEBCwUAA4IBAQAd0QkFVeiWVLuqN//UD2LPZorv
GuKQM1TWDSuL/UJZRV18ictIf4EjyaeqjugIZx+F52tAyWSjr7m082sxb1AmQwJh
9mpqmIzWrqWzFrrAGljJL0CoKPoEMs9DoPX1f0TSG3WH4YN2G14NWXJL4ApLMVM8
4ZgDXFfH50GdsnK/xYs2/QVuvQeNI1gnPr4exkI/N2HOpNNTfJnrFKnFoDDPHpc3
xrF8oERswhr/QDoCxzkCnjolbhJvJ5p3EGSsVwilS3rImwbRO3ctwl1CIojZvBFM
HOypkUMvQhXiXcSAzl5tjnLjieBF2DWiAPY6dEUZ7Ff8UN2qfg2eXApPTpE7
-----END CERTIFICATE-----
Generated at Fri May 17 16:30:02 2024 by rpki-client on console-fra.rpki-client.org