Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c8f41d-ea73-4a03-ba72-0f50773b0ede/1/9n6_QxUWNBj6pf-W1Docqojo_24.roa
File: 9n6_QxUWNBj6pf-W1Docqojo_24.roa (raw, json)
Hash identifier: W63L5HqQHsa90UnMU3ePl9vAesD8fNZQ8F6zbeRpPKY=
Subject key identifier: F6:7E:BF:43:15:16:34:18:FA:A5:FF:96:D4:3A:1C:AA:88:E8:FF:6E
Certificate issuer: /CN=fd9ae37617f3fbe48880b230fe7c7ce0f0dc41c7
Certificate serial: 019421B1AE42216810BA2ABBFC2F622CAD36
Authority key identifier: FD:9A:E3:76:17:F3:FB:E4:88:80:B2:30:FE:7C:7C:E0:F0:DC:41:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Zrjdhfz--SIgLIw_nx84PDcQcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/c8f41d-ea73-4a03-ba72-0f50773b0ede/1/9n6_QxUWNBj6pf-W1Docqojo_24.roa
Signing time: Wed 01 Jan 2025 11:47:59 +0000
ROA not before: Wed 01 Jan 2025 11:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197505
IP address blocks: 46.255.128.0/21 maxlen: 21
46.255.128.0/24 maxlen: 24
46.255.129.0/24 maxlen: 24
46.255.130.0/24 maxlen: 24
46.255.131.0/24 maxlen: 24
46.255.132.0/24 maxlen: 24
46.255.133.0/24 maxlen: 24
46.255.134.0/24 maxlen: 24
46.255.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/c8f41d-ea73-4a03-ba72-0f50773b0ede/1/_Zrjdhfz--SIgLIw_nx84PDcQcc.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/c8f41d-ea73-4a03-ba72-0f50773b0ede/1/_Zrjdhfz--SIgLIw_nx84PDcQcc.mft
rsync://rpki.ripe.net/repository/DEFAULT/_Zrjdhfz--SIgLIw_nx84PDcQcc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 23:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:ae:42:21:68:10:ba:2a:bb:fc:2f:62:2c:ad:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd9ae37617f3fbe48880b230fe7c7ce0f0dc41c7
Validity
Not Before: Jan 1 11:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f67ebf4315163418faa5ff96d43a1caa88e8ff6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ad:b6:47:9e:35:89:73:cd:52:ad:d5:01:52:
e1:f8:b0:59:b3:99:a3:72:60:45:21:5a:1f:a3:e1:
d4:ce:36:a9:5a:c0:2c:99:cf:9d:a5:dc:41:f2:55:
13:0e:6c:62:d3:49:98:5c:51:a7:69:54:72:a5:e1:
eb:45:cd:db:f6:8e:9b:58:50:80:9a:4d:ed:2c:9b:
8d:4c:21:1e:cd:ec:28:fb:0d:07:ae:61:e9:00:70:
8a:fa:1f:9e:ee:12:aa:37:7c:1d:50:6f:e8:f1:c7:
fe:b8:21:89:09:4d:7f:64:fa:18:99:6f:70:36:00:
ea:64:ec:cc:1f:98:05:c1:f8:f1:23:2d:b4:52:cc:
e7:df:04:9c:be:d6:b3:52:c4:06:db:c9:10:fe:36:
76:46:5e:7d:f6:98:00:60:6a:9a:1a:4a:d9:56:6c:
19:c4:4f:4e:e7:76:04:3b:df:2f:3b:3c:b7:b9:5c:
12:83:e4:73:ee:63:f7:41:72:6b:2c:7a:d1:33:fc:
0e:3f:fa:72:c6:69:3d:e6:e6:b5:86:15:a2:c8:78:
f2:d4:f2:4d:f9:a9:fb:c6:69:a5:3a:e8:14:22:28:
7e:e7:a1:36:c2:8c:2c:9b:19:6d:8e:04:a0:6f:17:
d6:11:24:b0:a7:e9:a6:35:5f:d7:e2:94:e5:b7:fc:
40:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:7E:BF:43:15:16:34:18:FA:A5:FF:96:D4:3A:1C:AA:88:E8:FF:6E
X509v3 Authority Key Identifier:
keyid:FD:9A:E3:76:17:F3:FB:E4:88:80:B2:30:FE:7C:7C:E0:F0:DC:41:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Zrjdhfz--SIgLIw_nx84PDcQcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c8f41d-ea73-4a03-ba72-0f50773b0ede/1/9n6_QxUWNBj6pf-W1Docqojo_24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c8f41d-ea73-4a03-ba72-0f50773b0ede/1/_Zrjdhfz--SIgLIw_nx84PDcQcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.128.0/21
Signature Algorithm: sha256WithRSAEncryption
67:6c:87:93:93:33:2a:9c:0b:8a:c2:79:c7:65:cb:0e:85:14:
8c:e1:c0:08:1a:07:d6:10:8c:72:e5:c9:32:91:38:15:1f:44:
5b:c5:d8:78:22:84:b3:17:80:91:e3:1b:0c:3d:e6:ce:e9:dc:
2e:d5:8a:5a:73:0e:79:b4:c8:30:b5:ef:a0:29:97:e6:98:2c:
6e:1c:7f:fb:1e:fa:f3:2d:55:5f:fc:7e:8b:a8:db:92:4f:2f:
35:40:39:c8:8f:bb:23:b7:69:94:8b:dd:d3:42:c1:5c:9a:0e:
e6:b2:13:71:ed:f1:6b:d4:ef:78:88:d0:da:b3:f3:ff:e3:5c:
f0:4d:91:c4:5d:6b:a0:1f:5e:51:ad:db:ae:f7:54:1f:62:3a:
b9:72:48:80:10:7b:e6:6e:ec:10:f4:9b:03:f3:f5:d5:36:36:
c2:b0:ca:8b:a2:26:00:c0:cd:ac:ca:98:ad:aa:d3:3a:e9:25:
72:b0:d8:31:de:12:e2:cb:e9:de:bd:25:13:d4:ec:8b:b7:fa:
4d:73:47:b6:f3:20:3f:b3:5f:32:99:7c:2d:6f:58:7a:14:3a:
9e:b7:9b:09:8e:c7:65:3a:cd:0d:dc:46:98:d1:e9:e1:7d:29:
88:f4:dc:4f:f7:69:db:5c:8e:66:34:ba:5d:4b:bd:19:3d:04:
f7:65:18:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsa5CIWgQuiq7/C9iLK02MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkOWFlMzc2MTdmM2ZiZTQ4ODgwYjIzMGZlN2M3Y2UwZjBk
YzQxYzcwHhcNMjUwMTAxMTE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjdlYmY0MzE1MTYzNDE4ZmFhNWZmOTZkNDNhMWNhYTg4ZThmZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5q22R541iXPNUq3VAVLh+LBZs5mj
cmBFIVofo+HUzjapWsAsmc+dpdxB8lUTDmxi00mYXFGnaVRypeHrRc3b9o6bWFCA
mk3tLJuNTCEezewo+w0HrmHpAHCK+h+e7hKqN3wdUG/o8cf+uCGJCU1/ZPoYmW9w
NgDqZOzMH5gFwfjxIy20Uszn3wScvtazUsQG28kQ/jZ2Rl599pgAYGqaGkrZVmwZ
xE9O53YEO98vOzy3uVwSg+Rz7mP3QXJrLHrRM/wOP/pyxmk95ua1hhWiyHjy1PJN
+an7xmmlOugUIih+56E2wowsmxltjgSgbxfWESSwp+mmNV/X4pTlt/xAjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPZ+v0MVFjQY+qX/ltQ6HKqI6P9uMB8GA1UdIwQY
MBaAFP2a43YX8/vkiICyMP58fODw3EHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1pyamRoZnotLVNJZ0xJd19ueDg0UERjUWNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jOGY0MWQtZWE3My00YTAzLWJhNzIt
MGY1MDc3M2IwZWRlLzEvOW42X1F4VVdOQmo2cGYtVzFEb2Nxb2pvXzI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jOGY0MWQtZWE3My00YTAzLWJhNzItMGY1MDc3M2IwZWRl
LzEvX1pyamRoZnotLVNJZ0xJd19ueDg0UERjUWNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLv+AMA0G
CSqGSIb3DQEBCwUAA4IBAQBnbIeTkzMqnAuKwnnHZcsOhRSM4cAIGgfWEIxy5cky
kTgVH0Rbxdh4IoSzF4CR4xsMPebO6dwu1Ypacw55tMgwte+gKZfmmCxuHH/7Hvrz
LVVf/H6LqNuSTy81QDnIj7sjt2mUi93TQsFcmg7mshNx7fFr1O94iNDas/P/41zw
TZHEXWugH15Rrduu91QfYjq5ckiAEHvmbuwQ9JsD8/XVNjbCsMqLoiYAwM2sypit
qtM66SVysNgx3hLiy+nevSUT1OyLt/pNc0e28yA/s18ymXwtb1h6FDqet5sJjsdl
Os0N3EaY0enhfSmI9NxP92nbXI5mNLpdS70ZPQT3ZRi9
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:47:49 2025 by rpki-client