Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Mj5w8Qrm0dOfDMPL23dbbjwkg3s.roa
File: Mj5w8Qrm0dOfDMPL23dbbjwkg3s.roa (raw, json)
Hash identifier: 6RyRT+sB4hA/IBzFFcwlm/DK96+dI8KR/y7F45BmMTk=
Subject key identifier: 32:3E:70:F1:0A:E6:D1:D3:9F:0C:C3:CB:DB:77:5B:6E:3C:24:83:7B
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 018CC3B6D4D438AC0032183A5BD73E8AAB0E
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Mj5w8Qrm0dOfDMPL23dbbjwkg3s.roa
Signing time: Mon 01 Jan 2024 06:29:48 +0000
ROA not before: Mon 01 Jan 2024 06:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213296
IP address blocks: 158.46.192.0/22 maxlen: 22
158.46.191.0/24 maxlen: 24
158.46.188.0/24 maxlen: 24
178.171.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 15:21:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d4:d4:38:ac:00:32:18:3a:5b:d7:3e:8a:ab:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jan 1 06:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=323e70f10ae6d1d39f0cc3cbdb775b6e3c24837b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:20:42:f6:bb:90:fc:cc:d3:84:9e:1d:59:93:
b5:80:da:b8:a6:4b:fa:8c:f0:3e:15:be:fc:c2:37:
47:91:c3:b1:a5:09:8d:08:2d:db:b4:8f:39:e3:89:
03:f7:0e:55:6c:12:0a:d4:6e:4b:1e:b6:4e:fc:d2:
7a:2a:63:92:0e:3b:2d:30:4e:fd:d4:4b:f9:5a:75:
02:55:0d:f9:b5:17:df:81:71:de:23:30:0e:cd:49:
32:16:e4:b2:dc:14:dd:ee:6d:f0:fa:63:dc:29:d3:
95:0c:01:bf:b4:1e:fc:4d:d2:d4:9f:00:53:38:50:
9f:eb:74:54:eb:76:bf:40:ad:db:0e:be:08:ef:32:
c1:50:ba:84:e0:31:17:07:fd:e8:0c:99:dd:c4:65:
65:d3:ce:4a:1d:69:23:f0:d4:37:8e:a4:71:59:7e:
e5:e7:86:a2:6f:05:a4:5c:14:41:22:ee:53:82:26:
b8:1e:dd:51:72:b2:b6:09:bb:26:d0:92:89:27:f3:
48:a5:75:23:d0:21:35:a4:e7:5b:0e:d7:df:f7:00:
9f:92:27:80:99:c7:67:1c:e4:41:f7:7c:20:de:42:
27:4c:a6:24:9e:c9:f8:f4:6d:3b:5c:d0:99:19:80:
31:fa:02:98:12:11:20:6a:8a:ec:35:79:da:ca:69:
e4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:3E:70:F1:0A:E6:D1:D3:9F:0C:C3:CB:DB:77:5B:6E:3C:24:83:7B
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Mj5w8Qrm0dOfDMPL23dbbjwkg3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.188.0/24
158.46.191.0-158.46.195.255
178.171.22.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:2e:8c:be:cf:de:1f:78:46:d7:c7:f9:3e:12:dd:d2:81:23:
e3:96:23:51:1b:08:a6:47:af:85:8b:c5:77:fa:e6:4f:6f:7e:
82:9b:cf:b3:7c:eb:6f:7f:fc:31:fc:01:33:b0:6d:3d:96:d7:
bf:8e:71:05:e8:a9:f9:52:27:07:ab:de:d8:1f:dd:70:4d:2c:
0b:7a:1b:0e:59:83:fe:60:32:50:6d:ee:6a:d5:42:37:99:15:
01:81:47:5d:da:08:be:39:ab:01:dc:26:db:2f:ee:3b:ba:a4:
85:c7:db:58:e4:93:80:67:14:ca:6b:f0:94:fd:68:dc:e8:d5:
3d:1b:6f:f0:0a:7f:37:57:de:ea:19:b9:aa:1d:b3:ff:66:24:
e8:d8:50:2d:fa:09:d8:bd:e6:65:82:67:b0:9d:89:3b:65:85:
eb:4d:16:b9:21:eb:a8:71:15:be:f3:68:bc:17:c7:8c:d3:cd:
8f:a6:88:76:4e:7e:36:00:ce:42:85:89:14:6a:ed:bb:8f:42:
4e:f4:92:c6:f7:92:03:ea:31:a3:81:93:22:b2:ff:9e:45:a6:
6d:f6:cd:ed:4b:dd:5f:29:66:b6:89:a5:3f:9c:3a:60:b8:64:
71:71:56:a4:b6:dc:2e:a7:fa:38:46:01:cb:2e:42:5d:cc:b2:
95:7a:3f:90
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzDttTUOKwAMhg6W9c+iqsOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjQwMTAxMDYyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjNlNzBmMTBhZTZkMWQzOWYwY2MzY2JkYjc3NWI2ZTNjMjQ4MzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiBC9ruQ/MzThJ4dWZO1gNq4pkv6
jPA+Fb78wjdHkcOxpQmNCC3btI8544kD9w5VbBIK1G5LHrZO/NJ6KmOSDjstME79
1Ev5WnUCVQ35tRffgXHeIzAOzUkyFuSy3BTd7m3w+mPcKdOVDAG/tB78TdLUnwBT
OFCf63RU63a/QK3bDr4I7zLBULqE4DEXB/3oDJndxGVl085KHWkj8NQ3jqRxWX7l
54aibwWkXBRBIu5Tgia4Ht1RcrK2Cbsm0JKJJ/NIpXUj0CE1pOdbDtff9wCfkieA
mcdnHORB93wg3kInTKYknsn49G07XNCZGYAx+gKYEhEgaorsNXnaymnkeQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDI+cPEK5tHTnwzDy9t3W248JIN7MB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvTWo1dzhRcm0wZE9mRE1QTDIzZGJiandrZzNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAni68MAwD
BACeLr8DBAKeLsADBACyqxYwDQYJKoZIhvcNAQELBQADggEBALoujL7P3h94RtfH
+T4S3dKBI+OWI1EbCKZHr4WLxXf65k9vfoKbz7N8629//DH8ATOwbT2W17+OcQXo
qflSJwer3tgf3XBNLAt6Gw5Zg/5gMlBt7mrVQjeZFQGBR13aCL45qwHcJtsv7ju6
pIXH21jkk4BnFMpr8JT9aNzo1T0bb/AKfzdX3uoZuaods/9mJOjYUC36Cdi95mWC
Z7CdiTtlhetNFrkh66hxFb7zaLwXx4zTzY+miHZOfjYAzkKFiRRq7buPQk70ksb3
kgPqMaOBkyKy/55Fpm32ze1L3V8pZraJpT+cOmC4ZHFxVqS23C6n+jhGAcsuQl3M
spV6P5A=
-----END CERTIFICATE-----
Generated at Thu May 9 21:15:47 2024 by rpki-client on console-fra.rpki-client.org