Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Pn9qOEhDW3KAoHx8T0KWgZdguEg.roa
File: Pn9qOEhDW3KAoHx8T0KWgZdguEg.roa (raw, json)
Hash identifier: aCx9r9J3XEvl2d1wvjSiiy8XFnxaFC13n7/qfY1AK/Y=
Subject key identifier: 3E:7F:6A:38:48:43:5B:72:80:A0:7C:7C:4F:42:96:81:97:60:B8:48
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 018CC3B6D1F4B41B3C60462EBFE036954F37
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Pn9qOEhDW3KAoHx8T0KWgZdguEg.roa
Signing time: Mon 01 Jan 2024 06:29:47 +0000
ROA not before: Mon 01 Jan 2024 06:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 178.171.104.0/24 maxlen: 24
158.46.196.0/22 maxlen: 22
178.171.0.0/20 maxlen: 20
178.171.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d1:f4:b4:1b:3c:60:46:2e:bf:e0:36:95:4f:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jan 1 06:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e7f6a3848435b7280a07c7c4f4296819760b848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ac:d5:76:0f:b0:e9:5c:98:a7:2a:55:9d:72:
ad:1b:aa:c4:31:c9:a1:46:65:b1:a5:22:9f:b0:b2:
c9:74:9f:e4:de:08:3a:24:fc:af:32:77:41:af:62:
80:1e:ce:0f:78:56:99:2e:da:d5:5f:40:ae:3b:0a:
01:08:dc:a5:38:a5:58:09:e1:54:2b:8e:9c:59:e9:
29:48:64:29:99:ae:2b:0e:3b:fa:e9:3d:d0:a5:eb:
74:e2:a1:73:cf:9a:71:c7:0f:45:7a:f3:86:b2:a7:
f5:8f:55:c6:74:aa:1e:f9:82:4f:91:02:0f:e4:2f:
01:85:66:8f:58:3a:a5:46:eb:d9:f4:d7:cc:2f:4e:
d8:15:43:58:71:08:6b:65:0e:e9:79:05:3d:cf:24:
62:4a:85:64:a0:1a:6f:25:73:be:6f:65:6a:e0:fd:
45:0c:d0:44:af:15:41:09:a0:d5:d2:c1:a9:ee:07:
5c:85:d7:6c:a1:ad:59:63:43:4a:d2:dc:ff:fd:89:
5a:c7:39:c6:93:a4:a9:c7:9c:23:03:56:dd:ae:3d:
e8:7c:53:28:0d:a8:e3:e1:0b:8b:19:93:37:d4:35:
91:23:ee:9b:22:7d:af:50:10:da:38:db:43:01:75:
d9:c7:d1:37:96:bc:bd:ae:c9:6d:17:51:0b:02:c5:
97:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:7F:6A:38:48:43:5B:72:80:A0:7C:7C:4F:42:96:81:97:60:B8:48
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Pn9qOEhDW3KAoHx8T0KWgZdguEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.196.0/22
178.171.0.0/20
178.171.104.0/24
178.171.122.0/24
Signature Algorithm: sha256WithRSAEncryption
87:2e:f8:12:37:97:f2:86:e3:15:15:75:21:fc:b8:cd:9e:2e:
a9:89:4d:ff:85:e8:c4:88:22:0b:f5:28:ad:89:1a:41:41:2a:
3e:67:6c:53:48:4c:ed:34:6e:c5:72:7f:c1:37:dc:da:2d:63:
7c:3b:55:b8:45:d0:d2:a8:68:03:e0:f2:0b:8e:3c:37:e4:71:
a8:14:14:6b:dc:0d:a7:88:e0:83:e9:c4:ba:24:dc:3f:7a:d8:
fd:f5:b3:22:57:df:ed:2e:b6:df:c5:84:02:c7:0f:28:1f:bd:
09:d0:aa:56:23:02:17:39:0e:c4:68:10:9b:f8:21:b0:bd:d5:
df:71:3c:9d:af:3d:91:e2:f8:dd:45:11:d6:a7:e6:81:1a:3c:
5d:2f:22:cf:a0:f5:d9:1b:65:fd:da:14:19:d8:e7:8f:17:21:
d6:c4:5c:68:71:fb:bf:02:02:77:0e:2c:fe:4e:b0:03:f7:9b:
a0:51:84:0d:87:43:d2:c4:67:30:74:b0:3b:25:5e:3a:d1:60:
64:5c:89:ad:b1:49:be:89:6d:1d:87:4c:85:c8:ea:7b:5b:9c:
c8:c1:48:53:4b:10:7d:34:35:1c:76:f6:7e:0c:a4:55:f9:f6:
52:5a:b3:74:3d:3a:fe:ca:b6:e8:22:6d:8d:8c:ea:19:33:a0:
9b:fe:23:7a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDttH0tBs8YEYuv+A2lU83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjQwMTAxMDYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTdmNmEzODQ4NDM1YjcyODBhMDdjN2M0ZjQyOTY4MTk3NjBiODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzazVdg+w6VyYpypVnXKtG6rEMcmh
RmWxpSKfsLLJdJ/k3gg6JPyvMndBr2KAHs4PeFaZLtrVX0CuOwoBCNylOKVYCeFU
K46cWekpSGQpma4rDjv66T3Qpet04qFzz5pxxw9FevOGsqf1j1XGdKoe+YJPkQIP
5C8BhWaPWDqlRuvZ9NfML07YFUNYcQhrZQ7peQU9zyRiSoVkoBpvJXO+b2Vq4P1F
DNBErxVBCaDV0sGp7gdchddsoa1ZY0NK0tz//YlaxznGk6Spx5wjA1bdrj3ofFMo
Dajj4QuLGZM31DWRI+6bIn2vUBDaONtDAXXZx9E3lry9rsltF1ELAsWXFQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD5/ajhIQ1tygKB8fE9CloGXYLhIMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvUG45cU9FaERXM0tBb0h4OFQwS1dnWmRndUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCni7EAwQE
sqsAAwQAsqtoAwQAsqt6MA0GCSqGSIb3DQEBCwUAA4IBAQCHLvgSN5fyhuMVFXUh
/LjNni6piU3/hejEiCIL9SitiRpBQSo+Z2xTSEztNG7Fcn/BN9zaLWN8O1W4RdDS
qGgD4PILjjw35HGoFBRr3A2niOCD6cS6JNw/etj99bMiV9/tLrbfxYQCxw8oH70J
0KpWIwIXOQ7EaBCb+CGwvdXfcTydrz2R4vjdRRHWp+aBGjxdLyLPoPXZG2X92hQZ
2OePFyHWxFxocfu/AgJ3Diz+TrAD95ugUYQNh0PSxGcwdLA7JV460WBkXImtsUm+
iW0dh0yFyOp7W5zIwUhTSxB9NDUcdvZ+DKRV+fZSWrN0PTr+yrboIm2NjOoZM6Cb
/iN6
-----END CERTIFICATE-----
Generated at Sun Apr 28 05:39:15 2024 by rpki-client on console-ams.rpki-client.org