Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/9425c6-c495-4878-a8f3-7a78c8c4e051/1/dDm_qXzt4n5RmWJVQIheITABKQw.roa
File: dDm_qXzt4n5RmWJVQIheITABKQw.roa (raw, json)
Hash identifier: 3Jlw36uG+JQoH/C8uIsezXwKMV2J1XRA+UG0ZlxMLyY=
Subject key identifier: 74:39:BF:A9:7C:ED:E2:7E:51:99:62:55:40:88:5E:21:30:01:29:0C
Certificate issuer: /CN=e8f40902a003d8fe6f7c7742eb47d70b50ade036
Certificate serial: 019081E220BC619274919E03E496AEB4DE92
Authority key identifier: E8:F4:09:02:A0:03:D8:FE:6F:7C:77:42:EB:47:D7:0B:50:AD:E0:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6PQJAqAD2P5vfHdC60fXC1Ct4DY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/9425c6-c495-4878-a8f3-7a78c8c4e051/1/dDm_qXzt4n5RmWJVQIheITABKQw.roa
Signing time: Fri 05 Jul 2024 07:53:18 +0000
ROA not before: Fri 05 Jul 2024 07:53:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56376
IP address blocks: 46.231.32.0/21 maxlen: 21
46.231.32.0/22 maxlen: 24
46.231.36.0/24 maxlen: 24
46.231.37.0/24 maxlen: 24
46.231.38.0/23 maxlen: 24
130.255.96.0/21 maxlen: 21
130.255.96.0/24 maxlen: 24
130.255.97.0/24 maxlen: 24
130.255.98.0/23 maxlen: 24
130.255.100.0/22 maxlen: 24
185.62.240.0/22 maxlen: 22
185.62.240.0/24 maxlen: 24
185.62.241.0/24 maxlen: 24
185.62.242.0/24 maxlen: 24
185.62.243.0/24 maxlen: 24
2a03:d100::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/9425c6-c495-4878-a8f3-7a78c8c4e051/1/6PQJAqAD2P5vfHdC60fXC1Ct4DY.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/9425c6-c495-4878-a8f3-7a78c8c4e051/1/6PQJAqAD2P5vfHdC60fXC1Ct4DY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6PQJAqAD2P5vfHdC60fXC1Ct4DY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:81:e2:20:bc:61:92:74:91:9e:03:e4:96:ae:b4:de:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8f40902a003d8fe6f7c7742eb47d70b50ade036
Validity
Not Before: Jul 5 07:53:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7439bfa97cede27e5199625540885e213001290c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:08:bb:69:b8:06:01:69:f9:f3:be:f1:bd:20:
18:2c:6c:64:fa:92:87:0b:e6:be:ce:27:ef:a4:09:
d6:8a:e2:8f:fa:17:ae:4b:cf:02:c7:8d:29:35:75:
87:2c:4f:a8:90:dc:61:b9:b4:ab:e1:a8:b1:12:cc:
ed:93:72:73:2b:f3:39:b0:b6:06:aa:da:2e:22:f9:
2b:40:a7:fc:af:a3:d9:81:b0:cb:3a:fc:e9:d6:3c:
fe:5a:d1:b9:67:d1:47:06:a7:61:98:b9:0c:d5:cb:
e0:3b:57:62:e1:1b:f6:cf:dc:a2:dc:b2:01:d7:0a:
74:c8:0d:49:f7:61:14:60:8e:7b:32:6d:6a:14:32:
ec:99:02:7a:c8:f7:2a:a1:c0:80:27:69:0b:42:74:
73:0a:57:e5:bd:54:0c:c1:41:03:dd:27:78:54:fb:
09:f0:de:da:a3:f3:4a:a6:0e:bc:0b:50:0c:c4:c5:
6b:6c:6c:f9:4c:15:87:f2:64:05:8c:79:a0:ae:c5:
58:95:a7:31:b9:77:ff:4d:89:2b:9c:36:8f:b2:4e:
e2:98:c1:98:a0:fc:02:35:33:d0:2b:8c:f2:58:55:
4e:c6:f7:6a:83:ae:24:92:2f:50:dd:9c:5f:af:84:
3d:ac:53:5e:c4:51:80:f4:12:a4:37:01:d3:70:5a:
43:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:39:BF:A9:7C:ED:E2:7E:51:99:62:55:40:88:5E:21:30:01:29:0C
X509v3 Authority Key Identifier:
keyid:E8:F4:09:02:A0:03:D8:FE:6F:7C:77:42:EB:47:D7:0B:50:AD:E0:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6PQJAqAD2P5vfHdC60fXC1Ct4DY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/9425c6-c495-4878-a8f3-7a78c8c4e051/1/dDm_qXzt4n5RmWJVQIheITABKQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/9425c6-c495-4878-a8f3-7a78c8c4e051/1/6PQJAqAD2P5vfHdC60fXC1Ct4DY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.231.32.0/21
130.255.96.0/21
185.62.240.0/22
IPv6:
2a03:d100::/32
Signature Algorithm: sha256WithRSAEncryption
7d:05:62:21:e0:a0:08:e3:bb:aa:d9:58:ce:fd:2a:24:2e:05:
82:fd:58:a8:b8:ae:9c:2e:13:99:14:5f:96:f0:3a:44:c3:1c:
d8:ea:71:6b:10:f5:ec:f0:38:7f:2b:62:d1:67:08:63:26:61:
61:55:b0:69:96:79:53:15:d4:b9:12:aa:5d:eb:ad:4b:48:c0:
bd:2a:96:91:5a:d8:16:90:ea:bb:d4:bb:c0:b0:da:f5:af:47:
28:0c:d9:68:dc:63:8c:81:da:66:af:df:01:c5:19:0d:6f:ea:
9d:33:0d:17:87:77:be:6f:fe:11:fa:8c:04:fd:74:33:f7:c9:
bf:de:6d:35:00:dd:dc:e0:20:90:bf:33:59:74:2d:c7:91:04:
2a:0e:50:47:d1:f1:83:b4:66:5b:a6:53:74:0a:2c:2b:03:39:
54:5f:43:7b:8a:59:57:ce:af:11:c9:99:ef:47:59:7b:bd:04:
17:d5:a3:03:b3:92:1a:d3:2b:c0:63:2e:21:e0:62:d8:7f:39:
bd:9e:f4:62:cb:c9:ce:ed:1f:4e:00:39:48:9a:53:6a:88:63:
c1:41:8d:47:04:42:69:49:68:49:c9:a9:85:41:70:3c:0e:ca:
33:8a:bf:f7:74:4b:da:3a:61:55:7c:01:25:37:43:8d:55:0f:
7c:c8:f8:af
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZCB4iC8YZJ0kZ4D5JautN6SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4ZjQwOTAyYTAwM2Q4ZmU2ZjdjNzc0MmViNDdkNzBiNTBh
ZGUwMzYwHhcNMjQwNzA1MDc1MzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDM5YmZhOTdjZWRlMjdlNTE5OTYyNTU0MDg4NWUyMTMwMDEyOTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwi7abgGAWn5877xvSAYLGxk+pKH
C+a+zifvpAnWiuKP+heuS88Cx40pNXWHLE+okNxhubSr4aixEsztk3JzK/M5sLYG
qtouIvkrQKf8r6PZgbDLOvzp1jz+WtG5Z9FHBqdhmLkM1cvgO1di4Rv2z9yi3LIB
1wp0yA1J92EUYI57Mm1qFDLsmQJ6yPcqocCAJ2kLQnRzClflvVQMwUED3Sd4VPsJ
8N7ao/NKpg68C1AMxMVrbGz5TBWH8mQFjHmgrsVYlacxuXf/TYkrnDaPsk7imMGY
oPwCNTPQK4zyWFVOxvdqg64kki9Q3Zxfr4Q9rFNexFGA9BKkNwHTcFpDyQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHQ5v6l87eJ+UZliVUCIXiEwASkMMB8GA1UdIwQY
MBaAFOj0CQKgA9j+b3x3QutH1wtQreA2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlBRSkFxQUQyUDV2ZkhkQzYwZlhDMUN0NERZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny85NDI1YzYtYzQ5NS00ODc4LWE4ZjMt
N2E3OGM4YzRlMDUxLzEvZERtX3FYenQ0bjVSbVdKVlFJaGVJVEFCS1F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny85NDI1YzYtYzQ5NS00ODc4LWE4ZjMtN2E3OGM4YzRlMDUx
LzEvNlBRSkFxQUQyUDV2ZkhkQzYwZlhDMUN0NERZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLucgAwQD
gv9gAwQCuT7wMA0EAgACMAcDBQAqA9EAMA0GCSqGSIb3DQEBCwUAA4IBAQB9BWIh
4KAI47uq2VjO/SokLgWC/ViouK6cLhOZFF+W8DpEwxzY6nFrEPXs8Dh/K2LRZwhj
JmFhVbBplnlTFdS5Eqpd661LSMC9KpaRWtgWkOq71LvAsNr1r0coDNlo3GOMgdpm
r98BxRkNb+qdMw0Xh3e+b/4R+owE/XQz98m/3m01AN3c4CCQvzNZdC3HkQQqDlBH
0fGDtGZbplN0CiwrAzlUX0N7illXzq8RyZnvR1l7vQQX1aMDs5Ia0yvAYy4h4GLY
fzm9nvRiy8nO7R9OADlImlNqiGPBQY1HBEJpSWhJyamFQXA8Dsozir/3dEvaOmFV
fAElN0ONVQ98yPiv
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:11:02 2024 by rpki-client on console-ams.rpki-client.org