Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/MDU2fl1CWUwsfDMMMSz9uOH8psA.roa
File: MDU2fl1CWUwsfDMMMSz9uOH8psA.roa (raw, json)
Hash identifier: kLzf6KaRdbkFOheJ56yY/B4MBybGYUffBr4m7m9Rs6Q=
Subject key identifier: 30:35:36:7E:5D:42:59:4C:2C:7C:33:0C:31:2C:FD:B8:E1:FC:A6:C0
Certificate issuer: /CN=cf40fdd82a0fdf3b70be18221eeba60d801ed7bf
Certificate serial: 018CC7957289EA6C96E1D417E1D64CEFF4D0
Authority key identifier: CF:40:FD:D8:2A:0F:DF:3B:70:BE:18:22:1E:EB:A6:0D:80:1E:D7:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z0D92CoP3ztwvhgiHuumDYAe178.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/MDU2fl1CWUwsfDMMMSz9uOH8psA.roa
Signing time: Tue 02 Jan 2024 00:31:49 +0000
ROA not before: Tue 02 Jan 2024 00:31:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56910
IP address blocks: 46.227.61.64/28 maxlen: 32
46.227.58.96/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/z0D92CoP3ztwvhgiHuumDYAe178.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/z0D92CoP3ztwvhgiHuumDYAe178.mft
rsync://rpki.ripe.net/repository/DEFAULT/z0D92CoP3ztwvhgiHuumDYAe178.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:72:89:ea:6c:96:e1:d4:17:e1:d6:4c:ef:f4:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf40fdd82a0fdf3b70be18221eeba60d801ed7bf
Validity
Not Before: Jan 2 00:31:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3035367e5d42594c2c7c330c312cfdb8e1fca6c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:08:12:3d:90:d9:54:44:f8:65:4d:c1:6c:ac:
e5:aa:25:8d:ea:bc:eb:6b:33:bd:5b:c2:7d:b6:b6:
83:de:d4:fe:10:13:9f:98:07:f2:da:c3:96:2d:17:
ff:e8:a5:d8:ad:fc:a3:d4:f6:ba:1b:22:db:64:53:
73:75:b8:15:62:5a:73:a5:ab:31:c8:57:03:e1:c7:
7b:0b:b5:c8:41:a5:58:e4:98:07:ee:95:e5:31:ef:
8b:fd:5c:5a:aa:b5:e0:38:94:21:1d:04:a4:25:b9:
12:eb:1c:a3:cf:08:41:20:71:86:60:95:94:7d:11:
2f:b8:c4:2b:ea:8d:41:dc:4b:cf:d0:3d:37:1b:cc:
49:e2:42:bc:86:73:ea:cd:d5:eb:f7:7f:fd:cb:e8:
56:0b:75:52:50:f9:d4:b8:aa:42:24:a9:0e:b4:1e:
d6:cb:ad:a3:66:34:f6:e3:58:c6:49:12:e9:d9:31:
2b:a1:a9:31:58:4e:9c:6a:77:a4:bf:0c:2f:2b:73:
c5:dc:b0:66:69:7c:02:fb:ac:fa:4d:e2:f6:39:9b:
6e:d8:8b:bb:ff:22:28:53:ba:76:64:cd:2e:80:fe:
81:38:52:58:24:f7:0b:62:4a:fe:3a:dc:c2:ff:28:
07:59:9d:9b:36:49:65:54:d4:9c:b0:bc:27:89:96:
8b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:35:36:7E:5D:42:59:4C:2C:7C:33:0C:31:2C:FD:B8:E1:FC:A6:C0
X509v3 Authority Key Identifier:
keyid:CF:40:FD:D8:2A:0F:DF:3B:70:BE:18:22:1E:EB:A6:0D:80:1E:D7:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0D92CoP3ztwvhgiHuumDYAe178.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/MDU2fl1CWUwsfDMMMSz9uOH8psA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/z0D92CoP3ztwvhgiHuumDYAe178.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.58.96/29
46.227.61.64/28
Signature Algorithm: sha256WithRSAEncryption
51:ef:17:0c:63:60:db:21:60:b9:89:b5:bb:bf:7c:a3:f5:c9:
7d:f6:38:67:44:4b:8d:53:cc:0f:44:bd:d2:18:2c:a5:b6:d9:
5c:6a:90:d8:0d:d2:55:ba:77:5c:00:f8:16:61:9e:d8:7e:02:
49:2a:b4:34:42:3c:9c:95:a4:db:1f:e1:22:ae:82:97:66:da:
9a:04:b7:49:7f:31:b6:8d:3a:60:cd:e0:58:bf:b8:db:6b:0b:
91:82:a2:75:1d:8b:6b:ab:41:3b:5a:50:6f:e2:4e:7b:da:56:
a5:76:69:aa:38:b7:29:15:d1:8f:3c:ad:1c:29:31:e9:2a:03:
0e:67:fa:3e:e6:11:bd:c5:ad:3e:00:24:5d:ff:06:72:70:c6:
e2:f4:27:c9:f7:25:f8:28:63:b6:46:ea:5e:b2:a3:9c:f0:72:
bc:c5:35:59:33:1a:97:19:9f:17:d8:a1:20:5b:c0:bf:e0:3c:
99:7e:cd:31:f3:50:b8:9d:f9:c7:59:eb:8a:70:88:af:43:c2:
de:7a:da:3b:11:f2:9a:2e:fb:aa:50:d7:ad:e9:d1:d3:4c:0c:
97:b3:f0:4e:ec:3d:e8:4b:c8:55:e5:ba:af:ae:ad:19:51:38:
d4:f8:e3:4a:0b:b4:ea:84:fb:b9:29:c9:c6:2b:00:7e:39:6b:
df:6e:81:90
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHlXKJ6myW4dQX4dZM7/TQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNDBmZGQ4MmEwZmRmM2I3MGJlMTgyMjFlZWJhNjBkODAx
ZWQ3YmYwHhcNMjQwMTAyMDAzMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDM1MzY3ZTVkNDI1OTRjMmM3YzMzMGMzMTJjZmRiOGUxZmNhNmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQgSPZDZVET4ZU3BbKzlqiWN6rzr
azO9W8J9traD3tT+EBOfmAfy2sOWLRf/6KXYrfyj1Pa6GyLbZFNzdbgVYlpzpasx
yFcD4cd7C7XIQaVY5JgH7pXlMe+L/VxaqrXgOJQhHQSkJbkS6xyjzwhBIHGGYJWU
fREvuMQr6o1B3EvP0D03G8xJ4kK8hnPqzdXr93/9y+hWC3VSUPnUuKpCJKkOtB7W
y62jZjT241jGSRLp2TEroakxWE6canekvwwvK3PF3LBmaXwC+6z6TeL2OZtu2Iu7
/yIoU7p2ZM0ugP6BOFJYJPcLYkr+OtzC/ygHWZ2bNkllVNScsLwniZaLewIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDA1Nn5dQllMLHwzDDEs/bjh/KbAMB8GA1UdIwQY
MBaAFM9A/dgqD987cL4YIh7rpg2AHte/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejBEOTJDb1AzenR3dmhnaUh1dW1EWUFlMTc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS83OTI3MzctNmEwMi00MjRiLTgyY2It
YTI5Y2U3ZGExMGZkLzEvTURVMmZsMUNXVXdzZkRNTU1Tejl1T0g4cHNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS83OTI3MzctNmEwMi00MjRiLTgyY2ItYTI5Y2U3ZGExMGZk
LzEvejBEOTJDb1AzenR3dmhnaUh1dW1EWUFlMTc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUDLuM6YAMF
BC7jPUAwDQYJKoZIhvcNAQELBQADggEBAFHvFwxjYNshYLmJtbu/fKP1yX32OGdE
S41TzA9EvdIYLKW22VxqkNgN0lW6d1wA+BZhnth+AkkqtDRCPJyVpNsf4SKugpdm
2poEt0l/MbaNOmDN4Fi/uNtrC5GConUdi2urQTtaUG/iTnvaVqV2aao4tykV0Y88
rRwpMekqAw5n+j7mEb3FrT4AJF3/BnJwxuL0J8n3JfgoY7ZG6l6yo5zwcrzFNVkz
GpcZnxfYoSBbwL/gPJl+zTHzULid+cdZ64pwiK9Dwt562jsR8pou+6pQ163p0dNM
DJez8E7sPehLyFXluq+urRlRONT440oLtOqE+7kpycYrAH45a99ugZA=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:19:44 2024 by rpki-client on console-fra.rpki-client.org