Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/b24127-81dd-4fa1-83f0-7b410b781def/1/Az3CxhyI9eKxb55mOi9g4qtinRc.roa
File: Az3CxhyI9eKxb55mOi9g4qtinRc.roa (raw, json)
Hash identifier: 6GCIuq1ZZeMNR2XIMUqQzOCxYYgVusN15Jo4rW3zdRo=
Subject key identifier: 03:3D:C2:C6:1C:88:F5:E2:B1:6F:9E:66:3A:2F:60:E2:AB:62:9D:17
Certificate issuer: /CN=c56d2154ed53b629d872b2a38d9cd041bdb4b128
Certificate serial: 018ED64BAAD60F9ABBEEB06D480235BB0798
Authority key identifier: C5:6D:21:54:ED:53:B6:29:D8:72:B2:A3:8D:9C:D0:41:BD:B4:B1:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xW0hVO1TtinYcrKjjZzQQb20sSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/b24127-81dd-4fa1-83f0-7b410b781def/1/Az3CxhyI9eKxb55mOi9g4qtinRc.roa
Signing time: Sat 13 Apr 2024 07:11:06 +0000
ROA not before: Sat 13 Apr 2024 07:11:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48326
IP address blocks: 46.228.208.0/20 maxlen: 20
46.228.208.0/21 maxlen: 21
46.228.216.0/21 maxlen: 21
46.228.221.0/24 maxlen: 24
46.228.223.0/24 maxlen: 27
94.229.32.0/20 maxlen: 20
94.229.32.0/21 maxlen: 21
94.229.40.0/21 maxlen: 21
193.8.84.0/23 maxlen: 23
193.8.84.0/24 maxlen: 24
193.8.85.0/24 maxlen: 24
193.8.92.0/23 maxlen: 23
193.8.92.0/24 maxlen: 24
193.8.93.0/24 maxlen: 24
2a00:b000::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/b24127-81dd-4fa1-83f0-7b410b781def/1/xW0hVO1TtinYcrKjjZzQQb20sSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/b24127-81dd-4fa1-83f0-7b410b781def/1/xW0hVO1TtinYcrKjjZzQQb20sSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/xW0hVO1TtinYcrKjjZzQQb20sSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 19:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d6:4b:aa:d6:0f:9a:bb:ee:b0:6d:48:02:35:bb:07:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c56d2154ed53b629d872b2a38d9cd041bdb4b128
Validity
Not Before: Apr 13 07:11:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=033dc2c61c88f5e2b16f9e663a2f60e2ab629d17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f1:ae:59:c0:7d:4c:95:df:41:3f:92:66:f6:
a6:84:89:79:a2:88:e1:af:5b:94:70:75:4b:4d:8a:
f3:bf:0f:af:b2:08:1b:d1:23:d2:a4:ac:a9:83:1c:
a2:4a:34:48:04:c0:1f:69:47:e9:1f:e4:f9:59:81:
12:00:74:3b:9c:27:9f:62:c2:4c:df:71:52:1d:7e:
07:80:07:3f:c8:b0:0c:2e:a7:8e:6a:82:13:02:29:
b5:89:f3:97:fd:54:da:70:f8:fd:9b:48:ec:e8:85:
a3:6e:b7:6d:c5:38:e3:22:e9:22:d6:f4:ac:72:9f:
a6:dc:e1:dc:b2:48:6a:35:87:27:a4:4d:bc:3a:6f:
87:48:24:ec:1f:f6:4b:cf:06:bd:ec:4e:1e:9b:3f:
97:9a:e4:60:20:df:f8:ec:42:e0:e9:bc:c7:00:f4:
c7:4a:e2:57:e5:ff:4c:a1:4b:4c:41:43:c6:67:09:
a8:b8:1c:09:c2:07:1e:01:d6:57:4f:0f:0b:42:f1:
de:c8:57:7e:5a:e1:f8:0b:36:10:9b:dc:2a:d9:54:
0b:e8:96:2d:89:2d:e4:0d:46:c7:f6:79:87:e8:c4:
a4:6c:21:2d:59:d4:f6:7c:b4:00:5f:e2:22:45:ed:
80:56:7c:8e:33:2d:1e:0f:4b:44:85:02:08:ae:82:
33:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:3D:C2:C6:1C:88:F5:E2:B1:6F:9E:66:3A:2F:60:E2:AB:62:9D:17
X509v3 Authority Key Identifier:
keyid:C5:6D:21:54:ED:53:B6:29:D8:72:B2:A3:8D:9C:D0:41:BD:B4:B1:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xW0hVO1TtinYcrKjjZzQQb20sSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/b24127-81dd-4fa1-83f0-7b410b781def/1/Az3CxhyI9eKxb55mOi9g4qtinRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/b24127-81dd-4fa1-83f0-7b410b781def/1/xW0hVO1TtinYcrKjjZzQQb20sSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.228.208.0/20
94.229.32.0/20
193.8.84.0/23
193.8.92.0/23
IPv6:
2a00:b000::/32
Signature Algorithm: sha256WithRSAEncryption
a7:b1:64:45:af:6b:82:3a:5e:7f:da:d6:ba:85:9b:e0:17:f7:
45:f9:0a:f4:53:b0:8f:87:85:1e:34:90:0e:84:31:f4:43:e3:
83:c7:7a:37:41:dd:43:37:59:58:41:ac:91:b5:21:ff:e5:86:
33:92:92:da:fc:eb:73:bf:79:41:4a:9c:10:ac:c3:51:85:35:
fd:f3:4e:f0:e3:97:40:58:94:3e:8a:e1:53:53:87:92:89:2f:
3a:1a:8e:a7:d2:ec:4b:57:21:08:7e:ae:3b:94:68:52:e8:da:
02:d3:8d:32:44:91:4c:af:ec:49:1c:86:fa:41:28:88:b4:76:
67:84:1b:71:a0:0a:d3:36:b9:3e:17:fc:ad:07:e2:e2:b7:fd:
aa:db:91:e0:c8:9d:e4:6e:4c:05:91:16:03:65:7a:39:07:2a:
45:9d:80:2d:01:5c:77:8d:7c:06:7b:f2:7d:f6:e4:6e:9e:a6:
84:1b:30:1f:df:54:48:7f:0f:a2:19:02:85:c9:9a:e3:7d:58:
77:d6:30:cc:e3:0b:16:16:0f:c9:11:c6:c8:72:05:db:f2:27:
09:39:0e:80:a2:66:cd:0b:d4:5a:1a:03:7b:61:a9:6e:d0:bd:
89:5b:51:7e:e4:83:a7:b5:e1:10:cc:6a:75:83:00:b7:30:e8:
6f:1b:29:fe
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY7WS6rWD5q77rBtSAI1uweYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NmQyMTU0ZWQ1M2I2MjlkODcyYjJhMzhkOWNkMDQxYmRi
NGIxMjgwHhcNMjQwNDEzMDcxMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzNkYzJjNjFjODhmNWUyYjE2ZjllNjYzYTJmNjBlMmFiNjI5ZDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfGuWcB9TJXfQT+SZvamhIl5oojh
r1uUcHVLTYrzvw+vsggb0SPSpKypgxyiSjRIBMAfaUfpH+T5WYESAHQ7nCefYsJM
33FSHX4HgAc/yLAMLqeOaoITAim1ifOX/VTacPj9m0js6IWjbrdtxTjjIuki1vSs
cp+m3OHcskhqNYcnpE28Om+HSCTsH/ZLzwa97E4emz+XmuRgIN/47ELg6bzHAPTH
SuJX5f9MoUtMQUPGZwmouBwJwgceAdZXTw8LQvHeyFd+WuH4CzYQm9wq2VQL6JYt
iS3kDUbH9nmH6MSkbCEtWdT2fLQAX+IiRe2AVnyOMy0eD0tEhQIIroIziQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAM9wsYciPXisW+eZjovYOKrYp0XMB8GA1UdIwQY
MBaAFMVtIVTtU7Yp2HKyo42c0EG9tLEoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFcwaFZPMVR0aW5ZY3JLampaelFRYjIwc1NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9iMjQxMjctODFkZC00ZmExLTgzZjAt
N2I0MTBiNzgxZGVmLzEvQXozQ3hoeUk5ZUt4YjU1bU9pOWc0cXRpblJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9iMjQxMjctODFkZC00ZmExLTgzZjAtN2I0MTBiNzgxZGVm
LzEveFcwaFZPMVR0aW5ZY3JLampaelFRYjIwc1NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQELuTQAwQE
XuUgAwQBwQhUAwQBwQhcMA0EAgACMAcDBQAqALAAMA0GCSqGSIb3DQEBCwUAA4IB
AQCnsWRFr2uCOl5/2ta6hZvgF/dF+Qr0U7CPh4UeNJAOhDH0Q+ODx3o3Qd1DN1lY
QayRtSH/5YYzkpLa/Otzv3lBSpwQrMNRhTX9807w45dAWJQ+iuFTU4eSiS86Go6n
0uxLVyEIfq47lGhS6NoC040yRJFMr+xJHIb6QSiItHZnhBtxoArTNrk+F/ytB+Li
t/2q25HgyJ3kbkwFkRYDZXo5BypFnYAtAVx3jXwGe/J99uRunqaEGzAf31RIfw+i
GQKFyZrjfVh31jDM4wsWFg/JEcbIcgXb8icJOQ6AombNC9RaGgN7Yalu0L2JW1F+
5IOnteEQzGp1gwC3MOhvGyn+
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:15:02 2024 by rpki-client on console-ams.rpki-client.org