Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/pnw46b8q4O1SLQ_CKYNcUIA_cP4.roa
File: pnw46b8q4O1SLQ_CKYNcUIA_cP4.roa (raw, json)
Hash identifier: hvi2VV92szvwCFLLK1sBnMcEC62YOW9GzatVyTdkLZw=
Subject key identifier: A6:7C:38:E9:BF:2A:E0:ED:52:2D:0F:C2:29:83:5C:50:80:3F:70:FE
Certificate issuer: /CN=63f14f8e144c6d50c38ab4faff5ac6e547fe1d47
Certificate serial: 018CC72762D8F9F553BF4F3932CB89A3A75C
Authority key identifier: 63:F1:4F:8E:14:4C:6D:50:C3:8A:B4:FA:FF:5A:C6:E5:47:FE:1D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/pnw46b8q4O1SLQ_CKYNcUIA_cP4.roa
Signing time: Mon 01 Jan 2024 22:31:36 +0000
ROA not before: Mon 01 Jan 2024 22:31:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51984
IP address blocks: 46.253.36.0/24 maxlen: 24
46.253.35.0/24 maxlen: 24
46.253.34.0/24 maxlen: 24
46.253.33.0/24 maxlen: 24
46.253.32.0/24 maxlen: 24
46.253.38.0/24 maxlen: 24
46.253.37.0/24 maxlen: 24
46.253.39.0/24 maxlen: 24
185.58.172.0/24 maxlen: 24
185.58.175.0/24 maxlen: 24
185.58.174.0/24 maxlen: 24
185.58.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:62:d8:f9:f5:53:bf:4f:39:32:cb:89:a3:a7:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63f14f8e144c6d50c38ab4faff5ac6e547fe1d47
Validity
Not Before: Jan 1 22:31:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a67c38e9bf2ae0ed522d0fc229835c50803f70fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:42:d9:6c:68:92:f0:46:13:00:a2:ea:43:16:
0d:d9:cb:9b:f7:30:a7:53:20:93:2a:26:93:08:6a:
65:e8:ff:87:14:19:07:05:3c:6e:9d:89:b3:0c:47:
0a:5f:50:09:55:9c:a4:26:e6:21:b3:b0:08:99:4c:
ed:d5:be:4c:70:eb:50:b6:d1:61:16:ba:c5:29:2e:
94:20:4e:ed:a1:b8:1f:6a:18:d9:33:65:26:22:5c:
42:21:ac:4e:53:7d:a8:c8:cc:18:03:84:7c:2a:d3:
28:5f:c5:3a:71:7d:95:26:00:12:b9:10:b6:65:72:
9a:99:37:54:d6:46:4c:cf:4f:6a:f5:af:73:72:60:
04:85:27:87:a5:18:be:48:58:7e:d3:74:4d:ab:ff:
4d:cc:db:5e:bd:91:dc:c9:6f:d6:30:e4:55:13:9c:
9f:69:86:62:a2:7c:24:73:54:e7:78:4a:fa:7b:7c:
f4:67:2d:0a:13:d5:29:94:6d:c0:2d:ad:7a:32:87:
bb:07:58:7c:8b:c9:c3:87:02:af:43:f0:2c:c4:92:
20:61:a2:4f:e5:20:48:16:c5:c4:07:c5:e8:ef:8d:
3e:69:9a:28:5c:82:a9:7d:ee:a1:75:f8:cc:27:e9:
2d:5c:48:51:da:10:93:b0:b5:9a:29:a7:2b:31:73:
e5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:7C:38:E9:BF:2A:E0:ED:52:2D:0F:C2:29:83:5C:50:80:3F:70:FE
X509v3 Authority Key Identifier:
keyid:63:F1:4F:8E:14:4C:6D:50:C3:8A:B4:FA:FF:5A:C6:E5:47:FE:1D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/pnw46b8q4O1SLQ_CKYNcUIA_cP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.32.0/21
185.58.172.0/22
Signature Algorithm: sha256WithRSAEncryption
11:25:57:2b:86:fd:6f:bd:4b:7d:7e:8b:54:90:75:6b:34:bb:
b3:73:66:43:83:18:24:43:6b:df:e5:97:e4:dc:fb:17:79:bd:
af:78:e3:17:c5:98:89:c0:e3:88:15:7e:57:7c:23:42:d9:02:
49:2f:16:4c:2a:b5:10:f8:6d:da:8f:d0:1c:d4:bb:36:3a:27:
df:89:bf:17:71:21:73:d3:1e:2d:1a:93:f1:cb:6f:bc:fd:be:
a1:8c:c2:37:28:44:f1:9e:03:10:ec:2d:c1:a4:f6:78:54:b3:
7b:ee:a1:d9:ae:1d:ba:75:1d:14:28:28:4e:cf:7a:9c:97:1d:
40:b7:a1:44:14:d7:b8:eb:e6:18:38:8c:08:a4:64:a3:78:73:
27:56:47:89:f7:fd:0d:40:9e:dc:5b:b0:c5:74:91:ed:fd:db:
7f:70:66:e4:7f:fb:41:2b:8c:dd:5c:c2:16:96:0d:32:81:ca:
25:b5:b4:d6:f9:37:d6:43:df:45:53:1a:88:3d:78:ba:09:17:
90:db:8e:e0:f1:af:d6:71:b1:3b:96:16:cf:31:44:16:e3:77:
f7:8d:1c:5e:be:79:84:d1:be:f7:65:2f:e5:91:22:a9:28:c6:
65:c3:f7:10:ba:ea:ff:76:ec:95:e6:3f:9c:55:21:af:a6:84:
8d:48:e3:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJ2LY+fVTv085MsuJo6dcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZjE0ZjhlMTQ0YzZkNTBjMzhhYjRmYWZmNWFjNmU1NDdm
ZTFkNDcwHhcNMjQwMTAxMjIzMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjdjMzhlOWJmMmFlMGVkNTIyZDBmYzIyOTgzNWM1MDgwM2Y3MGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlELZbGiS8EYTAKLqQxYN2cub9zCn
UyCTKiaTCGpl6P+HFBkHBTxunYmzDEcKX1AJVZykJuYhs7AImUzt1b5McOtQttFh
FrrFKS6UIE7tobgfahjZM2UmIlxCIaxOU32oyMwYA4R8KtMoX8U6cX2VJgASuRC2
ZXKamTdU1kZMz09q9a9zcmAEhSeHpRi+SFh+03RNq/9NzNtevZHcyW/WMORVE5yf
aYZionwkc1TneEr6e3z0Zy0KE9UplG3ALa16Moe7B1h8i8nDhwKvQ/AsxJIgYaJP
5SBIFsXEB8Xo740+aZooXIKpfe6hdfjMJ+ktXEhR2hCTsLWaKacrMXPlgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKZ8OOm/KuDtUi0PwimDXFCAP3D+MB8GA1UdIwQY
MBaAFGPxT44UTG1Qw4q0+v9axuVH/h1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWV9GUGpoUk1iVkREaXJUNl8xckc1VWYtSFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS83YjBhYWUtOWQyNy00OTUxLWJhYjct
ZGEzOTQzODRlOTI1LzEvcG53NDZiOHE0TzFTTFFfQ0tZTmNVSUFfY1A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS83YjBhYWUtOWQyNy00OTUxLWJhYjctZGEzOTQzODRlOTI1
LzEvWV9GUGpoUk1iVkREaXJUNl8xckc1VWYtSFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLv0gAwQC
uTqsMA0GCSqGSIb3DQEBCwUAA4IBAQARJVcrhv1vvUt9fotUkHVrNLuzc2ZDgxgk
Q2vf5Zfk3PsXeb2veOMXxZiJwOOIFX5XfCNC2QJJLxZMKrUQ+G3aj9Ac1Ls2Oiff
ib8XcSFz0x4tGpPxy2+8/b6hjMI3KETxngMQ7C3BpPZ4VLN77qHZrh26dR0UKChO
z3qclx1At6FEFNe46+YYOIwIpGSjeHMnVkeJ9/0NQJ7cW7DFdJHt/dt/cGbkf/tB
K4zdXMIWlg0ygcoltbTW+TfWQ99FUxqIPXi6CReQ247g8a/WcbE7lhbPMUQW43f3
jRxevnmE0b73ZS/lkSKpKMZlw/cQuur/duyV5j+cVSGvpoSNSOPC
-----END CERTIFICATE-----
Generated at Sat Nov 23 19:01:37 2024 by rpki-client on console-fra.rpki-client.org