Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/HI7Y1XqfS7OAXw-WPJel-4kfVas.roa
File: HI7Y1XqfS7OAXw-WPJel-4kfVas.roa (raw, json)
Hash identifier: 1r4VLFFk0Yd+e70UsyWMkgZmDsNx+RY8GWUBEuiU/6Q=
Subject key identifier: 1C:8E:D8:D5:7A:9F:4B:B3:80:5F:0F:96:3C:97:A5:FB:89:1F:55:AB
Certificate issuer: /CN=64ded85d9a05b1df689a8b6c313f8128c7a00b67
Certificate serial: 018CCA2BDA472A528D33942247E482AD42E7
Authority key identifier: 64:DE:D8:5D:9A:05:B1:DF:68:9A:8B:6C:31:3F:81:28:C7:A0:0B:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZN7YXZoFsd9omotsMT-BKMegC2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/HI7Y1XqfS7OAXw-WPJel-4kfVas.roa
Signing time: Tue 02 Jan 2024 12:35:20 +0000
ROA not before: Tue 02 Jan 2024 12:35:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42910
IP address blocks: 46.28.232.0/24 maxlen: 24
46.28.238.0/24 maxlen: 24
46.28.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/ZN7YXZoFsd9omotsMT-BKMegC2c.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/ZN7YXZoFsd9omotsMT-BKMegC2c.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZN7YXZoFsd9omotsMT-BKMegC2c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:da:47:2a:52:8d:33:94:22:47:e4:82:ad:42:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64ded85d9a05b1df689a8b6c313f8128c7a00b67
Validity
Not Before: Jan 2 12:35:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c8ed8d57a9f4bb3805f0f963c97a5fb891f55ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ad:9a:0a:38:32:49:61:bc:df:50:72:af:b3:
0c:f6:5d:c5:fc:5e:a3:8c:4a:24:c5:e0:58:42:3a:
c0:f6:9b:44:9b:4d:3d:e5:bb:fd:af:e3:4d:c5:db:
33:91:83:5c:b9:d0:6c:fa:ba:2d:f5:d8:79:dc:46:
07:5e:8f:fe:83:ef:f5:02:17:38:1b:81:7c:0e:09:
a4:6a:a0:3d:92:a6:3c:2d:9a:19:b5:9f:95:cc:23:
c1:a4:38:0b:f2:f4:c3:df:cc:d9:ad:0d:fe:04:fc:
82:e2:0c:9e:01:ab:51:34:86:ec:b4:b8:ff:80:91:
0a:2a:ff:23:2b:ce:d6:c5:46:42:cc:fb:b7:97:1d:
e9:b4:fa:55:25:f2:88:ca:fc:d2:51:5e:48:80:24:
d0:5a:10:3d:49:9d:6b:eb:c2:48:51:08:73:21:f2:
e3:50:10:0a:81:c1:00:a2:bc:93:73:eb:83:49:7c:
1b:e6:1a:f9:4d:7d:68:83:c3:e3:12:25:f2:f9:84:
e4:84:81:c5:b7:65:51:94:ee:b9:ee:db:7f:ff:02:
78:76:c5:39:3c:19:48:c5:83:64:c7:fe:28:a1:c9:
1d:1d:54:2c:de:6d:7d:14:30:33:95:6b:0c:f3:1b:
d6:b7:6f:53:5a:e0:c1:d1:f5:19:dd:ae:47:ad:89:
9f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:8E:D8:D5:7A:9F:4B:B3:80:5F:0F:96:3C:97:A5:FB:89:1F:55:AB
X509v3 Authority Key Identifier:
keyid:64:DE:D8:5D:9A:05:B1:DF:68:9A:8B:6C:31:3F:81:28:C7:A0:0B:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZN7YXZoFsd9omotsMT-BKMegC2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/HI7Y1XqfS7OAXw-WPJel-4kfVas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/ZN7YXZoFsd9omotsMT-BKMegC2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.232.0/24
46.28.238.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:d2:11:7d:1e:92:7a:c2:56:55:86:9c:77:11:37:8a:f8:bf:
79:6a:cf:8b:17:5b:fb:38:13:d0:34:dd:84:8b:2c:1d:0d:e0:
27:17:fb:b1:d2:d2:f1:65:4c:9e:bd:12:3c:c2:db:af:f8:e5:
e1:94:75:d5:f5:a0:d8:91:40:86:9f:dc:37:f2:33:dc:4a:61:
e1:1b:10:6a:f0:42:b6:0c:15:d2:39:3d:7f:d1:4e:f3:10:9a:
c1:63:c7:af:89:de:b3:b5:28:36:ea:6b:aa:84:c8:22:f8:19:
9e:67:67:38:67:ed:79:e7:ac:00:92:a8:f5:8c:ec:29:cd:aa:
cc:bf:f4:59:c6:44:fc:3c:8c:21:94:5d:5b:24:3a:40:e4:f7:
14:d1:f9:64:f8:73:13:66:ec:7a:2d:b5:d2:bb:cc:a0:8d:11:
ab:d6:bc:69:c3:66:23:61:e9:4e:51:db:0a:24:dd:d0:70:94:
48:59:2d:25:75:c3:81:a1:70:c3:d9:6b:00:04:f6:d9:eb:80:
c3:36:9e:05:71:98:1c:43:87:a9:25:e9:cf:8a:4a:67:4a:dc:
38:f0:57:cd:78:a7:b4:9a:0f:91:8e:6a:96:bd:3b:c4:40:fb:
70:76:68:d5:9b:6c:78:37:34:19:f6:60:04:11:a3:69:7f:c9:
5a:e8:02:12
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKK9pHKlKNM5QiR+SCrULnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZGVkODVkOWEwNWIxZGY2ODlhOGI2YzMxM2Y4MTI4Yzdh
MDBiNjcwHhcNMjQwMTAyMTIzNTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzhlZDhkNTdhOWY0YmIzODA1ZjBmOTYzYzk3YTVmYjg5MWY1NWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAha2aCjgySWG831Byr7MM9l3F/F6j
jEokxeBYQjrA9ptEm0095bv9r+NNxdszkYNcudBs+rot9dh53EYHXo/+g+/1Ahc4
G4F8DgmkaqA9kqY8LZoZtZ+VzCPBpDgL8vTD38zZrQ3+BPyC4gyeAatRNIbstLj/
gJEKKv8jK87WxUZCzPu3lx3ptPpVJfKIyvzSUV5IgCTQWhA9SZ1r68JIUQhzIfLj
UBAKgcEAoryTc+uDSXwb5hr5TX1og8PjEiXy+YTkhIHFt2VRlO657tt//wJ4dsU5
PBlIxYNkx/4oockdHVQs3m19FDAzlWsM8xvWt29TWuDB0fUZ3a5HrYmfsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFByO2NV6n0uzgF8PljyXpfuJH1WrMB8GA1UdIwQY
MBaAFGTe2F2aBbHfaJqLbDE/gSjHoAtnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk43WVhab0ZzZDlvbW90c01ULUJLTWVnQzJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81NDZhZGUtZGFhMS00OWYxLThiYmUt
YjllYjg3MWY2ZDk2LzEvSEk3WTFYcWZTN09BWHctV1BKZWwtNGtmVmFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81NDZhZGUtZGFhMS00OWYxLThiYmUtYjllYjg3MWY2ZDk2
LzEvWk43WVhab0ZzZDlvbW90c01ULUJLTWVnQzJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALhzoAwQB
LhzuMA0GCSqGSIb3DQEBCwUAA4IBAQBN0hF9HpJ6wlZVhpx3ETeK+L95as+LF1v7
OBPQNN2EiywdDeAnF/ux0tLxZUyevRI8wtuv+OXhlHXV9aDYkUCGn9w38jPcSmHh
GxBq8EK2DBXSOT1/0U7zEJrBY8evid6ztSg26muqhMgi+BmeZ2c4Z+1556wAkqj1
jOwpzarMv/RZxkT8PIwhlF1bJDpA5PcU0flk+HMTZux6LbXSu8ygjRGr1rxpw2Yj
YelOUdsKJN3QcJRIWS0ldcOBoXDD2WsABPbZ64DDNp4FcZgcQ4epJenPikpnStw4
8FfNeKe0mg+RjmqWvTvEQPtwdmjVm2x4NzQZ9mAEEaNpf8la6AIS
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:09:34 2024 by rpki-client on console-fra.rpki-client.org