Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/35ff32-a687-4f50-969a-98648901688f/1/Sx6zXuvKBcBwPwy49aPX9FSJ3_M.roa
File: Sx6zXuvKBcBwPwy49aPX9FSJ3_M.roa (raw, json)
Hash identifier: JpaHWQ3HZec7MBhI/gk4wGUrgIZKzcDw7hRYIG8GcRE=
Subject key identifier: 4B:1E:B3:5E:EB:CA:05:C0:70:3F:0C:B8:F5:A3:D7:F4:54:89:DF:F3
Certificate issuer: /CN=b56a8c91ad31745ff727da0482ede1b2fab462e7
Certificate serial: 018CC3B6E725A04910C2590709EB4B5EF2BE
Authority key identifier: B5:6A:8C:91:AD:31:74:5F:F7:27:DA:04:82:ED:E1:B2:FA:B4:62:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tWqMka0xdF_3J9oEgu3hsvq0Yuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/35ff32-a687-4f50-969a-98648901688f/1/Sx6zXuvKBcBwPwy49aPX9FSJ3_M.roa
Signing time: Mon 01 Jan 2024 06:29:52 +0000
ROA not before: Mon 01 Jan 2024 06:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9121
IP address blocks: 46.31.112.0/24 maxlen: 24
46.31.117.0/24 maxlen: 24
46.31.118.0/24 maxlen: 24
46.31.113.0/24 maxlen: 24
46.31.114.0/24 maxlen: 24
46.31.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/35ff32-a687-4f50-969a-98648901688f/1/tWqMka0xdF_3J9oEgu3hsvq0Yuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/35ff32-a687-4f50-969a-98648901688f/1/tWqMka0xdF_3J9oEgu3hsvq0Yuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/tWqMka0xdF_3J9oEgu3hsvq0Yuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 12:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:e7:25:a0:49:10:c2:59:07:09:eb:4b:5e:f2:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b56a8c91ad31745ff727da0482ede1b2fab462e7
Validity
Not Before: Jan 1 06:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b1eb35eebca05c0703f0cb8f5a3d7f45489dff3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:87:c1:ba:3a:f5:bb:4e:a9:ab:d2:39:32:25:
4c:b2:66:dc:9e:dc:70:fc:27:2c:16:87:e8:e4:8b:
84:f5:55:e1:bd:2e:19:58:5e:ff:41:b8:da:32:3a:
18:c9:47:d9:22:41:32:f3:3e:c5:5d:dd:7d:df:ea:
e9:dc:ec:8d:46:e1:db:66:83:c0:a1:f3:fa:f4:49:
01:11:6a:d3:17:bd:dd:61:67:87:54:81:cf:57:5c:
69:79:ac:49:10:2c:8f:c5:dc:47:55:a0:58:f9:77:
4a:12:79:26:c9:62:b2:16:83:bd:81:68:76:9d:5e:
76:31:82:a6:f2:93:c5:93:1b:07:e8:3f:63:ca:61:
24:5d:f3:92:0a:06:ea:c6:55:df:6a:e4:2a:d1:d0:
18:34:be:86:1e:58:49:e7:77:36:95:03:e1:2f:76:
85:5a:48:f0:4a:e8:ee:61:27:27:04:42:3b:47:89:
6b:99:3e:e2:73:ef:90:a9:38:fa:8a:99:20:a2:39:
a9:f8:3f:ef:17:8c:69:7c:90:d6:c9:c9:76:4b:84:
96:ff:aa:be:8f:88:f5:e7:c7:8e:22:66:65:0d:97:
20:ac:8a:7e:8e:76:be:30:54:f2:63:a3:d4:7c:58:
f9:ac:56:5c:e7:33:f8:c9:ad:9f:48:ab:b8:43:1a:
cc:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:1E:B3:5E:EB:CA:05:C0:70:3F:0C:B8:F5:A3:D7:F4:54:89:DF:F3
X509v3 Authority Key Identifier:
keyid:B5:6A:8C:91:AD:31:74:5F:F7:27:DA:04:82:ED:E1:B2:FA:B4:62:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tWqMka0xdF_3J9oEgu3hsvq0Yuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/35ff32-a687-4f50-969a-98648901688f/1/Sx6zXuvKBcBwPwy49aPX9FSJ3_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/35ff32-a687-4f50-969a-98648901688f/1/tWqMka0xdF_3J9oEgu3hsvq0Yuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.112.0-46.31.114.255
46.31.116.0-46.31.118.255
Signature Algorithm: sha256WithRSAEncryption
70:b2:12:a7:11:e7:95:a0:d0:48:c2:62:f0:e6:0a:9b:b2:93:
bb:3f:66:e4:ad:07:53:7f:f8:9b:f0:20:72:1a:fe:d9:91:8b:
db:e5:dc:8e:39:8a:ea:9c:63:30:ac:ea:d2:0f:f7:9b:02:46:
0f:0e:2a:e6:08:f6:5b:6c:0f:48:1f:aa:1a:59:83:3e:a3:01:
90:50:57:65:0e:5b:b6:2f:42:0d:92:e9:9e:e0:bd:ce:ff:a0:
5c:78:df:67:c7:83:4e:0c:95:ce:0f:a2:f8:f4:75:a6:fc:a9:
6b:12:e6:a1:01:34:9a:d2:df:01:cb:91:3a:c7:ab:22:c0:cd:
71:42:9a:c0:ce:4d:e3:6a:d6:16:59:eb:6a:30:84:b4:d9:06:
14:d8:ad:15:59:11:51:89:bb:44:74:dc:0d:fb:5c:5b:84:c7:
5a:ce:d0:f8:dc:de:a5:a4:b9:b8:35:14:d1:08:03:7a:d6:49:
1a:7f:d1:10:7b:87:97:84:27:f4:78:2f:2b:c3:c2:78:7f:8b:
7a:f5:24:f2:0a:3a:73:b3:f7:72:57:ef:22:6b:57:31:f1:71:
40:d8:e3:b0:fb:51:ca:0b:c4:da:f2:9b:6e:c6:19:6d:65:c6:
5a:80:d5:1e:dd:b4:12:5d:8d:9d:32:42:5f:3c:59:bb:52:af:
ac:ce:b0:30
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzDtucloEkQwlkHCetLXvK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NmE4YzkxYWQzMTc0NWZmNzI3ZGEwNDgyZWRlMWIyZmFi
NDYyZTcwHhcNMjQwMTAxMDYyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjFlYjM1ZWViY2EwNWMwNzAzZjBjYjhmNWEzZDdmNDU0ODlkZmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmofBujr1u06pq9I5MiVMsmbcntxw
/CcsFofo5IuE9VXhvS4ZWF7/QbjaMjoYyUfZIkEy8z7FXd193+rp3OyNRuHbZoPA
ofP69EkBEWrTF73dYWeHVIHPV1xpeaxJECyPxdxHVaBY+XdKEnkmyWKyFoO9gWh2
nV52MYKm8pPFkxsH6D9jymEkXfOSCgbqxlXfauQq0dAYNL6GHlhJ53c2lQPhL3aF
WkjwSujuYScnBEI7R4lrmT7ic++QqTj6ipkgojmp+D/vF4xpfJDWycl2S4SW/6q+
j4j158eOImZlDZcgrIp+jna+MFTyY6PUfFj5rFZc5zP4ya2fSKu4QxrMAQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFEses17rygXAcD8MuPWj1/RUid/zMB8GA1UdIwQY
MBaAFLVqjJGtMXRf9yfaBILt4bL6tGLnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFdxTWthMHhkRl8zSjlvRWd1M2hzdnEwWXVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8zNWZmMzItYTY4Ny00ZjUwLTk2OWEt
OTg2NDg5MDE2ODhmLzEvU3g2elh1dktCY0J3UHd5NDlhUFg5RlNKM19NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8zNWZmMzItYTY4Ny00ZjUwLTk2OWEtOTg2NDg5MDE2ODhm
LzEvdFdxTWthMHhkRl8zSjlvRWd1M2hzdnEwWXVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAQuH3AD
BAAuH3IwDAMEAi4fdAMEAC4fdjANBgkqhkiG9w0BAQsFAAOCAQEAcLISpxHnlaDQ
SMJi8OYKm7KTuz9m5K0HU3/4m/Agchr+2ZGL2+XcjjmK6pxjMKzq0g/3mwJGDw4q
5gj2W2wPSB+qGlmDPqMBkFBXZQ5bti9CDZLpnuC9zv+gXHjfZ8eDTgyVzg+i+PR1
pvypaxLmoQE0mtLfAcuROserIsDNcUKawM5N42rWFlnrajCEtNkGFNitFVkRUYm7
RHTcDftcW4THWs7Q+NzepaS5uDUU0QgDetZJGn/REHuHl4Qn9HgvK8PCeH+LevUk
8go6c7P3clfvImtXMfFxQNjjsPtRygvE2vKbbsYZbWXGWoDVHt20El2NnTJCXzxZ
u1KvrM6wMA==
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:42:12 2024 by rpki-client on console-ams.rpki-client.org