Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/a65d14-9365-40c9-a568-3ff9645503e9/1/YMnIapqJL6kDjCMs_BR_CoyD6to.roa
File: YMnIapqJL6kDjCMs_BR_CoyD6to.roa (raw, json)
Hash identifier: inVUUfxpMkLnB+7QjAuJD+tb4vAzFEYDj/HBToFmoss=
Subject key identifier: 60:C9:C8:6A:9A:89:2F:A9:03:8C:23:2C:FC:14:7F:0A:8C:83:EA:DA
Certificate issuer: /CN=deb145756080aff1bb00f5f90fd9f2f27cc5732a
Certificate serial: 0191117FA90331FFBF2F678D16D4007DDEC5
Authority key identifier: DE:B1:45:75:60:80:AF:F1:BB:00:F5:F9:0F:D9:F2:F2:7C:C5:73:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3rFFdWCAr_G7APX5D9ny8nzFcyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/a65d14-9365-40c9-a568-3ff9645503e9/1/YMnIapqJL6kDjCMs_BR_CoyD6to.roa
Signing time: Fri 02 Aug 2024 05:11:04 +0000
ROA not before: Fri 02 Aug 2024 05:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35491
IP address blocks: 46.148.64.0/20 maxlen: 20
46.148.64.0/24 maxlen: 24
46.148.65.0/24 maxlen: 24
46.148.66.0/24 maxlen: 24
46.148.67.0/24 maxlen: 24
46.148.68.0/24 maxlen: 24
46.148.69.0/24 maxlen: 24
46.148.70.0/24 maxlen: 24
46.148.71.0/24 maxlen: 24
46.148.72.0/24 maxlen: 24
46.148.73.0/24 maxlen: 24
46.148.74.0/24 maxlen: 24
46.148.75.0/24 maxlen: 24
46.148.76.0/24 maxlen: 24
46.148.77.0/24 maxlen: 24
91.192.120.0/22 maxlen: 22
91.192.120.0/24 maxlen: 24
91.192.121.0/24 maxlen: 24
91.192.122.0/24 maxlen: 24
91.192.123.0/24 maxlen: 24
193.151.112.0/22 maxlen: 22
193.151.112.0/24 maxlen: 24
193.151.113.0/24 maxlen: 24
193.151.114.0/24 maxlen: 24
193.151.115.0/24 maxlen: 24
194.24.180.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/a65d14-9365-40c9-a568-3ff9645503e9/1/3rFFdWCAr_G7APX5D9ny8nzFcyo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/a65d14-9365-40c9-a568-3ff9645503e9/1/3rFFdWCAr_G7APX5D9ny8nzFcyo.mft
rsync://rpki.ripe.net/repository/DEFAULT/3rFFdWCAr_G7APX5D9ny8nzFcyo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:11:7f:a9:03:31:ff:bf:2f:67:8d:16:d4:00:7d:de:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=deb145756080aff1bb00f5f90fd9f2f27cc5732a
Validity
Not Before: Aug 2 05:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60c9c86a9a892fa9038c232cfc147f0a8c83eada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:78:f8:92:19:5b:83:fd:e4:19:58:69:0e:9f:
93:9b:67:01:77:11:2b:07:08:2e:68:22:79:2e:d1:
14:b1:58:42:09:74:95:8d:85:aa:5c:48:74:cb:4b:
b4:8c:b0:ee:2d:51:80:13:a6:0c:e9:fa:73:c8:eb:
61:dc:97:f9:36:23:dd:a6:1d:0a:48:e0:31:a9:be:
15:ef:79:0b:4c:bc:c2:cd:5a:c7:10:aa:bd:c2:6f:
2f:fc:34:59:38:7a:ed:1e:49:68:a5:67:fa:9b:4c:
0a:c8:f8:c8:ea:5f:7f:af:fd:dd:b6:a4:11:be:76:
50:1d:78:62:ac:99:64:45:bf:ac:ba:1f:82:6d:77:
cb:62:03:39:e1:b5:e1:c9:b1:e4:a9:0b:2d:e0:8f:
93:50:f9:5f:a4:9d:2a:70:46:93:1e:93:4f:53:37:
3b:0e:9d:75:86:23:e0:5c:f4:8a:36:52:75:3f:93:
92:7a:98:ff:fa:41:b5:a8:2d:c8:69:f5:fb:84:dd:
d6:1c:d9:55:f7:86:23:7c:ca:92:8b:f3:99:c0:46:
70:4f:c0:59:2c:da:cb:27:88:e2:d1:4f:d0:c3:31:
07:cb:5c:71:c2:67:42:b2:d9:6d:55:a5:b4:9b:06:
46:ba:23:e7:9e:f3:95:4f:cd:d5:86:33:75:26:1d:
2f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:C9:C8:6A:9A:89:2F:A9:03:8C:23:2C:FC:14:7F:0A:8C:83:EA:DA
X509v3 Authority Key Identifier:
keyid:DE:B1:45:75:60:80:AF:F1:BB:00:F5:F9:0F:D9:F2:F2:7C:C5:73:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3rFFdWCAr_G7APX5D9ny8nzFcyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a65d14-9365-40c9-a568-3ff9645503e9/1/YMnIapqJL6kDjCMs_BR_CoyD6to.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a65d14-9365-40c9-a568-3ff9645503e9/1/3rFFdWCAr_G7APX5D9ny8nzFcyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.148.64.0/20
91.192.120.0/22
193.151.112.0/22
194.24.180.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:2e:36:6c:a0:4a:1b:06:1e:15:9e:6a:ff:27:42:8b:b7:74:
af:28:4c:4d:21:a5:0b:1b:55:fd:2f:db:57:0d:4e:bc:fb:1f:
12:d1:f5:4f:1c:be:8a:61:2a:f8:8f:79:a2:7c:3e:3c:62:3e:
26:03:6c:25:32:ad:09:20:18:4f:5d:79:7c:fe:e5:5f:5a:26:
6b:28:c5:f6:fa:f9:fe:3e:0a:d8:8c:fc:a5:1c:5b:c7:f2:38:
ce:cd:1a:05:e3:a7:20:5c:ff:5d:f0:96:96:46:38:fe:f1:5a:
85:6f:9a:8c:d8:3f:11:41:67:ab:7e:db:75:38:ec:b4:8f:b7:
fe:5b:c4:c2:b7:5c:99:75:0e:72:26:30:2b:b7:48:62:7b:2a:
fa:d9:9d:72:f8:20:03:3e:5a:ab:ef:18:14:1a:7e:0f:e2:33:
29:62:c0:6d:54:51:f8:04:84:97:eb:28:43:ff:60:e9:41:a2:
2b:fb:a8:04:f7:7c:30:5a:aa:51:a2:0f:5d:e8:b1:65:27:0d:
68:15:e8:c6:68:e5:af:a6:5e:e4:59:80:0a:40:1c:1e:9f:ae:
26:1b:5e:37:f0:f8:c3:31:82:56:25:ba:ab:24:ed:85:23:d9:
18:73:de:e0:35:46:9b:a8:00:1f:27:c6:98:a4:d8:4e:8c:40:
74:b1:83:3d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZERf6kDMf+/L2eNFtQAfd7FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYjE0NTc1NjA4MGFmZjFiYjAwZjVmOTBmZDlmMmYyN2Nj
NTczMmEwHhcNMjQwODAyMDUxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGM5Yzg2YTlhODkyZmE5MDM4YzIzMmNmYzE0N2YwYThjODNlYWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXj4khlbg/3kGVhpDp+Tm2cBdxEr
BwguaCJ5LtEUsVhCCXSVjYWqXEh0y0u0jLDuLVGAE6YM6fpzyOth3Jf5NiPdph0K
SOAxqb4V73kLTLzCzVrHEKq9wm8v/DRZOHrtHklopWf6m0wKyPjI6l9/r/3dtqQR
vnZQHXhirJlkRb+suh+CbXfLYgM54bXhybHkqQst4I+TUPlfpJ0qcEaTHpNPUzc7
Dp11hiPgXPSKNlJ1P5OSepj/+kG1qC3IafX7hN3WHNlV94YjfMqSi/OZwEZwT8BZ
LNrLJ4ji0U/QwzEHy1xxwmdCstltVaW0mwZGuiPnnvOVT83VhjN1Jh0vcwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGDJyGqaiS+pA4wjLPwUfwqMg+raMB8GA1UdIwQY
MBaAFN6xRXVggK/xuwD1+Q/Z8vJ8xXMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3JGRmRXQ0FyX0c3QVBYNUQ5bnk4bnpGY3lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9hNjVkMTQtOTM2NS00MGM5LWE1Njgt
M2ZmOTY0NTUwM2U5LzEvWU1uSWFwcUpMNmtEakNNc19CUl9Db3lENnRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9hNjVkMTQtOTM2NS00MGM5LWE1NjgtM2ZmOTY0NTUwM2U5
LzEvM3JGRmRXQ0FyX0c3QVBYNUQ5bnk4bnpGY3lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQELpRAAwQC
W8B4AwQCwZdwAwQBwhi0MA0GCSqGSIb3DQEBCwUAA4IBAQBqLjZsoEobBh4Vnmr/
J0KLt3SvKExNIaULG1X9L9tXDU68+x8S0fVPHL6KYSr4j3mifD48Yj4mA2wlMq0J
IBhPXXl8/uVfWiZrKMX2+vn+PgrYjPylHFvH8jjOzRoF46cgXP9d8JaWRjj+8VqF
b5qM2D8RQWerftt1OOy0j7f+W8TCt1yZdQ5yJjArt0hieyr62Z1y+CADPlqr7xgU
Gn4P4jMpYsBtVFH4BISX6yhD/2DpQaIr+6gE93wwWqpRog9d6LFlJw1oFejGaOWv
pl7kWYAKQBwen64mG1438PjDMYJWJbqrJO2FI9kYc97gNUabqAAfJ8aYpNhOjEB0
sYM9
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:19:31 2024 by rpki-client on console-ams.rpki-client.org