Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/B5ka81XCk3sqeF-cSGSKJEUALjQ.roa
File: B5ka81XCk3sqeF-cSGSKJEUALjQ.roa (raw, json)
Hash identifier: T8X/Nj0s9TmzSqpU2PmPXcxoVu2LYyRgseF63QtrYVs=
Subject key identifier: 07:99:1A:F3:55:C2:93:7B:2A:78:5F:9C:48:64:8A:24:45:00:2E:34
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018DCD3DFF53C7642AA2A382B195C9190298
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/B5ka81XCk3sqeF-cSGSKJEUALjQ.roa
Signing time: Wed 21 Feb 2024 19:56:48 +0000
ROA not before: Wed 21 Feb 2024 19:56:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42689
IP address blocks: 46.20.101.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.108.0/24 maxlen: 24
46.20.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 03:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cd:3d:ff:53:c7:64:2a:a2:a3:82:b1:95:c9:19:02:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Feb 21 19:56:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07991af355c2937b2a785f9c48648a2445002e34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:3b:4e:67:c0:43:69:86:16:7d:27:76:a0:bf:
db:46:0e:ef:b9:8d:03:cf:9d:57:38:ab:47:7a:6e:
d3:ca:48:0e:6f:37:16:ec:38:56:18:80:45:28:6c:
bd:0d:cc:cd:60:d3:a5:d9:b6:72:f3:66:51:a6:ac:
0c:a8:3d:a5:0f:b1:b1:61:aa:b5:bc:ab:4f:31:1d:
cd:6f:84:7e:98:cd:14:30:06:cd:c9:cf:19:2b:73:
03:4f:12:2e:7d:1e:c9:5f:52:00:5b:f2:91:c1:23:
0b:33:cf:b0:9a:b5:9f:f9:60:60:b6:38:e8:0c:ad:
27:d6:1b:5c:c5:89:3f:26:a9:d4:3f:a3:62:ea:f6:
e5:27:4c:d9:22:0a:ca:77:03:be:ee:9d:3e:84:2f:
30:29:91:3a:93:4a:61:bb:da:6d:17:62:d4:ad:a4:
f7:ce:b2:49:26:f4:f1:b8:bb:3b:08:95:bd:58:f6:
e8:93:68:6f:3f:38:b0:1e:e1:5f:84:c8:60:d1:34:
98:a2:4c:16:4b:ce:15:79:1b:df:54:7f:82:e0:79:
dd:ec:17:0e:94:b3:a5:66:11:6f:55:0e:36:9b:b7:
1e:53:62:96:18:30:71:6f:93:f9:d7:be:24:16:bc:
59:8c:01:94:c1:8e:0f:4e:f5:24:cf:f4:bb:e8:de:
e6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:99:1A:F3:55:C2:93:7B:2A:78:5F:9C:48:64:8A:24:45:00:2E:34
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/B5ka81XCk3sqeF-cSGSKJEUALjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.101.0/24
46.20.106.0/24
46.20.108.0/24
46.20.110.0/24
Signature Algorithm: sha256WithRSAEncryption
53:ab:03:f3:35:2a:47:53:f3:32:02:ae:29:54:78:7b:33:66:
f8:1a:7d:c9:f3:01:a6:48:04:bb:57:5d:49:cd:06:fa:da:d6:
b5:c1:81:18:ab:b0:5d:c0:ad:77:8d:c3:1b:ef:0b:70:eb:38:
76:57:64:cd:41:a5:fe:56:ce:e7:ef:fc:e1:f3:09:b5:ca:60:
ac:74:b6:f7:88:02:fe:ff:87:32:00:20:eb:1c:b6:f4:4e:1a:
c9:ea:5c:af:22:60:bc:d7:46:5e:2a:d9:18:19:47:6b:0d:9d:
cf:e2:91:61:8d:62:44:32:db:b6:a0:31:67:9c:89:e7:ad:51:
42:f8:48:96:91:29:9b:bb:ad:24:56:57:f7:2f:a6:81:f9:3c:
90:f6:43:85:0e:8d:b0:76:4f:e4:4c:be:1d:89:ea:3d:b2:13:
88:2c:d7:84:5d:b6:4f:22:6a:93:ae:d1:45:05:b8:0e:4b:99:
3d:a6:cc:86:be:af:c1:cb:4d:28:7b:9c:4c:64:45:aa:21:16:
d3:e7:9c:b5:12:e7:c5:49:f3:00:46:6d:44:37:d8:89:01:dc:
05:05:7a:3d:e9:db:32:16:f9:9b:50:30:49:a6:9d:cf:17:63:
ed:07:54:58:f7:64:8b:1e:84:46:10:df:3d:02:df:49:e3:e2:
93:fd:05:71
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY3NPf9Tx2QqoqOCsZXJGQKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwMjIxMTk1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzk5MWFmMzU1YzI5MzdiMmE3ODVmOWM0ODY0OGEyNDQ1MDAyZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijtOZ8BDaYYWfSd2oL/bRg7vuY0D
z51XOKtHem7TykgObzcW7DhWGIBFKGy9DczNYNOl2bZy82ZRpqwMqD2lD7GxYaq1
vKtPMR3Nb4R+mM0UMAbNyc8ZK3MDTxIufR7JX1IAW/KRwSMLM8+wmrWf+WBgtjjo
DK0n1htcxYk/JqnUP6Ni6vblJ0zZIgrKdwO+7p0+hC8wKZE6k0phu9ptF2LUraT3
zrJJJvTxuLs7CJW9WPbok2hvPziwHuFfhMhg0TSYokwWS84VeRvfVH+C4Hnd7BcO
lLOlZhFvVQ42m7ceU2KWGDBxb5P5174kFrxZjAGUwY4PTvUkz/S76N7mhQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAeZGvNVwpN7KnhfnEhkiiRFAC40MB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvQjVrYTgxWENrM3NxZUYtY1NHU0tKRVVBTGpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALhRlAwQA
LhRqAwQALhRsAwQALhRuMA0GCSqGSIb3DQEBCwUAA4IBAQBTqwPzNSpHU/MyAq4p
VHh7M2b4Gn3J8wGmSAS7V11JzQb62ta1wYEYq7BdwK13jcMb7wtw6zh2V2TNQaX+
Vs7n7/zh8wm1ymCsdLb3iAL+/4cyACDrHLb0ThrJ6lyvImC810ZeKtkYGUdrDZ3P
4pFhjWJEMtu2oDFnnInnrVFC+EiWkSmbu60kVlf3L6aB+TyQ9kOFDo2wdk/kTL4d
ieo9shOILNeEXbZPImqTrtFFBbgOS5k9psyGvq/By00oe5xMZEWqIRbT55y1EufF
SfMARm1EN9iJAdwFBXo96dsyFvmbUDBJpp3PF2PtB1RY92SLHoRGEN89At9J4+KT
/QVx
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:56:36 2024 by rpki-client on console-fra.rpki-client.org