Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/vvc2fYpTdKTxTNgtqAzz0ZqhlBw.roa
File: vvc2fYpTdKTxTNgtqAzz0ZqhlBw.roa (raw, json)
Hash identifier: khcftlkswVaVFkBwOAr/jxt5lP7bD8z6HgjjUDJ8p7U=
Subject key identifier: BE:F7:36:7D:8A:53:74:A4:F1:4C:D8:2D:A8:0C:F3:D1:9A:A1:94:1C
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 0190FEB6651827928706FAD7FE0ADF2B59D1
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/vvc2fYpTdKTxTNgtqAzz0ZqhlBw.roa
Signing time: Mon 29 Jul 2024 13:38:04 +0000
ROA not before: Mon 29 Jul 2024 13:38:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42689
IP address blocks: 46.20.101.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.108.0/24 maxlen: 24
46.20.110.0/24 maxlen: 24
185.160.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fe:b6:65:18:27:92:87:06:fa:d7:fe:0a:df:2b:59:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Jul 29 13:38:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bef7367d8a5374a4f14cd82da80cf3d19aa1941c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d4:83:51:cd:7e:33:a6:01:de:e7:5c:45:72:
20:e3:f1:1c:ae:51:0d:ae:ec:f5:b2:20:69:f4:6b:
16:9e:66:5f:ea:32:6a:eb:7d:8c:ea:6b:98:ef:26:
5e:f3:73:ed:ac:6c:58:c7:d2:83:59:51:54:24:15:
1d:9f:4a:6f:dd:4a:6c:f7:1d:67:63:0e:46:0a:ce:
7a:55:76:b8:4a:50:fe:4d:46:3c:86:c2:54:b1:fe:
d2:fc:78:bf:1a:49:13:24:f0:1a:6f:84:3a:1a:61:
a9:7b:c1:8e:d8:d8:9d:72:f4:02:3b:d4:77:ff:75:
37:fa:33:1c:dd:f9:fc:a0:7b:ce:50:ac:e6:5f:98:
d9:ea:eb:4b:9e:ab:6e:67:70:24:c5:61:24:8c:82:
1b:1c:ee:29:5b:d7:ee:e8:cd:67:cf:0a:d7:2b:5f:
72:b7:e0:ee:98:88:04:90:60:07:87:4b:40:cb:22:
17:ab:43:36:ec:43:6d:d8:ea:7b:cd:c9:6f:6b:d3:
42:d4:7d:7f:48:10:a5:07:aa:81:ad:e8:10:b1:6b:
4a:d5:d6:16:c7:e4:19:89:9f:bd:34:eb:19:f0:85:
e5:af:c5:13:d5:04:1f:96:91:51:46:e0:28:42:b1:
bd:16:25:f2:b4:77:86:22:73:7a:a1:b3:bc:54:e1:
6a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:F7:36:7D:8A:53:74:A4:F1:4C:D8:2D:A8:0C:F3:D1:9A:A1:94:1C
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/vvc2fYpTdKTxTNgtqAzz0ZqhlBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.101.0/24
46.20.106.0/24
46.20.108.0/24
46.20.110.0/24
185.160.193.0/24
Signature Algorithm: sha256WithRSAEncryption
71:dd:ec:40:aa:43:0f:d4:35:8f:ef:82:52:05:a7:42:9e:f5:
50:22:94:7e:ed:95:0d:77:60:94:f0:e1:95:78:c7:72:54:20:
4e:bf:22:b3:a0:5e:2b:c5:db:3f:92:6e:6e:5d:d2:14:ac:c2:
39:f9:ba:9f:ca:af:53:4c:81:67:d0:48:08:77:01:55:4d:25:
39:88:71:04:42:29:ee:c6:30:82:6c:95:aa:62:44:50:70:21:
86:8e:25:eb:a4:4b:51:19:1b:14:5e:95:cd:01:71:43:5f:0a:
54:f2:82:c6:da:7f:11:86:65:a1:6e:d7:d8:6d:2d:23:25:29:
87:40:8c:6f:e6:0b:14:5f:fc:e5:ee:9d:5d:4d:67:82:07:77:
01:79:4b:e5:33:7c:de:fa:e0:c1:6c:35:6e:d9:48:62:e3:49:
0d:f7:77:04:e3:aa:8d:6c:1e:69:af:6e:cc:c4:f2:c7:4c:a5:
e2:44:f8:85:a5:4b:69:d4:5f:22:40:8f:d5:ea:a6:94:4d:cc:
c1:60:79:73:eb:9e:3b:16:58:dd:9a:d1:4d:b8:0a:f2:01:91:
26:74:11:37:12:a5:1f:26:7d:71:e4:a5:68:2b:6e:06:54:e4:
ff:eb:78:b0:e0:bc:0c:fd:51:57:97:a0:f8:8a:74:cd:e4:e6:
40:49:92:e9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZD+tmUYJ5KHBvrX/grfK1nRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwNzI5MTMzODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWY3MzY3ZDhhNTM3NGE0ZjE0Y2Q4MmRhODBjZjNkMTlhYTE5NDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntSDUc1+M6YB3udcRXIg4/EcrlEN
ruz1siBp9GsWnmZf6jJq632M6muY7yZe83PtrGxYx9KDWVFUJBUdn0pv3Ups9x1n
Yw5GCs56VXa4SlD+TUY8hsJUsf7S/Hi/GkkTJPAab4Q6GmGpe8GO2NidcvQCO9R3
/3U3+jMc3fn8oHvOUKzmX5jZ6utLnqtuZ3AkxWEkjIIbHO4pW9fu6M1nzwrXK19y
t+DumIgEkGAHh0tAyyIXq0M27ENt2Op7zclva9NC1H1/SBClB6qBregQsWtK1dYW
x+QZiZ+9NOsZ8IXlr8UT1QQflpFRRuAoQrG9FiXytHeGInN6obO8VOFqAwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFL73Nn2KU3Sk8UzYLagM89GaoZQcMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvdnZjMmZZcFRkS1R4VE5ndHFBenowWnFobEJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALhRlAwQA
LhRqAwQALhRsAwQALhRuAwQAuaDBMA0GCSqGSIb3DQEBCwUAA4IBAQBx3exAqkMP
1DWP74JSBadCnvVQIpR+7ZUNd2CU8OGVeMdyVCBOvyKzoF4rxds/km5uXdIUrMI5
+bqfyq9TTIFn0EgIdwFVTSU5iHEEQinuxjCCbJWqYkRQcCGGjiXrpEtRGRsUXpXN
AXFDXwpU8oLG2n8RhmWhbtfYbS0jJSmHQIxv5gsUX/zl7p1dTWeCB3cBeUvlM3ze
+uDBbDVu2Uhi40kN93cE46qNbB5pr27MxPLHTKXiRPiFpUtp1F8iQI/V6qaUTczB
YHlz6547FljdmtFNuAryAZEmdBE3EqUfJn1x5KVoK24GVOT/63iw4LwM/VFXl6D4
inTN5OZASZLp
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:39:28 2024 by rpki-client on console-ams.rpki-client.org