Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/15cOr7-2KV8jTm8MlxZa_VfCz2U.roa
File: 15cOr7-2KV8jTm8MlxZa_VfCz2U.roa (raw, json)
Hash identifier: vbdYW5G4ClcLu3/XWilLltitnVzX4F6eSYbMfwIWzds=
Subject key identifier: D7:97:0E:AF:BF:B6:29:5F:23:4E:6F:0C:97:16:5A:FD:57:C2:CF:65
Certificate issuer: /CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Certificate serial: 018CC26D461DEB9DC2E0D09D7076CFCA4339
Authority key identifier: 58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/15cOr7-2KV8jTm8MlxZa_VfCz2U.roa
Signing time: Mon 01 Jan 2024 00:29:50 +0000
ROA not before: Mon 01 Jan 2024 00:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44417
IP address blocks: 46.166.192.0/21 maxlen: 21
46.166.200.0/21 maxlen: 21
2a04:3800::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.mft
rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:46:1d:eb:9d:c2:e0:d0:9d:70:76:cf:ca:43:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Validity
Not Before: Jan 1 00:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7970eafbfb6295f234e6f0c97165afd57c2cf65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ea:33:05:a2:de:a0:00:8f:89:43:77:a7:9e:
6e:61:6f:14:37:5e:4a:f8:08:04:a0:d9:66:a4:04:
3c:23:be:bc:62:4a:dc:01:2a:51:7f:45:a4:4d:ad:
58:9c:19:ab:ce:f5:26:48:ee:55:72:37:c4:33:0b:
c3:0d:66:d7:e1:38:3b:fb:b5:66:f2:f0:81:3e:5a:
b1:fa:99:ba:2e:31:c7:13:e4:43:e8:01:7e:ce:53:
dd:b3:2a:d4:12:3a:50:a2:29:b9:3e:fd:0a:6f:d7:
22:4b:28:ca:24:4f:72:4a:21:74:f9:f1:28:d5:1f:
69:99:e3:f1:16:fe:ef:40:11:c6:48:99:c9:24:d8:
da:42:b3:b9:3f:95:7e:23:1a:31:55:98:d7:bc:78:
11:b1:7d:74:b3:a2:02:42:9a:e4:54:2a:50:ba:a5:
c6:92:7b:b7:47:13:d7:53:ef:d8:62:27:33:f0:cf:
9b:ff:fa:77:2a:1f:fd:2c:14:17:7a:73:ff:a4:26:
c9:66:7e:e6:ac:06:ac:38:97:fd:cc:2c:83:8c:a8:
1e:68:4b:37:7b:f6:7b:1e:4e:9f:71:90:36:7b:d3:
94:3d:f1:ee:e0:6f:28:de:36:54:ec:44:77:11:09:
7a:25:35:1c:5c:44:c4:db:37:f3:f9:9d:49:b2:4b:
f0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:97:0E:AF:BF:B6:29:5F:23:4E:6F:0C:97:16:5A:FD:57:C2:CF:65
X509v3 Authority Key Identifier:
keyid:58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/15cOr7-2KV8jTm8MlxZa_VfCz2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.166.192.0/20
IPv6:
2a04:3800::/48
Signature Algorithm: sha256WithRSAEncryption
24:54:79:1d:a9:5b:4d:56:d5:e9:c6:bc:0b:83:30:3c:f4:ae:
4c:74:82:6a:19:e5:57:1f:4e:a0:46:4b:c2:12:0a:cf:91:1d:
23:b6:4b:51:40:bd:f5:a8:58:72:d9:54:4f:79:97:62:8c:1c:
84:07:05:3a:10:eb:57:6a:4e:45:c7:73:bc:95:51:02:00:26:
fe:2b:aa:5f:96:46:62:87:d4:d8:78:af:4c:af:b4:a6:19:ae:
c4:01:88:5c:d7:23:55:b6:a4:2f:f2:c4:7f:66:5e:ff:47:72:
1c:2c:9b:9d:96:92:40:78:86:61:9a:1a:13:fb:df:af:45:77:
a0:30:c1:b9:9e:a4:99:8f:ec:40:9f:dd:40:96:6a:07:0c:47:
5a:64:4c:df:b4:13:9e:b0:3a:30:61:cc:32:34:d0:c4:2b:74:
07:bd:32:36:c9:35:ac:db:2b:d7:ef:62:61:ab:68:6c:14:43:
f7:4b:0a:f0:f0:50:30:57:d7:de:c2:92:84:b9:ce:03:04:34:
23:7a:98:49:42:59:e7:2d:29:b6:eb:b6:cf:d5:92:c8:e1:66:
c7:e3:5f:ac:02:a0:e3:f2:ec:f6:73:35:e4:42:c0:53:1b:3d:
30:aa:15:e6:58:9c:ad:4c:7a:ed:9b:65:3c:d1:bb:27:09:5e:
95:ff:d5:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbUYd653C4NCdcHbPykM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NTNlNjVhMzA4N2I0Y2E4NWM4ODAyYjYwZmYwZjAyYjQx
MDZkOTcwHhcNMjQwMTAxMDAyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzk3MGVhZmJmYjYyOTVmMjM0ZTZmMGM5NzE2NWFmZDU3YzJjZjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOozBaLeoACPiUN3p55uYW8UN15K
+AgEoNlmpAQ8I768YkrcASpRf0WkTa1YnBmrzvUmSO5VcjfEMwvDDWbX4Tg7+7Vm
8vCBPlqx+pm6LjHHE+RD6AF+zlPdsyrUEjpQoim5Pv0Kb9ciSyjKJE9ySiF0+fEo
1R9pmePxFv7vQBHGSJnJJNjaQrO5P5V+IxoxVZjXvHgRsX10s6ICQprkVCpQuqXG
knu3RxPXU+/YYicz8M+b//p3Kh/9LBQXenP/pCbJZn7mrAasOJf9zCyDjKgeaEs3
e/Z7Hk6fcZA2e9OUPfHu4G8o3jZU7ER3EQl6JTUcXETE2zfz+Z1JskvwdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNeXDq+/tilfI05vDJcWWv1Xws9lMB8GA1UdIwQY
MBaAFFhT5lowh7TKhciAK2D/DwK0EG2XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQt
ZTE4NjAyNzM5Y2Q1LzEvMTVjT3I3LTJLVjhqVG04TWx4WmFfVmZDejJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQtZTE4NjAyNzM5Y2Q1
LzEvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQELqbAMA8E
AgACMAkDBwAqBDgAAAAwDQYJKoZIhvcNAQELBQADggEBACRUeR2pW01W1enGvAuD
MDz0rkx0gmoZ5VcfTqBGS8ISCs+RHSO2S1FAvfWoWHLZVE95l2KMHIQHBToQ61dq
TkXHc7yVUQIAJv4rql+WRmKH1Nh4r0yvtKYZrsQBiFzXI1W2pC/yxH9mXv9Hchws
m52WkkB4hmGaGhP7369Fd6AwwbmepJmP7ECf3UCWagcMR1pkTN+0E56wOjBhzDI0
0MQrdAe9MjbJNazbK9fvYmGraGwUQ/dLCvDwUDBX197CkoS5zgMENCN6mElCWect
Kbbrts/VksjhZsfjX6wCoOPy7PZzNeRCwFMbPTCqFeZYnK1Meu2bZTzRuycJXpX/
1aM=
-----END CERTIFICATE-----
Generated at Sat Jun 1 00:31:03 2024 by rpki-client on console-ams.rpki-client.org