Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/azh4YVUQeS9Sk-CJxUKyh14He28.roa
File: azh4YVUQeS9Sk-CJxUKyh14He28.roa (raw, json)
Hash identifier: xaB3I8bXaumgwvJD/y03ZF+8DAalu+NBLz/nzp9Ghzk=
Subject key identifier: 6B:38:78:61:55:10:79:2F:52:93:E0:89:C5:42:B2:87:5E:07:7B:6F
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018D83E4061BCEF1DAA230A8844064702D92
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/azh4YVUQeS9Sk-CJxUKyh14He28.roa
Signing time: Wed 07 Feb 2024 14:06:15 +0000
ROA not before: Wed 07 Feb 2024 14:06:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16262
IP address blocks: 46.8.52.0/23 maxlen: 32
46.8.153.0/24 maxlen: 24
109.248.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:e4:06:1b:ce:f1:da:a2:30:a8:84:40:64:70:2d:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Feb 7 14:06:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b3878615510792f5293e089c542b2875e077b6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ad:a6:bf:ce:05:d7:20:85:0e:9e:15:2b:a6:
39:bd:4a:9d:a0:e4:e0:58:00:bd:a8:41:d2:73:2a:
4f:2f:6c:d0:5d:af:79:69:c4:ef:46:61:6a:f2:fc:
58:51:e8:35:b4:ed:93:bd:e6:89:14:e4:bf:0b:8f:
b2:c2:22:d3:96:a0:dc:22:84:3d:cb:32:c4:b0:b1:
e0:33:c8:81:54:d9:9e:23:f7:78:a4:44:4e:2c:e5:
ed:f4:31:40:d6:d5:26:4b:aa:cb:ea:c7:83:ef:18:
f0:da:33:7d:77:de:03:a6:a4:73:76:aa:04:40:0f:
ad:fa:1f:fa:1a:1b:be:bd:c0:a3:57:3d:6c:86:e0:
d7:f7:f5:07:3e:95:8a:8e:c2:9b:3b:71:97:c4:77:
89:cc:7f:0c:98:98:4c:f8:9e:eb:45:9a:2c:29:f3:
ec:57:b5:80:02:27:3b:f4:9f:c6:12:05:88:64:ca:
42:b5:de:c3:ce:f9:10:04:57:cf:fc:df:c4:90:57:
c1:26:e9:d0:1b:54:f3:b0:67:ce:fe:67:3e:52:f0:
8f:1c:14:cb:f1:5c:17:09:fd:f3:e9:29:91:f2:1f:
5c:ce:1e:77:b8:9b:d6:cc:76:ad:d6:eb:d4:e6:f2:
c5:ee:f6:dc:8e:a5:f8:56:8c:ae:26:32:9a:4b:d0:
9c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:38:78:61:55:10:79:2F:52:93:E0:89:C5:42:B2:87:5E:07:7B:6F
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/azh4YVUQeS9Sk-CJxUKyh14He28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.52.0/23
46.8.153.0/24
109.248.168.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:4e:73:f7:ff:f0:3d:fa:59:61:e5:44:8a:84:2d:da:e6:3f:
d4:9d:9e:65:3f:b3:b9:ce:28:fa:f2:e5:29:c3:6d:ee:c5:0f:
26:62:fb:df:93:7d:74:70:e1:80:65:83:60:52:9d:0e:83:0d:
5d:50:83:b1:1f:d2:6f:97:0b:f5:d8:75:ad:dd:5f:9a:06:c5:
34:03:46:13:1a:c6:db:ef:5d:0e:6c:9e:c0:89:3f:8f:3c:d3:
2e:5f:5b:2e:70:96:93:e1:e3:b8:cf:0a:1e:fd:e3:69:61:ae:
1d:25:d7:dd:1e:32:d0:ea:90:a7:d2:fa:c6:1f:6e:47:1d:43:
60:f1:20:e0:ab:da:e0:2f:b6:01:a8:03:55:ef:f4:ea:5a:47:
18:ef:32:b5:3e:7e:4c:d7:b6:6c:75:b6:fd:ae:c8:a2:62:5d:
b2:b0:95:41:0a:5a:6a:5b:72:39:c1:f9:45:f8:c9:14:a7:ca:
b3:7d:3e:a4:23:92:3a:ee:27:66:8f:cc:30:c1:ee:6a:11:33:
bc:c0:ce:a0:ad:8a:6a:48:a2:89:f8:52:43:de:82:10:47:2a:
af:2c:bb:fe:43:2e:37:81:4f:91:da:dd:a3:5d:d5:06:4a:25:
56:a2:22:b7:40:b8:8a:da:40:67:3d:c6:98:0b:55:e4:cd:74:
9d:c6:61:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2D5AYbzvHaojCohEBkcC2SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMjA3MTQwNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjM4Nzg2MTU1MTA3OTJmNTI5M2UwODljNTQyYjI4NzVlMDc3YjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAna2mv84F1yCFDp4VK6Y5vUqdoOTg
WAC9qEHScypPL2zQXa95acTvRmFq8vxYUeg1tO2TveaJFOS/C4+ywiLTlqDcIoQ9
yzLEsLHgM8iBVNmeI/d4pEROLOXt9DFA1tUmS6rL6seD7xjw2jN9d94DpqRzdqoE
QA+t+h/6Ghu+vcCjVz1shuDX9/UHPpWKjsKbO3GXxHeJzH8MmJhM+J7rRZosKfPs
V7WAAic79J/GEgWIZMpCtd7DzvkQBFfP/N/EkFfBJunQG1TzsGfO/mc+UvCPHBTL
8VwXCf3z6SmR8h9czh53uJvWzHat1uvU5vLF7vbcjqX4VoyuJjKaS9Cc5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGs4eGFVEHkvUpPgicVCsodeB3tvMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvYXpoNFlWVVFlUzlTay1DSnhVS3loMTRIZTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLgg0AwQA
LgiZAwQAbfioMA0GCSqGSIb3DQEBCwUAA4IBAQCrTnP3//A9+llh5USKhC3a5j/U
nZ5lP7O5zij68uUpw23uxQ8mYvvfk310cOGAZYNgUp0Ogw1dUIOxH9Jvlwv12HWt
3V+aBsU0A0YTGsbb710ObJ7AiT+PPNMuX1sucJaT4eO4zwoe/eNpYa4dJdfdHjLQ
6pCn0vrGH25HHUNg8SDgq9rgL7YBqANV7/TqWkcY7zK1Pn5M17Zsdbb9rsiiYl2y
sJVBClpqW3I5wflF+MkUp8qzfT6kI5I67idmj8wwwe5qETO8wM6grYpqSKKJ+FJD
3oIQRyqvLLv+Qy43gU+R2t2jXdUGSiVWoiK3QLiK2kBnPcaYC1XkzXSdxmG3
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:46:07 2024 by rpki-client on console-ams.rpki-client.org