Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/hkccrp6qN7Gg7sZ9ifppFbFobHc.roa
File: hkccrp6qN7Gg7sZ9ifppFbFobHc.roa (raw, json)
Hash identifier: TCLWUzURpUCjmdCcVn+5ZFF5JOc5n/MRyLFukmmyMRE=
Subject key identifier: 86:47:1C:AE:9E:AA:37:B1:A0:EE:C6:7D:89:FA:69:15:B1:68:6C:77
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01915A9CFA4C4CE899A86A58DBBAA9067856
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/hkccrp6qN7Gg7sZ9ifppFbFobHc.roa
Signing time: Fri 16 Aug 2024 09:55:22 +0000
ROA not before: Fri 16 Aug 2024 09:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16262
IP address blocks: 46.8.52.0/23 maxlen: 32
46.8.153.0/24 maxlen: 24
109.248.168.0/24 maxlen: 24
109.248.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5a:9c:fa:4c:4c:e8:99:a8:6a:58:db:ba:a9:06:78:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Aug 16 09:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86471cae9eaa37b1a0eec67d89fa6915b1686c77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:78:3a:15:7b:0e:a1:c3:6c:4a:c3:60:19:d5:
40:b2:70:44:ae:64:1a:bb:40:28:c3:b2:e7:93:5d:
c1:5d:aa:a3:c0:62:44:00:87:8a:b2:aa:56:df:22:
13:63:6d:90:bf:13:57:a1:99:03:c7:95:10:74:f0:
e3:ce:71:4a:fb:e1:3f:f8:0d:47:6a:72:9b:87:b5:
1f:4d:8b:11:a4:89:bd:5a:4a:a6:da:4d:9e:92:bf:
c6:f9:72:53:c5:c4:40:4c:46:19:3b:b6:8b:42:ee:
ec:93:c7:db:10:5d:49:c5:9e:e8:c3:4b:41:c5:25:
95:46:4d:94:d8:7f:4c:f6:0c:e2:df:7f:a3:bf:d8:
86:1e:53:03:00:26:65:ce:7b:39:4b:7d:0a:10:8c:
dd:1e:8f:68:e7:aa:9f:f0:5f:31:d8:44:81:80:ad:
7e:b7:23:db:e3:6f:42:5e:24:87:b7:1f:c9:b8:fd:
dd:44:58:d5:39:23:b8:39:d2:31:bb:7b:d3:a3:2a:
d4:3a:18:b1:da:2d:a6:5a:16:9f:ad:d0:07:27:d5:
7e:3b:cd:db:86:cb:ae:b5:61:8e:aa:2a:56:bf:9d:
c9:bc:b9:91:c9:f6:7f:de:5d:52:64:a9:00:be:27:
5a:58:03:0f:99:21:9e:56:af:a8:81:e7:ad:6d:00:
f8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:47:1C:AE:9E:AA:37:B1:A0:EE:C6:7D:89:FA:69:15:B1:68:6C:77
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/hkccrp6qN7Gg7sZ9ifppFbFobHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.52.0/23
46.8.153.0/24
109.248.168.0/23
Signature Algorithm: sha256WithRSAEncryption
04:ec:84:9c:27:b0:4b:77:d5:98:eb:14:f2:14:1e:08:de:65:
18:7d:40:c5:0b:8e:2f:44:82:e9:fd:11:20:25:d7:71:61:64:
ef:94:c6:db:e1:ee:ae:de:39:29:61:87:e6:6b:f8:2c:e5:65:
2d:70:9f:67:59:c1:15:85:65:a9:bb:ee:41:9d:cb:55:91:b1:
c4:db:37:43:c2:0c:bd:ca:b3:f0:9f:d8:18:b0:ca:a2:87:b6:
0a:20:21:20:80:70:98:6d:fc:15:00:29:01:d3:62:be:44:fd:
0a:9f:5e:35:4b:e8:53:16:bf:1b:50:1f:ca:8f:dc:8a:50:ee:
bf:d6:3a:5e:b1:1f:c9:ee:fa:ab:e5:91:b9:74:0b:83:4a:68:
cd:97:cf:c4:62:b7:3d:f1:92:d1:f9:1b:27:d3:8c:4d:6a:2f:
18:fd:24:cd:2d:4b:d8:48:a9:da:f6:84:99:38:83:86:3c:5f:
10:69:64:2d:9c:94:a3:f7:39:69:b4:2c:ca:f0:da:e9:30:ec:
5b:ec:81:ac:d0:62:eb:ea:c6:60:c5:b7:dd:a6:f9:e6:ba:56:
ce:a5:7c:d5:e6:e4:68:4b:b1:05:df:7a:12:f5:cc:e6:00:2d:
0d:4a:c7:bd:52:05:31:ea:a1:7a:28:af:5c:15:62:07:15:25:
6e:17:ef:29
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFanPpMTOiZqGpY27qpBnhWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwODE2MDk1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjQ3MWNhZTllYWEzN2IxYTBlZWM2N2Q4OWZhNjkxNWIxNjg2Yzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApng6FXsOocNsSsNgGdVAsnBErmQa
u0Aow7Lnk13BXaqjwGJEAIeKsqpW3yITY22QvxNXoZkDx5UQdPDjznFK++E/+A1H
anKbh7UfTYsRpIm9Wkqm2k2ekr/G+XJTxcRATEYZO7aLQu7sk8fbEF1JxZ7ow0tB
xSWVRk2U2H9M9gzi33+jv9iGHlMDACZlzns5S30KEIzdHo9o56qf8F8x2ESBgK1+
tyPb429CXiSHtx/JuP3dRFjVOSO4OdIxu3vToyrUOhix2i2mWhafrdAHJ9V+O83b
hsuutWGOqipWv53JvLmRyfZ/3l1SZKkAvidaWAMPmSGeVq+ogeetbQD4CwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIZHHK6eqjexoO7GfYn6aRWxaGx3MB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvaGtjY3JwNnFON0dnN3NaOWlmcHBGYkZvYkhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLgg0AwQA
LgiZAwQBbfioMA0GCSqGSIb3DQEBCwUAA4IBAQAE7IScJ7BLd9WY6xTyFB4I3mUY
fUDFC44vRILp/REgJddxYWTvlMbb4e6u3jkpYYfma/gs5WUtcJ9nWcEVhWWpu+5B
nctVkbHE2zdDwgy9yrPwn9gYsMqih7YKICEggHCYbfwVACkB02K+RP0Kn141S+hT
Fr8bUB/Kj9yKUO6/1jpesR/J7vqr5ZG5dAuDSmjNl8/EYrc98ZLR+Rsn04xNai8Y
/STNLUvYSKna9oSZOIOGPF8QaWQtnJSj9zlptCzK8NrpMOxb7IGs0GLr6sZgxbfd
pvnmulbOpXzV5uRoS7EF33oS9czmAC0NSse9UgUx6qF6KK9cFWIHFSVuF+8p
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:54:05 2024 by rpki-client on console-fra.rpki-client.org