Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/mXabzIU93iNPKjccCbX-amY-oKA.roa
File: mXabzIU93iNPKjccCbX-amY-oKA.roa (raw, json)
Hash identifier: CtvZPI5Rw0Yo5MePPbLP5xIT9VOwjm3mgNE0jkIqRA8=
Subject key identifier: 99:76:9B:CC:85:3D:DE:23:4F:2A:37:1C:09:B5:FE:6A:66:3E:A0:A0
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 0192AEBC3D6A6E4A712055DA0A9CE21071FC
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/mXabzIU93iNPKjccCbX-amY-oKA.roa
Signing time: Mon 21 Oct 2024 11:00:24 +0000
ROA not before: Mon 21 Oct 2024 11:00:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56971
IP address blocks: 46.8.64.0/24 maxlen: 24
46.8.224.0/24 maxlen: 24
46.8.225.0/24 maxlen: 24
46.8.226.0/24 maxlen: 24
46.8.227.0/24 maxlen: 24
46.8.228.0/24 maxlen: 24
46.8.229.0/24 maxlen: 24
46.8.230.0/24 maxlen: 24
46.8.231.0/24 maxlen: 24
46.8.236.0/24 maxlen: 24
46.8.237.0/24 maxlen: 24
46.8.238.0/24 maxlen: 32
95.182.101.0/24 maxlen: 24
188.130.154.0/24 maxlen: 24
188.130.206.0/24 maxlen: 32
188.130.207.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ae:bc:3d:6a:6e:4a:71:20:55:da:0a:9c:e2:10:71:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Oct 21 11:00:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99769bcc853dde234f2a371c09b5fe6a663ea0a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ac:63:ff:69:a5:5a:23:4f:aa:e6:19:5b:a8:
2d:72:01:1f:12:97:9e:5c:27:5e:2e:b2:ea:90:3d:
50:8b:31:c6:a5:eb:eb:80:47:cd:9d:6b:fb:ec:79:
38:d2:79:51:7a:36:9d:81:97:9c:71:74:4c:17:ca:
16:f4:93:2b:4d:dc:3f:f9:d5:03:a5:aa:32:6d:f7:
89:c0:9d:8a:31:69:76:22:7c:7d:c8:42:e5:11:b6:
1f:1a:74:d3:92:f6:66:b4:7a:00:73:b3:8a:19:89:
00:bf:41:b0:3e:1b:70:de:92:e1:dd:12:57:be:de:
2b:a3:62:37:34:38:26:4e:e9:ea:71:66:5a:46:ce:
58:1c:09:4d:a8:08:65:22:9a:93:37:cd:f5:b3:17:
e2:19:7c:5b:1d:72:3f:a6:e6:b2:e7:1a:eb:82:c9:
d4:67:c2:d7:7c:1c:f5:fa:2a:05:62:28:5d:73:b3:
4d:0b:76:03:ab:ce:4e:b6:53:5d:6f:56:14:be:7f:
b5:b7:86:dd:9c:85:89:99:a1:4d:d4:90:52:95:b3:
17:56:72:15:d5:4f:fa:85:4e:bc:75:c7:3a:86:cd:
a4:f6:e4:7c:2a:59:25:4f:5d:6a:c7:db:60:b3:d2:
89:53:d7:7f:33:3f:37:3d:46:01:e6:02:63:a7:50:
a1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:76:9B:CC:85:3D:DE:23:4F:2A:37:1C:09:B5:FE:6A:66:3E:A0:A0
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/mXabzIU93iNPKjccCbX-amY-oKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.64.0/24
46.8.224.0/21
46.8.236.0-46.8.238.255
95.182.101.0/24
188.130.154.0/24
188.130.206.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:67:e3:8f:92:8c:9e:5d:a8:2b:28:24:7b:ed:54:b5:4b:09:
25:f0:cf:f4:97:ee:4e:db:a8:18:19:0d:19:24:d8:56:e1:23:
e2:49:84:63:0d:7f:de:97:a1:e5:c7:ab:86:c6:bf:8d:e3:f7:
1b:e3:6b:cd:80:2a:0e:dd:5c:69:b6:23:62:a9:38:15:2d:2a:
25:40:38:fb:ec:22:49:7a:79:c3:57:d3:47:35:49:ae:bc:7d:
df:70:a2:8b:8e:fe:39:22:47:86:e2:2b:bd:b6:3c:30:87:21:
dc:fb:59:9a:45:65:c3:12:71:c9:7f:b1:bf:ea:7d:5a:5f:25:
f2:55:5c:b5:21:4b:80:c8:7e:17:ce:e8:4a:68:ee:90:f5:27:
9a:42:10:56:7e:6b:40:f5:22:23:c9:29:44:aa:5a:8e:c8:c4:
23:35:c2:d9:ca:ab:d3:11:28:c8:b4:20:09:6f:ba:f3:30:e9:
07:97:e8:c6:69:77:82:c7:85:b3:13:f6:d0:06:d2:01:3f:2a:
52:95:f9:83:7b:99:0f:07:69:78:6f:12:dd:be:a8:38:56:cd:
78:59:fb:1b:da:59:3d:43:0a:c5:2c:9b:8a:c3:24:5e:65:22:
6e:ba:e0:c3:47:aa:05:e7:0c:32:35:83:0a:88:e4:e8:a7:3e:
9f:d8:16:52
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZKuvD1qbkpxIFXaCpziEHH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQxMDIxMTEwMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTc2OWJjYzg1M2RkZTIzNGYyYTM3MWMwOWI1ZmU2YTY2M2VhMGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqxj/2mlWiNPquYZW6gtcgEfEpee
XCdeLrLqkD1QizHGpevrgEfNnWv77Hk40nlRejadgZeccXRMF8oW9JMrTdw/+dUD
paoybfeJwJ2KMWl2Inx9yELlEbYfGnTTkvZmtHoAc7OKGYkAv0GwPhtw3pLh3RJX
vt4ro2I3NDgmTunqcWZaRs5YHAlNqAhlIpqTN831sxfiGXxbHXI/puay5xrrgsnU
Z8LXfBz1+ioFYihdc7NNC3YDq85OtlNdb1YUvn+1t4bdnIWJmaFN1JBSlbMXVnIV
1U/6hU68dcc6hs2k9uR8KlklT11qx9tgs9KJU9d/Mz83PUYB5gJjp1ChlwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJl2m8yFPd4jTyo3HAm1/mpmPqCgMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvbVhhYnpJVTkzaU5QS2pjY0NiWC1hbVktb0tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALghAAwQD
LgjgMAwDBAIuCOwDBAAuCO4DBABftmUDBAC8gpoDBAG8gs4wDQYJKoZIhvcNAQEL
BQADggEBAE5n44+SjJ5dqCsoJHvtVLVLCSXwz/SX7k7bqBgZDRkk2FbhI+JJhGMN
f96XoeXHq4bGv43j9xvja82AKg7dXGm2I2KpOBUtKiVAOPvsIkl6ecNX00c1Sa68
fd9woouO/jkiR4biK722PDCHIdz7WZpFZcMSccl/sb/qfVpfJfJVXLUhS4DIfhfO
6Epo7pD1J5pCEFZ+a0D1IiPJKUSqWo7IxCM1wtnKq9MRKMi0IAlvuvMw6QeX6MZp
d4LHhbMT9tAG0gE/KlKV+YN7mQ8HaXhvEt2+qDhWzXhZ+xvaWT1DCsUsm4rDJF5l
Im664MNHqgXnDDI1gwqI5OinPp/YFlI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:54:05 2024 by rpki-client on console-fra.rpki-client.org