Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/oMavkHsMhliD5H7DLb2T1p2GW64.roa
File: oMavkHsMhliD5H7DLb2T1p2GW64.roa (raw, json)
Hash identifier: zcDY46/Ua75nRom/b6enIOazQQIOu5e1e4m0H0qYHFU=
Subject key identifier: A0:C6:AF:90:7B:0C:86:58:83:E4:7E:C3:2D:BD:93:D6:9D:86:5B:AE
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018CC794172B5763C90B52CE90EB62547A99
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/oMavkHsMhliD5H7DLb2T1p2GW64.roa
Signing time: Tue 02 Jan 2024 00:30:20 +0000
ROA not before: Tue 02 Jan 2024 00:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42007
IP address blocks: 46.8.132.0/22 maxlen: 24
46.8.130.0/23 maxlen: 24
46.8.136.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:17:2b:57:63:c9:0b:52:ce:90:eb:62:54:7a:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 2 00:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0c6af907b0c865883e47ec32dbd93d69d865bae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3c:ea:11:ec:36:d4:6e:ff:d1:6b:6c:c0:27:
2c:b0:74:66:2a:ed:7c:5b:66:35:ac:64:33:e3:30:
cd:b3:15:14:e4:7e:a0:73:72:22:fa:08:da:57:47:
48:51:cb:04:fe:fa:b7:3e:6a:b7:6a:d6:45:71:bc:
76:6f:e5:9e:f7:55:d6:e8:a3:64:43:71:b1:f9:f8:
d7:86:0b:86:ab:28:f9:da:d4:65:be:70:50:ac:be:
8b:7d:9c:05:97:1e:79:10:ae:ec:ee:5f:4b:43:0d:
5f:c2:88:34:3a:8d:5c:9b:d6:5c:22:5a:c7:ba:64:
ea:a6:44:a6:86:3a:c2:bc:42:96:ef:33:59:d0:da:
6e:b5:be:8b:21:3b:b8:0a:a9:2c:04:0d:03:4f:89:
9e:61:ba:b1:f3:8d:6d:35:85:b8:1c:2c:14:1f:a2:
66:ae:31:4c:4b:e6:fa:6b:6e:98:10:5c:ad:0d:d6:
5c:26:fa:16:14:e0:ec:5d:09:2b:42:79:e8:2c:bf:
fe:fa:8e:ec:d0:df:bd:34:f3:dd:c7:7e:9b:d6:38:
c1:06:71:62:f5:89:88:45:c2:34:b7:77:fe:78:3a:
2d:ec:e2:61:04:fd:db:12:84:29:5b:18:4d:ce:0b:
42:2f:fd:76:35:af:5f:85:03:c8:f5:98:35:12:5b:
27:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C6:AF:90:7B:0C:86:58:83:E4:7E:C3:2D:BD:93:D6:9D:86:5B:AE
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/oMavkHsMhliD5H7DLb2T1p2GW64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.130.0-46.8.139.255
Signature Algorithm: sha256WithRSAEncryption
20:1a:bb:dc:d1:ad:71:29:22:a6:4e:26:70:1f:9e:4d:43:6f:
d0:8c:dc:01:21:61:e7:4b:0a:44:68:76:d6:86:70:43:f6:cd:
f6:d2:4f:d8:72:5a:5a:6a:05:8f:f3:c0:f5:61:5e:da:01:52:
77:73:71:f8:84:5f:cf:ca:39:4b:83:b0:b4:e0:1b:11:c8:72:
89:1b:67:ec:99:63:55:17:eb:e0:a5:14:a5:8c:6b:cf:09:51:
d8:91:f2:ee:18:5b:52:d3:91:ec:d5:01:87:32:2f:b8:0e:72:
1d:91:dd:b1:6d:e2:25:ef:bd:04:0c:b9:be:19:ad:1e:a8:68:
a0:63:d3:15:87:80:70:53:e3:e8:b0:53:69:ef:b9:16:e0:e7:
a2:a2:bc:5e:48:c4:49:73:e3:c0:98:07:a2:af:bd:75:16:07:
96:75:2e:d7:bf:ee:e6:8a:3b:92:84:9b:49:4b:ae:35:58:e5:
76:08:26:cd:2b:a8:a5:63:0b:40:e4:f9:d8:ec:59:69:fe:9e:
67:86:1e:9e:e0:f6:ef:32:02:6d:f4:c2:bb:bc:98:84:49:03:
d5:c8:92:8e:39:9c:4c:9d:43:aa:fb:48:2a:13:6d:f6:08:60:
3b:32:6c:99:1a:8f:e1:60:cd:e8:6e:94:ef:a4:1f:6b:56:59:
55:2f:5e:e2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHlBcrV2PJC1LOkOtiVHqZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMTAyMDAzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGM2YWY5MDdiMGM4NjU4ODNlNDdlYzMyZGJkOTNkNjlkODY1YmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjzqEew21G7/0WtswCcssHRmKu18
W2Y1rGQz4zDNsxUU5H6gc3Ii+gjaV0dIUcsE/vq3Pmq3atZFcbx2b+We91XW6KNk
Q3Gx+fjXhguGqyj52tRlvnBQrL6LfZwFlx55EK7s7l9LQw1fwog0Oo1cm9ZcIlrH
umTqpkSmhjrCvEKW7zNZ0Nputb6LITu4CqksBA0DT4meYbqx841tNYW4HCwUH6Jm
rjFMS+b6a26YEFytDdZcJvoWFODsXQkrQnnoLL/++o7s0N+9NPPdx36b1jjBBnFi
9YmIRcI0t3f+eDot7OJhBP3bEoQpWxhNzgtCL/12Na9fhQPI9Zg1ElsnKQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKDGr5B7DIZYg+R+wy29k9adhluuMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvb01hdmtIc01obGlENUg3RExiMlQxcDJHVzY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAEuCIID
BAIuCIgwDQYJKoZIhvcNAQELBQADggEBACAau9zRrXEpIqZOJnAfnk1Db9CM3AEh
YedLCkRodtaGcEP2zfbST9hyWlpqBY/zwPVhXtoBUndzcfiEX8/KOUuDsLTgGxHI
cokbZ+yZY1UX6+ClFKWMa88JUdiR8u4YW1LTkezVAYcyL7gOch2R3bFt4iXvvQQM
ub4ZrR6oaKBj0xWHgHBT4+iwU2nvuRbg56KivF5IxElz48CYB6KvvXUWB5Z1Lte/
7uaKO5KEm0lLrjVY5XYIJs0rqKVjC0Dk+djsWWn+nmeGHp7g9u8yAm30wru8mIRJ
A9XIko45nEydQ6r7SCoTbfYIYDsybJkaj+FgzehulO+kH2tWWVUvXuI=
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:14:31 2024 by rpki-client on console-fra.rpki-client.org