Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/1-UifhaRVgUhTAluPYSd1ZV-JELU.roa
File: 1-UifhaRVgUhTAluPYSd1ZV-JELU.roa (raw, json)
Hash identifier: ekyFxa4Oa9SMyomWCkXMPDSqCJUlTiO9S47HVlax5kQ=
Subject key identifier: F9:48:9F:85:A4:55:81:48:53:02:5B:8F:61:27:75:65:5F:89:10:B5
Certificate issuer: /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial: 018CC6B783D22C2D5F551F47C4178DEF13C8
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/1-UifhaRVgUhTAluPYSd1ZV-JELU.roa
Signing time: Mon 01 Jan 2024 20:29:24 +0000
ROA not before: Mon 01 Jan 2024 20:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61248
IP address blocks: 46.143.212.0/22 maxlen: 22
46.143.248.0/22 maxlen: 22
109.122.252.0/23 maxlen: 23
109.122.254.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:83:d2:2c:2d:5f:55:1f:47:c4:17:8d:ef:13:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Validity
Not Before: Jan 1 20:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9489f85a455814853025b8f612775655f8910b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:50:8e:7d:c7:f9:dc:62:12:9c:a7:34:06:23:
79:55:59:67:d6:2a:a9:17:8f:c8:51:7d:f9:61:8f:
8a:ab:5f:bb:ae:d9:c9:1e:3f:c5:f6:da:a7:22:34:
a0:c9:e5:1f:44:b1:d0:d4:b7:3f:fc:a5:93:0b:5d:
20:f4:e4:55:08:ca:83:ac:e3:54:36:6e:2a:5e:32:
ae:f2:ad:d2:06:78:01:5d:1c:c6:73:f3:3e:03:1e:
09:03:a4:2a:20:f4:cc:a1:cd:f7:b6:e2:9e:e7:58:
dc:c9:47:b7:79:f4:f5:93:69:fe:fd:d8:2e:5d:c5:
e5:3c:aa:bc:31:67:c9:da:9e:f0:8d:e4:1c:a8:f0:
79:0a:99:e1:66:f1:4f:66:9e:c3:0d:00:c5:71:84:
55:ad:c6:ed:0e:8d:b1:38:20:cc:e8:bd:68:7c:ca:
ca:ee:80:62:19:f0:0c:81:5e:eb:be:d0:b7:67:29:
29:d5:d6:c0:45:8b:6d:aa:e8:52:d5:4f:34:76:6d:
59:5d:bc:24:d5:9e:62:7e:2b:9c:83:b9:03:18:1a:
22:6a:1e:a5:7b:0e:2a:79:9c:f5:b9:46:f9:e3:6b:
49:3c:30:5c:c1:7f:fb:e4:b4:7e:aa:fd:ad:c2:a1:
e8:b6:20:1b:67:3e:03:88:7d:a3:8a:13:65:8c:2e:
a0:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:48:9F:85:A4:55:81:48:53:02:5B:8F:61:27:75:65:5F:89:10:B5
X509v3 Authority Key Identifier:
keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/1-UifhaRVgUhTAluPYSd1ZV-JELU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.143.212.0/22
46.143.248.0/22
109.122.252.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:f8:af:e6:2c:ce:ce:74:2e:3c:cc:3f:24:4e:9f:9f:94:44:
f4:db:33:f6:16:f3:e2:04:69:05:ea:ae:f6:04:76:4e:b7:ca:
ee:b1:14:dc:0b:73:30:7d:40:66:ea:a2:3e:a4:64:9f:4e:74:
fb:d6:9e:51:b8:92:ff:12:08:48:4d:85:a5:3b:52:0e:f6:5f:
fa:c7:8c:24:40:d4:ae:a0:b4:9a:23:0f:41:31:fc:ef:47:84:
8a:8a:3a:9e:6e:dc:c9:60:5d:73:91:e9:72:99:d6:2e:fd:49:
46:95:e6:cc:da:b5:0f:25:3b:71:c7:17:7b:6b:13:05:8a:9c:
62:ae:78:c1:ab:96:cc:1f:6c:87:47:12:b4:ee:73:44:a3:62:
36:08:74:8f:85:fa:79:64:c4:77:c7:eb:d8:97:4f:7a:6e:ed:
75:d3:78:5d:70:1c:8c:cc:38:16:35:3b:58:d6:c9:f2:6a:d8:
f9:2e:b9:fb:aa:c1:76:f1:bc:45:9a:c4:f0:f4:5e:01:ce:33:
7b:f5:90:b5:91:6b:9d:57:b5:9a:7c:d8:1f:ae:95:83:65:55:
ee:36:be:e3:d1:90:cc:97:4b:02:9c:2a:46:bd:ea:b6:47:d6:
f8:ed:d7:90:70:10:0b:46:2d:d1:95:7a:05:c9:99:15:75:d8:
c8:48:9c:ea
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYzGt4PSLC1fVR9HxBeN7xPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhOWU0MTY4NmQyMWMxMjc5OWM4ZTg0YjI3NGFhODI0
MTUwOGMwHhcNMjQwMTAxMjAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTQ4OWY4NWE0NTU4MTQ4NTMwMjViOGY2MTI3NzU2NTVmODkxMGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51COfcf53GISnKc0BiN5VVln1iqp
F4/IUX35YY+Kq1+7rtnJHj/F9tqnIjSgyeUfRLHQ1Lc//KWTC10g9ORVCMqDrONU
Nm4qXjKu8q3SBngBXRzGc/M+Ax4JA6QqIPTMoc33tuKe51jcyUe3efT1k2n+/dgu
XcXlPKq8MWfJ2p7wjeQcqPB5CpnhZvFPZp7DDQDFcYRVrcbtDo2xOCDM6L1ofMrK
7oBiGfAMgV7rvtC3Zykp1dbARYttquhS1U80dm1ZXbwk1Z5ifiucg7kDGBoiah6l
ew4qeZz1uUb542tJPDBcwX/75LR+qv2twqHotiAbZz4DiH2jihNljC6g9QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPlIn4WkVYFIUwJbj2EndWVfiRC1MB8GA1UdIwQY
MBaAFO1tqeQWhtIcEnmcjoSydKqCQVCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYt
MjlmMWJlYjJmMjgyLzEvMS1VaWZoYVJWZ1VoVEFsdVBZU2QxWlYtSkVMVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzEvYWMwMTdjLWZmMjktNDNjZi1hM2Q2LTI5ZjFiZWIyZjI4
Mi8xLzdXMnA1QmFHMGh3U2VaeU9oTEowcW9KQlVJdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAi6P1AME
Ai6P+AMEAm16/DANBgkqhkiG9w0BAQsFAAOCAQEAWviv5izOznQuPMw/JE6fn5RE
9Nsz9hbz4gRpBequ9gR2TrfK7rEU3AtzMH1AZuqiPqRkn050+9aeUbiS/xIISE2F
pTtSDvZf+seMJEDUrqC0miMPQTH870eEioo6nm7cyWBdc5HpcpnWLv1JRpXmzNq1
DyU7cccXe2sTBYqcYq54wauWzB9sh0cStO5zRKNiNgh0j4X6eWTEd8fr2JdPem7t
ddN4XXAcjMw4FjU7WNbJ8mrY+S65+6rBdvG8RZrE8PReAc4ze/WQtZFrnVe1mnzY
H66Vg2VV7ja+49GQzJdLApwqRr3qtkfW+O3XkHAQC0Yt0ZV6BcmZFXXYyEic6g==
-----END CERTIFICATE-----
Generated at Sat May 11 13:19:59 2024 by rpki-client on console-fra.rpki-client.org