Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7Nx48SDpd4fghWkJp78E9DRz-kQ.roa
File: 7Nx48SDpd4fghWkJp78E9DRz-kQ.roa (raw, json)
Hash identifier: /Zn4tED8HG5BYwY/PCzdoeVZDI+Pdowr8bAGDntcuCk=
Subject key identifier: EC:DC:78:F1:20:E9:77:87:E0:85:69:09:A7:BF:04:F4:34:73:FA:44
Certificate issuer: /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial: 019224678D6CA3CFB0DC23F77CBF77DA54AC
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7Nx48SDpd4fghWkJp78E9DRz-kQ.roa
Signing time: Tue 24 Sep 2024 14:20:19 +0000
ROA not before: Tue 24 Sep 2024 14:20:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49970
IP address blocks: 46.143.193.0/24 maxlen: 24
46.143.196.0/24 maxlen: 24
46.143.200.0/24 maxlen: 24
46.143.201.0/24 maxlen: 24
46.143.246.0/24 maxlen: 24
46.143.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:24:67:8d:6c:a3:cf:b0:dc:23:f7:7c:bf:77:da:54:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Validity
Not Before: Sep 24 14:20:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ecdc78f120e97787e0856909a7bf04f43473fa44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:cc:32:6b:6c:a7:37:74:12:e8:c2:15:94:25:
5c:86:fe:0b:d7:67:01:40:09:95:b9:31:69:c4:06:
0d:be:84:71:1b:b9:0a:8a:e4:8b:22:05:27:82:8f:
5f:03:44:b8:86:a9:1a:d4:03:9f:37:cf:94:b2:7d:
3d:90:4c:ca:d1:95:87:d6:3f:bf:37:e7:3b:f4:3f:
c8:d2:49:54:65:29:2f:49:df:e1:e9:8f:0e:39:9b:
e5:3f:55:99:b9:56:05:c9:6e:25:3f:18:4f:aa:fb:
c1:a2:05:a3:ca:f6:b8:ee:ba:ff:61:af:85:63:05:
c3:5c:14:d5:ab:0a:34:72:4a:53:4c:49:ec:33:86:
06:34:62:7a:a1:ee:50:bc:e8:7e:b0:9d:bd:3f:3c:
62:08:6f:e1:a4:01:af:4e:49:0d:48:37:3c:31:5f:
48:f8:1b:ef:e1:fa:00:55:59:63:49:ce:71:c2:ad:
93:b3:7b:64:e4:e3:79:57:12:9b:9f:af:10:4c:5c:
a3:80:d2:04:d7:43:db:cc:e5:f0:cc:28:f0:ae:b9:
37:e2:b8:97:0b:04:bb:83:06:7a:6b:73:42:d2:ff:
77:eb:ec:f6:45:7b:29:14:56:05:82:34:ca:da:cd:
d4:08:a7:c9:33:be:e6:5b:38:73:54:4c:2d:67:5a:
71:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:DC:78:F1:20:E9:77:87:E0:85:69:09:A7:BF:04:F4:34:73:FA:44
X509v3 Authority Key Identifier:
keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7Nx48SDpd4fghWkJp78E9DRz-kQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.143.193.0/24
46.143.196.0/24
46.143.200.0/23
46.143.246.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:d2:56:da:22:79:e0:bf:fd:63:cb:58:6d:fa:fd:1c:58:25:
49:2b:1a:95:50:03:b6:21:db:12:0d:70:80:1e:30:55:33:d2:
37:d2:28:e4:f2:cf:8e:94:db:c1:58:93:ad:fd:72:16:9c:66:
ab:43:88:b7:24:47:89:4b:0e:d8:1f:9a:aa:3a:e8:49:9e:7d:
a8:bd:9a:fa:5c:66:a0:7e:08:fa:77:2c:b7:f9:93:5b:a3:d7:
51:14:e7:57:ad:2d:86:e0:c0:ec:6e:a1:d7:32:b0:8a:bd:48:
ec:1f:a5:20:d8:a5:b4:ee:5f:4d:a9:4e:6e:5a:a2:a8:19:b0:
8d:2b:a4:ff:81:8f:80:96:c9:c0:13:69:64:15:4a:d7:f5:cb:
92:0d:99:35:c4:30:ca:47:c7:86:ba:5b:ce:88:c1:13:ae:a8:
25:68:46:50:fd:34:2b:3e:30:2b:06:cd:7b:0c:d0:7d:47:61:
c9:ee:5c:9e:12:ad:06:c2:df:63:82:fc:aa:1c:1a:a0:be:55:
81:2f:e2:a2:e7:ed:fc:ab:8a:11:3d:8b:3d:70:f1:00:6b:82:
5f:ab:22:45:89:66:39:8a:29:67:50:26:d1:89:44:57:c9:f8:
a5:08:a7:46:6b:76:73:0c:78:93:a7:1f:cc:30:7b:9c:35:da:
94:b6:db:1a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZIkZ41so8+w3CP3fL932lSsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhOWU0MTY4NmQyMWMxMjc5OWM4ZTg0YjI3NGFhODI0
MTUwOGMwHhcNMjQwOTI0MTQyMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2RjNzhmMTIwZTk3Nzg3ZTA4NTY5MDlhN2JmMDRmNDM0NzNmYTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8wya2ynN3QS6MIVlCVchv4L12cB
QAmVuTFpxAYNvoRxG7kKiuSLIgUngo9fA0S4hqka1AOfN8+Usn09kEzK0ZWH1j+/
N+c79D/I0klUZSkvSd/h6Y8OOZvlP1WZuVYFyW4lPxhPqvvBogWjyva47rr/Ya+F
YwXDXBTVqwo0ckpTTEnsM4YGNGJ6oe5QvOh+sJ29PzxiCG/hpAGvTkkNSDc8MV9I
+Bvv4foAVVljSc5xwq2Ts3tk5ON5VxKbn68QTFyjgNIE10PbzOXwzCjwrrk34riX
CwS7gwZ6a3NC0v936+z2RXspFFYFgjTK2s3UCKfJM77mWzhzVEwtZ1pxTwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOzcePEg6XeH4IVpCae/BPQ0c/pEMB8GA1UdIwQY
MBaAFO1tqeQWhtIcEnmcjoSydKqCQVCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYt
MjlmMWJlYjJmMjgyLzEvN054NDhTRHBkNGZnaFdrSnA3OEU5RFJ6LWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYtMjlmMWJlYjJmMjgy
LzEvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALo/BAwQA
Lo/EAwQBLo/IAwQBLo/2MA0GCSqGSIb3DQEBCwUAA4IBAQBt0lbaInngv/1jy1ht
+v0cWCVJKxqVUAO2IdsSDXCAHjBVM9I30ijk8s+OlNvBWJOt/XIWnGarQ4i3JEeJ
Sw7YH5qqOuhJnn2ovZr6XGagfgj6dyy3+ZNbo9dRFOdXrS2G4MDsbqHXMrCKvUjs
H6Ug2KW07l9NqU5uWqKoGbCNK6T/gY+AlsnAE2lkFUrX9cuSDZk1xDDKR8eGulvO
iMETrqglaEZQ/TQrPjArBs17DNB9R2HJ7lyeEq0Gwt9jgvyqHBqgvlWBL+Ki5+38
q4oRPYs9cPEAa4JfqyJFiWY5iilnUCbRiURXyfilCKdGa3ZzDHiTpx/MMHucNdqU
ttsa
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:48:00 2024 by rpki-client on console-ams.rpki-client.org