Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/ftX27goD73h4xz-wuYfXSzNBBjo.roa
File: ftX27goD73h4xz-wuYfXSzNBBjo.roa (raw, json)
Hash identifier: 3+duvh74M5RLeQF6azlmeB0QtH0Deg9pHSZVGjOlGXs=
Subject key identifier: 7E:D5:F6:EE:0A:03:EF:78:78:C7:3F:B0:B9:87:D7:4B:33:41:06:3A
Certificate issuer: /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial: 019224678CEF7EB3A81A9EE0D5300E0E06DB
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/ftX27goD73h4xz-wuYfXSzNBBjo.roa
Signing time: Tue 24 Sep 2024 14:20:18 +0000
ROA not before: Tue 24 Sep 2024 14:20:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 46.143.204.0/22 maxlen: 22
46.143.204.0/24 maxlen: 24
46.143.205.0/24 maxlen: 24
46.143.206.0/24 maxlen: 24
185.84.220.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 14:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:24:67:8c:ef:7e:b3:a8:1a:9e:e0:d5:30:0e:0e:06:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Validity
Not Before: Sep 24 14:20:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ed5f6ee0a03ef7878c73fb0b987d74b3341063a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:0b:04:1f:19:90:d0:ca:75:16:55:31:38:fc:
29:cc:e9:87:91:4f:72:65:77:9b:83:b1:27:63:73:
79:3e:7b:69:fd:1c:01:fb:3e:0f:c6:67:a5:cb:5c:
ca:7f:69:4f:4e:25:34:20:1c:42:5e:d7:cf:a2:9d:
c3:78:6e:55:45:91:13:2f:80:d9:3c:f0:24:d6:bd:
7a:4d:10:c6:f6:74:8c:f8:da:13:f1:a0:fc:ed:a6:
c8:ca:d6:e1:2c:23:6d:25:2f:08:c3:30:db:f8:61:
ff:fe:78:7c:b2:67:7c:3e:57:25:eb:4d:26:22:04:
a2:2e:3e:68:39:28:98:dc:92:d1:8d:d2:0b:51:7f:
de:55:d1:7a:15:02:17:55:dc:71:b5:1f:ef:08:fa:
22:56:ee:66:6c:c5:38:1c:7c:60:e2:86:55:57:bc:
eb:8f:f1:17:c7:fe:d8:f9:f7:9a:92:d0:65:78:4a:
29:29:6b:10:0f:c6:54:13:d7:ba:86:d2:25:31:cb:
6e:6f:e4:7f:04:15:c1:a1:22:40:66:b1:d0:0f:c0:
05:fb:ab:c6:9f:96:25:5a:64:e2:80:31:df:92:1d:
4a:20:00:1d:f8:a4:68:30:86:83:a8:8b:f1:33:f3:
f6:bd:f3:b5:c4:ee:7c:73:06:3c:a3:3e:cb:76:5e:
e4:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:D5:F6:EE:0A:03:EF:78:78:C7:3F:B0:B9:87:D7:4B:33:41:06:3A
X509v3 Authority Key Identifier:
keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/ftX27goD73h4xz-wuYfXSzNBBjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.143.204.0/22
185.84.220.0/22
Signature Algorithm: sha256WithRSAEncryption
00:1f:81:f8:08:74:37:ee:55:b4:66:0b:aa:5c:b7:70:f4:95:
23:db:22:bb:0e:ea:e8:01:9e:1d:93:9a:7a:dd:42:83:c1:68:
df:36:78:fb:8b:90:4b:60:13:c6:c9:6c:8b:6f:1e:bf:8f:4d:
82:08:60:b6:f3:d0:00:41:e5:72:34:97:29:d7:9c:96:bd:36:
82:55:b8:46:15:6d:5a:88:83:69:26:ed:8c:ce:5c:64:a1:9d:
0a:15:9b:b2:28:1e:d5:be:4d:5e:ed:cb:85:08:f4:ff:b7:d4:
56:03:7a:ca:2e:82:d8:3e:77:8f:25:6b:a2:f9:74:50:af:2a:
9b:28:17:b9:1f:a8:49:3a:6f:c0:ff:0f:79:f0:d2:f6:9f:7e:
67:fa:69:17:78:01:18:0f:81:4f:31:df:87:16:da:c9:50:ba:
c7:6d:d1:1d:26:07:b1:81:70:20:dd:0f:fc:cc:22:c3:d3:c5:
6d:7a:12:9f:0e:94:78:26:98:d1:d9:00:90:1a:c5:f5:49:82:
55:13:9b:8b:3d:40:89:33:f3:c0:f7:a1:8b:37:f0:e5:46:9a:
03:83:49:70:77:9d:db:df:c7:8b:65:79:e0:f8:1a:b5:b0:42:
f7:4d:fd:f7:bd:e1:4b:be:7d:4c:50:29:50:34:15:a4:ad:a1:
21:e0:b9:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIkZ4zvfrOoGp7g1TAODgbbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhOWU0MTY4NmQyMWMxMjc5OWM4ZTg0YjI3NGFhODI0
MTUwOGMwHhcNMjQwOTI0MTQyMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWQ1ZjZlZTBhMDNlZjc4NzhjNzNmYjBiOTg3ZDc0YjMzNDEwNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8gsEHxmQ0Mp1FlUxOPwpzOmHkU9y
ZXebg7EnY3N5Pntp/RwB+z4Pxmely1zKf2lPTiU0IBxCXtfPop3DeG5VRZETL4DZ
PPAk1r16TRDG9nSM+NoT8aD87abIytbhLCNtJS8IwzDb+GH//nh8smd8Plcl600m
IgSiLj5oOSiY3JLRjdILUX/eVdF6FQIXVdxxtR/vCPoiVu5mbMU4HHxg4oZVV7zr
j/EXx/7Y+feaktBleEopKWsQD8ZUE9e6htIlMctub+R/BBXBoSJAZrHQD8AF+6vG
n5YlWmTigDHfkh1KIAAd+KRoMIaDqIvxM/P2vfO1xO58cwY8oz7Ldl7kfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH7V9u4KA+94eMc/sLmH10szQQY6MB8GA1UdIwQY
MBaAFO1tqeQWhtIcEnmcjoSydKqCQVCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYt
MjlmMWJlYjJmMjgyLzEvZnRYMjdnb0Q3M2g0eHotd3VZZlhTek5CQmpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYtMjlmMWJlYjJmMjgy
LzEvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLo/MAwQC
uVTcMA0GCSqGSIb3DQEBCwUAA4IBAQAAH4H4CHQ37lW0ZguqXLdw9JUj2yK7Duro
AZ4dk5p63UKDwWjfNnj7i5BLYBPGyWyLbx6/j02CCGC289AAQeVyNJcp15yWvTaC
VbhGFW1aiINpJu2MzlxkoZ0KFZuyKB7Vvk1e7cuFCPT/t9RWA3rKLoLYPnePJWui
+XRQryqbKBe5H6hJOm/A/w958NL2n35n+mkXeAEYD4FPMd+HFtrJULrHbdEdJgex
gXAg3Q/8zCLD08VtehKfDpR4JpjR2QCQGsX1SYJVE5uLPUCJM/PA96GLN/DlRpoD
g0lwd53b38eLZXng+Bq1sEL3Tf33veFLvn1MUClQNBWkraEh4Llm
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:07:58 2024 by rpki-client on console-ams.rpki-client.org