Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/61979a-ea83-4ee7-b7f7-e168db2c54b4/1/Z-3j6QCdK3Z70fc-DIFWdnagoaI.roa
File: Z-3j6QCdK3Z70fc-DIFWdnagoaI.roa (raw, json)
Hash identifier: /T0E/GF06B3Yd3x73UCi9AEiatZ+2FL6hrG6WxS9Gdo=
Subject key identifier: 67:ED:E3:E9:00:9D:2B:76:7B:D1:F7:3E:0C:81:56:76:76:A0:A1:A2
Certificate issuer: /CN=6d9ff4a53a3db0f432820cd737d543f867a972d8
Certificate serial: 018CC86FD1121D3EB2B8DC4024D7FBFBB4DC
Authority key identifier: 6D:9F:F4:A5:3A:3D:B0:F4:32:82:0C:D7:37:D5:43:F8:67:A9:72:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bZ_0pTo9sPQyggzXN9VD-Gepctg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/61979a-ea83-4ee7-b7f7-e168db2c54b4/1/Z-3j6QCdK3Z70fc-DIFWdnagoaI.roa
Signing time: Tue 02 Jan 2024 04:30:20 +0000
ROA not before: Tue 02 Jan 2024 04:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41902
IP address blocks: 46.17.129.0/24 maxlen: 24
46.17.128.0/24 maxlen: 24
46.17.128.0/22 maxlen: 24
46.17.128.0/21 maxlen: 24
46.17.132.0/24 maxlen: 24
46.17.132.0/22 maxlen: 24
46.17.131.0/24 maxlen: 24
46.17.130.0/24 maxlen: 24
46.17.135.0/24 maxlen: 24
46.17.134.0/24 maxlen: 24
46.17.133.0/24 maxlen: 24
194.36.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/61979a-ea83-4ee7-b7f7-e168db2c54b4/1/bZ_0pTo9sPQyggzXN9VD-Gepctg.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/61979a-ea83-4ee7-b7f7-e168db2c54b4/1/bZ_0pTo9sPQyggzXN9VD-Gepctg.mft
rsync://rpki.ripe.net/repository/DEFAULT/bZ_0pTo9sPQyggzXN9VD-Gepctg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:d1:12:1d:3e:b2:b8:dc:40:24:d7:fb:fb:b4:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d9ff4a53a3db0f432820cd737d543f867a972d8
Validity
Not Before: Jan 2 04:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67ede3e9009d2b767bd1f73e0c81567676a0a1a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ce:5d:1e:79:f0:41:83:ed:43:a2:f4:3e:11:
66:88:fa:63:97:1f:ce:7b:d2:5e:85:cf:53:9c:6c:
ca:2e:ef:1f:57:72:48:c8:b2:b9:92:de:9e:18:8c:
03:b8:5e:ed:13:0f:3c:d9:52:33:70:2f:fd:28:b4:
0b:4a:73:4e:92:f4:28:92:d2:ff:2f:d2:bb:98:59:
a2:47:1b:bd:3e:34:80:6a:a3:9b:0b:96:7b:a9:c4:
e2:b0:bf:13:a6:ae:fc:31:1c:8b:fb:8e:14:49:72:
af:29:ce:82:b9:27:37:d9:45:78:4e:b7:55:65:d0:
38:53:7a:41:94:45:17:0a:dd:b2:20:03:a9:f9:fc:
90:63:fc:bd:18:35:26:11:69:18:1d:ca:ce:10:bd:
fa:8f:16:2d:ea:aa:16:2c:1b:1d:ef:4e:7c:64:81:
0f:32:6c:71:d6:a6:aa:3a:87:79:4e:a1:9d:49:87:
2d:5e:6c:d2:17:90:46:a0:e4:c4:13:2b:78:4d:0f:
5a:96:fa:ca:cb:92:60:41:9a:c6:bb:1c:df:48:7b:
ef:85:26:87:4b:26:22:92:1b:09:99:34:0e:47:65:
ce:46:41:2c:55:48:7e:0d:2d:52:a2:7b:77:c6:8e:
8a:ad:86:c6:54:90:c1:2a:85:50:41:f0:70:52:da:
eb:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:ED:E3:E9:00:9D:2B:76:7B:D1:F7:3E:0C:81:56:76:76:A0:A1:A2
X509v3 Authority Key Identifier:
keyid:6D:9F:F4:A5:3A:3D:B0:F4:32:82:0C:D7:37:D5:43:F8:67:A9:72:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bZ_0pTo9sPQyggzXN9VD-Gepctg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/61979a-ea83-4ee7-b7f7-e168db2c54b4/1/Z-3j6QCdK3Z70fc-DIFWdnagoaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/61979a-ea83-4ee7-b7f7-e168db2c54b4/1/bZ_0pTo9sPQyggzXN9VD-Gepctg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.128.0/21
194.36.160.0/24
Signature Algorithm: sha256WithRSAEncryption
07:53:4d:a2:f3:21:f8:5d:fa:51:3a:b0:dc:e8:a2:ba:7a:b5:
10:99:08:bd:62:d6:aa:45:e8:15:f0:ad:92:8c:80:c1:ee:20:
74:aa:f9:11:b5:68:a5:f0:83:c4:63:5a:73:51:c1:3a:d7:b2:
60:78:00:14:05:78:f8:3b:74:61:fc:29:5d:f8:a8:cf:d1:02:
71:87:1a:7f:38:ba:eb:b3:45:33:e0:43:4f:e2:72:b4:80:84:
c9:34:01:10:b7:1c:d4:26:02:57:e2:49:87:f6:b4:47:a4:09:
35:68:2f:48:b5:e2:f7:8f:b1:01:12:76:c0:7d:88:89:3a:d3:
5d:e0:7e:a0:14:95:e0:7e:8e:56:c3:22:e3:c1:07:a8:b6:66:
81:f8:a4:c3:72:00:32:25:03:f5:0d:3d:90:71:7b:cd:a2:5d:
76:5b:c2:50:c5:0c:97:e3:ee:bf:37:76:0b:3f:d7:c1:19:aa:
ce:22:e9:f8:70:17:0e:5a:be:9d:3e:d0:e6:88:0e:fb:0c:57:
77:84:bf:ab:80:bc:3c:19:fd:88:c6:8e:32:07:37:ee:da:9d:
c2:7d:18:17:66:6a:fb:a8:ff:5c:a0:1a:cd:c5:83:06:95:e4:
d5:58:24:79:8c:70:38:5a:26:fb:82:b2:56:f5:d6:46:65:29:
ef:b3:b2:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIb9ESHT6yuNxAJNf7+7TcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkOWZmNGE1M2EzZGIwZjQzMjgyMGNkNzM3ZDU0M2Y4Njdh
OTcyZDgwHhcNMjQwMTAyMDQzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2VkZTNlOTAwOWQyYjc2N2JkMWY3M2UwYzgxNTY3Njc2YTBhMWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAos5dHnnwQYPtQ6L0PhFmiPpjlx/O
e9Jehc9TnGzKLu8fV3JIyLK5kt6eGIwDuF7tEw882VIzcC/9KLQLSnNOkvQoktL/
L9K7mFmiRxu9PjSAaqObC5Z7qcTisL8Tpq78MRyL+44USXKvKc6CuSc32UV4TrdV
ZdA4U3pBlEUXCt2yIAOp+fyQY/y9GDUmEWkYHcrOEL36jxYt6qoWLBsd7058ZIEP
Mmxx1qaqOod5TqGdSYctXmzSF5BGoOTEEyt4TQ9alvrKy5JgQZrGuxzfSHvvhSaH
SyYikhsJmTQOR2XORkEsVUh+DS1Sont3xo6KrYbGVJDBKoVQQfBwUtrrwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGft4+kAnSt2e9H3PgyBVnZ2oKGiMB8GA1UdIwQY
MBaAFG2f9KU6PbD0MoIM1zfVQ/hnqXLYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlpfMHBUbzlzUFF5Z2d6WE45VkQtR2VwY3RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82MTk3OWEtZWE4My00ZWU3LWI3Zjct
ZTE2OGRiMmM1NGI0LzEvWi0zajZRQ2RLM1o3MGZjLURJRldkbmFnb2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82MTk3OWEtZWE4My00ZWU3LWI3ZjctZTE2OGRiMmM1NGI0
LzEvYlpfMHBUbzlzUFF5Z2d6WE45VkQtR2VwY3RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLhGAAwQA
wiSgMA0GCSqGSIb3DQEBCwUAA4IBAQAHU02i8yH4XfpROrDc6KK6erUQmQi9Ytaq
RegV8K2SjIDB7iB0qvkRtWil8IPEY1pzUcE617JgeAAUBXj4O3Rh/Cld+KjP0QJx
hxp/OLrrs0Uz4ENP4nK0gITJNAEQtxzUJgJX4kmH9rRHpAk1aC9IteL3j7EBEnbA
fYiJOtNd4H6gFJXgfo5WwyLjwQeotmaB+KTDcgAyJQP1DT2QcXvNol12W8JQxQyX
4+6/N3YLP9fBGarOIun4cBcOWr6dPtDmiA77DFd3hL+rgLw8Gf2Ixo4yBzfu2p3C
fRgXZmr7qP9coBrNxYMGleTVWCR5jHA4Wib7grJW9dZGZSnvs7K3
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:45:19 2024 by rpki-client on console-fra.rpki-client.org