Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/_FxQjr3wOUFoc7uKt45zexb9rIQ.roa
File: _FxQjr3wOUFoc7uKt45zexb9rIQ.roa (raw, json)
Hash identifier: Qs04KdohopHRLhxxnOuO4a9FJv8NpBBE8YYo0NevXbY=
Subject key identifier: FC:5C:50:8E:BD:F0:39:41:68:73:BB:8A:B7:8E:73:7B:16:FD:AC:84
Certificate issuer: /CN=66f90e75df98afb43019ce750350e769b99fbc13
Certificate serial: 018CC94C3A839A750001106691A66AD6AA81
Authority key identifier: 66:F9:0E:75:DF:98:AF:B4:30:19:CE:75:03:50:E7:69:B9:9F:BC:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvkOdd-Yr7QwGc51A1DnabmfvBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/_FxQjr3wOUFoc7uKt45zexb9rIQ.roa
Signing time: Tue 02 Jan 2024 08:31:05 +0000
ROA not before: Tue 02 Jan 2024 08:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197465
IP address blocks: 46.23.242.0/24 maxlen: 24
46.23.240.0/20 maxlen: 20
46.23.241.0/24 maxlen: 24
2a02:5000::/32 maxlen: 32
2a02:5000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/ZvkOdd-Yr7QwGc51A1DnabmfvBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/ZvkOdd-Yr7QwGc51A1DnabmfvBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZvkOdd-Yr7QwGc51A1DnabmfvBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:3a:83:9a:75:00:01:10:66:91:a6:6a:d6:aa:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f90e75df98afb43019ce750350e769b99fbc13
Validity
Not Before: Jan 2 08:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc5c508ebdf039416873bb8ab78e737b16fdac84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b2:6c:52:ff:73:55:18:b0:b1:7d:cb:f7:31:
4b:42:5a:27:c0:09:e8:27:40:86:4c:d0:de:d5:a5:
92:d0:3b:a7:44:86:06:79:c9:fd:06:16:76:83:0b:
e3:23:02:10:f0:f1:f5:40:20:71:85:b3:bf:d2:a5:
59:5d:63:9e:51:8a:12:6a:bf:94:b4:e4:01:cc:14:
5a:b1:26:c2:c5:92:c6:2a:0b:fd:19:a5:50:54:98:
da:59:4f:d0:8d:19:a0:c5:6c:44:0c:82:26:1b:f2:
e6:18:25:38:94:af:1f:5f:3c:34:e8:38:8e:20:30:
7c:82:b0:d6:8f:e3:49:e5:ef:63:f0:20:6d:75:fd:
89:df:e8:d2:06:7c:b9:ab:46:5f:ec:0d:20:eb:86:
60:3e:55:df:8a:0a:8f:52:76:eb:cc:fc:57:1e:8a:
c5:81:62:30:80:df:21:52:bf:05:e9:9d:57:40:bd:
c0:9d:b5:c5:de:5b:df:bd:4a:f0:64:be:b2:0e:05:
7a:74:17:b6:21:c9:f0:76:53:c7:aa:4a:8f:c3:b6:
48:3c:dc:e6:87:ae:d4:d7:29:b1:4b:75:25:5b:09:
07:0a:1c:44:40:a2:0e:14:0b:a2:5c:c1:74:a9:61:
04:27:57:0b:79:56:21:9c:ca:ba:07:9b:28:d2:09:
11:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:5C:50:8E:BD:F0:39:41:68:73:BB:8A:B7:8E:73:7B:16:FD:AC:84
X509v3 Authority Key Identifier:
keyid:66:F9:0E:75:DF:98:AF:B4:30:19:CE:75:03:50:E7:69:B9:9F:BC:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvkOdd-Yr7QwGc51A1DnabmfvBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/_FxQjr3wOUFoc7uKt45zexb9rIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/ZvkOdd-Yr7QwGc51A1DnabmfvBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.240.0/20
IPv6:
2a02:5000::/32
Signature Algorithm: sha256WithRSAEncryption
1f:32:ab:4e:4f:73:3d:04:0c:50:d8:dd:08:4e:9e:76:35:93:
96:35:d5:3f:43:92:5d:5b:13:ed:b2:5d:a3:eb:0d:b9:86:00:
54:da:19:76:9c:1a:9b:a5:77:30:af:c7:71:ec:09:fa:ec:43:
42:0c:9a:b6:49:bc:20:bc:e4:54:88:3e:80:b6:82:e7:50:04:
84:af:02:ca:ff:93:d2:66:6e:f0:ef:76:17:ee:20:cf:f7:d3:
77:43:42:75:a7:2e:a4:fc:93:d5:94:f6:01:04:51:dc:f5:c4:
20:70:2a:02:84:f6:d1:ba:d8:0f:1a:5a:91:32:ff:2c:d4:48:
a7:46:9f:85:e9:a3:82:1f:9d:c0:8c:ea:66:11:1c:19:23:ba:
75:35:3a:e3:37:22:48:28:b0:12:03:82:f4:0c:a5:de:22:e8:
1a:02:d2:f5:c6:e1:2f:71:a9:a4:eb:0f:06:9e:a5:a8:af:0c:
dc:9e:b9:63:bd:be:6c:f6:d4:84:fa:78:1c:25:42:b7:96:12:
31:e7:e7:f6:fa:25:c0:47:65:65:32:99:69:1a:9f:62:d8:6e:
4a:be:0d:c4:fe:ab:34:34:74:94:38:13:56:e8:5c:6c:4a:7a:
43:34:f7:d5:13:e7:54:77:ec:5c:48:a0:5f:25:a9:a4:4c:74:
5f:4c:90:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTDqDmnUAARBmkaZq1qqBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjkwZTc1ZGY5OGFmYjQzMDE5Y2U3NTAzNTBlNzY5Yjk5
ZmJjMTMwHhcNMjQwMTAyMDgzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzVjNTA4ZWJkZjAzOTQxNjg3M2JiOGFiNzhlNzM3YjE2ZmRhYzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrJsUv9zVRiwsX3L9zFLQlonwAno
J0CGTNDe1aWS0DunRIYGecn9BhZ2gwvjIwIQ8PH1QCBxhbO/0qVZXWOeUYoSar+U
tOQBzBRasSbCxZLGKgv9GaVQVJjaWU/QjRmgxWxEDIImG/LmGCU4lK8fXzw06DiO
IDB8grDWj+NJ5e9j8CBtdf2J3+jSBny5q0Zf7A0g64ZgPlXfigqPUnbrzPxXHorF
gWIwgN8hUr8F6Z1XQL3AnbXF3lvfvUrwZL6yDgV6dBe2IcnwdlPHqkqPw7ZIPNzm
h67U1ymxS3UlWwkHChxEQKIOFAuiXMF0qWEEJ1cLeVYhnMq6B5so0gkRcQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPxcUI698DlBaHO7ireOc3sW/ayEMB8GA1UdIwQY
MBaAFGb5DnXfmK+0MBnOdQNQ52m5n7wTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZrT2RkLVlyN1F3R2M1MUExRG5hYm1mdkJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81YTY5OGQtOTk4YS00OGJhLThkYzUt
MzMzZjBjOTkyNzllLzEvX0Z4UWpyM3dPVUZvYzd1S3Q0NXpleGI5cklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81YTY5OGQtOTk4YS00OGJhLThkYzUtMzMzZjBjOTkyNzll
LzEvWnZrT2RkLVlyN1F3R2M1MUExRG5hYm1mdkJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQELhfwMA0E
AgACMAcDBQAqAlAAMA0GCSqGSIb3DQEBCwUAA4IBAQAfMqtOT3M9BAxQ2N0ITp52
NZOWNdU/Q5JdWxPtsl2j6w25hgBU2hl2nBqbpXcwr8dx7An67ENCDJq2SbwgvORU
iD6AtoLnUASErwLK/5PSZm7w73YX7iDP99N3Q0J1py6k/JPVlPYBBFHc9cQgcCoC
hPbRutgPGlqRMv8s1EinRp+F6aOCH53AjOpmERwZI7p1NTrjNyJIKLASA4L0DKXe
IugaAtL1xuEvcamk6w8GnqWorwzcnrljvb5s9tSE+ngcJUK3lhIx5+f2+iXAR2Vl
MplpGp9i2G5Kvg3E/qs0NHSUOBNW6FxsSnpDNPfVE+dUd+xcSKBfJamkTHRfTJCL
-----END CERTIFICATE-----
Generated at Tue Dec 3 18:14:01 2024 by rpki-client on console-fra.rpki-client.org