Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/d0DC3r0WhmI0xuna70ByEavfO24.roa
File: d0DC3r0WhmI0xuna70ByEavfO24.roa (raw, json)
Hash identifier: MwNyeOtVcpykWYN1RymG0ROtAVQzp5jKPHSfsEDhadE=
Subject key identifier: 77:40:C2:DE:BD:16:86:62:34:C6:E9:DA:EF:40:72:11:AB:DF:3B:6E
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 018CC64A8409874FB1E41536A6281A24F09E
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/d0DC3r0WhmI0xuna70ByEavfO24.roa
Signing time: Mon 01 Jan 2024 18:30:21 +0000
ROA not before: Mon 01 Jan 2024 18:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202795
IP address blocks: 46.243.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:26:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:84:09:87:4f:b1:e4:15:36:a6:28:1a:24:f0:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 18:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7740c2debd16866234c6e9daef407211abdf3b6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:06:2a:2c:4b:c5:34:61:3c:d1:7a:8a:ca:6b:
39:1c:40:74:3b:ea:2c:e9:b5:38:85:54:4d:17:79:
9b:c0:3b:ac:08:64:04:4d:dd:47:5a:ee:93:d2:38:
a2:2f:0a:fb:ad:7f:43:51:8e:e6:f8:63:c9:c7:e0:
5e:10:a6:8f:c0:f7:03:21:3b:97:f6:2d:64:f8:e1:
ca:10:8a:61:46:c9:e6:0f:35:c6:d0:b5:52:fc:8a:
18:16:e6:47:bc:92:7f:00:2a:8d:05:44:7e:f4:53:
1d:57:9e:0b:2b:c3:63:24:22:8c:f1:76:49:e7:49:
e0:89:71:02:4d:bb:c5:06:f3:41:9e:3b:1e:61:06:
aa:4b:9c:9e:76:87:55:96:02:4d:a2:4b:a2:2e:37:
ff:72:30:9b:1f:26:b8:57:db:c5:28:a8:ff:ff:c1:
83:54:e7:43:65:ae:01:bd:f4:f9:24:6b:03:a7:cc:
78:a7:63:ff:d1:1d:ee:2a:ab:d9:1f:89:13:c6:04:
de:04:f4:7b:3f:ed:59:0a:04:95:92:e2:1a:9e:21:
50:fc:48:2e:58:d2:1a:0e:99:2d:39:8b:7e:3c:85:
25:0d:c1:9d:d9:b0:2a:50:0c:32:a2:8a:d1:04:3e:
be:43:99:e0:f1:09:2d:98:bf:4c:2d:7e:ea:ae:cf:
7d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:40:C2:DE:BD:16:86:62:34:C6:E9:DA:EF:40:72:11:AB:DF:3B:6E
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/d0DC3r0WhmI0xuna70ByEavfO24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.168.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:0a:ca:8b:c5:88:6b:b5:a0:d7:8f:17:b6:a6:f5:73:58:c5:
ae:f1:eb:0b:6f:18:1f:6b:73:7d:47:4a:a7:f4:46:51:00:5e:
52:16:78:75:7e:00:51:7b:05:4c:cf:2b:5e:2e:1a:05:b0:cb:
d2:4b:b3:a0:e2:5f:0d:3e:28:d3:ad:fb:99:d9:2f:7c:9c:16:
6f:39:bd:1f:9f:b5:20:5d:41:87:64:40:23:9d:0e:3d:69:e2:
8d:11:1e:bc:fe:84:94:b3:d3:76:22:41:1a:af:49:f9:d4:66:
a8:0b:ae:a6:75:7a:60:1c:98:37:75:e1:3f:1e:26:2b:a5:08:
4d:cb:65:be:a8:19:5f:5e:fa:e6:2d:9a:7c:a8:4b:2d:e9:d9:
77:ed:fc:04:3b:e3:fa:25:ad:76:fe:1f:9c:3c:16:dd:6e:e3:
7d:ae:67:e0:13:1b:02:52:90:90:61:aa:8a:e4:7d:f6:ff:21:
56:74:32:81:69:20:aa:75:51:87:c0:6f:ac:34:b5:a7:ac:aa:
38:b9:26:72:28:dd:bc:85:aa:2c:2f:72:38:02:37:81:6f:8b:
44:cf:0b:ea:24:5e:6b:c7:dc:5e:2a:00:d2:55:13:34:3c:92:
13:e2:0d:72:40:85:d7:cc:94:47:90:2d:14:3a:f6:e8:ad:c9:
7c:8f:19:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSoQJh0+x5BU2pigaJPCeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjQwMTAxMTgzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzQwYzJkZWJkMTY4NjYyMzRjNmU5ZGFlZjQwNzIxMWFiZGYzYjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwYqLEvFNGE80XqKyms5HEB0O+os
6bU4hVRNF3mbwDusCGQETd1HWu6T0jiiLwr7rX9DUY7m+GPJx+BeEKaPwPcDITuX
9i1k+OHKEIphRsnmDzXG0LVS/IoYFuZHvJJ/ACqNBUR+9FMdV54LK8NjJCKM8XZJ
50ngiXECTbvFBvNBnjseYQaqS5yedodVlgJNokuiLjf/cjCbHya4V9vFKKj//8GD
VOdDZa4BvfT5JGsDp8x4p2P/0R3uKqvZH4kTxgTeBPR7P+1ZCgSVkuIaniFQ/Egu
WNIaDpktOYt+PIUlDcGd2bAqUAwyoorRBD6+Q5ng8QktmL9MLX7qrs99FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHdAwt69FoZiNMbp2u9AchGr3ztuMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvZDBEQzNyMFdobUkweHVuYTcwQnlFYXZmTzI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALvOoMA0G
CSqGSIb3DQEBCwUAA4IBAQClCsqLxYhrtaDXjxe2pvVzWMWu8esLbxgfa3N9R0qn
9EZRAF5SFnh1fgBRewVMzyteLhoFsMvSS7Og4l8NPijTrfuZ2S98nBZvOb0fn7Ug
XUGHZEAjnQ49aeKNER68/oSUs9N2IkEar0n51GaoC66mdXpgHJg3deE/HiYrpQhN
y2W+qBlfXvrmLZp8qEst6dl37fwEO+P6Ja12/h+cPBbdbuN9rmfgExsCUpCQYaqK
5H32/yFWdDKBaSCqdVGHwG+sNLWnrKo4uSZyKN28haosL3I4AjeBb4tEzwvqJF5r
x9xeKgDSVRM0PJIT4g1yQIXXzJRHkC0UOvborcl8jxn9
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:45:12 2024 by rpki-client on console-ams.rpki-client.org