Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/dFqlwL2-aTb53Mwq1AUgrA_LsOE.roa
File: dFqlwL2-aTb53Mwq1AUgrA_LsOE.roa (raw, json)
Hash identifier: v7CGiL2xfuKDYy/x+EdpeIHlQzwlU9mQzllJcE8wu+k=
Subject key identifier: 74:5A:A5:C0:BD:BE:69:36:F9:DC:CC:2A:D4:05:20:AC:0F:CB:B0:E1
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 018CC64A775D5D8B61403B71EDF8F30C4D6B
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/dFqlwL2-aTb53Mwq1AUgrA_LsOE.roa
Signing time: Mon 01 Jan 2024 18:30:18 +0000
ROA not before: Mon 01 Jan 2024 18:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49200
IP address blocks: 46.243.213.0/24 maxlen: 24
46.243.208.0/24 maxlen: 24
46.243.207.0/24 maxlen: 24
46.243.217.0/24 maxlen: 24
46.243.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:26:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:77:5d:5d:8b:61:40:3b:71:ed:f8:f3:0c:4d:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 18:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=745aa5c0bdbe6936f9dccc2ad40520ac0fcbb0e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d7:0b:93:59:46:01:f1:88:4c:de:0e:3c:58:
c8:5e:4e:33:03:28:a2:4c:55:d8:82:3d:0f:72:96:
13:2c:7f:8b:c4:b7:6d:75:85:55:12:3b:f2:95:fb:
35:47:06:e8:ee:53:ef:7a:56:bb:1a:8a:e0:06:cb:
91:1a:80:ed:f5:74:f9:80:33:02:81:a3:36:84:9f:
90:fc:13:1b:a0:e2:cf:af:d2:26:1e:87:4e:39:7f:
fc:e0:df:70:cb:83:34:c7:72:0d:07:ae:56:24:3c:
a5:36:a3:89:01:52:ad:d5:8f:56:ce:64:ca:d0:1b:
80:cc:8a:30:ed:83:62:90:ba:13:f8:15:89:52:48:
bc:a7:03:48:fe:65:d8:68:91:be:0e:e0:87:a7:03:
f3:dd:b3:57:3c:64:d0:7c:99:67:38:9c:f7:a1:4e:
8b:ce:f5:cc:37:29:d4:51:3c:b3:61:7f:c0:71:b7:
06:8c:c9:a2:c5:79:92:c9:2b:09:eb:ff:72:c5:45:
70:00:6a:0f:10:bf:20:4f:80:e3:e8:5c:7d:7a:4b:
a4:d3:92:77:e2:b2:f7:b9:89:8a:29:b1:a9:98:c3:
a6:4c:18:34:9d:45:ea:4d:1c:25:36:0f:ac:15:f2:
a9:a8:ff:5d:0d:2e:d7:4b:ad:e7:00:19:3d:8b:1b:
c7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:5A:A5:C0:BD:BE:69:36:F9:DC:CC:2A:D4:05:20:AC:0F:CB:B0:E1
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/dFqlwL2-aTb53Mwq1AUgrA_LsOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.207.0-46.243.208.255
46.243.213.0/24
46.243.216.0/23
Signature Algorithm: sha256WithRSAEncryption
03:12:0f:0a:f7:e4:ed:76:fd:b2:8f:f8:d2:d4:02:5b:24:cf:
68:d0:51:eb:e8:e6:ca:b6:9e:cd:61:e7:ac:ec:77:a0:17:e1:
0d:96:85:4d:ae:f4:d1:7e:6b:52:d1:a9:19:1c:14:53:90:74:
3a:89:f8:89:80:d0:54:fd:a2:12:df:5f:44:d2:47:2c:84:f4:
3b:85:24:c5:86:ce:40:28:88:f2:9f:d1:e0:76:3f:9f:85:54:
bb:88:0e:f0:31:1d:ca:e1:62:f9:66:76:ba:3f:81:43:5c:1f:
53:1a:77:f3:70:20:12:53:a4:03:ca:f6:24:51:31:79:e2:e2:
70:92:90:f1:34:d6:20:a4:7f:e1:0d:73:14:db:11:da:7e:81:
83:65:f1:a6:93:3b:f7:1d:96:87:fb:a7:4a:f6:fd:fd:60:66:
b5:21:cb:7c:05:14:64:42:46:fc:67:e7:6d:f2:55:f0:69:d7:
9a:07:ae:67:93:ee:0b:39:cb:e4:43:2f:b1:db:03:b3:f5:72:
f6:c0:0c:8e:fa:2a:bd:2e:80:be:84:47:df:4c:6d:84:68:4c:
f0:7a:e0:cc:9d:b6:26:4b:c4:0f:c6:10:56:5f:20:34:62:54:
c0:b9:64:d0:cd:66:ad:f4:37:79:52:d1:1a:08:4c:e0:f4:bf:
79:48:1a:be
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzGSnddXYthQDtx7fjzDE1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjQwMTAxMTgzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDVhYTVjMGJkYmU2OTM2ZjlkY2NjMmFkNDA1MjBhYzBmY2JiMGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdcLk1lGAfGITN4OPFjIXk4zAyii
TFXYgj0PcpYTLH+LxLdtdYVVEjvylfs1Rwbo7lPvela7GorgBsuRGoDt9XT5gDMC
gaM2hJ+Q/BMboOLPr9ImHodOOX/84N9wy4M0x3INB65WJDylNqOJAVKt1Y9WzmTK
0BuAzIow7YNikLoT+BWJUki8pwNI/mXYaJG+DuCHpwPz3bNXPGTQfJlnOJz3oU6L
zvXMNynUUTyzYX/AcbcGjMmixXmSySsJ6/9yxUVwAGoPEL8gT4Dj6Fx9ekuk05J3
4rL3uYmKKbGpmMOmTBg0nUXqTRwlNg+sFfKpqP9dDS7XS63nABk9ixvHbwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHRapcC9vmk2+dzMKtQFIKwPy7DhMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvZEZxbHdMMi1hVGI1M013cTFBVWdyQV9Mc09FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAu888D
BAAu89ADBAAu89UDBAEu89gwDQYJKoZIhvcNAQELBQADggEBAAMSDwr35O12/bKP
+NLUAlskz2jQUevo5sq2ns1h56zsd6AX4Q2WhU2u9NF+a1LRqRkcFFOQdDqJ+ImA
0FT9ohLfX0TSRyyE9DuFJMWGzkAoiPKf0eB2P5+FVLuIDvAxHcrhYvlmdro/gUNc
H1Mad/NwIBJTpAPK9iRRMXni4nCSkPE01iCkf+ENcxTbEdp+gYNl8aaTO/cdlof7
p0r2/f1gZrUhy3wFFGRCRvxn523yVfBp15oHrmeT7gs5y+RDL7HbA7P1cvbADI76
Kr0ugL6ER99MbYRoTPB64MydtiZLxA/GEFZfIDRiVMC5ZNDNZq30N3lS0RoITOD0
v3lIGr4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:50:17 2024 by rpki-client on console-fra.rpki-client.org