Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9011b1-b6dc-4e11-ba21-e23a3934b6f7/1/_hxR3pMhGPTwhZSic8DlNI5cnLM.roa
File: _hxR3pMhGPTwhZSic8DlNI5cnLM.roa (raw, json)
Hash identifier: K63r0Bz5BVnYqkVUVC8CqL1lxzPtWUhkK/7jVKzZwy8=
Subject key identifier: FE:1C:51:DE:93:21:18:F4:F0:85:94:A2:73:C0:E5:34:8E:5C:9C:B3
Certificate issuer: /CN=173b0d7f0eac665733d92816dd49162d72e221f3
Certificate serial: 018CC80149D909E98C5D705DA30E2DFF0A1D
Authority key identifier: 17:3B:0D:7F:0E:AC:66:57:33:D9:28:16:DD:49:16:2D:72:E2:21:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FzsNfw6sZlcz2SgW3UkWLXLiIfM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9011b1-b6dc-4e11-ba21-e23a3934b6f7/1/_hxR3pMhGPTwhZSic8DlNI5cnLM.roa
Signing time: Tue 02 Jan 2024 02:29:36 +0000
ROA not before: Tue 02 Jan 2024 02:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49821
IP address blocks: 46.175.12.0/24 maxlen: 24
185.236.64.0/22 maxlen: 22
185.236.68.0/22 maxlen: 22
2a0d:9f00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/9011b1-b6dc-4e11-ba21-e23a3934b6f7/1/FzsNfw6sZlcz2SgW3UkWLXLiIfM.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/9011b1-b6dc-4e11-ba21-e23a3934b6f7/1/FzsNfw6sZlcz2SgW3UkWLXLiIfM.mft
rsync://rpki.ripe.net/repository/DEFAULT/FzsNfw6sZlcz2SgW3UkWLXLiIfM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:49:d9:09:e9:8c:5d:70:5d:a3:0e:2d:ff:0a:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=173b0d7f0eac665733d92816dd49162d72e221f3
Validity
Not Before: Jan 2 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe1c51de932118f4f08594a273c0e5348e5c9cb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:84:43:9c:0b:97:74:47:8b:93:79:4a:de:24:
d8:51:38:a2:54:fc:5a:83:93:53:8f:67:96:22:d5:
d6:dc:fa:a5:02:b1:48:b0:1c:5d:73:f5:85:b7:4f:
90:81:83:40:60:e8:b2:d2:0b:85:3d:e8:98:ad:fe:
ba:4e:03:61:60:44:ca:28:06:c5:21:55:b9:00:19:
54:cb:25:be:1f:c6:57:16:aa:e5:f9:d0:86:bd:e2:
13:81:6e:9d:e6:68:03:9a:e6:34:ae:22:33:17:7d:
4a:05:8b:0b:09:4c:63:b6:76:d6:d6:4c:87:d6:6f:
d9:d6:72:0d:93:ad:ee:47:b8:3b:6c:28:e6:57:10:
07:32:9a:a3:82:70:bd:a8:8d:77:f9:60:ac:6a:1e:
fd:5c:a7:b5:d6:83:1b:5d:35:dc:97:34:0a:80:05:
25:13:13:bf:e0:ee:cd:ba:74:8b:6c:67:5d:ca:8c:
15:fe:1f:e3:eb:50:c1:ca:72:5c:e4:d7:5b:b5:b6:
ae:22:44:51:34:ed:5c:0c:6f:b3:e6:f5:86:0b:b5:
0c:61:3b:42:28:44:2c:30:bf:50:d9:74:95:b4:41:
89:2c:ba:9f:d0:a4:37:42:e7:76:a1:00:5d:f2:13:
77:30:ae:55:4a:e9:26:72:ac:6a:c8:e2:90:76:25:
aa:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:1C:51:DE:93:21:18:F4:F0:85:94:A2:73:C0:E5:34:8E:5C:9C:B3
X509v3 Authority Key Identifier:
keyid:17:3B:0D:7F:0E:AC:66:57:33:D9:28:16:DD:49:16:2D:72:E2:21:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FzsNfw6sZlcz2SgW3UkWLXLiIfM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9011b1-b6dc-4e11-ba21-e23a3934b6f7/1/_hxR3pMhGPTwhZSic8DlNI5cnLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9011b1-b6dc-4e11-ba21-e23a3934b6f7/1/FzsNfw6sZlcz2SgW3UkWLXLiIfM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.12.0/24
185.236.64.0/21
IPv6:
2a0d:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
cb:aa:3b:02:c1:c1:09:47:f9:90:35:c7:01:2d:d2:02:b2:e9:
c6:4e:c3:fd:23:37:9a:cb:0f:a9:51:64:00:92:74:bc:0d:8b:
80:46:3f:3a:5a:d3:45:49:7d:7d:4b:46:dc:74:d0:8b:8c:4f:
73:15:15:fe:46:01:7a:0c:2c:e8:8c:65:41:e7:6e:28:90:89:
9b:dc:ab:2e:d2:25:d7:b9:75:20:5e:a8:26:d2:0b:c9:57:4f:
12:dd:47:3b:a6:36:65:11:15:32:dc:99:67:92:01:0d:15:aa:
34:ae:99:e7:59:49:50:14:cf:4b:cd:c2:94:3d:83:f1:48:eb:
8d:4f:fa:31:5c:9d:56:0e:77:70:8f:0a:fa:b6:67:02:3d:55:
bd:65:55:23:9a:7e:d9:80:b0:53:a7:e2:54:f4:8d:15:ae:07:
58:5d:e7:b9:ff:6c:95:9c:eb:c9:d2:8d:bd:8a:d7:05:1e:17:
01:3f:00:b3:b7:34:82:53:05:9e:c4:3e:50:fe:c0:08:74:b5:
5a:20:7a:5a:ec:d4:b1:44:4c:cc:fa:d3:b3:df:61:41:94:14:
a8:c6:37:b0:10:75:5d:94:54:96:5d:c2:94:dd:81:5c:b0:2a:
ff:06:34:77:91:17:67:38:a3:02:1d:a3:2f:0e:f4:c7:87:8c:
5f:0a:66:06
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAUnZCemMXXBdow4t/wodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3M2IwZDdmMGVhYzY2NTczM2Q5MjgxNmRkNDkxNjJkNzJl
MjIxZjMwHhcNMjQwMTAyMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTFjNTFkZTkzMjExOGY0ZjA4NTk0YTI3M2MwZTUzNDhlNWM5Y2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYRDnAuXdEeLk3lK3iTYUTiiVPxa
g5NTj2eWItXW3PqlArFIsBxdc/WFt0+QgYNAYOiy0guFPeiYrf66TgNhYETKKAbF
IVW5ABlUyyW+H8ZXFqrl+dCGveITgW6d5mgDmuY0riIzF31KBYsLCUxjtnbW1kyH
1m/Z1nINk63uR7g7bCjmVxAHMpqjgnC9qI13+WCsah79XKe11oMbXTXclzQKgAUl
ExO/4O7NunSLbGddyowV/h/j61DBynJc5NdbtbauIkRRNO1cDG+z5vWGC7UMYTtC
KEQsML9Q2XSVtEGJLLqf0KQ3Qud2oQBd8hN3MK5VSukmcqxqyOKQdiWqnQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP4cUd6TIRj08IWUonPA5TSOXJyzMB8GA1UdIwQY
MBaAFBc7DX8OrGZXM9koFt1JFi1y4iHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnpzTmZ3NnNabGN6MlNnVzNVa1dMWExpSWZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85MDExYjEtYjZkYy00ZTExLWJhMjEt
ZTIzYTM5MzRiNmY3LzEvX2h4UjNwTWhHUFR3aFpTaWM4RGxOSTVjbkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85MDExYjEtYjZkYy00ZTExLWJhMjEtZTIzYTM5MzRiNmY3
LzEvRnpzTmZ3NnNabGN6MlNnVzNVa1dMWExpSWZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALq8MAwQD
uexAMA0EAgACMAcDBQAqDZ8AMA0GCSqGSIb3DQEBCwUAA4IBAQDLqjsCwcEJR/mQ
NccBLdICsunGTsP9Izeayw+pUWQAknS8DYuARj86WtNFSX19S0bcdNCLjE9zFRX+
RgF6DCzojGVB524okImb3Ksu0iXXuXUgXqgm0gvJV08S3Uc7pjZlERUy3JlnkgEN
Fao0rpnnWUlQFM9LzcKUPYPxSOuNT/oxXJ1WDndwjwr6tmcCPVW9ZVUjmn7ZgLBT
p+JU9I0VrgdYXee5/2yVnOvJ0o29itcFHhcBPwCztzSCUwWexD5Q/sAIdLVaIHpa
7NSxREzM+tOz32FBlBSoxjewEHVdlFSWXcKU3YFcsCr/BjR3kRdnOKMCHaMvDvTH
h4xfCmYG
-----END CERTIFICATE-----
Generated at Tue May 21 21:03:58 2024 by rpki-client on console-fra.rpki-client.org