Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/AmCavsB7sXrk2Lh_QqZeMx0oG6c.roa
File: AmCavsB7sXrk2Lh_QqZeMx0oG6c.roa (raw, json)
Hash identifier: Z+ukCeYILz6Mg6vOM9y/O3LVWyGWtAxioJPt02Qnjk0=
Subject key identifier: 02:60:9A:BE:C0:7B:B1:7A:E4:D8:B8:7F:42:A6:5E:33:1D:28:1B:A7
Certificate issuer: /CN=ecf42776be532bd0575332855d8c42c4952ed931
Certificate serial: 018CC3B743F86DC3DDAA1141CE81C56D2161
Authority key identifier: EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/AmCavsB7sXrk2Lh_QqZeMx0oG6c.roa
Signing time: Mon 01 Jan 2024 06:30:16 +0000
ROA not before: Mon 01 Jan 2024 06:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20743
IP address blocks: 146.109.145.0/24 maxlen: 24
146.109.153.0/24 maxlen: 24
146.109.160.0/19 maxlen: 19
146.109.161.0/24 maxlen: 24
2a01:4642:100::/40 maxlen: 40
2a01:4642:200::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/7PQndr5TK9BXUzKFXYxCxJUu2TE.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/7PQndr5TK9BXUzKFXYxCxJUu2TE.mft
rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:43:f8:6d:c3:dd:aa:11:41:ce:81:c5:6d:21:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecf42776be532bd0575332855d8c42c4952ed931
Validity
Not Before: Jan 1 06:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02609abec07bb17ae4d8b87f42a65e331d281ba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:58:ee:ea:56:d1:ae:9c:d3:62:50:12:cd:76:
f5:5a:3f:d1:01:64:8a:79:46:f7:6a:bc:ff:48:ef:
e6:27:8d:f5:16:05:3e:68:73:ac:43:0f:57:45:7a:
d5:9b:0a:3a:7f:e2:1c:1b:1b:42:ab:de:40:dd:5c:
de:42:99:8b:28:48:bc:9b:b7:c4:8a:d2:20:8c:8d:
0a:63:2d:44:28:3a:fb:33:9d:3b:35:03:15:75:00:
20:55:af:7b:84:4b:63:33:ae:68:e3:ec:77:f2:98:
1c:c1:da:85:b6:e3:9a:f2:d6:b1:e6:39:23:d0:7a:
7a:84:06:ff:3e:39:a4:92:66:09:dc:d6:07:ba:c5:
b8:77:6e:68:04:9b:11:63:ef:9b:6a:14:fb:54:c4:
42:80:83:1c:9d:e0:f3:3c:ee:cb:1a:80:1c:3d:76:
35:ce:7e:a4:ff:db:da:49:fb:cb:09:1a:a2:59:99:
dd:25:ff:4e:ab:63:bb:c8:f9:37:4e:bf:e9:eb:52:
3a:85:19:9c:c3:2e:a1:d3:17:14:65:a7:70:43:0f:
e3:29:8f:ec:92:fa:1f:94:34:3f:30:8f:8c:53:58:
52:51:a5:4c:94:8c:db:71:bd:22:7b:21:c8:07:04:
88:d9:33:28:e5:16:b7:b5:97:64:fc:3c:ff:52:3d:
d8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:60:9A:BE:C0:7B:B1:7A:E4:D8:B8:7F:42:A6:5E:33:1D:28:1B:A7
X509v3 Authority Key Identifier:
keyid:EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/AmCavsB7sXrk2Lh_QqZeMx0oG6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/7PQndr5TK9BXUzKFXYxCxJUu2TE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.109.145.0/24
146.109.153.0/24
146.109.160.0/19
IPv6:
2a01:4642:100::-2a01:4642:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
87:96:3f:58:46:d8:ac:52:12:26:d8:24:9a:b2:d2:84:f3:ca:
17:c1:47:23:4d:24:63:52:e7:72:2f:a1:aa:29:b2:81:ca:ae:
ea:4b:dd:66:db:f4:68:5e:02:1c:4e:17:2a:bc:d6:86:2e:6f:
5c:2f:6b:63:fc:32:94:7d:d6:94:55:d1:10:39:50:b8:9e:3c:
e5:05:c9:07:11:4c:f8:7e:95:6d:13:f7:72:d0:37:58:6b:6a:
24:b6:ad:28:1a:0b:86:a9:71:bd:cd:19:81:92:f8:7b:bd:62:
c1:1d:60:a6:a8:6f:b3:3f:4d:dc:f1:39:26:85:2c:01:de:b8:
cf:80:ff:6d:54:b6:01:e2:40:2e:ab:3c:75:bb:b1:16:1d:5d:
d4:5b:44:c4:ca:5d:87:49:5a:8c:19:ac:7d:bf:d7:de:f5:6a:
86:51:1f:9b:16:fb:69:74:c2:ed:53:d5:68:04:bc:4d:b3:57:
5d:a9:96:bc:24:f0:99:9a:61:03:b6:3c:ec:25:41:f5:0f:b5:
bf:15:0f:7d:62:0e:23:74:85:cf:29:40:4b:f4:d9:b9:a6:6b:
cd:2c:3b:a9:01:e3:6a:ac:7d:bf:74:1d:ef:9a:12:33:39:93:
d3:5a:9c:ce:a8:ff:43:42:cf:cf:1d:75:9e:2f:63:3a:2f:0c:
17:49:4a:55
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzDt0P4bcPdqhFBzoHFbSFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjQyNzc2YmU1MzJiZDA1NzUzMzI4NTVkOGM0MmM0OTUy
ZWQ5MzEwHhcNMjQwMTAxMDYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjYwOWFiZWMwN2JiMTdhZTRkOGI4N2Y0MmE2NWUzMzFkMjgxYmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1ju6lbRrpzTYlASzXb1Wj/RAWSK
eUb3arz/SO/mJ431FgU+aHOsQw9XRXrVmwo6f+IcGxtCq95A3VzeQpmLKEi8m7fE
itIgjI0KYy1EKDr7M507NQMVdQAgVa97hEtjM65o4+x38pgcwdqFtuOa8tax5jkj
0Hp6hAb/PjmkkmYJ3NYHusW4d25oBJsRY++bahT7VMRCgIMcneDzPO7LGoAcPXY1
zn6k/9vaSfvLCRqiWZndJf9Oq2O7yPk3Tr/p61I6hRmcwy6h0xcUZadwQw/jKY/s
kvoflDQ/MI+MU1hSUaVMlIzbcb0ieyHIBwSI2TMo5Ra3tZdk/Dz/Uj3YpQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFAJgmr7Ae7F65Ni4f0KmXjMdKBunMB8GA1UdIwQY
MBaAFOz0J3a+UyvQV1MyhV2MQsSVLtkxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BRbmRyNVRLOUJYVXpLRlhZeEN4SlV1MlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9lYmQ0OWYtZjU2OS00MTUyLWIwYjgt
NWU1M2MyM2I1NWIwLzEvQW1DYXZzQjdzWHJrMkxoX1FxWmVNeDBvRzZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9lYmQ0OWYtZjU2OS00MTUyLWIwYjgtNWU1M2MyM2I1NWIw
LzEvN1BRbmRyNVRLOUJYVXpLRlhZeEN4SlV1MlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQAkm2RAwQA
km2ZAwQFkm2gMBgEAgACMBIwEAMGACoBRkIBAwYAKgFGQgIwDQYJKoZIhvcNAQEL
BQADggEBAIeWP1hG2KxSEibYJJqy0oTzyhfBRyNNJGNS53IvoaopsoHKrupL3Wbb
9GheAhxOFyq81oYub1wva2P8MpR91pRV0RA5ULiePOUFyQcRTPh+lW0T93LQN1hr
aiS2rSgaC4apcb3NGYGS+Hu9YsEdYKaob7M/TdzxOSaFLAHeuM+A/21UtgHiQC6r
PHW7sRYdXdRbRMTKXYdJWowZrH2/1971aoZRH5sW+2l0wu1T1WgEvE2zV12plrwk
8JmaYQO2POwlQfUPtb8VD31iDiN0hc8pQEv02bmma80sO6kB42qsfb90He+aEjM5
k9NanM6o/0NCz88ddZ4vYzovDBdJSlU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:54 2024 by rpki-client on console-fra.rpki-client.org