Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/aSmXro7WJi3RQU-0WohfEO90HiQ.roa
File: aSmXro7WJi3RQU-0WohfEO90HiQ.roa (raw, json)
Hash identifier: bjXqKrzXk0ZWnsiTen0MeODqqJeqNan8TxyUQG3N9Xk=
Subject key identifier: 69:29:97:AE:8E:D6:26:2D:D1:41:4F:B4:5A:88:5F:10:EF:74:1E:24
Certificate issuer: /CN=fcd7a721eda459ebdf98e029f87c90a980e81d94
Certificate serial: 018CC26D038DCAA20C8BEA2B7C3A5C2DCABA
Authority key identifier: FC:D7:A7:21:ED:A4:59:EB:DF:98:E0:29:F8:7C:90:A9:80:E8:1D:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_NenIe2kWevfmOAp-HyQqYDoHZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/aSmXro7WJi3RQU-0WohfEO90HiQ.roa
Signing time: Mon 01 Jan 2024 00:29:33 +0000
ROA not before: Mon 01 Jan 2024 00:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 27471
IP address blocks: 46.235.152.0/24 maxlen: 24
46.235.153.0/24 maxlen: 24
46.235.156.0/24 maxlen: 24
46.235.159.0/24 maxlen: 24
46.235.158.0/24 maxlen: 24
46.235.154.0/24 maxlen: 24
185.180.50.0/24 maxlen: 24
185.180.49.0/24 maxlen: 24
185.180.48.0/24 maxlen: 24
185.180.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/_NenIe2kWevfmOAp-HyQqYDoHZQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/_NenIe2kWevfmOAp-HyQqYDoHZQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/_NenIe2kWevfmOAp-HyQqYDoHZQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:03:8d:ca:a2:0c:8b:ea:2b:7c:3a:5c:2d:ca:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcd7a721eda459ebdf98e029f87c90a980e81d94
Validity
Not Before: Jan 1 00:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=692997ae8ed6262dd1414fb45a885f10ef741e24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:35:61:0c:00:aa:06:cc:2a:f5:dc:3c:f8:90:
f4:ae:eb:20:61:c3:e4:f8:d6:a0:96:32:ec:b0:51:
c4:fc:a7:d4:42:2f:f3:7d:55:7c:d4:45:8a:62:13:
87:a2:40:3a:5a:f8:03:80:67:bd:60:cc:3c:81:99:
38:b9:30:a0:5e:10:10:88:eb:19:5b:c2:49:f9:8a:
54:66:8a:58:43:f7:5a:25:ee:18:78:14:d6:60:65:
80:1c:f5:85:e5:2e:61:98:78:d8:e6:40:f4:0e:cf:
fa:b0:02:66:27:a4:e3:00:da:6e:3d:c3:9d:4c:3c:
5c:f9:00:3f:71:78:49:23:7a:21:00:43:b3:85:a7:
29:b5:79:d1:68:09:6a:40:23:19:89:e7:e4:81:f2:
ca:48:66:34:3a:26:c0:16:11:47:47:46:9a:f2:44:
83:de:4a:96:53:c2:45:52:f8:cd:99:54:d3:c7:fc:
91:01:b4:17:5d:ba:e9:b3:4b:11:2b:fd:2c:94:6c:
68:58:e2:46:78:44:aa:d6:93:d8:6a:49:a2:41:c4:
cf:6e:0a:b7:fe:b9:a4:3c:29:67:a5:7b:2c:32:fe:
97:43:00:38:b3:9d:37:9c:16:8c:6e:8d:e3:f2:d9:
a5:a6:8c:f0:da:69:fc:d0:ae:d9:a2:79:13:0e:7d:
1f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:29:97:AE:8E:D6:26:2D:D1:41:4F:B4:5A:88:5F:10:EF:74:1E:24
X509v3 Authority Key Identifier:
keyid:FC:D7:A7:21:ED:A4:59:EB:DF:98:E0:29:F8:7C:90:A9:80:E8:1D:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_NenIe2kWevfmOAp-HyQqYDoHZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/aSmXro7WJi3RQU-0WohfEO90HiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/_NenIe2kWevfmOAp-HyQqYDoHZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.152.0-46.235.154.255
46.235.156.0/24
46.235.158.0/23
185.180.48.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:bb:1a:87:93:de:4d:b5:cd:a3:3f:b5:b0:be:06:4d:bc:e5:
e5:27:eb:6f:58:27:6b:c1:07:9a:90:84:df:ba:b5:b8:0f:77:
9c:be:e1:6f:97:c2:8a:d6:c9:17:a4:16:84:11:36:29:48:b5:
21:40:a9:1e:2e:94:60:44:55:e9:71:cf:ca:1a:f0:f0:e3:d6:
55:f7:96:08:a4:fa:4b:da:df:36:6d:32:e9:b4:d1:e5:4a:1b:
99:51:52:85:d1:e6:f6:c0:65:e7:89:64:77:98:84:ec:6c:0f:
75:6f:51:5b:99:f7:2f:c5:28:0a:d8:ea:4a:9e:6c:de:0e:1f:
da:2f:65:f3:4b:a6:b5:23:1a:8a:bf:12:3e:ce:c0:92:2f:2b:
3a:6a:6b:49:0a:19:2b:36:2e:34:6f:38:60:9b:0a:9a:9a:80:
03:10:d9:4a:fb:a8:0a:79:4b:8c:bd:45:73:26:93:5a:fc:b9:
3f:eb:b7:a9:45:48:f5:d9:14:a5:f1:6c:8a:98:e6:a6:48:7d:
07:00:40:56:94:a6:be:90:34:15:d8:8f:e2:c3:d2:2a:09:ba:
31:10:70:5d:48:0e:17:39:ca:77:1d:63:17:0d:02:fe:00:12:
36:2c:01:80:9b:1f:43:f4:28:db:cd:24:cb:a7:70:5f:cd:0a:
19:83:1e:ea
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzCbQONyqIMi+orfDpcLcq6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZDdhNzIxZWRhNDU5ZWJkZjk4ZTAyOWY4N2M5MGE5ODBl
ODFkOTQwHhcNMjQwMTAxMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTI5OTdhZThlZDYyNjJkZDE0MTRmYjQ1YTg4NWYxMGVmNzQxZTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDVhDACqBswq9dw8+JD0rusgYcPk
+NagljLssFHE/KfUQi/zfVV81EWKYhOHokA6WvgDgGe9YMw8gZk4uTCgXhAQiOsZ
W8JJ+YpUZopYQ/daJe4YeBTWYGWAHPWF5S5hmHjY5kD0Ds/6sAJmJ6TjANpuPcOd
TDxc+QA/cXhJI3ohAEOzhacptXnRaAlqQCMZiefkgfLKSGY0OibAFhFHR0aa8kSD
3kqWU8JFUvjNmVTTx/yRAbQXXbrps0sRK/0slGxoWOJGeESq1pPYakmiQcTPbgq3
/rmkPClnpXssMv6XQwA4s503nBaMbo3j8tmlpozw2mn80K7ZonkTDn0fuwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGkpl66O1iYt0UFPtFqIXxDvdB4kMB8GA1UdIwQY
MBaAFPzXpyHtpFnr35jgKfh8kKmA6B2UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX05lbkllMmtXZXZmbU9BcC1IeVFxWURvSFpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jZjRhYjQtZTkxNC00MGUxLTgyZGYt
MTRkYzdlYzA0OTVkLzEvYVNtWHJvN1dKaTNSUVUtMFdvaGZFTzkwSGlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jZjRhYjQtZTkxNC00MGUxLTgyZGYtMTRkYzdlYzA0OTVk
LzEvX05lbkllMmtXZXZmbU9BcC1IeVFxWURvSFpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAMu65gD
BAAu65oDBAAu65wDBAEu654DBAK5tDAwDQYJKoZIhvcNAQELBQADggEBALO7GoeT
3k21zaM/tbC+Bk285eUn629YJ2vBB5qQhN+6tbgPd5y+4W+XworWyRekFoQRNilI
tSFAqR4ulGBEVelxz8oa8PDj1lX3lgik+kva3zZtMum00eVKG5lRUoXR5vbAZeeJ
ZHeYhOxsD3VvUVuZ9y/FKArY6kqebN4OH9ovZfNLprUjGoq/Ej7OwJIvKzpqa0kK
GSs2LjRvOGCbCpqagAMQ2Ur7qAp5S4y9RXMmk1r8uT/rt6lFSPXZFKXxbIqY5qZI
fQcAQFaUpr6QNBXYj+LD0ioJujEQcF1IDhc5yncdYxcNAv4AEjYsAYCbH0P0KNvN
JMuncF/NChmDHuo=
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:35:23 2024 by rpki-client on console-fra.rpki-client.org