Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/ebe8e1-539b-4004-8d4c-a00b5713c6aa/1/PNiOY7Qp0D0BODj_4Ud6fGkjS3E.roa
File: PNiOY7Qp0D0BODj_4Ud6fGkjS3E.roa (raw, json)
Hash identifier: va14OnvbcrmHupiR5eyEy9Ag2iqM9JW6/Qgy1SmaNrU=
Subject key identifier: 3C:D8:8E:63:B4:29:D0:3D:01:38:38:FF:E1:47:7A:7C:69:23:4B:71
Certificate issuer: /CN=e248d5bf01b0e295bd0885fc5c4df827543822ed
Certificate serial: 018CC26D2016749F9BA934DFA1DF8F7D0597
Authority key identifier: E2:48:D5:BF:01:B0:E2:95:BD:08:85:FC:5C:4D:F8:27:54:38:22:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4kjVvwGw4pW9CIX8XE34J1Q4Iu0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/ebe8e1-539b-4004-8d4c-a00b5713c6aa/1/PNiOY7Qp0D0BODj_4Ud6fGkjS3E.roa
Signing time: Mon 01 Jan 2024 00:29:40 +0000
ROA not before: Mon 01 Jan 2024 00:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52092
IP address blocks: 46.149.112.0/20 maxlen: 20
46.149.120.0/24 maxlen: 24
46.149.121.0/24 maxlen: 24
2001:67c:3b4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/ebe8e1-539b-4004-8d4c-a00b5713c6aa/1/4kjVvwGw4pW9CIX8XE34J1Q4Iu0.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/ebe8e1-539b-4004-8d4c-a00b5713c6aa/1/4kjVvwGw4pW9CIX8XE34J1Q4Iu0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4kjVvwGw4pW9CIX8XE34J1Q4Iu0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 10:02:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:20:16:74:9f:9b:a9:34:df:a1:df:8f:7d:05:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e248d5bf01b0e295bd0885fc5c4df827543822ed
Validity
Not Before: Jan 1 00:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cd88e63b429d03d013838ffe1477a7c69234b71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:63:22:cd:b3:27:a8:37:a1:d9:7a:3a:68:e9:
67:fb:49:e7:00:e3:8c:69:9f:f5:5c:4b:e0:2e:84:
5e:a9:9c:0c:39:ce:5c:3c:c1:c3:6d:ee:7a:40:ef:
b5:a4:9b:a4:fe:81:88:c0:f3:31:dd:87:5f:f9:d6:
21:9e:6f:ed:b0:53:ce:77:3d:e0:63:5f:ea:f2:91:
51:3a:27:63:28:2e:48:7a:c8:9d:48:9f:13:69:91:
c0:e6:4b:21:11:3a:69:8a:67:80:32:4e:75:96:df:
03:df:c7:9b:0a:88:29:48:8c:79:b3:f9:55:8d:14:
b0:4c:c0:ca:8c:af:2c:4b:65:e7:31:79:54:c9:dc:
75:2d:f3:e7:2c:68:0e:66:27:dc:bd:1c:c4:22:c5:
d9:97:3c:04:39:df:a3:85:e9:c1:c9:1a:ee:de:e4:
17:7c:0e:47:dd:c8:ed:49:35:c8:3d:98:3b:91:f3:
0e:d6:79:ec:65:91:31:c2:bd:fc:05:e8:cb:5a:fd:
ad:b3:35:e4:2c:34:9f:28:3d:e0:c7:61:65:68:0e:
22:f2:83:7c:bc:22:b7:73:ae:89:dd:c0:32:ea:2a:
48:0a:85:fc:b9:83:e4:72:a1:22:92:9a:fc:47:0f:
a2:d4:e0:d6:d1:ee:8b:63:3d:47:03:20:0c:17:5b:
b5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D8:8E:63:B4:29:D0:3D:01:38:38:FF:E1:47:7A:7C:69:23:4B:71
X509v3 Authority Key Identifier:
keyid:E2:48:D5:BF:01:B0:E2:95:BD:08:85:FC:5C:4D:F8:27:54:38:22:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4kjVvwGw4pW9CIX8XE34J1Q4Iu0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/ebe8e1-539b-4004-8d4c-a00b5713c6aa/1/PNiOY7Qp0D0BODj_4Ud6fGkjS3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/ebe8e1-539b-4004-8d4c-a00b5713c6aa/1/4kjVvwGw4pW9CIX8XE34J1Q4Iu0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.112.0/20
IPv6:
2001:67c:3b4::/48
Signature Algorithm: sha256WithRSAEncryption
95:54:a8:73:2e:40:b2:ed:20:41:f9:a3:bf:47:51:d2:30:fe:
bc:a1:c8:ad:87:9c:c3:81:91:6a:b3:5e:12:38:4a:d0:64:1f:
c8:4a:17:44:42:7a:0b:7d:0a:bb:a0:29:4d:f2:68:ea:ab:2e:
b3:d2:f4:a4:2f:24:57:a6:72:3e:e1:57:ed:65:39:54:06:17:
e0:a3:f6:bb:f7:7c:2f:65:d8:98:2f:14:0a:b1:2b:8b:31:1e:
13:74:d6:a4:19:9b:53:92:21:e1:b4:7b:22:6d:9e:f2:da:ce:
d7:fb:a3:e2:f0:f3:d6:87:57:95:41:67:d3:a8:4d:ae:5f:12:
d8:e1:be:6a:5a:43:89:d9:e6:a2:54:82:97:3e:5a:15:8c:a2:
0b:26:dd:5c:2c:81:ab:ad:f9:03:c6:3c:8b:84:59:cf:2a:8b:
64:87:69:7d:78:38:0e:42:e2:39:f0:98:f5:92:e2:fc:50:bb:
6f:04:90:7e:81:71:2a:ee:09:42:4c:d8:92:36:02:f3:84:b1:
47:a8:0b:db:0c:cb:8c:a3:2a:2a:eb:21:09:b6:83:10:48:5a:
f5:a0:26:5d:9a:89:cd:60:83:76:91:a7:e1:01:db:88:a2:b7:
fe:49:7a:bb:43:33:68:b5:33:b4:24:8a:d3:07:6e:c7:e4:c6:
62:26:53:61
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbSAWdJ+bqTTfod+PfQWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNDhkNWJmMDFiMGUyOTViZDA4ODVmYzVjNGRmODI3NTQz
ODIyZWQwHhcNMjQwMTAxMDAyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2Q4OGU2M2I0MjlkMDNkMDEzODM4ZmZlMTQ3N2E3YzY5MjM0YjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmMizbMnqDeh2Xo6aOln+0nnAOOM
aZ/1XEvgLoReqZwMOc5cPMHDbe56QO+1pJuk/oGIwPMx3Ydf+dYhnm/tsFPOdz3g
Y1/q8pFROidjKC5IesidSJ8TaZHA5kshETppimeAMk51lt8D38ebCogpSIx5s/lV
jRSwTMDKjK8sS2XnMXlUydx1LfPnLGgOZifcvRzEIsXZlzwEOd+jhenByRru3uQX
fA5H3cjtSTXIPZg7kfMO1nnsZZExwr38BejLWv2tszXkLDSfKD3gx2FlaA4i8oN8
vCK3c66J3cAy6ipICoX8uYPkcqEikpr8Rw+i1ODW0e6LYz1HAyAMF1u1KwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDzYjmO0KdA9ATg4/+FHenxpI0txMB8GA1UdIwQY
MBaAFOJI1b8BsOKVvQiF/FxN+CdUOCLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGtqVnZ3R3c0cFc5Q0lYOFhFMzRKMVE0SXUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9lYmU4ZTEtNTM5Yi00MDA0LThkNGMt
YTAwYjU3MTNjNmFhLzEvUE5pT1k3UXAwRDBCT0RqXzRVZDZmR2tqUzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9lYmU4ZTEtNTM5Yi00MDA0LThkNGMtYTAwYjU3MTNjNmFh
LzEvNGtqVnZ3R3c0cFc5Q0lYOFhFMzRKMVE0SXUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQELpVwMA8E
AgACMAkDBwAgAQZ8A7QwDQYJKoZIhvcNAQELBQADggEBAJVUqHMuQLLtIEH5o79H
UdIw/ryhyK2HnMOBkWqzXhI4StBkH8hKF0RCegt9CrugKU3yaOqrLrPS9KQvJFem
cj7hV+1lOVQGF+Cj9rv3fC9l2JgvFAqxK4sxHhN01qQZm1OSIeG0eyJtnvLaztf7
o+Lw89aHV5VBZ9OoTa5fEtjhvmpaQ4nZ5qJUgpc+WhWMogsm3Vwsgaut+QPGPIuE
Wc8qi2SHaX14OA5C4jnwmPWS4vxQu28EkH6BcSruCUJM2JI2AvOEsUeoC9sMy4yj
KirrIQm2gxBIWvWgJl2aic1gg3aRp+EB24iit/5JertDM2i1M7QkitMHbsfkxmIm
U2E=
-----END CERTIFICATE-----
Generated at Sat May 18 14:02:22 2024 by rpki-client on console-fra.rpki-client.org