Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/fb7a7d-0655-4587-8af9-7700e25ff769/1/aLaiV6mXhmyKCRkeyxf1ZnUNYe0.roa
File: aLaiV6mXhmyKCRkeyxf1ZnUNYe0.roa (raw, json)
Hash identifier: UPnIIURQla7GQTIgzw8y5aMLmeaNNaxHFIL1SF9RSnA=
Subject key identifier: 68:B6:A2:57:A9:97:86:6C:8A:09:19:1E:CB:17:F5:66:75:0D:61:ED
Certificate issuer: /CN=aa44eb091b3a33a87beb8e004ab15ef178fbaa00
Certificate serial: 018CC5DBE4ED8C7B3905B51A0A0E69BFED99
Authority key identifier: AA:44:EB:09:1B:3A:33:A8:7B:EB:8E:00:4A:B1:5E:F1:78:FB:AA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qkTrCRs6M6h7644ASrFe8Xj7qgA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/fb7a7d-0655-4587-8af9-7700e25ff769/1/aLaiV6mXhmyKCRkeyxf1ZnUNYe0.roa
Signing time: Mon 01 Jan 2024 16:29:31 +0000
ROA not before: Mon 01 Jan 2024 16:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209283
IP address blocks: 46.243.183.0/24 maxlen: 24
46.243.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/fb7a7d-0655-4587-8af9-7700e25ff769/1/qkTrCRs6M6h7644ASrFe8Xj7qgA.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/fb7a7d-0655-4587-8af9-7700e25ff769/1/qkTrCRs6M6h7644ASrFe8Xj7qgA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qkTrCRs6M6h7644ASrFe8Xj7qgA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e4:ed:8c:7b:39:05:b5:1a:0a:0e:69:bf:ed:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa44eb091b3a33a87beb8e004ab15ef178fbaa00
Validity
Not Before: Jan 1 16:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68b6a257a997866c8a09191ecb17f566750d61ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:82:e1:2c:5c:49:bc:f2:f1:77:c0:9d:05:a1:
94:d4:7b:eb:cb:fe:e3:b2:bb:8d:11:9b:14:b3:61:
d9:3e:d4:62:8d:b0:53:60:cb:81:b4:d6:92:61:5a:
1c:21:e6:98:87:c0:5c:3a:5c:db:61:ec:36:1c:d7:
47:2d:1f:a3:98:2c:1b:6a:bf:5f:8f:00:7a:4b:cb:
5c:88:ec:6d:a3:af:73:07:ed:08:6d:9f:23:7b:13:
0a:f0:22:c2:3c:3b:63:80:36:a4:f1:ed:6b:08:70:
55:ac:9c:19:01:3e:c0:b2:b7:ef:85:1b:ac:86:2b:
2b:8d:b7:e2:8f:35:ff:c8:49:67:41:80:16:63:45:
2f:42:00:f2:92:b9:a1:6b:5e:a4:94:d6:9f:6f:6e:
11:eb:4e:0a:8d:89:bf:9e:fd:62:13:cf:bd:de:98:
ce:3f:d8:89:e8:ac:0a:b8:4d:dc:8d:01:b8:35:7d:
07:b2:c5:7c:af:ea:f0:d6:6d:35:27:3c:27:6b:15:
93:40:15:39:01:19:74:1a:1d:bb:48:ce:17:6e:ce:
73:ee:fe:79:32:78:6b:2f:d1:ec:d1:af:c1:47:1c:
9a:af:d8:b8:d2:43:f3:dd:ce:41:e5:d9:f3:b2:d8:
02:00:17:f2:60:2d:95:3f:3b:49:c3:61:65:61:4c:
c6:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B6:A2:57:A9:97:86:6C:8A:09:19:1E:CB:17:F5:66:75:0D:61:ED
X509v3 Authority Key Identifier:
keyid:AA:44:EB:09:1B:3A:33:A8:7B:EB:8E:00:4A:B1:5E:F1:78:FB:AA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qkTrCRs6M6h7644ASrFe8Xj7qgA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/fb7a7d-0655-4587-8af9-7700e25ff769/1/aLaiV6mXhmyKCRkeyxf1ZnUNYe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/fb7a7d-0655-4587-8af9-7700e25ff769/1/qkTrCRs6M6h7644ASrFe8Xj7qgA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.183.0/24
46.243.186.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:30:72:3d:eb:40:81:ac:56:7d:b7:cb:97:ed:21:ac:8e:14:
1f:10:bd:90:38:bc:71:4a:ad:26:c8:d5:a1:19:ef:8b:94:f6:
7d:5c:9d:de:1b:6a:4b:6d:99:fc:10:04:4a:96:0b:41:08:9c:
9c:02:4e:e7:34:ac:5d:4e:d2:7f:9e:5b:83:50:4a:52:78:33:
fe:9d:af:a9:84:8d:7b:9e:a4:c8:82:4a:a7:ed:b3:70:13:1a:
24:99:c1:96:d3:9e:93:fb:6a:42:2c:e8:d8:86:0c:b6:28:f0:
7c:49:cd:ea:52:95:9a:f4:24:53:4e:f2:a6:13:09:79:f5:59:
4b:a7:a8:94:16:1d:da:5d:86:73:c0:42:7f:3f:24:5b:df:f7:
8e:66:3c:51:a1:94:94:ce:9f:85:bb:b9:eb:3e:22:be:93:bf:
40:ae:69:18:97:e1:b7:ac:9f:92:06:66:3a:cb:df:7a:d1:9c:
f1:85:d3:d6:d5:d4:df:2a:5b:dd:ee:5d:76:55:49:f6:f3:d8:
dd:fb:0a:5e:cf:fe:72:2e:6c:58:7c:d9:4d:be:9a:67:7b:f1:
ea:6b:26:db:b7:c5:5b:e9:63:f4:10:d1:57:0e:00:ed:22:df:
fc:47:cc:5d:55:88:fa:1f:f2:a3:87:f4:57:c9:4a:80:d4:be:
6e:1e:92:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF2+TtjHs5BbUaCg5pv+2ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNDRlYjA5MWIzYTMzYTg3YmViOGUwMDRhYjE1ZWYxNzhm
YmFhMDAwHhcNMjQwMTAxMTYyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGI2YTI1N2E5OTc4NjZjOGEwOTE5MWVjYjE3ZjU2Njc1MGQ2MWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoLhLFxJvPLxd8CdBaGU1Hvry/7j
sruNEZsUs2HZPtRijbBTYMuBtNaSYVocIeaYh8BcOlzbYew2HNdHLR+jmCwbar9f
jwB6S8tciOxto69zB+0IbZ8jexMK8CLCPDtjgDak8e1rCHBVrJwZAT7AsrfvhRus
hisrjbfijzX/yElnQYAWY0UvQgDykrmha16klNafb24R604KjYm/nv1iE8+93pjO
P9iJ6KwKuE3cjQG4NX0HssV8r+rw1m01JzwnaxWTQBU5ARl0Gh27SM4Xbs5z7v55
MnhrL9Hs0a/BRxyar9i40kPz3c5B5dnzstgCABfyYC2VPztJw2FlYUzGXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGi2olepl4ZsigkZHssX9WZ1DWHtMB8GA1UdIwQY
MBaAFKpE6wkbOjOoe+uOAEqxXvF4+6oAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWtUckNSczZNNmg3NjQ0QVNyRmU4WGo3cWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mYjdhN2QtMDY1NS00NTg3LThhZjkt
NzcwMGUyNWZmNzY5LzEvYUxhaVY2bVhobXlLQ1JrZXl4ZjFablVOWWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mYjdhN2QtMDY1NS00NTg3LThhZjktNzcwMGUyNWZmNzY5
LzEvcWtUckNSczZNNmg3NjQ0QVNyRmU4WGo3cWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALvO3AwQA
LvO6MA0GCSqGSIb3DQEBCwUAA4IBAQB6MHI960CBrFZ9t8uX7SGsjhQfEL2QOLxx
Sq0myNWhGe+LlPZ9XJ3eG2pLbZn8EARKlgtBCJycAk7nNKxdTtJ/nluDUEpSeDP+
na+phI17nqTIgkqn7bNwExokmcGW056T+2pCLOjYhgy2KPB8Sc3qUpWa9CRTTvKm
Ewl59VlLp6iUFh3aXYZzwEJ/PyRb3/eOZjxRoZSUzp+Fu7nrPiK+k79ArmkYl+G3
rJ+SBmY6y9960ZzxhdPW1dTfKlvd7l12VUn289jd+wpez/5yLmxYfNlNvppne/Hq
aybbt8Vb6WP0ENFXDgDtIt/8R8xdVYj6H/Kjh/RXyUqA1L5uHpLG
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:45:22 2024 by rpki-client on console-ams.rpki-client.org