Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/6d625c-7e60-4523-9491-d112299ff695/1/Tn0CvMNMQO2C3u1atNlevHpjKtY.roa
File: Tn0CvMNMQO2C3u1atNlevHpjKtY.roa (raw, json)
Hash identifier: ll95cvMikS5E+m/+MQLiqJFMdB5gdYEcdgeO1lboBEM=
Subject key identifier: 4E:7D:02:BC:C3:4C:40:ED:82:DE:ED:5A:B4:D9:5E:BC:7A:63:2A:D6
Certificate issuer: /CN=a34e6017e1fe0393278c2859f43043b31ee6c89a
Certificate serial: 0192F7909855CD3A336F630E6D59DDF7023C
Authority key identifier: A3:4E:60:17:E1:FE:03:93:27:8C:28:59:F4:30:43:B3:1E:E6:C8:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o05gF-H-A5MnjChZ9DBDsx7myJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/6d625c-7e60-4523-9491-d112299ff695/1/Tn0CvMNMQO2C3u1atNlevHpjKtY.roa
Signing time: Mon 04 Nov 2024 14:25:01 +0000
ROA not before: Mon 04 Nov 2024 14:25:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202757
IP address blocks: 46.247.132.0/24 maxlen: 24
46.247.133.0/24 maxlen: 24
46.247.134.0/24 maxlen: 24
46.247.135.0/24 maxlen: 24
185.88.196.0/24 maxlen: 24
185.88.197.0/24 maxlen: 24
185.88.198.0/24 maxlen: 24
185.88.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/6d625c-7e60-4523-9491-d112299ff695/1/o05gF-H-A5MnjChZ9DBDsx7myJo.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/6d625c-7e60-4523-9491-d112299ff695/1/o05gF-H-A5MnjChZ9DBDsx7myJo.mft
rsync://rpki.ripe.net/repository/DEFAULT/o05gF-H-A5MnjChZ9DBDsx7myJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f7:90:98:55:cd:3a:33:6f:63:0e:6d:59:dd:f7:02:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a34e6017e1fe0393278c2859f43043b31ee6c89a
Validity
Not Before: Nov 4 14:25:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e7d02bcc34c40ed82deed5ab4d95ebc7a632ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9b:1e:46:87:28:74:2e:28:f6:08:dd:94:57:
f5:9a:17:46:9c:14:9b:74:27:ae:88:e8:50:bf:22:
6f:47:09:a4:3d:bd:90:b2:c6:d6:63:a5:b0:00:fd:
cd:76:46:af:65:6f:fc:d1:00:e3:62:ce:29:f4:8c:
ed:38:cf:a0:90:db:d7:51:55:42:bc:04:04:cf:b1:
e2:c2:ed:f6:f2:96:e2:85:92:86:a6:49:3f:b6:4b:
f7:fb:0e:21:31:78:67:73:ca:54:75:d7:e9:d6:4c:
8b:d8:84:aa:2b:62:0b:5f:cc:19:24:f1:9c:7d:a6:
a7:fb:c5:ed:35:74:ee:ee:e6:73:b0:ff:1d:fc:52:
d1:90:b2:33:43:15:a6:05:c6:3b:c9:38:24:0b:8d:
3f:11:18:e5:48:41:90:db:b5:34:fa:d2:ae:33:e1:
2a:62:35:04:ec:3f:c6:0b:d0:0b:7e:2e:34:91:5b:
07:17:ac:11:c3:c7:c0:fb:86:b9:4d:c2:42:a4:3e:
e8:d7:ce:6d:48:24:57:a6:44:6d:92:02:0d:5f:61:
7c:e4:02:e0:aa:6f:3e:d2:70:f6:86:8c:1d:8f:5a:
9d:28:4b:7e:b0:e2:a5:a7:5f:4d:00:23:8d:21:a5:
07:6d:7c:0a:ff:71:bb:30:28:01:ef:09:d1:22:2a:
0b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:7D:02:BC:C3:4C:40:ED:82:DE:ED:5A:B4:D9:5E:BC:7A:63:2A:D6
X509v3 Authority Key Identifier:
keyid:A3:4E:60:17:E1:FE:03:93:27:8C:28:59:F4:30:43:B3:1E:E6:C8:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o05gF-H-A5MnjChZ9DBDsx7myJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/6d625c-7e60-4523-9491-d112299ff695/1/Tn0CvMNMQO2C3u1atNlevHpjKtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/6d625c-7e60-4523-9491-d112299ff695/1/o05gF-H-A5MnjChZ9DBDsx7myJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.247.132.0/22
185.88.196.0/22
Signature Algorithm: sha256WithRSAEncryption
99:fb:30:42:ad:6d:92:53:3f:e9:b5:7c:71:b4:8d:3a:67:d0:
a3:60:6b:7c:cc:2e:48:97:28:3c:c9:25:0b:9d:79:d3:21:2e:
f0:7d:1e:24:bf:c8:48:97:9d:fe:0a:69:2b:91:5b:d2:5a:b8:
d8:e8:10:f3:eb:48:8b:1d:e6:ee:3b:49:95:ca:80:48:a6:0e:
af:6b:23:d3:68:36:7a:94:12:98:1f:ab:e7:f4:8d:15:39:ae:
42:79:9e:96:b9:02:b4:0d:45:8b:1e:5a:20:8b:a1:f2:68:ac:
56:6a:26:d1:aa:46:45:b0:44:ba:65:3e:b7:84:a8:d7:26:9d:
df:bf:f6:26:e8:6a:b4:47:ac:be:e8:eb:66:a6:2b:4e:37:82:
3c:d2:9f:19:60:4e:9f:6a:d3:af:70:c0:5b:f9:bb:95:e9:04:
94:13:cc:28:e4:a1:2f:88:d4:18:a7:93:ae:db:f3:f9:23:c1:
3f:a4:10:71:8f:0f:f6:ef:48:66:a4:3b:e0:ab:02:e6:e4:33:
c5:f4:57:a5:df:1a:28:72:80:00:87:b9:20:a1:18:b7:8c:d0:
5f:5c:6d:17:b1:0c:37:55:5e:68:5a:2c:d1:df:83:58:85:59:
6e:7d:6f:81:23:a1:18:d5:fa:e5:b2:97:e7:a5:65:bd:74:44:
b8:df:eb:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZL3kJhVzTozb2MObVnd9wI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNGU2MDE3ZTFmZTAzOTMyNzhjMjg1OWY0MzA0M2IzMWVl
NmM4OWEwHhcNMjQxMTA0MTQyNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTdkMDJiY2MzNGM0MGVkODJkZWVkNWFiNGQ5NWViYzdhNjMyYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5seRocodC4o9gjdlFf1mhdGnBSb
dCeuiOhQvyJvRwmkPb2QssbWY6WwAP3NdkavZW/80QDjYs4p9IztOM+gkNvXUVVC
vAQEz7Hiwu328pbihZKGpkk/tkv3+w4hMXhnc8pUddfp1kyL2ISqK2ILX8wZJPGc
faan+8XtNXTu7uZzsP8d/FLRkLIzQxWmBcY7yTgkC40/ERjlSEGQ27U0+tKuM+Eq
YjUE7D/GC9ALfi40kVsHF6wRw8fA+4a5TcJCpD7o185tSCRXpkRtkgINX2F85ALg
qm8+0nD2howdj1qdKEt+sOKlp19NACONIaUHbXwK/3G7MCgB7wnRIioLeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE59ArzDTEDtgt7tWrTZXrx6YyrWMB8GA1UdIwQY
MBaAFKNOYBfh/gOTJ4woWfQwQ7Me5siaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzA1Z0YtSC1BNU1uakNoWjlEQkRzeDdteUpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC82ZDYyNWMtN2U2MC00NTIzLTk0OTEt
ZDExMjI5OWZmNjk1LzEvVG4wQ3ZNTk1RTzJDM3UxYXRObGV2SHBqS3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC82ZDYyNWMtN2U2MC00NTIzLTk0OTEtZDExMjI5OWZmNjk1
LzEvbzA1Z0YtSC1BNU1uakNoWjlEQkRzeDdteUpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLveEAwQC
uVjEMA0GCSqGSIb3DQEBCwUAA4IBAQCZ+zBCrW2SUz/ptXxxtI06Z9CjYGt8zC5I
lyg8ySULnXnTIS7wfR4kv8hIl53+CmkrkVvSWrjY6BDz60iLHebuO0mVyoBIpg6v
ayPTaDZ6lBKYH6vn9I0VOa5CeZ6WuQK0DUWLHlogi6HyaKxWaibRqkZFsES6ZT63
hKjXJp3fv/Ym6Gq0R6y+6OtmpitON4I80p8ZYE6fatOvcMBb+buV6QSUE8wo5KEv
iNQYp5Ou2/P5I8E/pBBxjw/270hmpDvgqwLm5DPF9Fel3xoocoAAh7kgoRi3jNBf
XG0XsQw3VV5oWizR34NYhVlufW+BI6EY1frlspfnpWW9dES43+tf
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:45:24 2024 by rpki-client on console-ams.rpki-client.org