Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/2i6rGDCQ70NFN_IKjgQ5GE8cOTY.roa
File: 2i6rGDCQ70NFN_IKjgQ5GE8cOTY.roa (raw, json)
Hash identifier: ygROqAoFduqmWYOQTx0byLLb3s5nTEQ1xYLBvhfu8EQ=
Subject key identifier: DA:2E:AB:18:30:90:EF:43:45:37:F2:0A:8E:04:39:18:4F:1C:39:36
Certificate issuer: /CN=8ca8a4d42a0196df7cc0e14f597cf5660d63c09f
Certificate serial: 018CC64B4F408FFF92F1F12FF4E75FB679E9
Authority key identifier: 8C:A8:A4:D4:2A:01:96:DF:7C:C0:E1:4F:59:7C:F5:66:0D:63:C0:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jKik1CoBlt98wOFPWXz1Zg1jwJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/2i6rGDCQ70NFN_IKjgQ5GE8cOTY.roa
Signing time: Mon 01 Jan 2024 18:31:13 +0000
ROA not before: Mon 01 Jan 2024 18:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33915
IP address blocks: 46.29.240.0/24 maxlen: 24
46.29.241.0/24 maxlen: 24
46.29.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/jKik1CoBlt98wOFPWXz1Zg1jwJ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/jKik1CoBlt98wOFPWXz1Zg1jwJ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/jKik1CoBlt98wOFPWXz1Zg1jwJ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:4f:40:8f:ff:92:f1:f1:2f:f4:e7:5f:b6:79:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ca8a4d42a0196df7cc0e14f597cf5660d63c09f
Validity
Not Before: Jan 1 18:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da2eab183090ef434537f20a8e0439184f1c3936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:58:ee:11:3b:f8:b3:c8:e3:fe:90:2a:b9:fd:
55:42:05:77:ea:09:ce:5b:97:6d:76:da:ca:06:41:
3e:06:e3:d4:8e:87:42:9b:d6:5c:86:4b:39:59:62:
95:5f:82:40:dc:a6:6e:16:1f:65:1a:b3:a4:e9:86:
a5:e3:cd:ce:21:05:b0:05:c6:3b:50:a3:11:01:fb:
75:4c:90:e0:32:b8:92:93:e1:4a:82:de:e8:6b:c6:
bd:b9:4a:03:78:82:13:0b:d5:86:1e:b4:02:8f:9d:
0c:be:58:52:e8:59:aa:6b:66:20:36:88:ec:1f:df:
e6:ee:35:57:ce:5a:ce:62:c1:99:50:ef:72:19:40:
e8:85:ab:a3:be:d0:bc:23:ee:8f:3d:d3:19:62:31:
1d:fb:81:19:13:ca:ea:3f:3e:af:c8:c2:24:13:8c:
46:8e:2d:94:a0:c6:15:3d:1c:b8:c4:9e:83:5a:a8:
db:69:ce:57:74:23:73:af:b5:c6:ab:d3:ef:58:fe:
c3:17:e0:f9:22:2e:fc:45:ac:ce:26:35:e4:de:15:
68:3d:6f:14:d5:21:e9:28:15:99:0b:8c:56:d4:dc:
87:c4:b1:01:96:18:c7:cf:5a:e3:73:b5:06:7d:c7:
c0:75:1a:2a:c4:90:95:b2:6c:84:b9:50:be:ed:0d:
8a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:2E:AB:18:30:90:EF:43:45:37:F2:0A:8E:04:39:18:4F:1C:39:36
X509v3 Authority Key Identifier:
keyid:8C:A8:A4:D4:2A:01:96:DF:7C:C0:E1:4F:59:7C:F5:66:0D:63:C0:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jKik1CoBlt98wOFPWXz1Zg1jwJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/2i6rGDCQ70NFN_IKjgQ5GE8cOTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/jKik1CoBlt98wOFPWXz1Zg1jwJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.240.0/23
46.29.247.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:7e:a5:fe:6f:97:49:c3:4b:e3:75:0f:9d:64:58:a2:30:ec:
c6:5f:5a:64:e7:1b:2a:fc:a7:e1:22:77:1e:29:9b:9a:05:06:
5f:fe:09:17:32:38:3d:15:49:eb:ff:e4:b5:8c:de:97:ec:e6:
9f:c7:97:51:fd:c0:17:fc:73:14:b2:bc:c0:0f:33:6a:29:73:
a1:10:bf:08:8a:ae:b0:97:16:27:02:4d:af:60:92:fd:b9:d8:
6a:aa:16:a5:42:3f:58:c0:24:c2:ce:df:59:f5:63:8c:5c:13:
9c:54:d0:34:35:c4:d1:dc:a7:e4:ba:8f:c9:fa:6a:44:01:01:
e4:74:d6:83:c1:ae:00:98:25:0b:b2:d2:54:e5:83:7e:2d:11:
5b:37:9d:d5:7b:c2:17:4a:65:7d:f6:8b:ba:5a:18:44:9d:45:
02:83:90:99:37:d8:76:b9:7f:60:3a:b7:88:e4:2e:fb:bf:7c:
fb:cd:60:06:3f:f9:4f:50:6a:15:7b:d5:08:48:e3:5d:8a:c4:
76:62:09:ac:df:1c:71:16:6d:88:50:54:34:44:c9:f7:0a:db:
55:91:8c:59:54:dd:4f:02:dd:a0:b6:11:54:e5:9a:17:a0:f4:
18:53:9b:d0:25:bc:29:e0:37:26:2b:15:3b:85:df:27:04:60:
ea:53:ca:d1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGS09Aj/+S8fEv9OdftnnpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjYThhNGQ0MmEwMTk2ZGY3Y2MwZTE0ZjU5N2NmNTY2MGQ2
M2MwOWYwHhcNMjQwMTAxMTgzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTJlYWIxODMwOTBlZjQzNDUzN2YyMGE4ZTA0MzkxODRmMWMzOTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1juETv4s8jj/pAquf1VQgV36gnO
W5dtdtrKBkE+BuPUjodCm9Zchks5WWKVX4JA3KZuFh9lGrOk6Yal483OIQWwBcY7
UKMRAft1TJDgMriSk+FKgt7oa8a9uUoDeIITC9WGHrQCj50MvlhS6Fmqa2YgNojs
H9/m7jVXzlrOYsGZUO9yGUDohaujvtC8I+6PPdMZYjEd+4EZE8rqPz6vyMIkE4xG
ji2UoMYVPRy4xJ6DWqjbac5XdCNzr7XGq9PvWP7DF+D5Ii78RazOJjXk3hVoPW8U
1SHpKBWZC4xW1NyHxLEBlhjHz1rjc7UGfcfAdRoqxJCVsmyEuVC+7Q2KrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNouqxgwkO9DRTfyCo4EORhPHDk2MB8GA1UdIwQY
MBaAFIyopNQqAZbffMDhT1l89WYNY8CfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaktpazFDb0JsdDk4d09GUFdYejFaZzFqd0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9iYjA0ODAtNjZhZC00Mjg4LWI4ZDMt
MTAwNGMxZTUwZGZlLzEvMmk2ckdEQ1E3ME5GTl9JS2pnUTVHRThjT1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9iYjA0ODAtNjZhZC00Mjg4LWI4ZDMtMTAwNGMxZTUwZGZl
LzEvaktpazFDb0JsdDk4d09GUFdYejFaZzFqd0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLh3wAwQA
Lh33MA0GCSqGSIb3DQEBCwUAA4IBAQDSfqX+b5dJw0vjdQ+dZFiiMOzGX1pk5xsq
/KfhInceKZuaBQZf/gkXMjg9FUnr/+S1jN6X7Oafx5dR/cAX/HMUsrzADzNqKXOh
EL8Iiq6wlxYnAk2vYJL9udhqqhalQj9YwCTCzt9Z9WOMXBOcVNA0NcTR3Kfkuo/J
+mpEAQHkdNaDwa4AmCULstJU5YN+LRFbN53Ve8IXSmV99ou6WhhEnUUCg5CZN9h2
uX9gOreI5C77v3z7zWAGP/lPUGoVe9UISONdisR2Ygms3xxxFm2IUFQ0RMn3CttV
kYxZVN1PAt2gthFU5ZoXoPQYU5vQJbwp4DcmKxU7hd8nBGDqU8rR
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:47:41 2024 by rpki-client on console-ams.rpki-client.org