Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/435d88-371e-4f86-a90a-cfbbc14671a3/1/o1fe5TF_RuCRBfyc5DY_8QRAcjA.roa
File: o1fe5TF_RuCRBfyc5DY_8QRAcjA.roa (raw, json)
Hash identifier: EQ8mib7KA1huVJrUBrYKM2PpROWTS2KYy0rBxwKea7E=
Subject key identifier: A3:57:DE:E5:31:7F:46:E0:91:05:FC:9C:E4:36:3F:F1:04:40:72:30
Certificate issuer: /CN=fd0c6b2bd29d3168487c9ec5fde4c3fc42d9cfbe
Certificate serial: 018CC7273A52763BF755933EFB1E42C8F40A
Authority key identifier: FD:0C:6B:2B:D2:9D:31:68:48:7C:9E:C5:FD:E4:C3:FC:42:D9:CF:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_QxrK9KdMWhIfJ7F_eTD_ELZz74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/435d88-371e-4f86-a90a-cfbbc14671a3/1/o1fe5TF_RuCRBfyc5DY_8QRAcjA.roa
Signing time: Mon 01 Jan 2024 22:31:26 +0000
ROA not before: Mon 01 Jan 2024 22:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196881
IP address blocks: 46.30.137.0/24 maxlen: 24
46.30.138.0/23 maxlen: 23
46.30.138.0/24 maxlen: 24
46.30.139.0/24 maxlen: 24
185.156.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/435d88-371e-4f86-a90a-cfbbc14671a3/1/_QxrK9KdMWhIfJ7F_eTD_ELZz74.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/435d88-371e-4f86-a90a-cfbbc14671a3/1/_QxrK9KdMWhIfJ7F_eTD_ELZz74.mft
rsync://rpki.ripe.net/repository/DEFAULT/_QxrK9KdMWhIfJ7F_eTD_ELZz74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:3a:52:76:3b:f7:55:93:3e:fb:1e:42:c8:f4:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd0c6b2bd29d3168487c9ec5fde4c3fc42d9cfbe
Validity
Not Before: Jan 1 22:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a357dee5317f46e09105fc9ce4363ff104407230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:bc:74:7b:f9:db:99:32:7b:b2:77:1d:ca:28:
98:4e:e3:78:3d:fa:2d:3b:5a:87:ea:10:72:f9:33:
9e:b5:56:37:35:32:64:ea:b0:ca:17:8e:ce:bb:be:
5c:8e:5c:61:9f:12:df:5d:f4:b5:84:35:2e:23:f1:
d7:11:31:74:89:28:d3:77:a0:d1:6e:3d:34:32:46:
4f:e9:01:e2:7d:74:1a:4d:52:b1:d3:45:2c:bb:3b:
9b:47:19:ef:17:18:94:ce:87:75:25:24:58:bc:f0:
c5:ab:32:c4:65:38:98:c6:a7:54:c4:ba:36:9d:a9:
90:93:86:d3:c4:a0:0f:6c:7a:10:c6:b2:53:6a:0a:
c7:e9:2b:7c:05:a7:9d:99:9e:8a:58:09:48:37:9f:
b4:a7:95:e0:55:ac:fe:17:48:76:26:67:47:82:83:
4e:ad:63:3e:19:fd:1e:1a:14:cd:4f:02:c0:d2:be:
d0:8a:23:fb:de:33:fc:ed:bb:fc:8c:f2:1b:d7:f4:
f2:a9:e9:58:fc:d2:c7:85:08:2a:99:3b:80:66:e2:
7b:6c:26:fc:98:e3:a1:9d:6b:49:fa:52:20:0d:d5:
57:18:58:1b:64:65:44:d3:94:f5:61:29:ea:88:08:
7f:7a:44:0a:f5:26:88:3e:89:cc:8f:cb:c1:33:e0:
f8:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:57:DE:E5:31:7F:46:E0:91:05:FC:9C:E4:36:3F:F1:04:40:72:30
X509v3 Authority Key Identifier:
keyid:FD:0C:6B:2B:D2:9D:31:68:48:7C:9E:C5:FD:E4:C3:FC:42:D9:CF:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_QxrK9KdMWhIfJ7F_eTD_ELZz74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/435d88-371e-4f86-a90a-cfbbc14671a3/1/o1fe5TF_RuCRBfyc5DY_8QRAcjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/435d88-371e-4f86-a90a-cfbbc14671a3/1/_QxrK9KdMWhIfJ7F_eTD_ELZz74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.137.0-46.30.139.255
185.156.104.0/24
Signature Algorithm: sha256WithRSAEncryption
16:63:64:4b:40:8a:a9:f9:16:c4:36:9d:6c:14:40:65:3f:2a:
e7:61:c1:85:5d:b9:5e:fc:7c:ab:5b:c3:4c:61:35:de:c7:c4:
96:85:9f:52:eb:f2:fd:a3:57:90:31:27:a5:e9:d2:42:cb:7e:
e7:9a:98:ac:69:b2:df:ff:3b:07:73:d3:66:74:50:5a:0b:84:
91:ff:01:a9:08:96:89:61:39:89:69:be:9c:b3:12:bc:75:10:
4b:88:5b:81:f9:3d:c5:3a:b4:15:f6:a5:c0:34:7a:5d:ae:f3:
7d:aa:43:25:bb:a8:b9:ee:26:56:f8:65:d5:69:53:d1:7f:de:
fe:71:64:cb:e7:33:c6:77:f8:d3:5a:5d:df:ae:c3:19:e4:fb:
ca:a7:f2:1d:bf:96:5d:3c:78:ae:43:db:52:e7:05:91:84:a3:
55:06:2b:75:07:70:3e:a2:a5:da:06:4e:de:6e:02:52:30:09:
69:b9:5d:82:73:7d:4d:5d:a3:e1:7f:51:64:86:cb:0f:8d:a9:
66:33:07:63:cd:5a:b5:31:b8:06:db:82:4e:aa:da:a8:e9:ec:
fd:ad:dd:5f:62:2f:84:66:5a:7c:fb:5f:04:07:8e:f2:fe:93:
15:da:b6:6d:15:af:e2:2c:cd:41:c8:f0:71:ca:95:9b:58:5c:
e1:f4:47:cc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzHJzpSdjv3VZM++x5CyPQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMGM2YjJiZDI5ZDMxNjg0ODdjOWVjNWZkZTRjM2ZjNDJk
OWNmYmUwHhcNMjQwMTAxMjIzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzU3ZGVlNTMxN2Y0NmUwOTEwNWZjOWNlNDM2M2ZmMTA0NDA3MjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrx0e/nbmTJ7sncdyiiYTuN4Pfot
O1qH6hBy+TOetVY3NTJk6rDKF47Ou75cjlxhnxLfXfS1hDUuI/HXETF0iSjTd6DR
bj00MkZP6QHifXQaTVKx00UsuzubRxnvFxiUzod1JSRYvPDFqzLEZTiYxqdUxLo2
namQk4bTxKAPbHoQxrJTagrH6St8BaedmZ6KWAlIN5+0p5XgVaz+F0h2JmdHgoNO
rWM+Gf0eGhTNTwLA0r7QiiP73jP87bv8jPIb1/TyqelY/NLHhQgqmTuAZuJ7bCb8
mOOhnWtJ+lIgDdVXGFgbZGVE05T1YSnqiAh/ekQK9SaIPonMj8vBM+D4UwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKNX3uUxf0bgkQX8nOQ2P/EEQHIwMB8GA1UdIwQY
MBaAFP0MayvSnTFoSHyexf3kw/xC2c++MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1F4cks5S2RNV2hJZko3Rl9lVERfRUxaejc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80MzVkODgtMzcxZS00Zjg2LWE5MGEt
Y2ZiYmMxNDY3MWEzLzEvbzFmZTVURl9SdUNSQmZ5YzVEWV84UVJBY2pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80MzVkODgtMzcxZS00Zjg2LWE5MGEtY2ZiYmMxNDY3MWEz
LzEvX1F4cks5S2RNV2hJZko3Rl9lVERfRUxaejc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAuHokD
BAIuHogDBAC5nGgwDQYJKoZIhvcNAQELBQADggEBABZjZEtAiqn5FsQ2nWwUQGU/
KudhwYVduV78fKtbw0xhNd7HxJaFn1Lr8v2jV5AxJ6Xp0kLLfueamKxpst//Owdz
02Z0UFoLhJH/AakIlolhOYlpvpyzErx1EEuIW4H5PcU6tBX2pcA0el2u832qQyW7
qLnuJlb4ZdVpU9F/3v5xZMvnM8Z3+NNaXd+uwxnk+8qn8h2/ll08eK5D21LnBZGE
o1UGK3UHcD6ipdoGTt5uAlIwCWm5XYJzfU1do+F/UWSGyw+NqWYzB2PNWrUxuAbb
gk6q2qjp7P2t3V9iL4RmWnz7XwQHjvL+kxXatm0Vr+IszUHI8HHKlZtYXOH0R8w=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:53:02 2024 by rpki-client on console-fra.rpki-client.org