Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/6d729e-e16b-41a9-9012-014c70977d49/1/w4Y3ji4v5knSFyT9aHOl_dOdLVU.roa
File: w4Y3ji4v5knSFyT9aHOl_dOdLVU.roa (raw, json)
Hash identifier: t4jbkA9DBoa5VMjcCpu0eJOXUtJC8Q9EUbMBraT9tX4=
Subject key identifier: C3:86:37:8E:2E:2F:E6:49:D2:17:24:FD:68:73:A5:FD:D3:9D:2D:55
Certificate issuer: /CN=52a59bf043080306359f5a29491f545b07051c05
Certificate serial: 01930BFF00946BCC5BB953928E273459EBD4
Authority key identifier: 52:A5:9B:F0:43:08:03:06:35:9F:5A:29:49:1F:54:5B:07:05:1C:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UqWb8EMIAwY1n1opSR9UWwcFHAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/6d729e-e16b-41a9-9012-014c70977d49/1/w4Y3ji4v5knSFyT9aHOl_dOdLVU.roa
Signing time: Fri 08 Nov 2024 13:38:01 +0000
ROA not before: Fri 08 Nov 2024 13:38:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28716
IP address blocks: 46.183.232.0/21 maxlen: 21
185.133.216.0/22 maxlen: 22
185.133.216.0/24 maxlen: 24
185.133.217.0/24 maxlen: 24
185.133.218.0/24 maxlen: 24
185.133.219.0/24 maxlen: 24
2a03:9c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/6d729e-e16b-41a9-9012-014c70977d49/1/UqWb8EMIAwY1n1opSR9UWwcFHAU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/6d729e-e16b-41a9-9012-014c70977d49/1/UqWb8EMIAwY1n1opSR9UWwcFHAU.mft
rsync://rpki.ripe.net/repository/DEFAULT/UqWb8EMIAwY1n1opSR9UWwcFHAU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0b:ff:00:94:6b:cc:5b:b9:53:92:8e:27:34:59:eb:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52a59bf043080306359f5a29491f545b07051c05
Validity
Not Before: Nov 8 13:38:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c386378e2e2fe649d21724fd6873a5fdd39d2d55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a5:bd:34:93:38:17:88:74:dd:ed:8d:7f:c4:
7c:01:52:77:0e:7c:0b:4e:67:8f:ca:ee:45:d9:5d:
52:72:2b:46:55:fe:d5:95:a3:61:57:fc:31:71:d6:
ef:6b:e7:69:ac:b9:cc:1a:8f:db:eb:ce:3c:fa:10:
0c:53:5e:b5:14:63:25:aa:85:ff:23:6b:9b:f7:d1:
6d:1f:d1:3d:1d:47:4f:e0:4a:0b:d0:29:0b:0b:52:
2f:ed:59:3f:8c:87:7a:6e:c1:a1:7a:48:39:80:13:
ed:14:7b:8c:9a:e2:66:e2:8b:af:44:69:6a:25:60:
8f:04:3e:97:8f:64:49:01:a2:24:5b:8c:33:b2:6b:
a2:f2:24:40:23:6f:7a:f9:9e:69:d3:2f:2a:14:6f:
e7:03:fe:63:9b:49:8b:af:25:7e:25:64:f6:2b:9a:
6a:96:11:cc:b3:2d:bd:60:52:64:96:9c:ff:f4:a6:
15:50:21:ef:2b:22:9a:1a:f1:a2:6c:d9:6c:f8:1c:
66:aa:eb:ac:0c:ee:db:29:f3:e6:16:9a:02:db:4e:
b3:c1:6a:84:2a:01:18:49:ea:1c:04:a7:bd:d5:46:
03:bd:e0:fd:27:a5:fc:c5:d1:f5:df:34:03:11:e6:
9f:ac:a6:79:f3:46:e3:a8:98:5b:91:bf:05:cf:06:
2c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:86:37:8E:2E:2F:E6:49:D2:17:24:FD:68:73:A5:FD:D3:9D:2D:55
X509v3 Authority Key Identifier:
keyid:52:A5:9B:F0:43:08:03:06:35:9F:5A:29:49:1F:54:5B:07:05:1C:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UqWb8EMIAwY1n1opSR9UWwcFHAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/6d729e-e16b-41a9-9012-014c70977d49/1/w4Y3ji4v5knSFyT9aHOl_dOdLVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/6d729e-e16b-41a9-9012-014c70977d49/1/UqWb8EMIAwY1n1opSR9UWwcFHAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.232.0/21
185.133.216.0/22
IPv6:
2a03:9c0::/32
Signature Algorithm: sha256WithRSAEncryption
12:e9:6e:bc:f1:6b:10:95:48:c9:d0:f4:f7:66:a3:5e:b2:f6:
a4:39:52:fd:db:f6:60:dd:04:db:f7:b8:58:b1:09:2f:2a:45:
77:cd:c8:89:91:8f:71:2d:6a:92:e7:21:4c:14:0f:b0:06:e2:
59:07:c1:5c:9e:9c:7a:bc:43:05:7b:a1:09:9d:0f:b0:2d:ee:
46:24:ba:2f:5e:c2:4a:da:fc:e2:3b:76:ef:76:04:96:bf:23:
2a:a8:5f:4e:17:31:9e:20:13:a2:b3:97:48:98:63:47:5b:c5:
24:d1:13:72:07:60:f0:95:6e:05:51:c9:a4:65:61:a3:22:24:
ca:80:8c:86:ba:da:76:03:f8:e7:c4:a5:37:37:37:86:38:d7:
56:97:dd:db:2e:84:56:82:f6:34:56:96:e1:18:d5:d0:14:21:
d1:f4:28:e3:86:a9:e2:0e:7f:80:a4:0b:36:0d:06:33:49:1e:
55:27:4b:e9:e6:92:75:c0:49:90:9f:cc:c5:61:f4:9c:ff:cf:
f2:ba:13:eb:b6:92:2e:1e:db:b9:b5:16:3c:48:41:ef:73:ce:
79:88:6a:8c:fa:f8:5c:b2:46:67:bd:7d:50:92:37:3a:9d:02:
3d:a5:4b:2c:be:66:72:f2:b2:bb:a8:e0:9b:83:cf:45:16:00:
95:67:a3:9f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZML/wCUa8xbuVOSjic0WevUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYTU5YmYwNDMwODAzMDYzNTlmNWEyOTQ5MWY1NDViMDcw
NTFjMDUwHhcNMjQxMTA4MTMzODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzg2Mzc4ZTJlMmZlNjQ5ZDIxNzI0ZmQ2ODczYTVmZGQzOWQyZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqW9NJM4F4h03e2Nf8R8AVJ3DnwL
TmePyu5F2V1ScitGVf7VlaNhV/wxcdbva+dprLnMGo/b6848+hAMU161FGMlqoX/
I2ub99FtH9E9HUdP4EoL0CkLC1Iv7Vk/jId6bsGhekg5gBPtFHuMmuJm4ouvRGlq
JWCPBD6Xj2RJAaIkW4wzsmui8iRAI296+Z5p0y8qFG/nA/5jm0mLryV+JWT2K5pq
lhHMsy29YFJklpz/9KYVUCHvKyKaGvGibNls+BxmquusDO7bKfPmFpoC206zwWqE
KgEYSeocBKe91UYDveD9J6X8xdH13zQDEeafrKZ580bjqJhbkb8FzwYsJwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMOGN44uL+ZJ0hck/Whzpf3TnS1VMB8GA1UdIwQY
MBaAFFKlm/BDCAMGNZ9aKUkfVFsHBRwFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXFXYjhFTUlBd1kxbjFvcFNSOVVXd2NGSEFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy82ZDcyOWUtZTE2Yi00MWE5LTkwMTIt
MDE0YzcwOTc3ZDQ5LzEvdzRZM2ppNHY1a25TRnlUOWFIT2xfZE9kTFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy82ZDcyOWUtZTE2Yi00MWE5LTkwMTItMDE0YzcwOTc3ZDQ5
LzEvVXFXYjhFTUlBd1kxbjFvcFNSOVVXd2NGSEFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLrfoAwQC
uYXYMA0EAgACMAcDBQAqAwnAMA0GCSqGSIb3DQEBCwUAA4IBAQAS6W688WsQlUjJ
0PT3ZqNesvakOVL92/Zg3QTb97hYsQkvKkV3zciJkY9xLWqS5yFMFA+wBuJZB8Fc
npx6vEMFe6EJnQ+wLe5GJLovXsJK2vziO3bvdgSWvyMqqF9OFzGeIBOis5dImGNH
W8Uk0RNyB2DwlW4FUcmkZWGjIiTKgIyGutp2A/jnxKU3NzeGONdWl93bLoRWgvY0
VpbhGNXQFCHR9CjjhqniDn+ApAs2DQYzSR5VJ0vp5pJ1wEmQn8zFYfSc/8/yuhPr
tpIuHtu5tRY8SEHvc855iGqM+vhcskZnvX1Qkjc6nQI9pUssvmZy8rK7qOCbg89F
FgCVZ6Of
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:13:21 2024 by rpki-client on console-fra.rpki-client.org