Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/c5dd3e-937b-434f-bbb8-80cc86e51822/1/_dN2xn2rujy6VyRTNA7HQuWvV1o.roa
File: _dN2xn2rujy6VyRTNA7HQuWvV1o.roa (raw, json)
Hash identifier: BTQ83/raQHMibFbdGKC25H5EIqyVmW9PTSEOMnF1EAk=
Subject key identifier: FD:D3:76:C6:7D:AB:BA:3C:BA:57:24:53:34:0E:C7:42:E5:AF:57:5A
Certificate issuer: /CN=cfc0f99d79793a6f01e9ad627d1f968b0c2d0f3b
Certificate serial: 0192F0A5F79EC0CC9062AD15D4265311CB06
Authority key identifier: CF:C0:F9:9D:79:79:3A:6F:01:E9:AD:62:7D:1F:96:8B:0C:2D:0F:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z8D5nXl5Om8B6a1ifR-WiwwtDzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/c5dd3e-937b-434f-bbb8-80cc86e51822/1/_dN2xn2rujy6VyRTNA7HQuWvV1o.roa
Signing time: Sun 03 Nov 2024 06:11:01 +0000
ROA not before: Sun 03 Nov 2024 06:11:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199402
IP address blocks: 46.28.235.0/24 maxlen: 24
178.210.167.0/24 maxlen: 24
178.210.179.0/24 maxlen: 24
185.123.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/c5dd3e-937b-434f-bbb8-80cc86e51822/1/z8D5nXl5Om8B6a1ifR-WiwwtDzs.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/c5dd3e-937b-434f-bbb8-80cc86e51822/1/z8D5nXl5Om8B6a1ifR-WiwwtDzs.mft
rsync://rpki.ripe.net/repository/DEFAULT/z8D5nXl5Om8B6a1ifR-WiwwtDzs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f0:a5:f7:9e:c0:cc:90:62:ad:15:d4:26:53:11:cb:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfc0f99d79793a6f01e9ad627d1f968b0c2d0f3b
Validity
Not Before: Nov 3 06:11:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdd376c67dabba3cba572453340ec742e5af575a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:30:75:79:85:56:5f:b6:2e:19:af:f7:f0:2b:
ac:ef:0b:84:1d:97:ab:10:f9:ab:cd:d4:69:1a:ef:
9a:33:20:ee:d1:14:44:ad:7f:9d:3e:dc:09:a4:ec:
c6:50:89:5d:38:d4:48:b5:24:83:38:66:6d:78:4d:
a8:8e:9f:8e:66:10:f9:01:89:a9:a7:b2:cb:f9:16:
f5:05:05:87:87:9c:0b:0e:fc:f6:1d:4f:ad:eb:15:
67:dd:08:28:8b:9a:60:bb:a6:18:5a:d2:6a:50:a8:
f4:89:3d:59:73:f5:bf:87:ae:93:bc:da:5f:fe:c0:
b0:f8:08:66:42:af:9a:9f:75:b4:6a:17:60:59:5a:
d5:4b:77:b2:4b:f3:b8:50:61:75:9f:25:c4:ef:d2:
55:b9:38:2e:2e:4a:70:9f:58:1f:5e:ee:d2:4e:55:
e1:d3:aa:73:a4:44:bc:c5:ce:07:a5:6f:51:33:97:
24:ac:5f:0b:97:0c:82:98:54:9c:66:31:e4:83:a0:
7c:8e:3a:5c:96:84:de:f4:59:5c:9e:cc:1a:b4:37:
d2:3e:71:1f:b5:d4:42:d2:dc:43:52:ef:bd:c2:cf:
30:0a:3b:c6:bd:8d:0e:49:1e:67:cd:d2:a5:0f:9b:
fe:06:6a:bd:13:d9:74:48:35:d6:e3:81:88:4c:24:
bf:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:D3:76:C6:7D:AB:BA:3C:BA:57:24:53:34:0E:C7:42:E5:AF:57:5A
X509v3 Authority Key Identifier:
keyid:CF:C0:F9:9D:79:79:3A:6F:01:E9:AD:62:7D:1F:96:8B:0C:2D:0F:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z8D5nXl5Om8B6a1ifR-WiwwtDzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/c5dd3e-937b-434f-bbb8-80cc86e51822/1/_dN2xn2rujy6VyRTNA7HQuWvV1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/c5dd3e-937b-434f-bbb8-80cc86e51822/1/z8D5nXl5Om8B6a1ifR-WiwwtDzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.235.0/24
178.210.167.0/24
178.210.179.0/24
185.123.103.0/24
Signature Algorithm: sha256WithRSAEncryption
91:ed:0f:59:c0:d2:3c:42:13:4d:88:e9:2e:cd:93:04:ec:b9:
01:74:04:8e:8b:ff:a0:25:6a:09:25:e1:22:72:85:4c:ab:f0:
c1:29:7f:b9:64:be:e2:2c:8d:6f:f3:49:d2:2d:a4:0c:7f:26:
0c:39:a7:d6:df:d3:41:99:13:fd:10:44:5f:33:ab:a0:b6:77:
01:78:45:e0:d5:29:05:f5:90:7f:d0:a7:f7:f2:be:95:79:1d:
74:7e:24:a1:2c:e4:e0:0e:db:a8:b2:03:d4:f4:74:a3:d6:55:
0a:fa:b0:77:b2:90:c8:a6:48:e2:84:31:76:1d:e7:57:6e:d5:
ca:06:36:75:00:3c:ca:6c:62:e7:59:68:f9:b1:e9:57:f4:c4:
82:a7:ad:fd:53:79:aa:e0:89:fc:ff:e3:e8:fe:ba:a1:cc:97:
0e:31:8c:34:37:8b:69:a8:b2:3b:39:80:e8:73:f5:c9:15:6a:
44:0a:71:a4:11:b7:e2:bd:cd:fd:8e:ef:8f:11:c3:2e:20:dd:
2c:db:42:75:42:0d:85:32:c7:0f:6a:44:8a:e4:34:72:28:d5:
59:62:8f:d7:ec:e1:ef:86:35:60:5e:1f:fe:de:33:78:0f:7e:
91:f8:18:51:b9:09:42:e6:c5:ce:61:44:92:48:35:9b:a6:e1:
e8:bd:95:a5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZLwpfeewMyQYq0V1CZTEcsGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYzBmOTlkNzk3OTNhNmYwMWU5YWQ2MjdkMWY5NjhiMGMy
ZDBmM2IwHhcNMjQxMTAzMDYxMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGQzNzZjNjdkYWJiYTNjYmE1NzI0NTMzNDBlYzc0MmU1YWY1NzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjB1eYVWX7YuGa/38Cus7wuEHZer
EPmrzdRpGu+aMyDu0RRErX+dPtwJpOzGUIldONRItSSDOGZteE2ojp+OZhD5AYmp
p7LL+Rb1BQWHh5wLDvz2HU+t6xVn3Qgoi5pgu6YYWtJqUKj0iT1Zc/W/h66TvNpf
/sCw+AhmQq+an3W0ahdgWVrVS3eyS/O4UGF1nyXE79JVuTguLkpwn1gfXu7STlXh
06pzpES8xc4HpW9RM5ckrF8LlwyCmFScZjHkg6B8jjpcloTe9FlcnswatDfSPnEf
tdRC0txDUu+9ws8wCjvGvY0OSR5nzdKlD5v+Bmq9E9l0SDXW44GITCS/KwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP3TdsZ9q7o8ulckUzQOx0Llr1daMB8GA1UdIwQY
MBaAFM/A+Z15eTpvAemtYn0flosMLQ87MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejhENW5YbDVPbThCNmExaWZSLVdpd3d0RHpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9jNWRkM2UtOTM3Yi00MzRmLWJiYjgt
ODBjYzg2ZTUxODIyLzEvX2ROMnhuMnJ1ank2VnlSVE5BN0hRdVd2VjFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9jNWRkM2UtOTM3Yi00MzRmLWJiYjgtODBjYzg2ZTUxODIy
LzEvejhENW5YbDVPbThCNmExaWZSLVdpd3d0RHpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALhzrAwQA
stKnAwQAstKzAwQAuXtnMA0GCSqGSIb3DQEBCwUAA4IBAQCR7Q9ZwNI8QhNNiOku
zZME7LkBdASOi/+gJWoJJeEicoVMq/DBKX+5ZL7iLI1v80nSLaQMfyYMOafW39NB
mRP9EERfM6ugtncBeEXg1SkF9ZB/0Kf38r6VeR10fiShLOTgDtuosgPU9HSj1lUK
+rB3spDIpkjihDF2HedXbtXKBjZ1ADzKbGLnWWj5selX9MSCp639U3mq4In8/+Po
/rqhzJcOMYw0N4tpqLI7OYDoc/XJFWpECnGkEbfivc39ju+PEcMuIN0s20J1Qg2F
MscPakSK5DRyKNVZYo/X7OHvhjVgXh/+3jN4D36R+BhRuQlC5sXOYUSSSDWbpuHo
vZWl
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:45:05 2024 by rpki-client on console-ams.rpki-client.org