Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/572ec8-7456-4e55-b776-d8ece26afec0/1/qnKmvOkpYz7w00ChWi2CT8VZeAU.roa
File: qnKmvOkpYz7w00ChWi2CT8VZeAU.roa (raw, json)
Hash identifier: nBt92ibjzpia/WcHlTKuDxDB2S4gmcCbQBcgz3/+YCI=
Subject key identifier: AA:72:A6:BC:E9:29:63:3E:F0:D3:40:A1:5A:2D:82:4F:C5:59:78:05
Certificate issuer: /CN=e3e46e2c4016a8d7392c8574134fd4793b9415a4
Certificate serial: 018CC801926B473428284E03769D032CB56A
Authority key identifier: E3:E4:6E:2C:40:16:A8:D7:39:2C:85:74:13:4F:D4:79:3B:94:15:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4-RuLEAWqNc5LIV0E0_UeTuUFaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ec8-7456-4e55-b776-d8ece26afec0/1/qnKmvOkpYz7w00ChWi2CT8VZeAU.roa
Signing time: Tue 02 Jan 2024 02:29:55 +0000
ROA not before: Tue 02 Jan 2024 02:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31726
IP address blocks: 46.228.48.0/20 maxlen: 20
185.229.228.0/22 maxlen: 22
77.95.72.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ec8-7456-4e55-b776-d8ece26afec0/1/4-RuLEAWqNc5LIV0E0_UeTuUFaQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/572ec8-7456-4e55-b776-d8ece26afec0/1/4-RuLEAWqNc5LIV0E0_UeTuUFaQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/4-RuLEAWqNc5LIV0E0_UeTuUFaQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:92:6b:47:34:28:28:4e:03:76:9d:03:2c:b5:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3e46e2c4016a8d7392c8574134fd4793b9415a4
Validity
Not Before: Jan 2 02:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa72a6bce929633ef0d340a15a2d824fc5597805
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5c:d3:ba:40:de:08:d7:f2:5a:54:d2:0f:f2:
a4:13:80:c9:99:f1:e9:ca:37:63:ca:cb:d9:d6:65:
e0:0e:41:17:8b:9a:cd:07:52:89:7c:fc:86:b0:9d:
17:ee:a7:ce:b8:e0:10:b2:f3:12:49:fd:6f:7c:6b:
ea:c3:1b:4f:80:ba:c4:0f:ed:72:34:ec:03:93:a2:
11:ef:04:9f:e9:c0:92:d1:73:90:76:47:49:0d:5a:
36:31:32:68:9a:88:06:ad:cd:22:3e:d6:28:00:77:
48:23:23:df:02:66:9e:8d:31:69:9e:64:e6:10:d6:
15:3f:5c:7b:15:43:a3:7c:00:58:31:73:35:35:0a:
40:fd:c2:8a:4e:a0:a2:c7:27:ee:57:fc:5a:00:26:
94:3d:90:fe:87:49:3f:6d:2f:fe:58:40:9a:7e:2f:
99:99:65:86:5d:7c:b3:8a:83:b8:96:27:18:a8:1d:
b6:77:27:77:e6:3c:a0:16:fe:47:10:da:85:6b:93:
2e:80:85:89:2d:af:ff:dd:16:6b:ca:85:7b:cb:ef:
ea:b0:ee:b9:b1:08:a4:6b:40:d0:f8:99:29:87:02:
19:7e:9e:fc:25:ef:a1:01:9e:75:a9:de:79:92:b7:
8e:2a:57:11:62:51:52:6a:0b:1c:d5:3a:e1:51:ea:
13:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:72:A6:BC:E9:29:63:3E:F0:D3:40:A1:5A:2D:82:4F:C5:59:78:05
X509v3 Authority Key Identifier:
keyid:E3:E4:6E:2C:40:16:A8:D7:39:2C:85:74:13:4F:D4:79:3B:94:15:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4-RuLEAWqNc5LIV0E0_UeTuUFaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ec8-7456-4e55-b776-d8ece26afec0/1/qnKmvOkpYz7w00ChWi2CT8VZeAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ec8-7456-4e55-b776-d8ece26afec0/1/4-RuLEAWqNc5LIV0E0_UeTuUFaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.228.48.0/20
77.95.72.0/21
185.229.228.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:2f:00:a4:ff:31:58:32:76:0c:44:ef:bb:79:88:41:8c:94:
28:5f:34:5b:c0:ba:f6:87:d1:fb:71:8c:91:21:6d:f5:cd:fc:
c1:72:ec:79:7b:7d:27:c2:a2:c9:7e:ba:00:7d:11:60:0b:9a:
3c:b2:2f:7a:f2:78:ef:31:05:9c:73:db:7d:0b:4f:92:fe:b5:
a3:3b:96:81:49:c4:f3:f0:2e:7b:04:b7:4a:73:9f:55:2f:64:
ae:8d:96:1e:55:7f:c5:2e:b4:68:ab:bb:00:a9:f7:88:19:5b:
97:c1:c5:79:be:29:d9:84:cc:91:d8:a5:53:9d:88:b3:b6:ce:
7e:65:b9:ad:25:d3:de:b3:9d:28:e5:0f:c4:ce:88:cb:19:37:
bc:19:16:35:1c:f1:2b:4e:11:c9:91:d3:cd:69:91:e2:59:33:
b5:08:9b:67:c3:ed:71:d5:49:13:11:85:35:69:44:8b:ab:c8:
b2:e3:f6:ac:38:cd:a8:12:fd:b0:1a:fb:84:23:cb:a4:03:b2:
a5:cf:df:dc:ab:a2:5d:08:2e:77:f8:97:c9:0d:18:81:1c:ee:
3e:1f:34:75:25:1a:0d:38:8b:a8:94:75:31:4d:92:38:62:a3:
f4:93:66:41:77:25:19:59:e3:71:20:4b:24:55:5a:41:05:6e:
46:72:6b:83
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAZJrRzQoKE4Ddp0DLLVqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZTQ2ZTJjNDAxNmE4ZDczOTJjODU3NDEzNGZkNDc5M2I5
NDE1YTQwHhcNMjQwMTAyMDIyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTcyYTZiY2U5Mjk2MzNlZjBkMzQwYTE1YTJkODI0ZmM1NTk3ODA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1zTukDeCNfyWlTSD/KkE4DJmfHp
yjdjysvZ1mXgDkEXi5rNB1KJfPyGsJ0X7qfOuOAQsvMSSf1vfGvqwxtPgLrED+1y
NOwDk6IR7wSf6cCS0XOQdkdJDVo2MTJomogGrc0iPtYoAHdIIyPfAmaejTFpnmTm
ENYVP1x7FUOjfABYMXM1NQpA/cKKTqCixyfuV/xaACaUPZD+h0k/bS/+WECafi+Z
mWWGXXyzioO4licYqB22dyd35jygFv5HENqFa5MugIWJLa//3RZryoV7y+/qsO65
sQika0DQ+JkphwIZfp78Je+hAZ51qd55kreOKlcRYlFSagsc1TrhUeoTPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKpyprzpKWM+8NNAoVotgk/FWXgFMB8GA1UdIwQY
MBaAFOPkbixAFqjXOSyFdBNP1Hk7lBWkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNC1SdUxFQVdxTmM1TElWMEUwX1VlVHVVRmFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81NzJlYzgtNzQ1Ni00ZTU1LWI3NzYt
ZDhlY2UyNmFmZWMwLzEvcW5LbXZPa3BZejd3MDBDaFdpMkNUOFZaZUFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81NzJlYzgtNzQ1Ni00ZTU1LWI3NzYtZDhlY2UyNmFmZWMw
LzEvNC1SdUxFQVdxTmM1TElWMEUwX1VlVHVVRmFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQELuQwAwQD
TV9IAwQCueXkMA0GCSqGSIb3DQEBCwUAA4IBAQAPLwCk/zFYMnYMRO+7eYhBjJQo
XzRbwLr2h9H7cYyRIW31zfzBcux5e30nwqLJfroAfRFgC5o8si968njvMQWcc9t9
C0+S/rWjO5aBScTz8C57BLdKc59VL2SujZYeVX/FLrRoq7sAqfeIGVuXwcV5vinZ
hMyR2KVTnYizts5+ZbmtJdPes50o5Q/EzojLGTe8GRY1HPErThHJkdPNaZHiWTO1
CJtnw+1x1UkTEYU1aUSLq8iy4/asOM2oEv2wGvuEI8ukA7Klz9/cq6JdCC53+JfJ
DRiBHO4+HzR1JRoNOIuolHUxTZI4YqP0k2ZBdyUZWeNxIEskVVpBBW5GcmuD
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:04:04 2024 by rpki-client on console-fra.rpki-client.org