Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8e1b5d-77b5-43b6-9f0a-3e171bd5efc3/1/Pc1EFnRQMDWXb4yRbigd_qCZeko.roa
File: Pc1EFnRQMDWXb4yRbigd_qCZeko.roa (raw, json)
Hash identifier: 8QG7KNwdlRzyZpMXWr6HOzTCzBLOeqMdQ/z+GNtKst4=
Subject key identifier: 3D:CD:44:16:74:50:30:35:97:6F:8C:91:6E:28:1D:FE:A0:99:7A:4A
Certificate issuer: /CN=8007a958e6b3dfd78da350b103d3b9027e0fe3f0
Certificate serial: 018CC86FB78195DC303774B5E4B322C1B4A6
Authority key identifier: 80:07:A9:58:E6:B3:DF:D7:8D:A3:50:B1:03:D3:B9:02:7E:0F:E3:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gAepWOaz39eNo1CxA9O5An4P4_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/8e1b5d-77b5-43b6-9f0a-3e171bd5efc3/1/Pc1EFnRQMDWXb4yRbigd_qCZeko.roa
Signing time: Tue 02 Jan 2024 04:30:13 +0000
ROA not before: Tue 02 Jan 2024 04:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60345
IP address blocks: 46.18.110.0/24 maxlen: 24
2a11:8f00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/8e1b5d-77b5-43b6-9f0a-3e171bd5efc3/1/gAepWOaz39eNo1CxA9O5An4P4_A.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/8e1b5d-77b5-43b6-9f0a-3e171bd5efc3/1/gAepWOaz39eNo1CxA9O5An4P4_A.mft
rsync://rpki.ripe.net/repository/DEFAULT/gAepWOaz39eNo1CxA9O5An4P4_A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:b7:81:95:dc:30:37:74:b5:e4:b3:22:c1:b4:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8007a958e6b3dfd78da350b103d3b9027e0fe3f0
Validity
Not Before: Jan 2 04:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3dcd441674503035976f8c916e281dfea0997a4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f1:15:7d:1e:7d:f1:48:28:65:a2:42:75:ee:
d4:d8:ef:bd:94:af:7d:0a:07:ca:a3:b3:70:89:4c:
61:72:f5:20:9f:5e:27:aa:d7:c2:4e:06:b4:fa:13:
36:59:9a:13:e8:a2:57:b0:ed:c2:a8:b4:f6:fe:f4:
01:ef:59:96:1b:81:41:eb:48:a0:de:1f:be:5a:de:
31:c5:6a:f5:5b:61:b4:44:cb:a8:4e:d5:d6:e1:f5:
4d:9a:d0:23:95:0c:1f:43:ea:c8:2f:79:e5:8f:40:
67:af:8b:7c:51:61:7d:7c:33:5d:11:6d:42:18:ea:
d4:8d:90:35:a1:3f:7d:5c:83:be:b6:a5:71:8a:c5:
ea:fc:88:d9:27:48:f6:18:ce:cb:70:f2:fe:a3:2b:
e9:38:c7:86:a2:02:ae:2c:b9:f7:af:41:c6:01:12:
86:74:13:b8:8e:1d:8f:84:c5:ab:37:9b:d1:74:f0:
c5:3e:ed:be:9e:8e:08:30:50:6f:46:73:ff:74:02:
47:3c:ab:07:d4:6e:ab:c0:d9:43:7f:88:df:3e:e1:
7e:cb:b5:d4:c5:bb:f5:7a:65:38:77:86:33:48:63:
8c:bc:70:9b:c5:73:19:68:a5:50:a3:a1:31:52:e6:
6c:7f:6a:1e:e6:6e:24:b3:bd:0c:e0:71:c3:44:e0:
c7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:CD:44:16:74:50:30:35:97:6F:8C:91:6E:28:1D:FE:A0:99:7A:4A
X509v3 Authority Key Identifier:
keyid:80:07:A9:58:E6:B3:DF:D7:8D:A3:50:B1:03:D3:B9:02:7E:0F:E3:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gAepWOaz39eNo1CxA9O5An4P4_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8e1b5d-77b5-43b6-9f0a-3e171bd5efc3/1/Pc1EFnRQMDWXb4yRbigd_qCZeko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8e1b5d-77b5-43b6-9f0a-3e171bd5efc3/1/gAepWOaz39eNo1CxA9O5An4P4_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.110.0/24
IPv6:
2a11:8f00::/29
Signature Algorithm: sha256WithRSAEncryption
97:a5:d5:ba:7b:7b:31:31:ac:70:62:96:2d:0e:8c:53:2c:1e:
2b:a7:b2:48:21:66:fa:5a:8b:4f:48:2e:54:17:cf:82:4e:94:
5f:df:c5:1e:07:3a:3c:a8:62:3b:bc:e9:14:db:cf:2e:c6:b2:
d3:26:2b:a4:67:84:7c:83:a6:e0:ae:7c:3d:ef:b8:5c:a6:85:
8d:61:78:cd:d9:58:65:1b:4e:91:ea:5e:47:f7:8a:da:b6:00:
dd:0b:cd:36:b0:36:94:c9:cd:83:3a:cf:ba:27:6d:90:37:38:
1e:70:bb:75:bc:88:a6:94:31:5d:89:1c:ef:f4:fe:fb:0e:10:
d8:23:fe:fc:92:75:bd:bf:89:93:5a:74:65:98:1b:24:b7:16:
d0:6f:d2:a2:43:ca:bd:71:9e:bb:4c:17:27:b4:58:3c:ae:87:
d3:18:d6:84:b2:26:12:a4:43:de:68:43:2a:04:92:93:72:1e:
32:35:2f:83:6c:4c:c4:75:da:5a:de:c1:24:ac:27:29:38:d7:
c1:2d:ef:9b:bf:1e:89:55:21:26:f4:7e:b1:e0:a2:94:b6:18:
e1:45:84:aa:f1:8f:9a:15:a1:0f:c0:0a:a8:e0:a4:33:74:80:
21:6c:a3:96:d2:09:3f:f4:53:e1:4b:c8:47:b9:b3:3a:9c:23:
ae:80:9f:42
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIb7eBldwwN3S15LMiwbSmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwMDdhOTU4ZTZiM2RmZDc4ZGEzNTBiMTAzZDNiOTAyN2Uw
ZmUzZjAwHhcNMjQwMTAyMDQzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGNkNDQxNjc0NTAzMDM1OTc2ZjhjOTE2ZTI4MWRmZWEwOTk3YTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPEVfR598UgoZaJCde7U2O+9lK99
CgfKo7NwiUxhcvUgn14nqtfCTga0+hM2WZoT6KJXsO3CqLT2/vQB71mWG4FB60ig
3h++Wt4xxWr1W2G0RMuoTtXW4fVNmtAjlQwfQ+rIL3nlj0Bnr4t8UWF9fDNdEW1C
GOrUjZA1oT99XIO+tqVxisXq/IjZJ0j2GM7LcPL+oyvpOMeGogKuLLn3r0HGARKG
dBO4jh2PhMWrN5vRdPDFPu2+no4IMFBvRnP/dAJHPKsH1G6rwNlDf4jfPuF+y7XU
xbv1emU4d4YzSGOMvHCbxXMZaKVQo6ExUuZsf2oe5m4ks70M4HHDRODHrQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD3NRBZ0UDA1l2+MkW4oHf6gmXpKMB8GA1UdIwQY
MBaAFIAHqVjms9/XjaNQsQPTuQJ+D+PwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0FlcFdPYXozOWVObzFDeEE5TzVBbjRQNF9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84ZTFiNWQtNzdiNS00M2I2LTlmMGEt
M2UxNzFiZDVlZmMzLzEvUGMxRUZuUlFNRFdYYjR5UmJpZ2RfcUNaZWtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84ZTFiNWQtNzdiNS00M2I2LTlmMGEtM2UxNzFiZDVlZmMz
LzEvZ0FlcFdPYXozOWVObzFDeEE5TzVBbjRQNF9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALhJuMA0E
AgACMAcDBQMqEY8AMA0GCSqGSIb3DQEBCwUAA4IBAQCXpdW6e3sxMaxwYpYtDoxT
LB4rp7JIIWb6WotPSC5UF8+CTpRf38UeBzo8qGI7vOkU288uxrLTJiukZ4R8g6bg
rnw977hcpoWNYXjN2VhlG06R6l5H94ratgDdC802sDaUyc2DOs+6J22QNzgecLt1
vIimlDFdiRzv9P77DhDYI/78knW9v4mTWnRlmBsktxbQb9KiQ8q9cZ67TBcntFg8
rofTGNaEsiYSpEPeaEMqBJKTch4yNS+DbEzEddpa3sEkrCcpONfBLe+bvx6JVSEm
9H6x4KKUthjhRYSq8Y+aFaEPwAqo4KQzdIAhbKOW0gk/9FPhS8hHubM6nCOugJ9C
-----END CERTIFICATE-----
Generated at Wed Jun 26 17:41:24 2024 by rpki-client on console-ams.rpki-client.org