Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/KfJG6UDlNmdfbd4cgrrjUEgUEhE.roa
File: KfJG6UDlNmdfbd4cgrrjUEgUEhE.roa (raw, json)
Hash identifier: QRIC7/ZIvUD/C27X6h7f5+sNHrFCE5tZfvVqKBYQ0c8=
Subject key identifier: 29:F2:46:E9:40:E5:36:67:5F:6D:DE:1C:82:BA:E3:50:48:14:12:11
Certificate issuer: /CN=df8f961c6efbb7f9ce74217b1d5dbb54e981c6f2
Certificate serial: 018CC2DB46636C1FF2A32B8473BEA657191D
Authority key identifier: DF:8F:96:1C:6E:FB:B7:F9:CE:74:21:7B:1D:5D:BB:54:E9:81:C6:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34-WHG77t_nOdCF7HV27VOmBxvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/KfJG6UDlNmdfbd4cgrrjUEgUEhE.roa
Signing time: Mon 01 Jan 2024 02:29:59 +0000
ROA not before: Mon 01 Jan 2024 02:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203020
IP address blocks: 185.246.172.0/22 maxlen: 32
46.232.208.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/34-WHG77t_nOdCF7HV27VOmBxvI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/34-WHG77t_nOdCF7HV27VOmBxvI.mft
rsync://rpki.ripe.net/repository/DEFAULT/34-WHG77t_nOdCF7HV27VOmBxvI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:46:63:6c:1f:f2:a3:2b:84:73:be:a6:57:19:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df8f961c6efbb7f9ce74217b1d5dbb54e981c6f2
Validity
Not Before: Jan 1 02:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29f246e940e536675f6dde1c82bae35048141211
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:cb:a6:f4:8e:01:b5:42:97:0f:72:48:5d:95:
33:57:b9:f0:ef:ff:ab:f1:9d:4b:a7:c6:6f:0c:52:
43:90:2b:70:e4:5e:f5:d2:2b:77:60:e5:90:46:41:
66:10:da:eb:3c:20:29:85:fa:50:27:a6:0b:35:c0:
44:85:08:dd:f4:0d:60:4c:dd:7b:d4:bd:08:d5:22:
d3:6b:dd:58:b8:3a:3f:ee:59:7e:0b:82:2b:dd:7b:
b5:e3:e4:2f:9f:80:0c:18:59:3d:56:15:13:25:ac:
31:9d:96:5f:6a:20:e6:48:18:a9:b2:81:23:a8:e2:
b8:01:f6:cc:04:23:91:e8:24:80:96:2b:fb:67:88:
a9:20:61:fd:2e:fe:19:bd:92:83:66:a8:06:b3:45:
a4:c0:ab:2b:5a:a6:0c:ae:6d:1f:13:7e:5e:00:23:
f7:d0:10:b2:d9:3d:98:49:da:4d:b5:50:f1:c2:58:
58:1c:4c:37:9d:c6:c4:0b:a3:0f:34:ca:e3:82:81:
4c:45:c3:a8:43:76:ae:41:54:d6:be:14:85:75:34:
4b:50:81:e5:25:83:56:41:48:dd:f3:4a:81:ad:22:
02:9c:dc:91:f1:b2:b6:b9:6b:dc:ca:8d:1b:ae:7a:
5a:3a:5f:d2:ca:25:b2:cb:c0:5a:3b:7d:cb:d9:aa:
39:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F2:46:E9:40:E5:36:67:5F:6D:DE:1C:82:BA:E3:50:48:14:12:11
X509v3 Authority Key Identifier:
keyid:DF:8F:96:1C:6E:FB:B7:F9:CE:74:21:7B:1D:5D:BB:54:E9:81:C6:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34-WHG77t_nOdCF7HV27VOmBxvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/KfJG6UDlNmdfbd4cgrrjUEgUEhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/34-WHG77t_nOdCF7HV27VOmBxvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.232.208.0/23
185.246.172.0/22
Signature Algorithm: sha256WithRSAEncryption
67:d2:df:32:a0:59:d9:f1:98:be:04:61:21:fc:86:9d:04:82:
78:f6:0f:0c:50:38:82:f6:85:88:16:ca:94:56:a8:eb:28:97:
28:08:38:e3:41:91:49:ba:46:93:3e:15:a8:3d:af:4c:9a:50:
32:8e:db:2c:d6:86:9e:13:58:fb:c2:51:02:63:55:0c:b6:40:
7e:b2:97:38:a7:38:d8:90:6c:99:eb:10:3c:66:0b:a0:fd:56:
2b:07:a2:87:4c:74:1a:c1:6e:6c:87:79:76:6a:57:32:f6:bc:
c0:cf:34:5a:d4:00:03:f7:83:7a:88:88:28:62:dc:15:af:a4:
60:d0:cd:ff:03:bc:f7:c9:e1:7c:4e:72:91:16:d0:ae:20:3e:
e2:3a:e6:bb:d0:f3:a3:a2:4c:85:9d:54:86:7b:41:22:32:28:
db:12:0f:ee:40:e9:24:a7:e0:28:8a:88:d7:8c:14:e3:d7:57:
84:db:af:23:78:ae:f0:e9:6e:62:c7:e8:8f:6d:d9:e3:eb:86:
f1:bf:c9:32:8b:8e:1c:92:82:f4:36:5a:ab:cc:f7:48:1d:e1:
ff:a5:b9:b1:71:a8:45:5b:3f:b4:15:2a:da:13:2e:a3:cd:68:
cf:94:dc:d0:37:30:54:3a:0d:64:6a:fa:4b:8f:61:c6:85:99:
15:1a:40:d5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC20ZjbB/yoyuEc76mVxkdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOGY5NjFjNmVmYmI3ZjljZTc0MjE3YjFkNWRiYjU0ZTk4
MWM2ZjIwHhcNMjQwMTAxMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWYyNDZlOTQwZTUzNjY3NWY2ZGRlMWM4MmJhZTM1MDQ4MTQxMjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsum9I4BtUKXD3JIXZUzV7nw7/+r
8Z1Lp8ZvDFJDkCtw5F710it3YOWQRkFmENrrPCAphfpQJ6YLNcBEhQjd9A1gTN17
1L0I1SLTa91YuDo/7ll+C4Ir3Xu14+Qvn4AMGFk9VhUTJawxnZZfaiDmSBipsoEj
qOK4AfbMBCOR6CSAliv7Z4ipIGH9Lv4ZvZKDZqgGs0WkwKsrWqYMrm0fE35eACP3
0BCy2T2YSdpNtVDxwlhYHEw3ncbEC6MPNMrjgoFMRcOoQ3auQVTWvhSFdTRLUIHl
JYNWQUjd80qBrSICnNyR8bK2uWvcyo0brnpaOl/SyiWyy8BaO33L2ao5eQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCnyRulA5TZnX23eHIK641BIFBIRMB8GA1UdIwQY
MBaAFN+Plhxu+7f5znQhex1du1TpgcbyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzQtV0hHNzd0X25PZENGN0hWMjdWT21CeHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi85MGU3MGYtODVkYy00NGE5LWJiMjMt
MjdmMmJjMTYyYTA3LzEvS2ZKRzZVRGxObWRmYmQ0Y2dycmpVRWdVRWhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi85MGU3MGYtODVkYy00NGE5LWJiMjMtMjdmMmJjMTYyYTA3
LzEvMzQtV0hHNzd0X25PZENGN0hWMjdWT21CeHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLujQAwQC
ufasMA0GCSqGSIb3DQEBCwUAA4IBAQBn0t8yoFnZ8Zi+BGEh/IadBIJ49g8MUDiC
9oWIFsqUVqjrKJcoCDjjQZFJukaTPhWoPa9MmlAyjtss1oaeE1j7wlECY1UMtkB+
spc4pzjYkGyZ6xA8Zgug/VYrB6KHTHQawW5sh3l2alcy9rzAzzRa1AAD94N6iIgo
YtwVr6Rg0M3/A7z3yeF8TnKRFtCuID7iOua70POjokyFnVSGe0EiMijbEg/uQOkk
p+AoiojXjBTj11eE268jeK7w6W5ix+iPbdnj64bxv8kyi44ckoL0NlqrzPdIHeH/
pbmxcahFWz+0FSraEy6jzWjPlNzQNzBUOg1kavpLj2HGhZkVGkDV
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:28:41 2024 by rpki-client on console-ams.rpki-client.org