Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/c3c91d-5319-41aa-b197-ab5d163977f2/1/rRYoIsoJq-YR_XRDOtX8V8GZI94.roa
File: rRYoIsoJq-YR_XRDOtX8V8GZI94.roa (raw, json)
Hash identifier: cQqCrr8ckg1IMScISobhum4Mfu96W1CzI/VlgpF++Zg=
Subject key identifier: AD:16:28:22:CA:09:AB:E6:11:FD:74:43:3A:D5:FC:57:C1:99:23:DE
Certificate issuer: /CN=a84216954915e3ceef74dbbbcfe9472009d88901
Certificate serial: 01900DFEB3F44C846A17AD0FEDA1C7461C53
Authority key identifier: A8:42:16:95:49:15:E3:CE:EF:74:DB:BB:CF:E9:47:20:09:D8:89:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEIWlUkV487vdNu7z-lHIAnYiQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/c3c91d-5319-41aa-b197-ab5d163977f2/1/rRYoIsoJq-YR_XRDOtX8V8GZI94.roa
Signing time: Wed 12 Jun 2024 19:48:34 +0000
ROA not before: Wed 12 Jun 2024 19:48:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15844
IP address blocks: 46.227.128.0/21 maxlen: 21
80.72.240.0/20 maxlen: 20
185.55.180.0/22 maxlen: 22
194.45.26.0/24 maxlen: 24
217.24.0.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/c3c91d-5319-41aa-b197-ab5d163977f2/1/qEIWlUkV487vdNu7z-lHIAnYiQE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/c3c91d-5319-41aa-b197-ab5d163977f2/1/qEIWlUkV487vdNu7z-lHIAnYiQE.mft
rsync://rpki.ripe.net/repository/DEFAULT/qEIWlUkV487vdNu7z-lHIAnYiQE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0d:fe:b3:f4:4c:84:6a:17:ad:0f:ed:a1:c7:46:1c:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a84216954915e3ceef74dbbbcfe9472009d88901
Validity
Not Before: Jun 12 19:48:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad162822ca09abe611fd74433ad5fc57c19923de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3a:50:04:db:c0:ce:da:f0:d6:07:da:03:53:
44:2f:54:ca:0b:6a:07:3d:1c:3a:47:05:36:03:46:
74:4f:31:6f:34:1d:db:d5:58:0b:67:24:4a:d3:74:
18:0f:6d:42:6e:0d:66:5b:2b:86:80:e4:c0:ee:e1:
81:18:57:e5:41:7e:93:26:a6:1b:da:4f:7a:66:3d:
be:fb:b8:96:75:f3:c7:f5:43:4e:e9:21:e3:9a:00:
48:d9:fd:88:02:24:a7:74:5f:7e:c5:c3:30:15:ee:
0d:fa:72:5c:d1:f0:71:7c:a9:ec:58:7a:ba:66:9b:
8f:8c:68:a9:fc:88:b7:06:b0:f7:f2:79:6c:93:2a:
9d:b1:fc:f4:68:f6:c1:be:d8:a6:e6:ff:ee:9a:50:
9d:51:19:b6:08:d9:d4:68:08:4b:fa:94:b7:86:56:
42:ed:c7:91:e8:b5:cd:bd:b9:b8:82:aa:07:a9:ac:
3b:9d:95:79:f2:41:3f:4d:51:ac:92:ac:97:db:d3:
1f:30:32:44:c2:28:a3:30:65:0c:a0:d1:e0:d9:c2:
a8:d8:d3:ad:cd:cd:5a:3a:0a:a6:ba:e1:87:75:4f:
c5:80:d8:27:2d:a0:66:aa:60:d0:83:8e:a3:64:dd:
3b:49:a2:1f:5e:34:9a:7a:31:6a:7a:da:69:ef:3c:
d7:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:16:28:22:CA:09:AB:E6:11:FD:74:43:3A:D5:FC:57:C1:99:23:DE
X509v3 Authority Key Identifier:
keyid:A8:42:16:95:49:15:E3:CE:EF:74:DB:BB:CF:E9:47:20:09:D8:89:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEIWlUkV487vdNu7z-lHIAnYiQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/c3c91d-5319-41aa-b197-ab5d163977f2/1/rRYoIsoJq-YR_XRDOtX8V8GZI94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/c3c91d-5319-41aa-b197-ab5d163977f2/1/qEIWlUkV487vdNu7z-lHIAnYiQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.128.0/21
80.72.240.0/20
185.55.180.0/22
194.45.26.0/24
217.24.0.0/20
Signature Algorithm: sha256WithRSAEncryption
a4:28:5e:90:63:0b:f8:21:3d:fb:f5:ae:e4:43:14:f8:b5:e4:
55:f4:ca:d0:bd:f0:c8:30:e1:5c:18:c7:45:7e:90:62:8e:19:
c9:99:e7:97:a1:47:92:59:b4:b0:fd:5c:09:dd:71:07:e1:3a:
d0:f3:a5:59:fa:ca:d4:5c:e9:48:a4:17:db:fd:8b:ec:4b:63:
46:66:3c:17:68:78:0f:b0:a8:ca:ff:2c:ac:04:ea:95:cf:5c:
98:c4:e5:a3:ef:ea:00:d4:d6:5a:fd:6e:84:f3:41:f3:78:57:
ec:be:49:2a:4e:4d:d5:54:03:62:0a:c3:85:34:14:ee:5e:dd:
a5:34:17:bb:6e:70:63:3b:41:e5:ff:df:73:40:ba:92:fa:18:
9b:5a:a9:50:48:71:01:49:60:9c:5c:a9:d9:75:d1:28:00:8e:
39:37:42:a3:0a:56:80:e6:b5:aa:33:2a:9f:94:e4:6e:9a:b5:
a5:c1:42:29:79:35:72:c5:aa:d2:63:c1:41:80:92:4c:82:83:
4d:e9:55:f8:a2:21:f5:72:9c:4f:23:8f:7d:de:ae:a4:84:b1:
a4:78:79:9c:ce:b9:6e:d6:e1:99:e3:ab:e4:20:23:2b:8b:47:
79:d9:29:3b:37:29:6b:cc:d0:dd:01:a8:e6:4b:0e:90:16:6b:
37:1a:04:62
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZAN/rP0TIRqF60P7aHHRhxTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDIxNjk1NDkxNWUzY2VlZjc0ZGJiYmNmZTk0NzIwMDlk
ODg5MDEwHhcNMjQwNjEyMTk0ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDE2MjgyMmNhMDlhYmU2MTFmZDc0NDMzYWQ1ZmM1N2MxOTkyM2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTpQBNvAztrw1gfaA1NEL1TKC2oH
PRw6RwU2A0Z0TzFvNB3b1VgLZyRK03QYD21Cbg1mWyuGgOTA7uGBGFflQX6TJqYb
2k96Zj2++7iWdfPH9UNO6SHjmgBI2f2IAiSndF9+xcMwFe4N+nJc0fBxfKnsWHq6
ZpuPjGip/Ii3BrD38nlskyqdsfz0aPbBvtim5v/umlCdURm2CNnUaAhL+pS3hlZC
7ceR6LXNvbm4gqoHqaw7nZV58kE/TVGskqyX29MfMDJEwiijMGUMoNHg2cKo2NOt
zc1aOgqmuuGHdU/FgNgnLaBmqmDQg46jZN07SaIfXjSaejFqetpp7zzX2wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK0WKCLKCavmEf10QzrV/FfBmSPeMB8GA1UdIwQY
MBaAFKhCFpVJFePO73Tbu8/pRyAJ2IkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVJV2xVa1Y0ODd2ZE51N3otbEhJQW5ZaVFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9jM2M5MWQtNTMxOS00MWFhLWIxOTct
YWI1ZDE2Mzk3N2YyLzEvclJZb0lzb0pxLVlSX1hSRE90WDhWOEdaSTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9jM2M5MWQtNTMxOS00MWFhLWIxOTctYWI1ZDE2Mzk3N2Yy
LzEvcUVJV2xVa1Y0ODd2ZE51N3otbEhJQW5ZaVFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDLuOAAwQE
UEjwAwQCuTe0AwQAwi0aAwQE2RgAMA0GCSqGSIb3DQEBCwUAA4IBAQCkKF6QYwv4
IT379a7kQxT4teRV9MrQvfDIMOFcGMdFfpBijhnJmeeXoUeSWbSw/VwJ3XEH4TrQ
86VZ+srUXOlIpBfb/YvsS2NGZjwXaHgPsKjK/yysBOqVz1yYxOWj7+oA1NZa/W6E
80HzeFfsvkkqTk3VVANiCsOFNBTuXt2lNBe7bnBjO0Hl/99zQLqS+hibWqlQSHEB
SWCcXKnZddEoAI45N0KjClaA5rWqMyqflORumrWlwUIpeTVyxarSY8FBgJJMgoNN
6VX4oiH1cpxPI4993q6khLGkeHmczrlu1uGZ46vkICMri0d52Sk7NylrzNDdAajm
Sw6QFms3GgRi
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:13:02 2024 by rpki-client on console-fra.rpki-client.org