Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/9yI2MvZlU01_je-ZD3ezf3wPUnU.roa
File: 9yI2MvZlU01_je-ZD3ezf3wPUnU.roa (raw, json)
Hash identifier: ChencjGmHJ02S7ggejHZMH3t9ZXHWq3WCRN4T1AGP+8=
Subject key identifier: F7:22:36:32:F6:65:53:4D:7F:8D:EF:99:0F:77:B3:7F:7C:0F:52:75
Certificate issuer: /CN=91d01c47f00e64f35cc752d03b34a71b71406b3f
Certificate serial: 01926C57465938953D5C9937AFFAC97FF174
Authority key identifier: 91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/9yI2MvZlU01_je-ZD3ezf3wPUnU.roa
Signing time: Tue 08 Oct 2024 13:35:11 +0000
ROA not before: Tue 08 Oct 2024 13:35:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49675
IP address blocks: 46.17.200.0/21 maxlen: 21
46.17.200.0/24 maxlen: 24
46.17.201.0/24 maxlen: 24
46.17.202.0/24 maxlen: 24
46.17.203.0/24 maxlen: 24
46.17.204.0/24 maxlen: 24
46.17.205.0/24 maxlen: 24
46.17.206.0/24 maxlen: 24
46.17.207.0/24 maxlen: 24
89.169.16.0/22 maxlen: 22
89.169.16.0/24 maxlen: 24
89.169.17.0/24 maxlen: 24
89.169.18.0/24 maxlen: 24
89.169.19.0/24 maxlen: 24
185.161.180.0/22 maxlen: 22
185.161.180.0/24 maxlen: 24
185.161.181.0/24 maxlen: 24
185.161.182.0/24 maxlen: 24
185.161.183.0/24 maxlen: 24
2a02:26a8:3::/48 maxlen: 48
2a02:26a8:f001::/48 maxlen: 48
2a02:26a8:fffe::/48 maxlen: 48
2a02:26a8:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.mft
rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6c:57:46:59:38:95:3d:5c:99:37:af:fa:c9:7f:f1:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d01c47f00e64f35cc752d03b34a71b71406b3f
Validity
Not Before: Oct 8 13:35:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7223632f665534d7f8def990f77b37f7c0f5275
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8c:85:0d:ae:90:c7:90:7d:b9:f6:e7:1a:ae:
48:b1:02:a9:98:56:b2:c7:c8:cb:90:eb:ca:33:65:
15:38:72:51:e2:7a:36:4f:34:4e:81:e8:57:65:62:
26:18:44:36:50:d0:91:07:45:5a:38:d0:ba:f4:43:
f6:4c:68:c8:5e:ca:af:64:66:8a:2c:49:91:45:d4:
fc:0c:a3:90:63:48:0b:72:36:63:b3:ae:7e:72:51:
35:54:0e:0f:de:59:c7:27:e9:8e:b6:55:11:be:3b:
81:7d:56:2b:2a:09:02:51:f3:1f:f8:a4:a6:8d:24:
e1:b6:ee:58:0d:76:4a:c7:84:60:53:ca:48:a6:a6:
af:dc:96:92:b3:ba:de:50:e1:22:bd:0b:76:6a:30:
c6:97:27:25:0b:7a:f5:da:f3:0b:08:fc:a0:cc:c9:
b2:73:d2:2c:4e:0b:55:7d:a0:19:bb:51:40:b3:f4:
54:66:a0:b0:36:a4:11:15:23:ed:7a:cb:5b:aa:cd:
1c:f2:27:cd:28:66:b1:c9:b0:77:86:fa:af:f3:d8:
54:33:0b:36:0e:f2:24:d2:18:71:ab:a5:e9:76:fd:
86:a6:df:45:50:31:d0:63:e6:17:f1:89:34:1f:07:
ca:45:17:41:70:a4:45:35:fe:d9:7f:76:bc:51:f7:
6b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:22:36:32:F6:65:53:4D:7F:8D:EF:99:0F:77:B3:7F:7C:0F:52:75
X509v3 Authority Key Identifier:
keyid:91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/9yI2MvZlU01_je-ZD3ezf3wPUnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.200.0/21
89.169.16.0/22
185.161.180.0/22
IPv6:
2a02:26a8:3::/48
2a02:26a8:f001::/48
2a02:26a8:fffe::/47
Signature Algorithm: sha256WithRSAEncryption
7a:8e:95:8e:9f:44:48:27:01:94:50:36:c3:e3:8e:62:fa:85:
53:af:64:57:c5:2a:86:5e:22:71:55:ac:c4:21:01:61:14:9e:
a4:1a:5d:98:3f:9a:d7:57:b6:c3:eb:ba:de:32:08:0e:88:bd:
d7:46:fc:93:e1:52:64:90:c9:e2:5a:60:e3:b9:b5:23:48:9e:
42:c3:96:94:42:fd:d0:e6:7f:30:77:c2:5a:b6:ba:1a:1a:99:
8d:b6:bc:10:98:0c:db:12:01:50:18:e9:f4:75:d5:8b:fe:0a:
fe:b8:43:08:b0:fe:a1:f9:2c:d6:1e:d0:c0:b3:55:3b:0c:22:
57:ce:2f:c3:e7:ed:fb:d7:f1:89:e1:0a:91:34:6d:3c:d0:30:
89:9b:90:8b:b8:9a:8b:27:53:4c:d4:5c:b3:4e:c8:ec:0c:be:
2c:b9:60:8b:79:81:40:15:23:f8:47:56:f7:9d:61:fc:a4:9e:
2e:f7:f4:c5:25:7b:6b:9c:5d:72:57:0f:7d:43:26:7b:bc:91:
27:0e:fb:15:b8:05:96:31:3e:36:39:af:d3:2a:c6:fb:fa:9d:
ca:ec:9b:aa:09:65:78:93:bc:bb:78:7a:b1:da:25:85:c9:5f:
3a:d8:de:23:b4:cd:82:0b:8c:f5:2a:25:3c:3c:a1:c7:e7:97:
2d:a0:76:71
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZJsV0ZZOJU9XJk3r/rJf/F0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDAxYzQ3ZjAwZTY0ZjM1Y2M3NTJkMDNiMzRhNzFiNzE0
MDZiM2YwHhcNMjQxMDA4MTMzNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzIyMzYzMmY2NjU1MzRkN2Y4ZGVmOTkwZjc3YjM3ZjdjMGY1Mjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYyFDa6Qx5B9ufbnGq5IsQKpmFay
x8jLkOvKM2UVOHJR4no2TzROgehXZWImGEQ2UNCRB0VaONC69EP2TGjIXsqvZGaK
LEmRRdT8DKOQY0gLcjZjs65+clE1VA4P3lnHJ+mOtlURvjuBfVYrKgkCUfMf+KSm
jSThtu5YDXZKx4RgU8pIpqav3JaSs7reUOEivQt2ajDGlyclC3r12vMLCPygzMmy
c9IsTgtVfaAZu1FAs/RUZqCwNqQRFSPtestbqs0c8ifNKGaxybB3hvqv89hUMws2
DvIk0hhxq6Xpdv2Gpt9FUDHQY+YX8Yk0HwfKRRdBcKRFNf7Zf3a8Ufdr8QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFPciNjL2ZVNNf43vmQ93s398D1J1MB8GA1UdIwQY
MBaAFJHQHEfwDmTzXMdS0Ds0pxtxQGs/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iMGZjMGMtYzUzNy00MGI0LTliNWIt
NTZiMDA2ZWYwZDNiLzEvOXlJMk12WmxVMDFfamUtWkQzZXpmM3dQVW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iMGZjMGMtYzUzNy00MGI0LTliNWItNTZiMDA2ZWYwZDNi
LzEva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQDLhHIAwQC
WakQAwQCuaG0MCEEAgACMBsDBwAqAiaoAAMDBwAqAiao8AEDBwEqAiao//4wDQYJ
KoZIhvcNAQELBQADggEBAHqOlY6fREgnAZRQNsPjjmL6hVOvZFfFKoZeInFVrMQh
AWEUnqQaXZg/mtdXtsPrut4yCA6IvddG/JPhUmSQyeJaYOO5tSNInkLDlpRC/dDm
fzB3wlq2uhoamY22vBCYDNsSAVAY6fR11Yv+Cv64Qwiw/qH5LNYe0MCzVTsMIlfO
L8Pn7fvX8YnhCpE0bTzQMImbkIu4mosnU0zUXLNOyOwMviy5YIt5gUAVI/hHVved
Yfykni739MUle2ucXXJXD31DJnu8kScO+xW4BZYxPjY5r9Mqxvv6ncrsm6oJZXiT
vLt4erHaJYXJXzrY3iO0zYILjPUqJTw8ocfnly2gdnE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:55:39 2024 by rpki-client on console-ams.rpki-client.org