Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/73d9a5-1c4f-44e0-a958-167191a117ee/1/dxhVGpZvKySCoLe3RRwVMqn7qfE.roa
File: dxhVGpZvKySCoLe3RRwVMqn7qfE.roa (raw, json)
Hash identifier: 3eX5qRXvzQhrv/TA1bW9/S7j84/2YrzYJDn/4YTCtcw=
Subject key identifier: 77:18:55:1A:96:6F:2B:24:82:A0:B7:B7:45:1C:15:32:A9:FB:A9:F1
Certificate issuer: /CN=bf533ddba1f8a76de2ef4971fcd52f9441ce0989
Certificate serial: 018CC6B91AAD2FEF3F06CBF1EE37E31EB59A
Authority key identifier: BF:53:3D:DB:A1:F8:A7:6D:E2:EF:49:71:FC:D5:2F:94:41:CE:09:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v1M926H4p23i70lx_NUvlEHOCYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/73d9a5-1c4f-44e0-a958-167191a117ee/1/dxhVGpZvKySCoLe3RRwVMqn7qfE.roa
Signing time: Mon 01 Jan 2024 20:31:08 +0000
ROA not before: Mon 01 Jan 2024 20:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47168
IP address blocks: 46.31.67.0/24 maxlen: 24
92.255.75.0/24 maxlen: 24
92.255.74.0/24 maxlen: 24
92.255.74.0/23 maxlen: 23
92.255.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/73d9a5-1c4f-44e0-a958-167191a117ee/1/v1M926H4p23i70lx_NUvlEHOCYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/73d9a5-1c4f-44e0-a958-167191a117ee/1/v1M926H4p23i70lx_NUvlEHOCYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/v1M926H4p23i70lx_NUvlEHOCYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:1a:ad:2f:ef:3f:06:cb:f1:ee:37:e3:1e:b5:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf533ddba1f8a76de2ef4971fcd52f9441ce0989
Validity
Not Before: Jan 1 20:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7718551a966f2b2482a0b7b7451c1532a9fba9f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d4:f0:f3:57:50:f1:09:66:68:d7:5d:2b:71:
c7:70:c2:98:bf:3a:6b:4a:00:f4:55:69:35:70:f8:
27:df:81:af:4c:bf:40:6b:3f:d1:d9:40:27:6b:86:
83:f9:1d:77:59:5c:9a:54:a0:64:88:1f:ae:ef:da:
34:79:31:5d:cb:d0:10:61:fc:37:fa:48:55:42:94:
6a:53:13:e7:07:2b:2a:a6:bd:bf:f0:e4:94:34:43:
23:d9:d4:6f:ab:3f:0e:23:76:80:21:91:72:3d:74:
bf:95:01:15:c5:12:52:21:37:39:c8:04:9d:ea:8c:
91:3b:d5:73:1c:27:e2:df:fd:e3:56:f9:1e:4d:a3:
85:a2:29:4b:6d:00:53:ce:65:fb:94:1f:b5:b8:8d:
28:2c:74:24:85:ff:fe:48:ea:44:7a:df:85:9e:e9:
13:3b:c6:db:2d:fa:4f:9b:70:38:d4:bb:91:a6:2c:
61:d3:3e:96:8f:25:60:5a:46:50:e2:88:9b:f8:85:
82:52:21:17:04:5f:70:0e:85:0f:29:6b:3a:5c:88:
d5:cc:2e:db:f2:d4:bd:24:e0:d7:15:bb:7a:dc:07:
05:c6:47:72:59:5a:19:30:2f:42:b7:51:5c:9e:41:
ea:96:a6:58:9b:ba:ad:4e:3d:83:de:bd:04:41:aa:
80:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:18:55:1A:96:6F:2B:24:82:A0:B7:B7:45:1C:15:32:A9:FB:A9:F1
X509v3 Authority Key Identifier:
keyid:BF:53:3D:DB:A1:F8:A7:6D:E2:EF:49:71:FC:D5:2F:94:41:CE:09:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v1M926H4p23i70lx_NUvlEHOCYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/73d9a5-1c4f-44e0-a958-167191a117ee/1/dxhVGpZvKySCoLe3RRwVMqn7qfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/73d9a5-1c4f-44e0-a958-167191a117ee/1/v1M926H4p23i70lx_NUvlEHOCYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.67.0/24
92.255.73.0-92.255.75.255
Signature Algorithm: sha256WithRSAEncryption
7d:5b:93:8c:32:13:03:7f:f4:32:d2:1f:80:61:b8:8f:4a:3e:
61:ed:a7:05:35:d6:ce:48:9d:dd:cd:e6:62:55:f8:9e:8b:ec:
26:c0:b6:eb:6e:e4:7f:83:a4:ca:2f:ef:fc:57:56:a8:0d:1a:
d4:9b:a4:24:89:36:85:68:8c:03:ab:57:0a:70:db:12:c2:75:
c5:af:9c:da:00:eb:8f:af:57:a1:7a:77:0d:c3:2c:13:2a:17:
d4:e4:2b:0e:fe:df:d4:e6:47:c8:73:d4:c9:78:4b:2d:4d:71:
ee:8a:1d:75:06:ef:92:f9:45:08:db:46:3d:b4:98:07:c8:c5:
22:d3:64:ed:01:d0:23:97:74:21:25:6e:53:41:9d:57:79:90:
94:36:a9:39:fd:dc:40:c3:e1:e6:e1:d8:b3:c3:1a:3f:c8:13:
48:95:db:b6:23:30:9c:49:d1:98:a5:ec:b6:d2:32:23:36:d9:
ce:0a:11:55:21:49:53:9a:4b:ac:ff:4d:84:3d:ec:bd:5b:3b:
7d:cc:03:f6:bc:e8:e4:a8:23:03:e6:fe:cd:9c:a8:2f:ba:41:
08:9c:f5:78:5e:54:b1:d7:b9:5a:fb:31:c2:f9:fb:ef:ae:4c:
d5:d2:96:ed:f4:ec:91:5e:0e:d6:50:81:1e:2a:69:be:bd:43:
5d:c2:0b:f8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzGuRqtL+8/Bsvx7jfjHrWaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNTMzZGRiYTFmOGE3NmRlMmVmNDk3MWZjZDUyZjk0NDFj
ZTA5ODkwHhcNMjQwMTAxMjAzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzE4NTUxYTk2NmYyYjI0ODJhMGI3Yjc0NTFjMTUzMmE5ZmJhOWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9Tw81dQ8QlmaNddK3HHcMKYvzpr
SgD0VWk1cPgn34GvTL9Aaz/R2UAna4aD+R13WVyaVKBkiB+u79o0eTFdy9AQYfw3
+khVQpRqUxPnBysqpr2/8OSUNEMj2dRvqz8OI3aAIZFyPXS/lQEVxRJSITc5yASd
6oyRO9VzHCfi3/3jVvkeTaOFoilLbQBTzmX7lB+1uI0oLHQkhf/+SOpEet+FnukT
O8bbLfpPm3A41LuRpixh0z6WjyVgWkZQ4oib+IWCUiEXBF9wDoUPKWs6XIjVzC7b
8tS9JODXFbt63AcFxkdyWVoZMC9Ct1FcnkHqlqZYm7qtTj2D3r0EQaqAtwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHcYVRqWbyskgqC3t0UcFTKp+6nxMB8GA1UdIwQY
MBaAFL9TPduh+Kdt4u9JcfzVL5RBzgmJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjFNOTI2SDRwMjNpNzBseF9OVXZsRUhPQ1lrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy83M2Q5YTUtMWM0Zi00NGUwLWE5NTgt
MTY3MTkxYTExN2VlLzEvZHhoVkdwWnZLeVNDb0xlM1JSd1ZNcW43cWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy83M2Q5YTUtMWM0Zi00NGUwLWE5NTgtMTY3MTkxYTExN2Vl
LzEvdjFNOTI2SDRwMjNpNzBseF9OVXZsRUhPQ1lrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALh9DMAwD
BABc/0kDBAJc/0gwDQYJKoZIhvcNAQELBQADggEBAH1bk4wyEwN/9DLSH4BhuI9K
PmHtpwU11s5Ind3N5mJV+J6L7CbAtutu5H+DpMov7/xXVqgNGtSbpCSJNoVojAOr
Vwpw2xLCdcWvnNoA64+vV6F6dw3DLBMqF9TkKw7+39TmR8hz1Ml4Sy1Nce6KHXUG
75L5RQjbRj20mAfIxSLTZO0B0COXdCElblNBnVd5kJQ2qTn93EDD4ebh2LPDGj/I
E0iV27YjMJxJ0Zil7LbSMiM22c4KEVUhSVOaS6z/TYQ97L1bO33MA/a86OSoIwPm
/s2cqC+6QQic9XheVLHXuVr7McL5+++uTNXSlu307JFeDtZQgR4qab69Q13CC/g=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:14:10 2024 by rpki-client on console-fra.rpki-client.org