Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/1916e1-ad9c-4b40-a9b0-93a88221def2/1/NIxFKThG3B3ZdMijTMPOJhoW9kA.roa
File: NIxFKThG3B3ZdMijTMPOJhoW9kA.roa (raw, json)
Hash identifier: inY3w2Qy1Muf4+2si+v7zePFUU4cBD8ew7BrefTtXCQ=
Subject key identifier: 34:8C:45:29:38:46:DC:1D:D9:74:C8:A3:4C:C3:CE:26:1A:16:F6:40
Certificate issuer: /CN=056470d81b28dc528e5f28db0bb5f6d294611a65
Certificate serial: 018CC8DF17177833E4B618D76E6EBF430507
Authority key identifier: 05:64:70:D8:1B:28:DC:52:8E:5F:28:DB:0B:B5:F6:D2:94:61:1A:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWRw2Bso3FKOXyjbC7X20pRhGmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/1916e1-ad9c-4b40-a9b0-93a88221def2/1/NIxFKThG3B3ZdMijTMPOJhoW9kA.roa
Signing time: Tue 02 Jan 2024 06:31:52 +0000
ROA not before: Tue 02 Jan 2024 06:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51764
IP address blocks: 46.235.49.0/24 maxlen: 24
46.235.50.0/24 maxlen: 24
46.235.51.0/24 maxlen: 24
46.235.48.0/24 maxlen: 24
46.235.54.0/24 maxlen: 24
46.235.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/1916e1-ad9c-4b40-a9b0-93a88221def2/1/BWRw2Bso3FKOXyjbC7X20pRhGmU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/1916e1-ad9c-4b40-a9b0-93a88221def2/1/BWRw2Bso3FKOXyjbC7X20pRhGmU.mft
rsync://rpki.ripe.net/repository/DEFAULT/BWRw2Bso3FKOXyjbC7X20pRhGmU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:17:17:78:33:e4:b6:18:d7:6e:6e:bf:43:05:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=056470d81b28dc528e5f28db0bb5f6d294611a65
Validity
Not Before: Jan 2 06:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=348c45293846dc1dd974c8a34cc3ce261a16f640
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:84:0c:99:b7:62:02:2e:e7:95:85:aa:29:5d:
ab:dd:9f:52:57:51:42:65:9d:78:2a:d4:f2:41:b0:
f8:e3:97:d1:e5:54:da:ea:bd:18:e1:be:25:a9:07:
cf:36:06:02:9f:ab:21:4a:86:c1:ef:21:f5:02:1a:
0b:37:fe:81:f4:ce:56:88:37:15:21:ae:22:c4:eb:
4b:51:b6:87:28:c2:cd:cc:53:3c:8b:10:cb:c4:6e:
38:2f:f8:12:33:a4:ac:08:2e:0e:a3:b0:ef:ba:a8:
e1:68:00:aa:4e:99:ae:79:c2:bd:e7:1f:24:16:aa:
8b:6c:69:76:02:a2:d3:a0:5e:23:b1:f7:47:0a:14:
70:8d:c6:55:cf:4a:99:6e:4b:eb:c8:90:78:5c:c0:
3b:d3:b6:f7:40:ea:0b:73:bf:93:bf:27:42:44:9b:
4f:37:60:05:27:5a:36:4f:a8:d0:66:42:55:fe:7e:
24:a7:ed:43:63:81:e0:67:71:ea:c1:91:98:b9:ad:
df:0e:c1:05:b3:df:bc:4c:48:52:b8:e3:5f:ba:2d:
bb:b4:1b:a6:c1:5f:a6:fe:30:8f:58:8f:d8:62:94:
fb:a9:a7:ca:66:e0:e0:b4:e7:f9:32:12:34:67:93:
bf:91:b6:a4:c6:a9:0a:1b:a6:da:ac:ab:01:b9:83:
f2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:8C:45:29:38:46:DC:1D:D9:74:C8:A3:4C:C3:CE:26:1A:16:F6:40
X509v3 Authority Key Identifier:
keyid:05:64:70:D8:1B:28:DC:52:8E:5F:28:DB:0B:B5:F6:D2:94:61:1A:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWRw2Bso3FKOXyjbC7X20pRhGmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/1916e1-ad9c-4b40-a9b0-93a88221def2/1/NIxFKThG3B3ZdMijTMPOJhoW9kA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/1916e1-ad9c-4b40-a9b0-93a88221def2/1/BWRw2Bso3FKOXyjbC7X20pRhGmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.48.0/22
46.235.54.0/23
Signature Algorithm: sha256WithRSAEncryption
61:eb:24:7b:0f:49:cf:8c:7c:a0:e0:8a:31:8a:97:05:a4:58:
d5:a9:58:f8:48:b1:ea:bc:da:bc:ed:53:ed:e8:f0:be:17:3f:
71:eb:53:b4:a9:38:e0:21:4b:48:50:56:56:e4:5b:09:02:32:
b2:9d:d3:f2:cd:e1:aa:25:4b:fc:65:ae:8b:b6:e9:b4:36:c5:
78:77:4e:94:6e:c8:64:54:df:08:57:6b:7a:8f:96:0f:c5:33:
8f:85:cb:ad:44:dc:d4:d8:f7:8d:ff:82:be:c2:81:33:de:04:
82:19:8f:cb:d8:a9:89:81:3d:c2:5b:fb:3b:19:ca:a3:5e:1d:
05:61:53:dd:19:46:13:47:68:3b:9d:08:46:b0:7c:3a:e5:30:
88:50:2a:84:8d:22:5a:99:3f:7f:8b:46:9a:db:ab:98:c9:44:
02:73:f9:56:e1:5c:de:92:58:9d:85:1b:45:94:2d:28:65:2f:
83:63:e8:98:ba:1c:17:85:90:6d:a8:ac:54:d7:09:20:79:f7:
be:f8:e8:71:70:51:0b:bd:e7:c4:c6:e1:08:e8:c5:67:22:6a:
77:42:dc:fb:b7:8b:22:14:7d:e6:c7:9d:5c:07:7a:83:86:2e:
39:70:4d:05:ea:bb:a5:82:f0:62:db:fc:b2:60:de:9f:a3:e8:
60:f9:0c:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3xcXeDPkthjXbm6/QwUHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjQ3MGQ4MWIyOGRjNTI4ZTVmMjhkYjBiYjVmNmQyOTQ2
MTFhNjUwHhcNMjQwMTAyMDYzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDhjNDUyOTM4NDZkYzFkZDk3NGM4YTM0Y2MzY2UyNjFhMTZmNjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYQMmbdiAi7nlYWqKV2r3Z9SV1FC
ZZ14KtTyQbD445fR5VTa6r0Y4b4lqQfPNgYCn6shSobB7yH1AhoLN/6B9M5WiDcV
Ia4ixOtLUbaHKMLNzFM8ixDLxG44L/gSM6SsCC4Oo7DvuqjhaACqTpmuecK95x8k
FqqLbGl2AqLToF4jsfdHChRwjcZVz0qZbkvryJB4XMA707b3QOoLc7+TvydCRJtP
N2AFJ1o2T6jQZkJV/n4kp+1DY4HgZ3HqwZGYua3fDsEFs9+8TEhSuONfui27tBum
wV+m/jCPWI/YYpT7qafKZuDgtOf5MhI0Z5O/kbakxqkKG6barKsBuYPyxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDSMRSk4Rtwd2XTIo0zDziYaFvZAMB8GA1UdIwQY
MBaAFAVkcNgbKNxSjl8o2wu19tKUYRplMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldSdzJCc28zRktPWHlqYkM3WDIwcFJoR21VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8xOTE2ZTEtYWQ5Yy00YjQwLWE5YjAt
OTNhODgyMjFkZWYyLzEvTkl4RktUaEczQjNaZE1palRNUE9KaG9XOWtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8xOTE2ZTEtYWQ5Yy00YjQwLWE5YjAtOTNhODgyMjFkZWYy
LzEvQldSdzJCc28zRktPWHlqYkM3WDIwcFJoR21VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLuswAwQB
Lus2MA0GCSqGSIb3DQEBCwUAA4IBAQBh6yR7D0nPjHyg4IoxipcFpFjVqVj4SLHq
vNq87VPt6PC+Fz9x61O0qTjgIUtIUFZW5FsJAjKyndPyzeGqJUv8Za6Ltum0NsV4
d06UbshkVN8IV2t6j5YPxTOPhcutRNzU2PeN/4K+woEz3gSCGY/L2KmJgT3CW/s7
GcqjXh0FYVPdGUYTR2g7nQhGsHw65TCIUCqEjSJamT9/i0aa26uYyUQCc/lW4Vze
klidhRtFlC0oZS+DY+iYuhwXhZBtqKxU1wkgefe++OhxcFELvefExuEI6MVnImp3
Qtz7t4siFH3mx51cB3qDhi45cE0F6rulgvBi2/yyYN6fo+hg+Qwl
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:53:34 2024 by rpki-client on console-fra.rpki-client.org