Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/2da43d-3997-40a6-accd-f6fd6bd857b8/1/q4_wFNgDEE2-3jtd-r5rMIMTEGM.roa
File: q4_wFNgDEE2-3jtd-r5rMIMTEGM.roa (raw, json)
Hash identifier: KcZc2iAbCA5+pXAEXOxHX8+Jmadai7OIdtqree6WDik=
Subject key identifier: AB:8F:F0:14:D8:03:10:4D:BE:DE:3B:5D:FA:BE:6B:30:83:13:10:63
Certificate issuer: /CN=44d2e7578aac94f42960a780d3996da8bb469477
Certificate serial: 018CC2DB34FF540CC76DE0709F6D42D3EF37
Authority key identifier: 44:D2:E7:57:8A:AC:94:F4:29:60:A7:80:D3:99:6D:A8:BB:46:94:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RNLnV4qslPQpYKeA05ltqLtGlHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/2da43d-3997-40a6-accd-f6fd6bd857b8/1/q4_wFNgDEE2-3jtd-r5rMIMTEGM.roa
Signing time: Mon 01 Jan 2024 02:29:55 +0000
ROA not before: Mon 01 Jan 2024 02:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47388
IP address blocks: 46.174.144.0/21 maxlen: 24
91.206.36.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/2da43d-3997-40a6-accd-f6fd6bd857b8/1/RNLnV4qslPQpYKeA05ltqLtGlHc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/2da43d-3997-40a6-accd-f6fd6bd857b8/1/RNLnV4qslPQpYKeA05ltqLtGlHc.mft
rsync://rpki.ripe.net/repository/DEFAULT/RNLnV4qslPQpYKeA05ltqLtGlHc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:34:ff:54:0c:c7:6d:e0:70:9f:6d:42:d3:ef:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44d2e7578aac94f42960a780d3996da8bb469477
Validity
Not Before: Jan 1 02:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab8ff014d803104dbede3b5dfabe6b3083131063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ab:ec:30:96:58:a7:5f:66:7a:c2:cc:61:b0:
e7:6c:d7:77:14:8b:f5:ad:34:90:8e:b3:8e:b5:8c:
09:58:d3:f1:ac:fc:21:b1:e4:cb:8e:c6:f7:3b:91:
76:73:33:82:c3:1c:79:cb:96:16:89:a7:0c:43:4a:
c8:67:17:a9:04:08:7e:22:f2:c3:c8:3c:6b:98:2b:
ac:d5:a0:3f:ce:2d:17:a8:58:96:64:6d:63:c2:bd:
ac:46:77:34:1c:f8:e4:ff:5d:8f:d8:b2:9e:0b:8d:
85:dd:3a:45:50:9b:0e:43:bd:a5:5c:89:b2:70:f6:
1d:8d:3c:6b:77:39:4d:52:10:9d:db:04:bc:92:ab:
83:d6:8a:94:b9:ce:16:a8:d2:cf:cd:e2:de:8c:b0:
9e:a5:48:b4:bd:3e:0e:0d:4f:90:d2:75:da:42:d0:
38:89:c0:e2:bc:ad:79:a2:f8:c1:fc:fe:8a:39:c2:
c4:4f:0d:fd:06:d0:96:78:f8:41:24:bb:d4:c9:55:
a3:33:a6:33:c1:6f:12:af:72:07:98:31:e6:ab:87:
d4:96:f0:6e:61:b8:c6:75:b6:f7:c0:63:a4:e7:c0:
d3:a5:f0:7d:0b:3c:4b:e0:b7:16:82:f5:c6:a0:2a:
ef:c7:88:94:97:0f:08:95:58:09:d4:0a:2a:7c:32:
66:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:8F:F0:14:D8:03:10:4D:BE:DE:3B:5D:FA:BE:6B:30:83:13:10:63
X509v3 Authority Key Identifier:
keyid:44:D2:E7:57:8A:AC:94:F4:29:60:A7:80:D3:99:6D:A8:BB:46:94:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNLnV4qslPQpYKeA05ltqLtGlHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/2da43d-3997-40a6-accd-f6fd6bd857b8/1/q4_wFNgDEE2-3jtd-r5rMIMTEGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/2da43d-3997-40a6-accd-f6fd6bd857b8/1/RNLnV4qslPQpYKeA05ltqLtGlHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.144.0/21
91.206.36.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:72:18:f8:28:16:d1:fe:10:74:bc:72:8f:df:9e:c9:36:30:
95:be:8e:b7:34:75:41:1e:e9:fa:5c:f2:fb:ee:69:1e:54:7f:
6c:78:8e:1d:08:07:07:54:a0:88:0e:25:59:49:43:08:56:4e:
ba:3d:a1:ec:6f:60:b4:da:94:64:e6:22:e4:3f:e5:6b:3d:47:
ea:3a:89:b8:14:c4:41:cd:ac:0c:f5:64:08:ff:f3:0e:b9:29:
14:c0:b2:71:a3:ef:a5:4c:05:b9:12:cf:8d:e8:2e:16:8d:e6:
ee:ab:fd:7d:15:c6:76:04:7c:d7:43:72:66:b0:ae:99:77:1a:
aa:de:03:0a:74:ae:3b:02:9a:31:a0:11:0b:ea:d5:43:40:c7:
18:f7:fe:2e:72:66:12:0a:91:15:19:84:49:c7:7c:45:a5:1f:
17:9b:af:57:da:6f:3c:66:75:33:94:f9:b2:0a:53:97:8f:3f:
81:10:b3:00:a1:70:17:33:9d:31:95:86:a7:96:61:a7:6e:95:
32:10:1d:04:0f:fb:26:7c:d3:af:51:e0:c9:2e:98:73:18:71:
1d:22:0e:64:5d:b5:58:7c:23:c8:44:f6:05:4b:4e:f2:fd:09:
9d:c3:37:e4:ed:49:76:28:6c:31:4b:5f:95:49:a1:e0:96:47:
7f:5f:b9:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2zT/VAzHbeBwn21C0+83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZDJlNzU3OGFhYzk0ZjQyOTYwYTc4MGQzOTk2ZGE4YmI0
Njk0NzcwHhcNMjQwMTAxMDIyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjhmZjAxNGQ4MDMxMDRkYmVkZTNiNWRmYWJlNmIzMDgzMTMxMDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6vsMJZYp19mesLMYbDnbNd3FIv1
rTSQjrOOtYwJWNPxrPwhseTLjsb3O5F2czOCwxx5y5YWiacMQ0rIZxepBAh+IvLD
yDxrmCus1aA/zi0XqFiWZG1jwr2sRnc0HPjk/12P2LKeC42F3TpFUJsOQ72lXImy
cPYdjTxrdzlNUhCd2wS8kquD1oqUuc4WqNLPzeLejLCepUi0vT4ODU+Q0nXaQtA4
icDivK15ovjB/P6KOcLETw39BtCWePhBJLvUyVWjM6YzwW8Sr3IHmDHmq4fUlvBu
YbjGdbb3wGOk58DTpfB9CzxL4LcWgvXGoCrvx4iUlw8IlVgJ1AoqfDJmewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKuP8BTYAxBNvt47Xfq+azCDExBjMB8GA1UdIwQY
MBaAFETS51eKrJT0KWCngNOZbai7RpR3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk5MblY0cXNsUFFwWUtlQTA1bHRxTHRHbEhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi8yZGE0M2QtMzk5Ny00MGE2LWFjY2Qt
ZjZmZDZiZDg1N2I4LzEvcTRfd0ZOZ0RFRTItM2p0ZC1yNXJNSU1URUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi8yZGE0M2QtMzk5Ny00MGE2LWFjY2QtZjZmZDZiZDg1N2I4
LzEvUk5MblY0cXNsUFFwWUtlQTA1bHRxTHRHbEhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLq6QAwQB
W84kMA0GCSqGSIb3DQEBCwUAA4IBAQBcchj4KBbR/hB0vHKP357JNjCVvo63NHVB
Hun6XPL77mkeVH9seI4dCAcHVKCIDiVZSUMIVk66PaHsb2C02pRk5iLkP+VrPUfq
Oom4FMRBzawM9WQI//MOuSkUwLJxo++lTAW5Es+N6C4Wjebuq/19FcZ2BHzXQ3Jm
sK6Zdxqq3gMKdK47ApoxoBEL6tVDQMcY9/4ucmYSCpEVGYRJx3xFpR8Xm69X2m88
ZnUzlPmyClOXjz+BELMAoXAXM50xlYanlmGnbpUyEB0ED/smfNOvUeDJLphzGHEd
Ig5kXbVYfCPIRPYFS07y/Qmdwzfk7Ul2KGwxS1+VSaHglkd/X7m2
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:38:07 2024 by rpki-client on console-fra.rpki-client.org