Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/a734a4-143d-461d-bfd6-45caa6ef6700/1/mNH5xztEkhwZI7YWZRvb-HDIvsw.roa
File: mNH5xztEkhwZI7YWZRvb-HDIvsw.roa (raw, json)
Hash identifier: m7GGGABZcELRv3anNavyEQxDPtCOMui2q5pEMmrThIs=
Subject key identifier: 98:D1:F9:C7:3B:44:92:1C:19:23:B6:16:65:1B:DB:F8:70:C8:BE:CC
Certificate issuer: /CN=2b928097dc9f89a7a3a8a296a78a4f9d0cbce17f
Certificate serial: 018E91D1BB2A9EC4D0C5BC1E8F1E04FED439
Authority key identifier: 2B:92:80:97:DC:9F:89:A7:A3:A8:A2:96:A7:8A:4F:9D:0C:BC:E1:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5KAl9yfiaejqKKWp4pPnQy84X8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/a734a4-143d-461d-bfd6-45caa6ef6700/1/mNH5xztEkhwZI7YWZRvb-HDIvsw.roa
Signing time: Sun 31 Mar 2024 00:03:44 +0000
ROA not before: Sun 31 Mar 2024 00:03:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57908
IP address blocks: 46.243.16.0/24 maxlen: 24
46.243.17.0/24 maxlen: 24
46.243.18.0/24 maxlen: 24
46.243.19.0/24 maxlen: 24
46.243.20.0/24 maxlen: 24
46.243.21.0/24 maxlen: 24
46.243.22.0/24 maxlen: 24
46.243.23.0/24 maxlen: 24
2a03:6dc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/a734a4-143d-461d-bfd6-45caa6ef6700/1/K5KAl9yfiaejqKKWp4pPnQy84X8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/a734a4-143d-461d-bfd6-45caa6ef6700/1/K5KAl9yfiaejqKKWp4pPnQy84X8.mft
rsync://rpki.ripe.net/repository/DEFAULT/K5KAl9yfiaejqKKWp4pPnQy84X8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:91:d1:bb:2a:9e:c4:d0:c5:bc:1e:8f:1e:04:fe:d4:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b928097dc9f89a7a3a8a296a78a4f9d0cbce17f
Validity
Not Before: Mar 31 00:03:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98d1f9c73b44921c1923b616651bdbf870c8becc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:8b:31:99:cc:0d:09:a4:10:82:f2:f4:f7:65:
d8:8d:0c:2c:93:43:e1:96:5b:0b:da:6b:a8:51:e9:
aa:a0:af:96:03:39:95:9b:71:c6:ae:a4:ba:d8:d8:
52:28:51:eb:44:aa:30:a4:3e:2d:65:2f:8b:04:b2:
75:42:94:aa:52:92:1c:6a:03:f3:96:22:7a:bf:9f:
d9:f0:42:1f:00:ac:d0:13:fa:6f:d3:85:5f:f5:72:
3c:cb:47:c8:2c:17:6f:7d:1b:b1:74:4b:42:ec:5c:
ea:c0:f8:bb:9f:93:94:57:64:68:76:b5:77:16:59:
e5:23:25:15:cf:4c:60:84:66:e2:e3:8b:72:36:29:
f9:03:2c:b8:d9:eb:eb:6f:40:64:54:32:1a:20:0b:
5e:7b:03:75:ad:b3:e4:2e:f2:62:5c:59:49:8b:68:
f6:f1:43:e2:ee:b6:5c:5c:36:c8:14:26:c6:cb:2b:
1b:23:82:07:21:98:38:88:17:47:1c:9f:38:18:61:
14:27:ed:cf:4c:3f:c8:35:ca:35:cf:78:e8:ff:63:
38:62:c2:2d:66:a8:f8:70:aa:e1:bc:95:b0:53:d3:
f0:d6:af:ec:49:2e:bd:70:7e:d8:3d:52:a5:54:bb:
36:c8:72:92:2d:0a:9d:86:e1:e4:a6:2b:ca:66:6c:
2b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:D1:F9:C7:3B:44:92:1C:19:23:B6:16:65:1B:DB:F8:70:C8:BE:CC
X509v3 Authority Key Identifier:
keyid:2B:92:80:97:DC:9F:89:A7:A3:A8:A2:96:A7:8A:4F:9D:0C:BC:E1:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5KAl9yfiaejqKKWp4pPnQy84X8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a734a4-143d-461d-bfd6-45caa6ef6700/1/mNH5xztEkhwZI7YWZRvb-HDIvsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a734a4-143d-461d-bfd6-45caa6ef6700/1/K5KAl9yfiaejqKKWp4pPnQy84X8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.16.0/21
IPv6:
2a03:6dc0::/32
Signature Algorithm: sha256WithRSAEncryption
11:d6:4b:9d:c3:0b:f3:5e:56:f9:20:a5:36:75:ec:b5:da:39:
88:5b:62:15:48:22:98:77:e0:52:80:fe:61:6c:ba:ac:30:70:
7e:8a:6c:7e:43:ad:02:da:8b:c4:cd:37:ff:c8:a2:b5:b8:27:
42:d6:18:46:ea:6d:59:5f:85:ed:8b:d9:61:c6:e3:9f:42:3d:
47:cb:d6:65:cf:3b:02:a9:30:4c:3c:2a:f1:f3:3a:09:b8:2c:
2b:1d:2b:35:52:f8:12:e1:c5:cb:16:0e:b0:32:47:f5:05:7f:
0a:52:8e:07:75:e7:c6:37:90:bc:9a:80:c4:af:4f:a2:95:d7:
55:4a:6c:f3:ac:68:30:08:55:58:6a:60:b2:f5:7a:c9:c7:ea:
6e:57:6b:6a:5d:9d:04:04:66:ea:02:74:44:da:b0:51:c4:54:
85:43:0c:10:58:59:47:23:b5:bb:3f:93:80:09:77:46:78:2d:
72:0f:7d:94:bb:0f:c5:ab:3d:40:33:c8:ac:8a:d3:7e:44:8a:
b4:8b:42:66:5f:68:bc:a9:30:bf:94:7c:0b:48:89:0d:16:62:
dd:52:47:a8:87:d4:be:08:1e:2e:ff:23:4f:4b:f3:5a:de:a2:
b4:ec:28:15:44:13:08:bf:18:ba:35:bc:bb:d5:6c:65:6d:a1:
a1:92:7c:79
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY6R0bsqnsTQxbwejx4E/tQ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTI4MDk3ZGM5Zjg5YTdhM2E4YTI5NmE3OGE0ZjlkMGNi
Y2UxN2YwHhcNMjQwMzMxMDAwMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGQxZjljNzNiNDQ5MjFjMTkyM2I2MTY2NTFiZGJmODcwYzhiZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYsxmcwNCaQQgvL092XYjQwsk0Ph
llsL2muoUemqoK+WAzmVm3HGrqS62NhSKFHrRKowpD4tZS+LBLJ1QpSqUpIcagPz
liJ6v5/Z8EIfAKzQE/pv04Vf9XI8y0fILBdvfRuxdEtC7FzqwPi7n5OUV2RodrV3
FlnlIyUVz0xghGbi44tyNin5Ayy42evrb0BkVDIaIAteewN1rbPkLvJiXFlJi2j2
8UPi7rZcXDbIFCbGyysbI4IHIZg4iBdHHJ84GGEUJ+3PTD/INco1z3jo/2M4YsIt
Zqj4cKrhvJWwU9Pw1q/sSS69cH7YPVKlVLs2yHKSLQqdhuHkpivKZmwr7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJjR+cc7RJIcGSO2FmUb2/hwyL7MMB8GA1UdIwQY
MBaAFCuSgJfcn4mno6iilqeKT50MvOF/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVLQWw5eWZpYWVqcUtLV3A0cFBuUXk4NFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9hNzM0YTQtMTQzZC00NjFkLWJmZDYt
NDVjYWE2ZWY2NzAwLzEvbU5INXh6dEVraHdaSTdZV1pSdmItSERJdnN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9hNzM0YTQtMTQzZC00NjFkLWJmZDYtNDVjYWE2ZWY2NzAw
LzEvSzVLQWw5eWZpYWVqcUtLV3A0cFBuUXk4NFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLvMQMA0E
AgACMAcDBQAqA23AMA0GCSqGSIb3DQEBCwUAA4IBAQAR1kudwwvzXlb5IKU2dey1
2jmIW2IVSCKYd+BSgP5hbLqsMHB+imx+Q60C2ovEzTf/yKK1uCdC1hhG6m1ZX4Xt
i9lhxuOfQj1Hy9ZlzzsCqTBMPCrx8zoJuCwrHSs1UvgS4cXLFg6wMkf1BX8KUo4H
defGN5C8moDEr0+ilddVSmzzrGgwCFVYamCy9XrJx+puV2tqXZ0EBGbqAnRE2rBR
xFSFQwwQWFlHI7W7P5OACXdGeC1yD32Uuw/Fqz1AM8isitN+RIq0i0JmX2i8qTC/
lHwLSIkNFmLdUkeoh9S+CB4u/yNPS/Na3qK07CgVRBMIvxi6Nby71WxlbaGhknx5
-----END CERTIFICATE-----
Generated at Sat Jun 1 15:46:33 2024 by rpki-client on console-fra.rpki-client.org