Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/328eb3-5603-4955-aa92-2252bccfdbf9/1/Rh-K6uHJhfO1NkgKASi87wwL5Uo.roa
File: Rh-K6uHJhfO1NkgKASi87wwL5Uo.roa (raw, json)
Hash identifier: hNpUrrycPtCQxXgXHucpmireXqUDtZ0g4qcw/F4B3zM=
Subject key identifier: 46:1F:8A:EA:E1:C9:85:F3:B5:36:48:0A:01:28:BC:EF:0C:0B:E5:4A
Certificate issuer: /CN=69b01927a1a177d4261221d94628514a525a96e0
Certificate serial: 018CC802FAC9445CC5D617FCF3E5528FE51C
Authority key identifier: 69:B0:19:27:A1:A1:77:D4:26:12:21:D9:46:28:51:4A:52:5A:96:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/abAZJ6Ghd9QmEiHZRihRSlJaluA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/328eb3-5603-4955-aa92-2252bccfdbf9/1/Rh-K6uHJhfO1NkgKASi87wwL5Uo.roa
Signing time: Tue 02 Jan 2024 02:31:27 +0000
ROA not before: Tue 02 Jan 2024 02:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16267
IP address blocks: 213.146.0.0/19 maxlen: 19
2a01:4960::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/328eb3-5603-4955-aa92-2252bccfdbf9/1/abAZJ6Ghd9QmEiHZRihRSlJaluA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/328eb3-5603-4955-aa92-2252bccfdbf9/1/abAZJ6Ghd9QmEiHZRihRSlJaluA.mft
rsync://rpki.ripe.net/repository/DEFAULT/abAZJ6Ghd9QmEiHZRihRSlJaluA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:fa:c9:44:5c:c5:d6:17:fc:f3:e5:52:8f:e5:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69b01927a1a177d4261221d94628514a525a96e0
Validity
Not Before: Jan 2 02:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=461f8aeae1c985f3b536480a0128bcef0c0be54a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1d:ec:81:b5:12:bf:87:5f:d5:a4:b0:98:85:
f4:c8:ee:32:c9:9e:1d:b6:35:0d:e7:dc:3f:44:62:
7a:be:a1:f5:4c:5f:46:67:4c:04:b5:3b:1e:0e:ef:
a9:01:34:97:83:65:a8:af:ac:72:6f:e8:87:63:d4:
2a:74:58:07:5c:1b:8e:75:a5:89:2d:d9:a8:4a:4d:
54:a8:87:cd:46:f0:12:3f:05:74:23:30:ae:3c:95:
ab:4f:0e:87:14:89:2e:d5:14:1c:25:f2:01:59:71:
78:1e:da:a3:a7:29:4d:94:0e:dd:b6:df:1f:88:44:
a7:2c:ca:52:8e:e1:68:d3:bf:38:11:9a:eb:85:5a:
27:cd:d0:c7:9d:b4:02:e9:08:3d:e7:62:17:92:2e:
2d:8e:08:b2:d8:64:cf:89:ee:5f:63:63:f7:a6:25:
43:c0:d2:37:fb:f9:8b:25:70:7e:68:85:46:15:ed:
5c:65:f5:18:98:2c:3d:aa:a9:31:8f:71:7b:db:e2:
6d:37:78:8d:36:22:95:29:9c:41:8e:7e:c1:1e:63:
c6:59:73:71:fb:2d:f4:13:c8:81:9c:a9:d5:06:48:
17:7f:89:b8:d2:98:d2:9f:7b:00:91:e5:8d:fd:16:
15:ce:31:1c:71:cc:fe:36:a5:15:18:77:4c:e6:94:
23:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:1F:8A:EA:E1:C9:85:F3:B5:36:48:0A:01:28:BC:EF:0C:0B:E5:4A
X509v3 Authority Key Identifier:
keyid:69:B0:19:27:A1:A1:77:D4:26:12:21:D9:46:28:51:4A:52:5A:96:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/abAZJ6Ghd9QmEiHZRihRSlJaluA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/328eb3-5603-4955-aa92-2252bccfdbf9/1/Rh-K6uHJhfO1NkgKASi87wwL5Uo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/328eb3-5603-4955-aa92-2252bccfdbf9/1/abAZJ6Ghd9QmEiHZRihRSlJaluA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.146.0.0/19
IPv6:
2a01:4960::/32
Signature Algorithm: sha256WithRSAEncryption
36:f9:07:bb:85:86:d0:be:59:38:31:43:1d:32:e0:8c:ce:c8:
76:b0:3d:99:de:b2:59:49:fd:ba:56:b4:c6:37:21:06:b0:5d:
67:37:52:41:a4:bd:b5:3e:07:b1:16:e9:77:c5:02:c1:bf:34:
a4:53:a7:ab:5a:a0:51:5e:e0:26:2a:7e:d6:24:70:c4:99:2f:
c9:a2:84:31:2f:1a:6b:3c:85:bd:ec:55:ee:47:a8:4a:35:c4:
54:17:7c:96:a1:77:25:b7:b3:e2:45:37:e5:6a:cc:65:f7:4a:
0e:4d:05:0f:73:81:3c:0f:b9:16:d3:4c:bc:2f:b2:e5:4c:67:
7e:16:2b:d9:05:09:23:d1:e0:cf:25:c7:e7:2d:77:e0:20:c5:
60:95:82:0c:5a:bb:f7:66:7c:53:4f:2a:d1:8c:c4:32:c5:33:
2f:c7:c8:b4:56:be:e3:cb:ca:82:59:57:df:b4:1c:f8:36:24:
ae:28:de:e2:83:ad:cb:14:8d:c5:1a:bd:08:21:42:88:7c:f1:
5b:4a:63:83:23:54:6f:19:37:e6:2e:07:a6:eb:ad:7a:35:d6:
49:a0:c1:6d:f4:ea:c9:f5:cb:97:fb:cd:22:7c:58:37:fe:5b:
19:7a:cc:b6:51:7e:db:2b:db:e4:dd:2e:31:19:fd:f2:ad:d3:
d9:59:2b:c7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAvrJRFzF1hf88+VSj+UcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YjAxOTI3YTFhMTc3ZDQyNjEyMjFkOTQ2Mjg1MTRhNTI1
YTk2ZTAwHhcNMjQwMTAyMDIzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjFmOGFlYWUxYzk4NWYzYjUzNjQ4MGEwMTI4YmNlZjBjMGJlNTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhh3sgbUSv4df1aSwmIX0yO4yyZ4d
tjUN59w/RGJ6vqH1TF9GZ0wEtTseDu+pATSXg2Wor6xyb+iHY9QqdFgHXBuOdaWJ
LdmoSk1UqIfNRvASPwV0IzCuPJWrTw6HFIku1RQcJfIBWXF4HtqjpylNlA7dtt8f
iESnLMpSjuFo0784EZrrhVonzdDHnbQC6Qg952IXki4tjgiy2GTPie5fY2P3piVD
wNI3+/mLJXB+aIVGFe1cZfUYmCw9qqkxj3F72+JtN3iNNiKVKZxBjn7BHmPGWXNx
+y30E8iBnKnVBkgXf4m40pjSn3sAkeWN/RYVzjEcccz+NqUVGHdM5pQjGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEYfiurhyYXztTZICgEovO8MC+VKMB8GA1UdIwQY
MBaAFGmwGSehoXfUJhIh2UYoUUpSWpbgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWJBWko2R2hkOVFtRWlIWlJpaFJTbEphbHVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8zMjhlYjMtNTYwMy00OTU1LWFhOTIt
MjI1MmJjY2ZkYmY5LzEvUmgtSzZ1SEpoZk8xTmtnS0FTaTg3d3dMNVVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8zMjhlYjMtNTYwMy00OTU1LWFhOTItMjI1MmJjY2ZkYmY5
LzEvYWJBWko2R2hkOVFtRWlIWlJpaFJTbEphbHVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1ZIAMA0E
AgACMAcDBQAqAUlgMA0GCSqGSIb3DQEBCwUAA4IBAQA2+Qe7hYbQvlk4MUMdMuCM
zsh2sD2Z3rJZSf26VrTGNyEGsF1nN1JBpL21PgexFul3xQLBvzSkU6erWqBRXuAm
Kn7WJHDEmS/JooQxLxprPIW97FXuR6hKNcRUF3yWoXclt7PiRTflasxl90oOTQUP
c4E8D7kW00y8L7LlTGd+FivZBQkj0eDPJcfnLXfgIMVglYIMWrv3ZnxTTyrRjMQy
xTMvx8i0Vr7jy8qCWVfftBz4NiSuKN7ig63LFI3FGr0IIUKIfPFbSmODI1RvGTfm
Lgem6616NdZJoMFt9OrJ9cuX+80ifFg3/lsZesy2UX7bK9vk3S4xGf3yrdPZWSvH
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:25 2024 by rpki-client on console-ams.rpki-client.org