Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/n3z1A2DEm-KGeP2OraasJHGdDDw.roa
File: n3z1A2DEm-KGeP2OraasJHGdDDw.roa (raw, json)
Hash identifier: I/k8sT2KO2Rh2JlyR+DXuUSQyeMMLtDUuATn+1Tj/iw=
Subject key identifier: 9F:7C:F5:03:60:C4:9B:E2:86:78:FD:8E:AD:A6:AC:24:71:9D:0C:3C
Certificate issuer: /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial: 018CC7956AACCC785ACE74E5B9BF735527BC
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/n3z1A2DEm-KGeP2OraasJHGdDDw.roa
Signing time: Tue 02 Jan 2024 00:31:47 +0000
ROA not before: Tue 02 Jan 2024 00:31:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 85.159.226.0/24 maxlen: 24
85.159.229.0/24 maxlen: 24
85.159.230.0/24 maxlen: 24
46.29.237.0/24 maxlen: 24
46.29.236.0/24 maxlen: 24
46.29.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.mft
rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:6a:ac:cc:78:5a:ce:74:e5:b9:bf:73:55:27:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
Validity
Not Before: Jan 2 00:31:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f7cf50360c49be28678fd8eada6ac24719d0c3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ed:3b:3c:1d:bc:f6:82:71:4c:67:10:09:b4:
cc:e5:bd:a6:78:4e:fd:75:fa:2a:3a:96:cd:1a:11:
cf:43:2a:13:5b:4c:21:42:e1:30:eb:e6:d7:5a:30:
9d:41:f4:c6:e6:d4:76:69:eb:32:73:c5:78:e2:c6:
35:40:b8:21:b3:e1:f5:90:9e:39:a9:0e:0c:22:bf:
02:2a:69:76:3c:d8:6f:34:bc:a8:2e:18:e6:eb:bf:
83:83:eb:05:b3:08:83:10:61:8c:0e:fa:4a:d4:dc:
c5:ae:b6:5e:a8:91:fe:04:49:ce:a4:c5:4d:ea:bf:
db:72:02:c7:4e:b1:bb:c9:2d:73:70:7e:85:81:fe:
eb:ee:b6:85:6e:c9:ad:ec:79:82:ed:7a:27:f5:1b:
f1:40:94:fb:05:39:a2:10:95:be:01:f3:2f:b7:99:
12:45:89:81:35:32:28:03:a4:19:0a:cd:43:a8:9f:
b2:2e:73:f3:81:da:b6:cc:94:5f:3b:2d:21:49:79:
44:61:7f:99:35:da:13:67:bf:06:1c:50:3e:72:de:
b8:0a:14:60:ef:99:71:f4:c8:af:67:e2:e6:7e:7e:
7e:ce:d6:9e:fa:f7:8c:b8:f9:28:a6:a0:74:a2:67:
a7:8f:7e:6a:30:8f:86:2e:7f:ba:34:c8:c3:df:64:
71:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:7C:F5:03:60:C4:9B:E2:86:78:FD:8E:AD:A6:AC:24:71:9D:0C:3C
X509v3 Authority Key Identifier:
keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/n3z1A2DEm-KGeP2OraasJHGdDDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.236.0/23
46.29.239.0/24
85.159.226.0/24
85.159.229.0-85.159.230.255
Signature Algorithm: sha256WithRSAEncryption
18:c0:b0:8e:88:ed:ba:a6:db:35:a9:ae:a8:39:95:8b:c3:d0:
de:08:e3:cc:e8:20:b4:66:93:2a:64:8a:1f:f7:b1:ad:0d:c9:
d5:38:a9:4e:76:fe:8d:06:51:17:17:ba:43:19:2d:65:91:e3:
12:48:a0:1b:1e:f4:91:be:d3:c4:f6:c4:cd:3a:55:0b:e4:ce:
9a:99:16:04:ac:47:77:5a:16:a1:3b:69:2f:cb:dd:f4:37:dc:
6b:d8:b0:ab:af:92:48:c6:86:9f:80:ac:19:ef:c2:de:c0:75:
2c:da:bd:e3:30:95:8b:75:dd:92:d5:10:0e:93:d6:77:40:19:
be:06:42:74:06:ca:7c:b0:79:35:a9:38:6c:63:39:41:8a:e5:
d2:fd:51:98:54:f9:a0:96:4c:6f:a2:06:2e:90:e3:2d:75:73:
0d:e3:88:b1:4c:67:d3:f2:f0:b4:a5:de:f4:83:3f:63:fb:05:
cf:b1:11:e5:c0:21:64:6e:ca:e0:ed:a5:db:aa:b4:a5:d7:b6:
0f:98:cc:4f:13:51:b5:58:ed:1f:9d:5b:26:41:6d:5c:61:02:
a1:fc:40:40:66:6c:89:31:3b:98:63:a9:64:fb:92:df:ff:39:
e0:8a:61:2c:3c:73:55:ec:44:05:39:4f:be:f3:8d:ae:af:ba:
39:2e:16:ca
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzHlWqszHhaznTlub9zVSe8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjQwMTAyMDAzMTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjdjZjUwMzYwYzQ5YmUyODY3OGZkOGVhZGE2YWMyNDcxOWQwYzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoe07PB289oJxTGcQCbTM5b2meE79
dfoqOpbNGhHPQyoTW0whQuEw6+bXWjCdQfTG5tR2aesyc8V44sY1QLghs+H1kJ45
qQ4MIr8CKml2PNhvNLyoLhjm67+Dg+sFswiDEGGMDvpK1NzFrrZeqJH+BEnOpMVN
6r/bcgLHTrG7yS1zcH6Fgf7r7raFbsmt7HmC7Xon9RvxQJT7BTmiEJW+AfMvt5kS
RYmBNTIoA6QZCs1DqJ+yLnPzgdq2zJRfOy0hSXlEYX+ZNdoTZ78GHFA+ct64ChRg
75lx9MivZ+Lmfn5+ztae+veMuPkopqB0omenj35qMI+GLn+6NMjD32RxiwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJ989QNgxJvihnj9jq2mrCRxnQw8MB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEvbjN6MUEyREVtLUtHZVAyT3JhYXNKSEdkRER3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzktZGY3OTNhOTQwYmFi
LzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBLh3sAwQA
Lh3vAwQAVZ/iMAwDBABVn+UDBABVn+YwDQYJKoZIhvcNAQELBQADggEBABjAsI6I
7bqm2zWprqg5lYvD0N4I48zoILRmkypkih/3sa0NydU4qU52/o0GURcXukMZLWWR
4xJIoBse9JG+08T2xM06VQvkzpqZFgSsR3daFqE7aS/L3fQ33GvYsKuvkkjGhp+A
rBnvwt7AdSzaveMwlYt13ZLVEA6T1ndAGb4GQnQGynyweTWpOGxjOUGK5dL9UZhU
+aCWTG+iBi6Q4y11cw3jiLFMZ9Py8LSl3vSDP2P7Bc+xEeXAIWRuyuDtpduqtKXX
tg+YzE8TUbVY7R+dWyZBbVxhAqH8QEBmbIkxO5hjqWT7kt//OeCKYSw8c1XsRAU5
T77zja6vujkuFso=
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:49:06 2024 by rpki-client on console-ams.rpki-client.org