Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/tD46j7YDhGungKNDCA-itZMwa_c.roa
File: tD46j7YDhGungKNDCA-itZMwa_c.roa (raw, json)
Hash identifier: x2g9sT1307Jy04DxDvmDfsQe8MoxFkTV99zqfXyJnFY=
Subject key identifier: B4:3E:3A:8F:B6:03:84:6B:A7:80:A3:43:08:0F:A2:B5:93:30:6B:F7
Certificate issuer: /CN=9b6b7b3ea60efb4a579a4f5e237ea7a88d3bc078
Certificate serial: 01932AB957CEA0EF1BED37467E3B6D83446B
Authority key identifier: 9B:6B:7B:3E:A6:0E:FB:4A:57:9A:4F:5E:23:7E:A7:A8:8D:3B:C0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m2t7PqYO-0pXmk9eI36nqI07wHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/tD46j7YDhGungKNDCA-itZMwa_c.roa
Signing time: Thu 14 Nov 2024 12:50:09 +0000
ROA not before: Thu 14 Nov 2024 12:50:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13110
IP address blocks: 46.228.80.0/20 maxlen: 20
46.238.64.0/18 maxlen: 18
62.21.0.0/17 maxlen: 17
77.65.0.0/17 maxlen: 17
80.87.32.0/20 maxlen: 20
85.221.128.0/17 maxlen: 17
88.151.136.0/21 maxlen: 21
94.127.104.0/21 maxlen: 21
109.173.128.0/17 maxlen: 17
151.249.80.0/21 maxlen: 21
185.14.72.0/22 maxlen: 22
185.44.172.0/22 maxlen: 22
194.114.148.0/22 maxlen: 22
194.116.138.0/23 maxlen: 23
195.160.180.0/23 maxlen: 23
2001:4020::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/m2t7PqYO-0pXmk9eI36nqI07wHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/m2t7PqYO-0pXmk9eI36nqI07wHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/m2t7PqYO-0pXmk9eI36nqI07wHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2a:b9:57:ce:a0:ef:1b:ed:37:46:7e:3b:6d:83:44:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b6b7b3ea60efb4a579a4f5e237ea7a88d3bc078
Validity
Not Before: Nov 14 12:50:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b43e3a8fb603846ba780a343080fa2b593306bf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ff:eb:da:a3:7e:48:f7:b5:c8:3c:d1:95:2b:
00:3e:53:22:55:65:d4:88:97:26:ca:28:37:00:d3:
2f:60:82:3a:c2:48:78:bb:6c:45:f4:a3:06:6b:1c:
0b:cc:a8:62:aa:5c:e4:78:73:b2:14:9c:ad:81:8e:
b2:18:75:1e:df:aa:da:cc:e1:c4:c5:2a:1e:57:29:
a8:6c:a6:f3:e2:98:34:db:09:93:7d:d2:fa:34:44:
76:5d:da:63:7f:7a:d1:71:57:3c:cb:ae:88:5a:a0:
b6:fe:50:49:33:dc:5d:86:b4:16:2c:e4:8c:0e:04:
30:03:db:c3:6f:d4:66:d8:a0:2e:8a:8f:9a:f8:8c:
31:18:fb:f8:4a:4f:41:ee:13:51:b7:da:2c:8c:91:
15:0c:94:a6:01:0b:82:c2:61:9a:a6:0d:92:24:05:
31:d6:b8:8a:cf:01:f9:dd:2e:a6:a6:53:3d:e2:29:
a5:b9:88:ea:03:f1:e6:9f:34:09:5e:70:ba:fb:59:
3d:e2:e7:db:bc:c9:04:76:70:1f:4a:4e:d8:68:9c:
07:d1:f9:10:07:2f:5e:4f:8b:80:fa:a1:f2:1e:9f:
21:8f:a8:9d:8c:28:3c:eb:59:ab:56:d8:53:a9:55:
11:66:f8:18:8a:3b:53:75:24:a2:b2:5b:e7:d4:51:
79:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:3E:3A:8F:B6:03:84:6B:A7:80:A3:43:08:0F:A2:B5:93:30:6B:F7
X509v3 Authority Key Identifier:
keyid:9B:6B:7B:3E:A6:0E:FB:4A:57:9A:4F:5E:23:7E:A7:A8:8D:3B:C0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m2t7PqYO-0pXmk9eI36nqI07wHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/tD46j7YDhGungKNDCA-itZMwa_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/m2t7PqYO-0pXmk9eI36nqI07wHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.228.80.0/20
46.238.64.0/18
62.21.0.0/17
77.65.0.0/17
80.87.32.0/20
85.221.128.0/17
88.151.136.0/21
94.127.104.0/21
109.173.128.0/17
151.249.80.0/21
185.14.72.0/22
185.44.172.0/22
194.114.148.0/22
194.116.138.0/23
195.160.180.0/23
IPv6:
2001:4020::/32
Signature Algorithm: sha256WithRSAEncryption
69:48:72:af:a7:13:ec:cb:00:67:f8:73:b8:27:7d:ab:95:c7:
c5:44:b2:0f:7b:3c:1c:8b:62:3e:a7:ae:97:a0:61:fb:d5:2d:
5c:c0:4f:1e:6e:d4:ea:98:b4:c0:da:e6:7f:68:65:f8:f6:89:
6f:61:13:c5:3c:d3:c0:62:a1:ee:1e:df:a4:37:d2:42:fc:84:
88:0d:af:83:59:da:4f:60:61:83:78:a4:ec:b7:a5:69:df:72:
6b:e4:fc:da:b5:14:22:e5:c6:00:41:f3:a4:60:70:5b:75:1b:
53:64:e0:23:40:04:5a:01:bb:b3:a0:17:7b:74:7f:5f:42:c4:
e4:44:03:d8:9d:3c:fe:70:ca:36:18:e6:39:df:29:34:28:9c:
26:10:48:c5:85:58:8c:ae:c1:96:76:0a:6b:73:c1:a3:f7:da:
93:d2:d9:39:d3:e1:ea:1a:c6:b1:c3:67:d4:f4:0d:bd:31:91:
6f:f8:bf:01:68:7e:cc:c4:a4:03:9e:78:cb:cf:c8:73:d2:ab:
96:35:27:ab:cb:59:c7:4e:1c:f3:b3:95:b9:1e:a6:1b:d1:41:
61:9e:74:1b:0b:9d:01:96:13:4d:42:3e:ca:2c:3a:07:cd:0b:
2c:3d:74:81:2b:87:72:ef:16:41:5d:1c:98:4b:83:14:fb:06:
92:56:a1:a7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZMquVfOoO8b7TdGfjttg0RrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNmI3YjNlYTYwZWZiNGE1NzlhNGY1ZTIzN2VhN2E4OGQz
YmMwNzgwHhcNMjQxMTE0MTI1MDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDNlM2E4ZmI2MDM4NDZiYTc4MGEzNDMwODBmYTJiNTkzMzA2YmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1//r2qN+SPe1yDzRlSsAPlMiVWXU
iJcmyig3ANMvYII6wkh4u2xF9KMGaxwLzKhiqlzkeHOyFJytgY6yGHUe36razOHE
xSoeVymobKbz4pg02wmTfdL6NER2Xdpjf3rRcVc8y66IWqC2/lBJM9xdhrQWLOSM
DgQwA9vDb9Rm2KAuio+a+IwxGPv4Sk9B7hNRt9osjJEVDJSmAQuCwmGapg2SJAUx
1riKzwH53S6mplM94imluYjqA/HmnzQJXnC6+1k94ufbvMkEdnAfSk7YaJwH0fkQ
By9eT4uA+qHyHp8hj6idjCg861mrVthTqVURZvgYijtTdSSislvn1FF5XwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFLQ+Oo+2A4Rrp4CjQwgPorWTMGv3MB8GA1UdIwQY
MBaAFJtrez6mDvtKV5pPXiN+p6iNO8B4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTJ0N1BxWU8tMHBYbWs5ZUkzNm5xSTA3d0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9lMjdkNzEtZWZiYy00N2VmLTk4NDAt
ZTc0ZDhkMWQ0ZTAyLzEvdEQ0Nmo3WURoR3VuZ0tORENBLWl0Wk13YV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9lMjdkNzEtZWZiYy00N2VmLTk4NDAtZTc0ZDhkMWQ0ZTAy
LzEvbTJ0N1BxWU8tMHBYbWs5ZUkzNm5xSTA3d0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEBC7kUAME
Bi7uQAMEBz4VAAMEB01BAAMEBFBXIAMEB1XdgAMEA1iXiAMEA15/aAMEB22tgAME
A5f5UAMEArkOSAMEArksrAMEAsJylAMEAcJ0igMEAcOgtDANBAIAAjAHAwUAIAFA
IDANBgkqhkiG9w0BAQsFAAOCAQEAaUhyr6cT7MsAZ/hzuCd9q5XHxUSyD3s8HIti
Pqeul6Bh+9UtXMBPHm7U6pi0wNrmf2hl+PaJb2ETxTzTwGKh7h7fpDfSQvyEiA2v
g1naT2Bhg3ik7Lelad9ya+T82rUUIuXGAEHzpGBwW3UbU2TgI0AEWgG7s6AXe3R/
X0LE5EQD2J08/nDKNhjmOd8pNCicJhBIxYVYjK7BlnYKa3PBo/fak9LZOdPh6hrG
scNn1PQNvTGRb/i/AWh+zMSkA554y8/Ic9KrljUnq8tZx04c87OVuR6mG9FBYZ50
GwudAZYTTUI+yiw6B80LLD10gSuHcu8WQV0cmEuDFPsGklahpw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:13:59 2024 by rpki-client on console-fra.rpki-client.org