Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/sCw9SpNl50PgkY00gehoXHS4tXs.roa
File: sCw9SpNl50PgkY00gehoXHS4tXs.roa (raw, json)
Hash identifier: KL676s77pRP5v8Z/2Bn3ScO1U46zXBuvpZijZ+KullI=
Subject key identifier: B0:2C:3D:4A:93:65:E7:43:E0:91:8D:34:81:E8:68:5C:74:B8:B5:7B
Certificate issuer: /CN=1e8d205c798ed78f3c44ca0c8f2852e8bec8eaa2
Certificate serial: 018E0480B7E9DF122C87EB61303DAB94356E
Authority key identifier: 1E:8D:20:5C:79:8E:D7:8F:3C:44:CA:0C:8F:28:52:E8:BE:C8:EA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/sCw9SpNl50PgkY00gehoXHS4tXs.roa
Signing time: Sun 03 Mar 2024 13:28:48 +0000
ROA not before: Sun 03 Mar 2024 13:28:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 46.143.172.0/22 maxlen: 22
46.143.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/Ho0gXHmO1488RMoMjyhS6L7I6qI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/Ho0gXHmO1488RMoMjyhS6L7I6qI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:04:80:b7:e9:df:12:2c:87:eb:61:30:3d:ab:94:35:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e8d205c798ed78f3c44ca0c8f2852e8bec8eaa2
Validity
Not Before: Mar 3 13:28:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b02c3d4a9365e743e0918d3481e8685c74b8b57b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:84:5b:f4:87:65:db:90:9f:f5:d6:71:4a:ed:
f2:5d:d1:98:b1:2e:6c:41:17:9d:9d:0e:51:12:e1:
2d:42:9e:df:67:c4:72:85:79:9a:e2:d1:98:d4:2f:
0f:11:29:a7:3d:d0:29:ad:26:38:86:ca:0b:c1:59:
7b:cc:ae:a9:76:00:ec:ac:f7:c3:24:f2:b4:ad:26:
1b:df:3e:35:a7:eb:26:22:46:d4:05:33:9c:97:bc:
31:db:f8:2c:40:41:5e:0b:d4:d1:bf:62:47:b5:36:
0f:63:3f:e2:2e:85:7b:c4:3c:7b:ec:de:45:be:7e:
42:e9:f4:0f:9f:23:c6:73:e9:03:31:8a:d0:4b:83:
d1:b8:d8:60:a1:f1:74:66:77:3e:e5:f2:0b:19:d3:
01:3d:24:fc:9d:31:44:42:e4:f2:e7:19:49:27:2f:
b4:b8:a5:4c:c4:b8:9c:b4:0c:34:a6:9e:10:87:bb:
1c:6b:bb:b7:fb:8b:94:3c:93:7d:84:e2:bc:36:2e:
f2:76:29:82:24:24:c8:13:87:fd:a9:3e:cd:9b:ca:
e2:8c:1d:11:89:2f:1b:74:ac:c3:f6:17:be:00:0b:
e9:7a:07:43:6c:84:1f:f4:af:7b:52:56:5a:6d:5d:
a5:a8:92:6a:c7:07:e2:b9:cb:6f:de:b6:f2:d6:b3:
84:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:2C:3D:4A:93:65:E7:43:E0:91:8D:34:81:E8:68:5C:74:B8:B5:7B
X509v3 Authority Key Identifier:
keyid:1E:8D:20:5C:79:8E:D7:8F:3C:44:CA:0C:8F:28:52:E8:BE:C8:EA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/sCw9SpNl50PgkY00gehoXHS4tXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/Ho0gXHmO1488RMoMjyhS6L7I6qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.143.172.0/22
Signature Algorithm: sha256WithRSAEncryption
08:3c:f8:a3:a3:c9:59:18:d5:a7:25:1c:b0:88:3b:a8:c4:b7:
91:33:98:e7:2f:86:d4:5b:71:f7:7c:b9:c6:19:0c:b8:94:0c:
08:6c:18:ee:e9:6c:fa:c7:17:8d:7d:92:8f:8e:6b:dd:ea:d0:
52:cb:63:b6:b3:47:d9:16:2e:09:70:bd:01:4b:7e:08:2b:41:
3f:3e:47:62:f6:1c:47:85:be:71:83:86:80:96:8f:aa:d1:30:
f7:37:08:69:7a:c1:34:ff:28:f9:96:4c:8b:84:0e:4f:6e:24:
da:5b:11:5e:e6:f4:74:a8:0a:61:7d:24:e6:0e:8c:a4:9c:fa:
6e:c6:20:6a:27:c4:a8:19:a9:08:b9:32:db:af:ff:ab:73:81:
b2:98:78:2b:07:e8:57:cd:d4:b3:05:95:d1:81:5b:de:22:68:
bd:12:0f:cc:fd:cc:d0:9e:f9:4e:73:33:90:2c:af:52:10:04:
15:98:08:73:2d:58:d1:20:b9:60:5f:da:08:58:70:e0:bc:3e:
fb:3f:05:0a:b7:d8:1d:3d:80:dc:35:77:80:06:04:2d:9c:64:
57:3a:a8:c6:58:e0:ca:a2:62:d8:f8:f2:b8:26:9e:0a:56:09:
ce:78:72:12:63:7b:cb:d5:03:e8:2b:d4:37:05:a0:c3:61:0d:
67:e5:a2:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4EgLfp3xIsh+thMD2rlDVuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOGQyMDVjNzk4ZWQ3OGYzYzQ0Y2EwYzhmMjg1MmU4YmVj
OGVhYTIwHhcNMjQwMzAzMTMyODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDJjM2Q0YTkzNjVlNzQzZTA5MThkMzQ4MWU4Njg1Yzc0YjhiNTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYRb9Idl25Cf9dZxSu3yXdGYsS5s
QRednQ5REuEtQp7fZ8RyhXma4tGY1C8PESmnPdAprSY4hsoLwVl7zK6pdgDsrPfD
JPK0rSYb3z41p+smIkbUBTOcl7wx2/gsQEFeC9TRv2JHtTYPYz/iLoV7xDx77N5F
vn5C6fQPnyPGc+kDMYrQS4PRuNhgofF0Znc+5fILGdMBPST8nTFEQuTy5xlJJy+0
uKVMxLictAw0pp4Qh7sca7u3+4uUPJN9hOK8Ni7ydimCJCTIE4f9qT7Nm8rijB0R
iS8bdKzD9he+AAvpegdDbIQf9K97UlZabV2lqJJqxwfiuctv3rby1rOEqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLAsPUqTZedD4JGNNIHoaFx0uLV7MB8GA1UdIwQY
MBaAFB6NIFx5jtePPETKDI8oUui+yOqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG8wZ1hIbU8xNDg4Uk1vTWp5aFM2TDdJNnFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yOTg4OTgtNzQ1NC00MDJiLTgxZTkt
ZWUxYmQzNDRmMDE1LzEvc0N3OVNwTmw1MFBna1kwMGdlaG9YSFM0dFhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yOTg4OTgtNzQ1NC00MDJiLTgxZTktZWUxYmQzNDRmMDE1
LzEvSG8wZ1hIbU8xNDg4Uk1vTWp5aFM2TDdJNnFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLo+sMA0G
CSqGSIb3DQEBCwUAA4IBAQAIPPijo8lZGNWnJRywiDuoxLeRM5jnL4bUW3H3fLnG
GQy4lAwIbBju6Wz6xxeNfZKPjmvd6tBSy2O2s0fZFi4JcL0BS34IK0E/Pkdi9hxH
hb5xg4aAlo+q0TD3NwhpesE0/yj5lkyLhA5PbiTaWxFe5vR0qAphfSTmDoyknPpu
xiBqJ8SoGakIuTLbr/+rc4GymHgrB+hXzdSzBZXRgVveImi9Eg/M/czQnvlOczOQ
LK9SEAQVmAhzLVjRILlgX9oIWHDgvD77PwUKt9gdPYDcNXeABgQtnGRXOqjGWODK
omLY+PK4Jp4KVgnOeHISY3vL1QPoK9Q3BaDDYQ1n5aI2
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:31:17 2024 by rpki-client on console-ams.rpki-client.org