Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/FpR6nSObsz8_qlNWftqMaiVPtH8.roa
File: FpR6nSObsz8_qlNWftqMaiVPtH8.roa (raw, json)
Hash identifier: LEdWkSRfg8RN+x+MwVcFfMW92WJu9XbBkNT+OAvwKMk=
Subject key identifier: 16:94:7A:9D:23:9B:B3:3F:3F:AA:53:56:7E:DA:8C:6A:25:4F:B4:7F
Certificate issuer: /CN=6832c32d2259013991260d530d9120031aaefcd0
Certificate serial: 019295C29B31FFC85542FCA8702A05C50DC3
Authority key identifier: 68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/FpR6nSObsz8_qlNWftqMaiVPtH8.roa
Signing time: Wed 16 Oct 2024 14:36:51 +0000
ROA not before: Wed 16 Oct 2024 14:36:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 145.46.168.0/24 maxlen: 24
145.46.169.0/24 maxlen: 24
145.46.170.0/24 maxlen: 24
145.46.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:95:c2:9b:31:ff:c8:55:42:fc:a8:70:2a:05:c5:0d:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6832c32d2259013991260d530d9120031aaefcd0
Validity
Not Before: Oct 16 14:36:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16947a9d239bb33f3faa53567eda8c6a254fb47f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:61:12:7c:9d:15:d3:d0:88:98:4c:ce:d3:68:
79:46:ce:3a:56:8a:22:37:db:05:8e:fb:d6:49:1f:
7d:1b:8c:16:4e:4a:88:a3:86:9e:4e:7d:9c:d2:c0:
82:ff:99:55:8b:ce:88:59:a1:fe:73:ca:91:a1:0f:
c8:b1:77:f5:65:27:af:26:fd:da:a5:31:d6:15:f0:
60:24:73:66:84:7c:e7:a0:7c:58:ed:14:be:e7:45:
39:3a:3d:53:9b:82:72:e0:6d:a1:51:d6:7e:48:da:
42:32:8d:ea:ec:17:ab:a9:0f:cf:80:4b:99:c0:99:
56:a4:1a:8a:99:3a:ae:d6:bf:43:06:c0:f2:ff:32:
ee:ae:d1:13:13:5b:87:b2:21:8a:63:21:0d:42:52:
4f:4a:0d:6b:bd:d5:7c:cb:05:85:41:e4:de:52:8d:
43:41:11:17:49:cb:f0:31:19:48:88:f2:99:5b:8b:
90:66:b9:aa:0d:d7:ba:4a:0c:d4:08:c0:13:ea:5a:
0c:ef:81:f0:d9:62:b2:ec:3a:86:cf:7b:d9:00:47:
d3:d6:2a:63:48:9a:7e:37:94:77:0e:db:92:29:bd:
a6:28:9d:3e:be:a5:12:b0:73:a8:e5:1a:a4:ea:e9:
9a:d1:b4:35:61:05:86:53:aa:73:e9:93:0d:ff:fc:
3b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:94:7A:9D:23:9B:B3:3F:3F:AA:53:56:7E:DA:8C:6A:25:4F:B4:7F
X509v3 Authority Key Identifier:
keyid:68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/FpR6nSObsz8_qlNWftqMaiVPtH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.46.168.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:a0:9c:23:9f:f8:7e:9c:1b:94:ec:f0:c0:2c:0a:5f:b0:7f:
c2:44:d4:98:3a:56:c1:a9:48:93:21:f8:8c:c4:ba:87:23:66:
d5:e9:07:ca:f2:e6:e4:7c:4d:d2:88:af:93:24:62:ef:a0:e4:
76:9f:90:60:5e:01:53:e6:7e:15:e6:bc:f4:63:d7:a8:7c:d8:
60:c5:20:27:02:bd:8b:55:1b:42:e4:59:2a:67:85:77:79:e7:
06:30:4a:96:98:99:63:21:35:df:86:54:b5:cc:05:b8:7a:33:
3f:78:40:95:f4:1e:1c:cd:e7:34:5d:fe:b0:a6:23:23:5b:5c:
26:ab:ee:52:09:73:39:29:13:c0:1a:70:b6:18:bb:c0:ac:03:
a4:08:26:9d:f1:7e:2a:da:53:d3:84:3c:af:c8:d5:18:4e:be:
97:7e:2f:c8:74:2b:99:ec:40:5d:d1:40:a4:8f:98:7d:d5:c7:
2f:8d:cd:10:2f:86:0d:19:a0:a4:43:6b:16:aa:60:c9:23:15:
7c:63:60:a8:af:31:b7:c6:ed:d4:09:4b:5c:9e:d6:8a:87:fe:
3d:b0:84:f5:cc:d5:dc:7d:39:59:c1:aa:f4:24:4a:9c:e7:08:
49:5b:bf:6c:4c:6a:94:55:c1:1a:c7:cc:b3:43:5f:aa:1c:a5:
9c:53:6b:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKVwpsx/8hVQvyocCoFxQ3DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzJjMzJkMjI1OTAxMzk5MTI2MGQ1MzBkOTEyMDAzMWFh
ZWZjZDAwHhcNMjQxMDE2MTQzNjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjk0N2E5ZDIzOWJiMzNmM2ZhYTUzNTY3ZWRhOGM2YTI1NGZiNDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mESfJ0V09CImEzO02h5Rs46Vooi
N9sFjvvWSR99G4wWTkqIo4aeTn2c0sCC/5lVi86IWaH+c8qRoQ/IsXf1ZSevJv3a
pTHWFfBgJHNmhHznoHxY7RS+50U5Oj1Tm4Jy4G2hUdZ+SNpCMo3q7BerqQ/PgEuZ
wJlWpBqKmTqu1r9DBsDy/zLurtETE1uHsiGKYyENQlJPSg1rvdV8ywWFQeTeUo1D
QREXScvwMRlIiPKZW4uQZrmqDde6SgzUCMAT6loM74Hw2WKy7DqGz3vZAEfT1ipj
SJp+N5R3DtuSKb2mKJ0+vqUSsHOo5Rqk6uma0bQ1YQWGU6pz6ZMN//w7fwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBaUep0jm7M/P6pTVn7ajGolT7R/MB8GA1UdIwQY
MBaAFGgywy0iWQE5kSYNUw2RIAMarvzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYt
NzcwZjhlYWIyYWU3LzEvRnBSNm5TT2JzejhfcWxOV2Z0cU1haVZQdEg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYtNzcwZjhlYWIyYWU3
LzEvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkS6oMA0G
CSqGSIb3DQEBCwUAA4IBAQCgoJwjn/h+nBuU7PDALApfsH/CRNSYOlbBqUiTIfiM
xLqHI2bV6QfK8ubkfE3SiK+TJGLvoOR2n5BgXgFT5n4V5rz0Y9eofNhgxSAnAr2L
VRtC5FkqZ4V3eecGMEqWmJljITXfhlS1zAW4ejM/eECV9B4czec0Xf6wpiMjW1wm
q+5SCXM5KRPAGnC2GLvArAOkCCad8X4q2lPThDyvyNUYTr6Xfi/IdCuZ7EBd0UCk
j5h91ccvjc0QL4YNGaCkQ2sWqmDJIxV8Y2CorzG3xu3UCUtcntaKh/49sIT1zNXc
fTlZwar0JEqc5whJW79sTGqUVcEax8yzQ1+qHKWcU2se
-----END CERTIFICATE-----
Generated at Mon Nov 25 00:05:51 2024 by rpki-client on console-fra.rpki-client.org