Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/79aca9-51dd-4f22-b404-d53866e9186a/1/bdhVqkbmQWO2CYtQDW-g8cI8Yv8.roa
File: bdhVqkbmQWO2CYtQDW-g8cI8Yv8.roa (raw, json)
Hash identifier: VbdVqGBemQkj9IrH5IbwVbtsdXntQaz0eJOoUJf4SOc=
Subject key identifier: 6D:D8:55:AA:46:E6:41:63:B6:09:8B:50:0D:6F:A0:F1:C2:3C:62:FF
Certificate issuer: /CN=2d1172c1c73f971a9fb2e89b7917200c500ee407
Certificate serial: 018D1D1C9F5AA5F1979A7F44428F7E4A9C8E
Authority key identifier: 2D:11:72:C1:C7:3F:97:1A:9F:B2:E8:9B:79:17:20:0C:50:0E:E4:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRFywcc_lxqfsuibeRcgDFAO5Ac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/79aca9-51dd-4f22-b404-d53866e9186a/1/bdhVqkbmQWO2CYtQDW-g8cI8Yv8.roa
Signing time: Thu 18 Jan 2024 15:07:11 +0000
ROA not before: Thu 18 Jan 2024 15:07:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197143
IP address blocks: 46.245.160.0/24 maxlen: 24
46.245.161.0/24 maxlen: 24
46.245.162.0/24 maxlen: 24
46.245.163.0/24 maxlen: 24
46.245.164.0/24 maxlen: 24
46.245.165.0/24 maxlen: 24
46.245.166.0/24 maxlen: 24
46.245.167.0/24 maxlen: 24
185.33.128.0/24 maxlen: 24
185.33.129.0/24 maxlen: 24
185.33.130.0/24 maxlen: 24
185.33.131.0/24 maxlen: 24
185.218.216.0/24 maxlen: 24
185.218.217.0/24 maxlen: 24
185.218.218.0/24 maxlen: 24
185.218.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/79aca9-51dd-4f22-b404-d53866e9186a/1/LRFywcc_lxqfsuibeRcgDFAO5Ac.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/79aca9-51dd-4f22-b404-d53866e9186a/1/LRFywcc_lxqfsuibeRcgDFAO5Ac.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRFywcc_lxqfsuibeRcgDFAO5Ac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Nov 2024 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1d:1c:9f:5a:a5:f1:97:9a:7f:44:42:8f:7e:4a:9c:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1172c1c73f971a9fb2e89b7917200c500ee407
Validity
Not Before: Jan 18 15:07:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6dd855aa46e64163b6098b500d6fa0f1c23c62ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:51:5e:93:a7:b1:2e:03:71:13:19:be:7b:65:
28:b2:39:bd:a5:a8:45:83:d1:91:b0:12:e6:58:7c:
63:8c:85:91:30:f0:71:11:78:15:ca:f4:46:9a:b3:
cb:04:91:ca:fe:28:f0:3a:7a:4b:c9:81:a6:75:a8:
91:1c:02:9e:09:b9:c9:9b:03:5c:b5:56:c9:84:1b:
e3:66:3f:a5:54:72:ec:37:de:ed:15:ac:7f:69:ff:
12:d0:06:25:13:cc:c7:39:d7:e7:1d:a6:8d:70:eb:
f5:9a:3a:ae:52:6b:11:72:97:f5:fd:3e:e9:83:8e:
8e:fc:5c:1f:16:40:e9:fc:62:de:44:6d:1e:5f:f1:
cf:d7:e3:d0:b2:81:1f:d2:cc:51:8d:f2:d0:64:ea:
4b:e3:4c:7c:dc:af:a0:1f:b6:07:1d:ef:45:e8:07:
17:03:1c:e9:29:74:ff:ca:5a:60:35:8f:3a:83:22:
87:94:d9:7d:a0:e2:6b:9f:29:bc:c7:3c:ff:4d:1a:
00:a5:8f:7e:6e:d9:a6:98:a4:32:59:ee:31:5c:70:
b0:aa:7c:87:08:d5:c9:d2:28:f0:c0:48:21:68:d9:
99:25:82:70:40:5f:2f:f7:9c:56:84:ac:0a:56:71:
61:87:cc:0e:3e:26:92:62:49:8a:43:62:9e:cf:71:
00:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:D8:55:AA:46:E6:41:63:B6:09:8B:50:0D:6F:A0:F1:C2:3C:62:FF
X509v3 Authority Key Identifier:
keyid:2D:11:72:C1:C7:3F:97:1A:9F:B2:E8:9B:79:17:20:0C:50:0E:E4:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRFywcc_lxqfsuibeRcgDFAO5Ac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/79aca9-51dd-4f22-b404-d53866e9186a/1/bdhVqkbmQWO2CYtQDW-g8cI8Yv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/79aca9-51dd-4f22-b404-d53866e9186a/1/LRFywcc_lxqfsuibeRcgDFAO5Ac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.160.0/21
185.33.128.0/22
185.218.216.0/22
Signature Algorithm: sha256WithRSAEncryption
80:18:65:68:a4:fe:04:f1:ae:c2:15:36:a4:9c:72:de:59:9a:
e3:6f:72:74:1a:8a:29:24:17:fc:31:13:63:bb:c3:16:fa:b9:
13:b4:3c:24:72:87:47:1f:6f:91:15:13:b3:e6:08:bf:9a:b1:
0b:5c:26:ee:57:4a:d3:d3:05:aa:14:c7:2f:bd:7f:84:3e:68:
47:71:63:55:8e:d8:34:5c:ca:5e:7b:9b:66:19:3a:5e:b4:36:
f2:58:83:29:94:a8:90:bb:62:24:e5:dd:2e:e9:21:ef:7d:d6:
aa:37:e0:77:21:bd:34:ba:8a:d4:ae:80:0c:a6:6e:35:66:63:
06:c7:59:4e:d8:2a:2e:34:38:de:0b:3b:54:0f:02:05:b9:a6:
aa:a8:c2:ff:8b:fc:67:37:3c:42:d0:9e:4e:a0:c0:3a:bc:b3:
c2:35:d6:a0:a0:0f:ea:eb:3a:b6:33:23:72:7f:25:36:87:98:
26:3a:d3:21:e8:b1:31:cb:25:90:be:6c:e2:a7:5c:c9:02:90:
c2:db:a6:99:f0:6e:66:24:64:30:c0:d8:b9:1c:8b:63:f6:46:
68:42:1b:e3:8a:bb:d0:9a:3e:be:87:8a:6d:51:2f:00:b0:2b:
97:af:b0:20:74:53:8e:4e:6e:85:54:04:a1:29:e9:be:d5:85:
a9:dd:e5:46
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0dHJ9apfGXmn9EQo9+SpyOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMTE3MmMxYzczZjk3MWE5ZmIyZTg5Yjc5MTcyMDBjNTAw
ZWU0MDcwHhcNMjQwMTE4MTUwNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGQ4NTVhYTQ2ZTY0MTYzYjYwOThiNTAwZDZmYTBmMWMyM2M2MmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1Fek6exLgNxExm+e2Uosjm9pahF
g9GRsBLmWHxjjIWRMPBxEXgVyvRGmrPLBJHK/ijwOnpLyYGmdaiRHAKeCbnJmwNc
tVbJhBvjZj+lVHLsN97tFax/af8S0AYlE8zHOdfnHaaNcOv1mjquUmsRcpf1/T7p
g46O/FwfFkDp/GLeRG0eX/HP1+PQsoEf0sxRjfLQZOpL40x83K+gH7YHHe9F6AcX
AxzpKXT/ylpgNY86gyKHlNl9oOJrnym8xzz/TRoApY9+btmmmKQyWe4xXHCwqnyH
CNXJ0ijwwEghaNmZJYJwQF8v95xWhKwKVnFhh8wOPiaSYkmKQ2Kez3EAnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG3YVapG5kFjtgmLUA1voPHCPGL/MB8GA1UdIwQY
MBaAFC0RcsHHP5can7Lom3kXIAxQDuQHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJGeXdjY19seHFmc3VpYmVSY2dERkFPNUFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS83OWFjYTktNTFkZC00ZjIyLWI0MDQt
ZDUzODY2ZTkxODZhLzEvYmRoVnFrYm1RV08yQ1l0UURXLWc4Y0k4WXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS83OWFjYTktNTFkZC00ZjIyLWI0MDQtZDUzODY2ZTkxODZh
LzEvTFJGeXdjY19seHFmc3VpYmVSY2dERkFPNUFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDLvWgAwQC
uSGAAwQCudrYMA0GCSqGSIb3DQEBCwUAA4IBAQCAGGVopP4E8a7CFTaknHLeWZrj
b3J0GoopJBf8MRNju8MW+rkTtDwkcodHH2+RFROz5gi/mrELXCbuV0rT0wWqFMcv
vX+EPmhHcWNVjtg0XMpee5tmGTpetDbyWIMplKiQu2Ik5d0u6SHvfdaqN+B3Ib00
uorUroAMpm41ZmMGx1lO2CouNDjeCztUDwIFuaaqqML/i/xnNzxC0J5OoMA6vLPC
NdagoA/q6zq2MyNyfyU2h5gmOtMh6LExyyWQvmzip1zJApDC26aZ8G5mJGQwwNi5
HItj9kZoQhvjirvQmj6+h4ptUS8AsCuXr7AgdFOOTm6FVAShKem+1YWp3eVG
-----END CERTIFICATE-----
Generated at Wed Nov 27 09:33:10 2024 by rpki-client on console-ams.rpki-client.org