Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/xrHb9RLfLgGyrp6vySbN9qL4WXI.roa
File: xrHb9RLfLgGyrp6vySbN9qL4WXI.roa (raw, json)
Hash identifier: JI/HQb/xh9nsLtZwI1KZbFosNinwBYXfmn/O3PFNXKw=
Subject key identifier: C6:B1:DB:F5:12:DF:2E:01:B2:AE:9E:AF:C9:26:CD:F6:A2:F8:59:72
Certificate issuer: /CN=aca77c708af0ba1f81549c9f87089559390167a5
Certificate serial: 018CC9BC2266B06C4A743C42F6B55D0A4F3F
Authority key identifier: AC:A7:7C:70:8A:F0:BA:1F:81:54:9C:9F:87:08:95:59:39:01:67:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/xrHb9RLfLgGyrp6vySbN9qL4WXI.roa
Signing time: Tue 02 Jan 2024 10:33:19 +0000
ROA not before: Tue 02 Jan 2024 10:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 46.183.152.0/21 maxlen: 21
185.1.102.0/24 maxlen: 24
2001:7f8:bd::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:22:66:b0:6c:4a:74:3c:42:f6:b5:5d:0a:4f:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca77c708af0ba1f81549c9f87089559390167a5
Validity
Not Before: Jan 2 10:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6b1dbf512df2e01b2ae9eafc926cdf6a2f85972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:06:fe:f7:35:7c:ed:bd:95:b6:3c:c9:fd:56:
9a:df:07:df:6d:67:22:62:a9:7f:d8:60:04:a1:2d:
ba:eb:9d:f5:07:2f:38:28:08:a2:8b:75:25:36:78:
08:d8:eb:ed:ab:a9:28:b0:1b:b6:73:79:c7:ac:4d:
be:7c:79:c4:da:47:75:4b:4d:05:7c:16:1c:9e:4c:
14:8e:53:9c:e7:2d:ca:da:69:2f:d3:a9:d8:d4:50:
33:e2:cf:cf:89:f9:d1:ae:cc:a9:4f:52:fa:bd:32:
55:04:7d:38:19:c7:c8:fb:31:f3:e7:49:52:50:7b:
78:16:22:fd:c5:df:81:76:cd:1e:fc:46:0e:06:06:
45:cd:b8:d7:a8:14:e1:5b:95:6d:a1:d2:f7:0f:aa:
e1:24:94:a6:4b:64:ba:83:ce:20:fd:60:a4:ed:05:
78:30:8b:0f:94:d3:39:2d:8a:43:49:f7:8f:84:af:
dc:ff:5f:93:54:93:bc:99:61:14:10:c4:f4:21:e8:
b8:32:7b:f4:b3:04:86:04:e5:1a:eb:5a:57:fa:e4:
f7:39:5e:bc:3d:15:72:f5:43:8f:88:65:67:ef:23:
71:04:b6:68:c0:42:00:20:07:a8:d3:74:84:7e:7c:
3b:07:09:73:57:51:fc:d8:f4:d8:74:9c:4d:06:a2:
57:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B1:DB:F5:12:DF:2E:01:B2:AE:9E:AF:C9:26:CD:F6:A2:F8:59:72
X509v3 Authority Key Identifier:
keyid:AC:A7:7C:70:8A:F0:BA:1F:81:54:9C:9F:87:08:95:59:39:01:67:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/xrHb9RLfLgGyrp6vySbN9qL4WXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.152.0/21
185.1.102.0/24
IPv6:
2001:7f8:bd::/48
Signature Algorithm: sha256WithRSAEncryption
45:0d:22:c1:96:89:9d:1c:27:bf:ae:d5:8c:68:4f:71:6a:30:
b9:60:77:57:41:ce:8a:03:a9:34:62:47:bd:7a:f7:fb:e3:6d:
29:3f:82:d0:b2:44:e9:18:ad:8d:cb:ab:66:2a:68:f5:eb:29:
29:07:0d:72:16:cd:58:56:8a:17:55:a2:9d:2d:75:cb:67:fe:
87:de:09:29:45:e4:03:c9:4b:ef:73:75:5a:2d:e5:26:db:34:
f5:f3:59:d0:a4:f4:c5:5f:f9:66:e2:92:d4:e8:c4:cc:24:3a:
1b:aa:ed:a4:99:1a:e6:59:d5:b3:a0:51:f6:79:7c:0a:d4:58:
93:61:29:fd:37:83:81:0a:de:2d:95:76:f8:c8:11:fc:c9:8f:
63:96:9e:8d:19:a1:fe:60:ac:dd:73:59:0d:5c:45:07:4d:0a:
4e:3a:f0:81:59:ed:30:d1:a2:89:79:a2:6e:f0:b4:5f:b9:ac:
9d:57:eb:90:a0:75:6d:c1:67:50:e4:12:cb:28:6d:55:61:ac:
63:b7:1c:cf:83:e1:aa:dc:31:0a:72:0c:08:25:b7:eb:37:ed:
cf:2b:2c:80:d6:90:55:26:5c:f3:e3:af:57:5a:90:1a:e5:8b:
71:ea:df:14:09:37:a5:9c:34:92:b5:5a:41:c7:0e:5e:20:7a:
79:9b:c6:26
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJvCJmsGxKdDxC9rVdCk8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTc3YzcwOGFmMGJhMWY4MTU0OWM5Zjg3MDg5NTU5Mzkw
MTY3YTUwHhcNMjQwMTAyMTAzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmIxZGJmNTEyZGYyZTAxYjJhZTllYWZjOTI2Y2RmNmEyZjg1OTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwb+9zV87b2VtjzJ/Vaa3wffbWci
Yql/2GAEoS266531By84KAiii3UlNngI2Ovtq6kosBu2c3nHrE2+fHnE2kd1S00F
fBYcnkwUjlOc5y3K2mkv06nY1FAz4s/PifnRrsypT1L6vTJVBH04GcfI+zHz50lS
UHt4FiL9xd+Bds0e/EYOBgZFzbjXqBThW5VtodL3D6rhJJSmS2S6g84g/WCk7QV4
MIsPlNM5LYpDSfePhK/c/1+TVJO8mWEUEMT0Iei4Mnv0swSGBOUa61pX+uT3OV68
PRVy9UOPiGVn7yNxBLZowEIAIAeo03SEfnw7BwlzV1H82PTYdJxNBqJXkwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMax2/US3y4Bsq6er8kmzfai+FlyMB8GA1UdIwQY
MBaAFKynfHCK8LofgVScn4cIlVk5AWelMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktkOGNJcnd1aC1CVkp5Zmh3aVZXVGtCWjZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84ZmU3ZDgtMDE3Yi00MWFhLWE5MWYt
MjhiMTllM2ZkNGE2LzEveHJIYjlSTGZMZ0d5cnA2dnlTYk45cUw0V1hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84ZmU3ZDgtMDE3Yi00MWFhLWE5MWYtMjhiMTllM2ZkNGE2
LzEvcktkOGNJcnd1aC1CVkp5Zmh3aVZXVGtCWjZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDLreYAwQA
uQFmMA8EAgACMAkDBwAgAQf4AL0wDQYJKoZIhvcNAQELBQADggEBAEUNIsGWiZ0c
J7+u1YxoT3FqMLlgd1dBzooDqTRiR7169/vjbSk/gtCyROkYrY3Lq2YqaPXrKSkH
DXIWzVhWihdVop0tdctn/ofeCSlF5APJS+9zdVot5SbbNPXzWdCk9MVf+WbiktTo
xMwkOhuq7aSZGuZZ1bOgUfZ5fArUWJNhKf03g4EK3i2VdvjIEfzJj2OWno0Zof5g
rN1zWQ1cRQdNCk468IFZ7TDRool5om7wtF+5rJ1X65CgdW3BZ1DkEssobVVhrGO3
HM+D4arcMQpyDAglt+s37c8rLIDWkFUmXPPjr1dakBrli3Hq3xQJN6WcNJK1WkHH
Dl4genmbxiY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:08:46 2024 by rpki-client on console-ams.rpki-client.org