Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/dohUXwnQZw1ZYKTa5oS5FgCazKU.roa
File: dohUXwnQZw1ZYKTa5oS5FgCazKU.roa (raw, json)
Hash identifier: wyyBXv2JPOpEs75Rk4f0pFE1rAaJm3oACPYpk/u9Dxg=
Subject key identifier: 76:88:54:5F:09:D0:67:0D:59:60:A4:DA:E6:84:B9:16:00:9A:CC:A5
Certificate issuer: /CN=79b5134b11f940911f0ff315c948daa53f732ee0
Certificate serial: 018CC64B049A0E5DFA696318557152FD9B36
Authority key identifier: 79:B5:13:4B:11:F9:40:91:1F:0F:F3:15:C9:48:DA:A5:3F:73:2E:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ebUTSxH5QJEfD_MVyUjapT9zLuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/dohUXwnQZw1ZYKTa5oS5FgCazKU.roa
Signing time: Mon 01 Jan 2024 18:30:54 +0000
ROA not before: Mon 01 Jan 2024 18:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52033
IP address blocks: 46.254.49.0/24 maxlen: 24
46.254.50.0/24 maxlen: 24
46.254.51.0/24 maxlen: 24
46.254.48.0/24 maxlen: 24
46.254.52.0/24 maxlen: 24
46.254.53.0/24 maxlen: 24
46.254.54.0/24 maxlen: 24
46.254.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/ebUTSxH5QJEfD_MVyUjapT9zLuA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/ebUTSxH5QJEfD_MVyUjapT9zLuA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ebUTSxH5QJEfD_MVyUjapT9zLuA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:04:9a:0e:5d:fa:69:63:18:55:71:52:fd:9b:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79b5134b11f940911f0ff315c948daa53f732ee0
Validity
Not Before: Jan 1 18:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7688545f09d0670d5960a4dae684b916009acca5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ca:cb:e1:52:f6:2c:7a:19:19:be:ce:77:a9:
d4:e3:02:f1:6e:40:23:17:88:b8:08:d9:2d:4e:47:
13:84:34:0f:2c:eb:1c:1c:0c:33:34:79:06:d1:1d:
ed:e9:c9:37:ae:78:fe:c2:e0:20:c6:08:bb:12:d9:
b8:93:c6:f7:76:b8:ee:dd:bf:af:72:8e:a5:57:64:
69:54:af:85:7b:53:20:5c:2b:55:b3:cf:30:4f:7f:
9b:6f:d5:04:ea:10:6a:6e:da:e3:4b:27:99:e0:86:
e0:c1:f9:e5:82:4c:1a:85:95:e6:c1:e5:5a:40:d3:
02:b5:55:d3:c2:13:e4:eb:2a:89:2e:e2:72:ea:23:
09:de:57:39:b2:98:e7:d3:c7:0a:0e:1c:23:e5:0b:
9b:8c:50:71:be:08:0e:fd:23:fe:b4:1b:74:47:01:
02:a3:b6:2c:19:68:2c:46:04:f3:85:3b:7d:cd:db:
00:dd:b3:bc:cc:37:9d:ff:72:9a:f5:4e:b8:41:df:
6b:25:97:07:79:c9:63:70:f8:b2:5e:3a:40:58:19:
2b:cf:ab:bf:f3:9b:9d:db:4b:33:53:4e:d0:3b:1e:
01:a0:d5:9f:c5:4f:fc:fe:ad:74:c8:49:ce:f6:3b:
f7:ef:c3:3b:94:af:09:a9:a1:a0:09:39:8c:78:f8:
f3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:88:54:5F:09:D0:67:0D:59:60:A4:DA:E6:84:B9:16:00:9A:CC:A5
X509v3 Authority Key Identifier:
keyid:79:B5:13:4B:11:F9:40:91:1F:0F:F3:15:C9:48:DA:A5:3F:73:2E:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ebUTSxH5QJEfD_MVyUjapT9zLuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/dohUXwnQZw1ZYKTa5oS5FgCazKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/ebUTSxH5QJEfD_MVyUjapT9zLuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.48.0/21
Signature Algorithm: sha256WithRSAEncryption
c5:c3:ce:4a:38:fe:68:27:93:82:3b:a7:a2:f0:cc:f8:10:6a:
77:fd:8a:24:47:60:cd:54:b2:00:fa:1e:de:57:b6:11:5d:5f:
83:4a:37:4c:53:f4:73:e1:4c:ce:72:bd:cf:ff:36:60:f0:77:
80:56:55:5e:d4:73:a2:44:3b:3f:bc:f5:fd:9a:e6:dc:72:91:
d5:2d:3e:2b:c9:ff:58:a5:ec:fc:d5:da:e4:47:88:58:59:b1:
c6:aa:47:d4:32:3b:c0:cf:be:b8:9a:96:06:c5:13:99:c4:75:
0b:b6:e8:71:76:62:df:03:18:5a:0b:7a:fc:9f:81:b2:e4:2d:
da:77:b2:b1:c6:5e:17:5b:ff:38:81:55:58:eb:47:e6:28:4e:
24:32:57:e3:5a:b8:be:2d:21:a6:9b:cc:35:19:55:3c:a4:50:
f7:30:1a:8b:2c:b8:12:dc:db:f6:7e:d1:b9:79:4e:b7:c0:ad:
23:f6:67:cd:a2:2d:22:dc:34:62:4f:c0:1e:81:56:7f:09:fb:
fe:cd:a1:8a:79:09:ff:02:89:bf:40:08:93:70:00:92:b8:92:
b9:7a:13:52:3f:1d:b6:a9:e5:31:4f:d1:0d:ac:ed:15:40:51:
f3:e0:91:4b:ae:d9:e5:c7:2a:39:fa:c4:7d:bf:a3:3e:c3:00:
6f:9d:c0:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSwSaDl36aWMYVXFS/Zs2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YjUxMzRiMTFmOTQwOTExZjBmZjMxNWM5NDhkYWE1M2Y3
MzJlZTAwHhcNMjQwMTAxMTgzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njg4NTQ1ZjA5ZDA2NzBkNTk2MGE0ZGFlNjg0YjkxNjAwOWFjY2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcrL4VL2LHoZGb7Od6nU4wLxbkAj
F4i4CNktTkcThDQPLOscHAwzNHkG0R3t6ck3rnj+wuAgxgi7Etm4k8b3drju3b+v
co6lV2RpVK+Fe1MgXCtVs88wT3+bb9UE6hBqbtrjSyeZ4IbgwfnlgkwahZXmweVa
QNMCtVXTwhPk6yqJLuJy6iMJ3lc5spjn08cKDhwj5QubjFBxvggO/SP+tBt0RwEC
o7YsGWgsRgTzhTt9zdsA3bO8zDed/3Ka9U64Qd9rJZcHecljcPiyXjpAWBkrz6u/
85ud20szU07QOx4BoNWfxU/8/q10yEnO9jv378M7lK8JqaGgCTmMePjzdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHaIVF8J0GcNWWCk2uaEuRYAmsylMB8GA1UdIwQY
MBaAFHm1E0sR+UCRHw/zFclI2qU/cy7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWJVVFN4SDVRSkVmRF9NVnlVamFwVDl6THVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81ZTA5OTQtOTRkMi00NmUxLTgwNjYt
Y2VjMjJlYTc5NTEzLzEvZG9oVVh3blFadzFaWUtUYTVvUzVGZ0NhektVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS81ZTA5OTQtOTRkMi00NmUxLTgwNjYtY2VjMjJlYTc5NTEz
LzEvZWJVVFN4SDVRSkVmRF9NVnlVamFwVDl6THVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLv4wMA0G
CSqGSIb3DQEBCwUAA4IBAQDFw85KOP5oJ5OCO6ei8Mz4EGp3/YokR2DNVLIA+h7e
V7YRXV+DSjdMU/Rz4UzOcr3P/zZg8HeAVlVe1HOiRDs/vPX9mubccpHVLT4ryf9Y
pez81drkR4hYWbHGqkfUMjvAz764mpYGxROZxHULtuhxdmLfAxhaC3r8n4Gy5C3a
d7Kxxl4XW/84gVVY60fmKE4kMlfjWri+LSGmm8w1GVU8pFD3MBqLLLgS3Nv2ftG5
eU63wK0j9mfNoi0i3DRiT8AegVZ/Cfv+zaGKeQn/Aom/QAiTcACSuJK5ehNSPx22
qeUxT9ENrO0VQFHz4JFLrtnlxyo5+sR9v6M+wwBvncDX
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:57:17 2024 by rpki-client on console-ams.rpki-client.org