Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/4441b4-f981-4c26-9b99-1010473f4fe8/1/DOXoMC9Y5l5Uc5ftMEuGS8h18og.roa
File: DOXoMC9Y5l5Uc5ftMEuGS8h18og.roa (raw, json)
Hash identifier: zODCvLoHcOlORK1VheVh4jaUTPKN2Jee4TEbqnQuDLI=
Subject key identifier: 0C:E5:E8:30:2F:58:E6:5E:54:73:97:ED:30:4B:86:4B:C8:75:F2:88
Certificate issuer: /CN=f57bc7f2eaf0cafa69bee5fabe67122b4363fe72
Certificate serial: 018CC7273728BBB8D57043816E6310583034
Authority key identifier: F5:7B:C7:F2:EA:F0:CA:FA:69:BE:E5:FA:BE:67:12:2B:43:63:FE:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XvH8urwyvppvuX6vmcSK0Nj_nI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/4441b4-f981-4c26-9b99-1010473f4fe8/1/DOXoMC9Y5l5Uc5ftMEuGS8h18og.roa
Signing time: Mon 01 Jan 2024 22:31:25 +0000
ROA not before: Mon 01 Jan 2024 22:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200567
IP address blocks: 46.16.216.0/22 maxlen: 22
46.16.216.0/23 maxlen: 23
46.16.218.0/23 maxlen: 23
46.16.222.0/23 maxlen: 23
46.16.220.0/23 maxlen: 23
46.16.220.0/22 maxlen: 22
185.39.176.0/23 maxlen: 24
185.39.178.0/23 maxlen: 23
185.70.144.0/23 maxlen: 23
185.70.146.0/23 maxlen: 23
45.146.132.0/22 maxlen: 23
185.109.32.0/23 maxlen: 23
185.109.34.0/23 maxlen: 23
2a05:2a80:1::/48 maxlen: 48
2a05:2a80::/29 maxlen: 29
2a0f:1000::/29 maxlen: 48
2a05:2a80::/32 maxlen: 32
2a06:4e40::/29 maxlen: 29
2a02:4500::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/4441b4-f981-4c26-9b99-1010473f4fe8/1/9XvH8urwyvppvuX6vmcSK0Nj_nI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/4441b4-f981-4c26-9b99-1010473f4fe8/1/9XvH8urwyvppvuX6vmcSK0Nj_nI.mft
rsync://rpki.ripe.net/repository/DEFAULT/9XvH8urwyvppvuX6vmcSK0Nj_nI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:37:28:bb:b8:d5:70:43:81:6e:63:10:58:30:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f57bc7f2eaf0cafa69bee5fabe67122b4363fe72
Validity
Not Before: Jan 1 22:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ce5e8302f58e65e547397ed304b864bc875f288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:a6:f2:78:23:46:f7:82:64:e6:10:12:84:4f:
63:6f:23:d8:a5:64:73:18:20:b8:bc:b9:7d:ad:50:
01:d3:8c:dc:20:b1:ac:9d:64:88:e5:a1:dc:a1:b3:
1e:71:18:c3:e4:79:70:6e:c3:89:b1:20:57:3e:5d:
73:5d:8d:a6:8b:bd:22:4b:d4:56:11:60:25:cb:40:
de:38:8d:2e:6c:c0:21:80:49:b0:02:d9:12:45:36:
ef:91:63:96:95:e4:90:f6:33:16:d9:a5:f9:8f:25:
cc:21:94:67:85:86:a7:73:ab:b7:12:20:1c:f8:4b:
3b:c2:91:76:34:9a:94:cf:f3:df:3c:29:ea:f6:6c:
47:8e:86:6b:4b:eb:b9:33:12:f9:98:28:89:64:de:
77:37:b3:7d:32:9c:dd:2d:11:7d:47:10:41:01:9a:
50:cc:77:9d:1f:20:9a:69:63:cf:22:5c:04:9e:02:
ec:a1:7e:54:86:11:1b:05:f7:a1:6e:50:ee:77:90:
e8:58:e8:8a:7c:94:aa:26:0c:68:d1:7a:8a:00:2a:
1c:1c:1c:ac:99:05:94:5e:c0:f4:3a:4b:e4:d6:fc:
49:75:ae:d0:94:94:cb:73:26:ba:45:ab:d1:e9:ce:
94:c1:ee:92:65:e6:fe:10:8e:20:a6:34:b8:0c:53:
46:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:E5:E8:30:2F:58:E6:5E:54:73:97:ED:30:4B:86:4B:C8:75:F2:88
X509v3 Authority Key Identifier:
keyid:F5:7B:C7:F2:EA:F0:CA:FA:69:BE:E5:FA:BE:67:12:2B:43:63:FE:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XvH8urwyvppvuX6vmcSK0Nj_nI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/4441b4-f981-4c26-9b99-1010473f4fe8/1/DOXoMC9Y5l5Uc5ftMEuGS8h18og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/4441b4-f981-4c26-9b99-1010473f4fe8/1/9XvH8urwyvppvuX6vmcSK0Nj_nI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.132.0/22
46.16.216.0/21
185.39.176.0/22
185.70.144.0/22
185.109.32.0/22
IPv6:
2a02:4500::/32
2a05:2a80::/29
2a06:4e40::/29
2a0f:1000::/29
Signature Algorithm: sha256WithRSAEncryption
77:56:22:00:2a:69:42:fb:b0:33:f2:4f:6c:4e:05:35:e7:70:
c3:11:98:60:13:ca:e2:0c:40:fc:b7:35:64:e7:28:bb:65:49:
e3:c4:af:94:02:06:e1:ac:f3:3b:dc:64:2c:15:2d:32:5d:e5:
46:ba:ca:76:13:a8:54:9c:f9:56:e2:ee:f7:d4:f3:51:97:04:
56:7f:01:97:81:66:1d:fe:f1:0a:2d:d2:c6:6c:23:f8:d8:54:
a3:45:a1:0f:ee:fd:c4:40:0f:03:f3:12:38:86:5b:92:b5:b9:
59:3d:df:ed:6f:40:7e:b7:5c:53:92:bf:2a:41:e4:bd:b3:0a:
1e:54:e2:8c:22:59:e6:5d:15:eb:e5:ac:44:48:35:4e:ba:60:
e2:fd:ad:d8:a5:88:21:54:40:96:3b:50:92:24:03:fe:2b:2a:
52:a6:c9:6d:3a:16:48:54:41:de:b8:37:48:58:f1:04:b8:c0:
62:4f:80:65:6c:6c:de:3f:64:94:ab:28:11:22:00:93:16:f7:
d6:d4:84:4c:59:3b:74:6e:a8:ae:bb:54:0d:31:c8:72:39:68:
12:6f:a5:33:e6:61:66:87:87:45:65:75:1e:fe:ba:c9:83:12:
2b:2a:9c:0d:e4:cd:7d:10:a0:aa:20:ab:67:fe:87:32:53:ba:
55:bf:06:be
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYzHJzcou7jVcEOBbmMQWDA0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1N2JjN2YyZWFmMGNhZmE2OWJlZTVmYWJlNjcxMjJiNDM2
M2ZlNzIwHhcNMjQwMTAxMjIzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2U1ZTgzMDJmNThlNjVlNTQ3Mzk3ZWQzMDRiODY0YmM4NzVmMjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8qbyeCNG94Jk5hAShE9jbyPYpWRz
GCC4vLl9rVAB04zcILGsnWSI5aHcobMecRjD5HlwbsOJsSBXPl1zXY2mi70iS9RW
EWAly0DeOI0ubMAhgEmwAtkSRTbvkWOWleSQ9jMW2aX5jyXMIZRnhYanc6u3EiAc
+Es7wpF2NJqUz/PfPCnq9mxHjoZrS+u5MxL5mCiJZN53N7N9MpzdLRF9RxBBAZpQ
zHedHyCaaWPPIlwEngLsoX5UhhEbBfehblDud5DoWOiKfJSqJgxo0XqKACocHBys
mQWUXsD0Okvk1vxJda7QlJTLcya6RavR6c6Uwe6SZeb+EI4gpjS4DFNGpQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFAzl6DAvWOZeVHOX7TBLhkvIdfKIMB8GA1UdIwQY
MBaAFPV7x/Lq8Mr6ab7l+r5nEitDY/5yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVh2SDh1cnd5dnBwdnVYNnZtY1NLME5qX25JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy80NDQxYjQtZjk4MS00YzI2LTliOTkt
MTAxMDQ3M2Y0ZmU4LzEvRE9Yb01DOVk1bDVVYzVmdE1FdUdTOGgxOG9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy80NDQxYjQtZjk4MS00YzI2LTliOTktMTAxMDQ3M2Y0ZmU4
LzEvOVh2SDh1cnd5dnBwdnVYNnZtY1NLME5qX25JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAkBAIAATAeAwQCLZKEAwQD
LhDYAwQCuSewAwQCuUaQAwQCuW0gMCIEAgACMBwDBQAqAkUAAwUDKgUqgAMFAyoG
TkADBQMqDxAAMA0GCSqGSIb3DQEBCwUAA4IBAQB3ViIAKmlC+7Az8k9sTgU153DD
EZhgE8riDED8tzVk5yi7ZUnjxK+UAgbhrPM73GQsFS0yXeVGusp2E6hUnPlW4u73
1PNRlwRWfwGXgWYd/vEKLdLGbCP42FSjRaEP7v3EQA8D8xI4hluStblZPd/tb0B+
t1xTkr8qQeS9swoeVOKMIlnmXRXr5axESDVOumDi/a3YpYghVECWO1CSJAP+KypS
psltOhZIVEHeuDdIWPEEuMBiT4BlbGzeP2SUqygRIgCTFvfW1IRMWTt0bqiuu1QN
MchyOWgSb6Uz5mFmh4dFZXUe/rrJgxIrKpwN5M19EKCqIKtn/ocyU7pVvwa+
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:59:13 2024 by rpki-client on console-ams.rpki-client.org