Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/2Y5hOUsLBTtERF1eino-DrRj29k.roa
File: 2Y5hOUsLBTtERF1eino-DrRj29k.roa (raw, json)
Hash identifier: 8PpDTEUjOOzhJ6pTBzqwhYZoKsXIjmiRr+1MzUQiWuI=
Subject key identifier: D9:8E:61:39:4B:0B:05:3B:44:44:5D:5E:8A:7A:3E:0E:B4:63:DB:D9
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 018E62D2F88C111DF7EDB21EAC5382BB7A02
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/2Y5hOUsLBTtERF1eino-DrRj29k.roa
Signing time: Thu 21 Mar 2024 21:02:56 +0000
ROA not before: Thu 21 Mar 2024 21:02:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 393427
IP address blocks: 46.3.190.0/24 maxlen: 24
46.3.191.0/24 maxlen: 24
46.3.200.0/24 maxlen: 24
46.3.250.0/24 maxlen: 24
46.3.252.0/24 maxlen: 24
46.232.67.0/24 maxlen: 24
46.232.69.0/24 maxlen: 24
46.232.70.0/24 maxlen: 24
46.232.71.0/24 maxlen: 24
46.232.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:62:d2:f8:8c:11:1d:f7:ed:b2:1e:ac:53:82:bb:7a:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Mar 21 21:02:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d98e61394b0b053b44445d5e8a7a3e0eb463dbd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:7b:1d:e5:bd:92:01:4c:fe:47:5d:f4:fa:c1:
53:b7:74:3b:e6:cc:b9:c0:30:79:14:ba:0b:a2:c2:
14:c3:be:2a:01:b0:78:07:3f:74:09:4b:33:95:88:
a9:96:03:09:89:46:82:cd:08:ff:65:e7:64:39:9f:
f0:4a:f4:82:e0:d6:79:f8:14:be:c6:a4:d0:c7:db:
82:a3:0a:6c:48:4b:22:98:ed:00:0b:f8:6e:e3:5e:
d2:8d:f7:1e:71:0a:ff:56:8e:38:43:43:4f:98:f4:
26:ff:09:db:fe:a4:76:27:98:42:fb:f4:91:14:f5:
7e:4c:8d:51:41:37:3c:05:34:c7:b2:6e:a4:ce:cf:
59:56:9d:06:59:91:2c:9d:e7:73:79:e2:02:17:ea:
73:c8:91:96:ef:3b:d4:e6:2f:87:6b:b0:94:5b:0b:
19:cb:b4:90:37:40:30:07:c4:b2:07:8f:5a:4d:93:
ef:47:55:6a:2c:d7:92:35:06:fb:a3:34:9c:73:f1:
c1:28:e4:1f:ef:38:bb:73:ad:4d:fc:fd:f5:b2:c8:
66:c4:e8:1a:ad:6e:f3:5c:18:80:6b:2c:f7:e4:0f:
db:45:66:87:33:2f:74:77:d5:6a:8a:0b:e1:84:2c:
29:f6:e7:f5:62:23:26:1f:0e:06:9d:42:7a:81:f7:
81:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:8E:61:39:4B:0B:05:3B:44:44:5D:5E:8A:7A:3E:0E:B4:63:DB:D9
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/2Y5hOUsLBTtERF1eino-DrRj29k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.190.0/23
46.3.200.0/24
46.3.250.0/24
46.3.252.0/24
46.232.67.0/24
46.232.69.0-46.232.72.255
Signature Algorithm: sha256WithRSAEncryption
3b:b2:06:22:b1:d8:5d:f0:d3:21:ee:5b:23:07:f3:b8:28:78:
78:ad:8c:8f:6e:ad:64:b3:44:19:37:15:6f:77:60:69:e8:58:
f0:4c:27:9a:1b:5e:3b:9d:03:be:a0:dd:a6:ce:f0:79:30:83:
b1:d2:9f:c6:30:17:68:2f:7f:d1:d7:28:89:69:7b:74:13:a8:
33:f8:2c:7b:ad:f0:dc:df:ed:c1:b6:2e:65:29:44:f5:c1:0d:
0b:81:fe:ca:5f:c5:6e:88:03:19:70:b8:3e:29:71:1a:fb:6a:
dd:d7:27:55:64:ab:09:44:c1:3c:90:99:67:8f:3d:5f:f3:d2:
c6:6f:5d:43:b5:d6:82:ac:ee:eb:ac:67:81:99:6c:2e:e0:ec:
54:89:6a:7b:71:25:7b:97:45:cd:28:55:e8:e8:26:ed:d9:3d:
e0:fc:b8:bd:e2:81:63:0f:ae:1b:6b:37:52:5c:08:e9:72:4f:
2c:01:0c:d5:bd:2b:4b:05:b3:03:ba:3c:80:a0:65:d3:c8:4f:
ee:5a:b4:be:73:1e:08:b0:df:6e:fb:2f:4c:1f:56:45:cb:68:
b5:e7:69:9c:52:2a:60:c4:e9:8a:13:38:07:9a:b7:29:b7:04:
47:c4:63:d1:2f:b0:6c:da:84:44:34:53:73:4e:10:c5:ff:8e:
c4:9b:f2:2a
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY5i0viMER337bIerFOCu3oCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjQwMzIxMjEwMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOThlNjEzOTRiMGIwNTNiNDQ0NDVkNWU4YTdhM2UwZWI0NjNkYmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3sd5b2SAUz+R130+sFTt3Q75sy5
wDB5FLoLosIUw74qAbB4Bz90CUszlYiplgMJiUaCzQj/ZedkOZ/wSvSC4NZ5+BS+
xqTQx9uCowpsSEsimO0AC/hu417SjfcecQr/Vo44Q0NPmPQm/wnb/qR2J5hC+/SR
FPV+TI1RQTc8BTTHsm6kzs9ZVp0GWZEsnedzeeICF+pzyJGW7zvU5i+Ha7CUWwsZ
y7SQN0AwB8SyB49aTZPvR1VqLNeSNQb7ozScc/HBKOQf7zi7c61N/P31sshmxOga
rW7zXBiAayz35A/bRWaHMy90d9VqigvhhCwp9uf1YiMmHw4GnUJ6gfeBVQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFNmOYTlLCwU7RERdXop6Pg60Y9vZMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvMlk1aE9Vc0xCVHRFUkYxZWluby1EclJqMjlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBLgO+AwQA
LgPIAwQALgP6AwQALgP8AwQALuhDMAwDBAAu6EUDBAAu6EgwDQYJKoZIhvcNAQEL
BQADggEBADuyBiKx2F3w0yHuWyMH87goeHitjI9urWSzRBk3FW93YGnoWPBMJ5ob
XjudA76g3abO8Hkwg7HSn8YwF2gvf9HXKIlpe3QTqDP4LHut8Nzf7cG2LmUpRPXB
DQuB/spfxW6IAxlwuD4pcRr7at3XJ1VkqwlEwTyQmWePPV/z0sZvXUO11oKs7uus
Z4GZbC7g7FSJantxJXuXRc0oVejoJu3ZPeD8uL3igWMPrhtrN1JcCOlyTywBDNW9
K0sFswO6PICgZdPIT+5atL5zHgiw3277L0wfVkXLaLXnaZxSKmDE6YoTOAeatym3
BEfEY9EvsGzahEQ0U3NOEMX/jsSb8io=
-----END CERTIFICATE-----
Generated at Tue May 7 05:47:49 2024 by rpki-client on console-ams.rpki-client.org