Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/KvWPcdR8bFXFxkyfHFnAXTGRPPw.roa
File: KvWPcdR8bFXFxkyfHFnAXTGRPPw.roa (raw, json)
Hash identifier: ZUJg8wSs0araCTE0fktdNGkifpWE8aAiOf4LjDA/E2I=
Subject key identifier: 2A:F5:8F:71:D4:7C:6C:55:C5:C6:4C:9F:1C:59:C0:5D:31:91:3C:FC
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 019302D6A2E3016B3A6A3B5FF145ECB152CF
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/KvWPcdR8bFXFxkyfHFnAXTGRPPw.roa
Signing time: Wed 06 Nov 2024 18:57:20 +0000
ROA not before: Wed 06 Nov 2024 18:57:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22773
IP address blocks: 46.3.8.0/22 maxlen: 24
46.3.80.0/22 maxlen: 22
46.3.135.0/24 maxlen: 24
46.3.156.0/24 maxlen: 24
46.3.157.0/24 maxlen: 24
46.3.188.0/22 maxlen: 24
46.3.208.0/21 maxlen: 21
149.126.203.0/24 maxlen: 24
149.126.251.0/24 maxlen: 24
149.126.253.0/24 maxlen: 24
149.126.254.0/24 maxlen: 24
149.126.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:02:d6:a2:e3:01:6b:3a:6a:3b:5f:f1:45:ec:b1:52:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Nov 6 18:57:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2af58f71d47c6c55c5c64c9f1c59c05d31913cfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:1b:29:c8:23:c9:87:0a:6a:e4:3a:62:dd:08:
66:55:f9:bc:18:87:b9:9b:6d:80:a6:24:75:dd:06:
b9:9f:cd:ea:84:f6:90:b8:06:d2:c2:23:c6:6a:11:
78:b4:51:75:53:4a:7b:8a:df:28:cf:91:23:bd:32:
51:9e:63:bc:d8:de:6b:0f:51:e8:fc:d2:c1:17:f1:
f1:b9:2a:8f:d0:ad:ca:b8:69:34:11:2e:48:2a:d7:
04:a6:ad:e9:6f:b6:66:5a:1c:f3:d8:08:92:17:61:
cf:24:a5:02:ed:67:31:86:df:ed:24:06:f0:aa:ad:
27:45:df:2c:59:52:f3:4f:c7:59:f7:2f:ec:06:e1:
cc:4d:a2:6b:8d:24:64:cd:85:9e:f4:d0:4d:6b:f1:
3b:f7:10:fe:83:64:0e:09:7b:c3:82:76:a7:bf:96:
fe:7a:62:57:54:86:6a:a1:d1:da:ef:b2:bf:7f:1a:
95:1c:2a:32:9a:a5:e6:d9:24:23:6c:7b:f8:8f:06:
c0:e8:45:bb:e7:22:86:ef:ae:07:04:28:26:af:78:
51:b6:95:5c:68:3d:27:46:00:80:91:4b:6d:6b:47:
fa:02:71:f2:c1:00:89:d8:a9:97:1e:73:cb:4c:76:
e5:8a:84:fd:4e:5b:fa:f5:ee:05:57:69:e9:cd:e1:
6d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F5:8F:71:D4:7C:6C:55:C5:C6:4C:9F:1C:59:C0:5D:31:91:3C:FC
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/KvWPcdR8bFXFxkyfHFnAXTGRPPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.8.0/22
46.3.80.0/22
46.3.135.0/24
46.3.156.0/23
46.3.188.0/22
46.3.208.0/21
149.126.203.0/24
149.126.251.0/24
149.126.253.0-149.126.255.255
Signature Algorithm: sha256WithRSAEncryption
34:5d:6e:04:9b:c6:27:dc:ea:2c:17:b4:dc:f8:90:d2:18:c4:
1d:37:4e:8e:9a:a4:06:6c:e0:6a:e5:a7:82:fb:7d:1f:db:44:
80:26:63:37:77:df:b1:a9:9b:2a:52:3d:e4:cb:e6:61:73:9f:
52:74:5a:d5:e6:e6:56:9c:75:8b:83:ff:90:f9:92:30:c6:c6:
37:4e:bc:e4:fe:bc:e3:89:d9:d4:c5:06:ca:84:32:fa:8d:df:
2a:1c:e6:fc:2f:e9:88:b0:7c:0a:8b:85:5b:b4:81:9f:06:50:
90:fa:7a:6a:21:6f:a3:e8:a3:c5:7a:53:24:85:cb:d7:56:5f:
7b:ca:96:57:1a:81:f9:3c:27:d1:cf:6d:75:e2:aa:20:b0:14:
01:b6:25:ab:85:79:7d:a3:87:77:3a:c5:be:d4:33:0c:e6:6d:
97:04:1f:d8:69:bc:55:04:bd:1c:86:64:0d:7b:66:74:fc:26:
bf:eb:e7:ee:b8:fd:ba:5b:98:86:60:1c:e7:67:a6:5e:1d:b5:
81:c8:3f:48:c8:8c:9d:4f:bc:e0:71:dc:7c:dd:af:fb:8b:cf:
c6:b1:20:4a:41:52:b2:19:08:c5:bc:8f:c1:12:77:c1:31:7f:
d5:ca:7e:b5:86:ad:8a:b3:1c:4b:c5:a9:93:82:0c:f1:2f:ab:
c0:d1:5f:b3
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZMC1qLjAWs6ajtf8UXssVLPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjQxMTA2MTg1NzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWY1OGY3MWQ0N2M2YzU1YzVjNjRjOWYxYzU5YzA1ZDMxOTEzY2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRspyCPJhwpq5Dpi3QhmVfm8GIe5
m22ApiR13Qa5n83qhPaQuAbSwiPGahF4tFF1U0p7it8oz5EjvTJRnmO82N5rD1Ho
/NLBF/HxuSqP0K3KuGk0ES5IKtcEpq3pb7ZmWhzz2AiSF2HPJKUC7Wcxht/tJAbw
qq0nRd8sWVLzT8dZ9y/sBuHMTaJrjSRkzYWe9NBNa/E79xD+g2QOCXvDgnanv5b+
emJXVIZqodHa77K/fxqVHCoymqXm2SQjbHv4jwbA6EW75yKG764HBCgmr3hRtpVc
aD0nRgCAkUtta0f6AnHywQCJ2KmXHnPLTHblioT9Tlv69e4FV2npzeFtmQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFCr1j3HUfGxVxcZMnxxZwF0xkTz8MB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvS3ZXUGNkUjhiRlhGeGt5ZkhGbkFYVEdSUFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTBDBAIAATA9AwQCLgMIAwQC
LgNQAwQALgOHAwQBLgOcAwQCLgO8AwQDLgPQAwQAlX7LAwQAlX77MAsDBACVfv0D
AwCVfjANBgkqhkiG9w0BAQsFAAOCAQEANF1uBJvGJ9zqLBe03PiQ0hjEHTdOjpqk
BmzgauWngvt9H9tEgCZjN3ffsambKlI95MvmYXOfUnRa1ebmVpx1i4P/kPmSMMbG
N0685P6844nZ1MUGyoQy+o3fKhzm/C/piLB8CouFW7SBnwZQkPp6aiFvo+ijxXpT
JIXL11Zfe8qWVxqB+Twn0c9tdeKqILAUAbYlq4V5faOHdzrFvtQzDOZtlwQf2Gm8
VQS9HIZkDXtmdPwmv+vn7rj9uluYhmAc52emXh21gcg/SMiMnU+84HHcfN2v+4vP
xrEgSkFSshkIxbyPwRJ3wTF/1cp+tYatirMcS8Wpk4IM8S+rwNFfsw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:33:11 2024 by rpki-client on console-ams.rpki-client.org