Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/lJ6LqAkV9gJM2o8GZARpkWymUwY.roa
File: lJ6LqAkV9gJM2o8GZARpkWymUwY.roa (raw, json)
Hash identifier: OOxR9a0AcOLrXVaGysWPvc5zAtn+6aPIL9y9iVWuIuA=
Subject key identifier: 94:9E:8B:A8:09:15:F6:02:4C:DA:8F:06:64:04:69:91:6C:A6:53:06
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01934643D4F773C1D28343A5CEA813D31E43
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/lJ6LqAkV9gJM2o8GZARpkWymUwY.roa
Signing time: Tue 19 Nov 2024 21:11:10 +0000
ROA not before: Tue 19 Nov 2024 21:11:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 46.3.86.0/23 maxlen: 23
46.232.20.0/22 maxlen: 22
46.232.72.0/21 maxlen: 21
149.126.196.0/24 maxlen: 24
149.126.206.0/24 maxlen: 24
149.126.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:46:43:d4:f7:73:c1:d2:83:43:a5:ce:a8:13:d3:1e:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Nov 19 21:11:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=949e8ba80915f6024cda8f06640469916ca65306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:8f:3b:56:e2:02:4a:ac:4c:85:8e:5f:ba:bb:
0a:e0:6c:f9:ca:3c:f8:4d:90:0d:c1:7e:d2:18:8b:
2c:ef:b9:e1:d3:b2:4f:0b:47:92:38:ee:d2:cd:1e:
39:69:b0:c1:9d:17:55:85:3d:2e:3b:b0:4d:1d:c4:
b5:35:56:c1:0e:f2:e6:d6:7f:3b:5e:9c:76:c9:77:
6b:a7:7a:2b:b8:5b:0e:74:97:e6:f7:47:55:ed:22:
cd:c4:b8:65:84:53:f6:70:a9:a4:82:d3:08:23:3c:
fe:9f:87:c2:25:0a:a9:ed:ae:a0:da:91:22:1c:3a:
d7:09:5a:17:2b:e4:b2:a2:92:01:74:bd:00:5e:f8:
e1:1b:fe:68:99:db:da:b6:ef:a5:5d:59:47:11:cd:
2c:51:df:de:0b:c2:29:7d:33:20:7e:ba:a9:e5:5f:
62:99:dc:7d:49:b2:9d:5d:55:b6:d7:70:63:c7:7c:
89:49:7d:7a:2e:00:32:96:0c:eb:2b:47:4c:ac:9c:
9a:b8:b0:90:de:2c:0f:67:1f:48:7a:78:4b:1e:de:
01:61:97:e8:18:29:44:ca:c3:d0:49:09:1b:96:c2:
a1:7b:1f:9e:fe:91:d6:a2:35:6b:c2:86:81:24:5c:
d7:be:1a:51:75:2e:70:9d:67:b6:b3:df:89:a4:bd:
04:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:9E:8B:A8:09:15:F6:02:4C:DA:8F:06:64:04:69:91:6C:A6:53:06
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/lJ6LqAkV9gJM2o8GZARpkWymUwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.86.0/23
46.232.20.0/22
46.232.72.0/21
149.126.196.0/24
149.126.206.0/24
149.126.224.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:f0:f2:f2:8a:af:6d:16:00:9f:1f:32:a7:24:55:3a:98:b9:
e3:fe:51:ce:8f:cd:03:73:fd:3b:3b:08:4f:30:23:25:d3:bd:
74:20:7e:76:8f:66:a7:0d:78:d3:79:09:0e:1f:f1:34:42:b3:
c8:2a:d5:53:9f:f7:81:ae:7d:aa:07:75:d5:ce:21:4f:c5:69:
6a:ce:8f:ff:ca:c1:1a:63:d4:24:0f:13:92:d0:83:6b:ac:be:
a7:5a:04:80:84:ef:6a:3f:5f:fa:2e:9c:44:36:c6:20:1a:2d:
55:59:49:05:e4:3e:f2:13:48:3c:6a:f7:1d:65:cf:fa:29:e7:
fb:62:93:2b:03:f0:ea:cb:67:cf:d8:d0:39:7d:94:8e:44:4e:
ee:79:3b:f8:23:d7:e2:2e:84:0f:fb:b4:15:d9:15:49:19:b7:
6a:05:c3:c8:95:91:1b:71:66:cb:40:0a:48:cf:27:d2:ae:d8:
2c:b6:b3:c4:ab:d2:e3:7b:1e:36:4a:8a:2d:c1:4e:c6:c0:96:
d7:28:7a:65:ed:8e:3a:dd:04:5e:b0:d0:6a:7c:ee:ee:7e:67:
6b:d3:b0:d4:d6:0c:36:7a:ed:a0:aa:81:70:03:6f:94:6e:88:
4e:7d:df:9e:7f:24:33:95:ca:38:25:55:fa:9b:e4:c6:62:4d:
0b:f5:71:65
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZNGQ9T3c8HSg0OlzqgT0x5DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjQxMTE5MjExMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDllOGJhODA5MTVmNjAyNGNkYThmMDY2NDA0Njk5MTZjYTY1MzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Y87VuICSqxMhY5fursK4Gz5yjz4
TZANwX7SGIss77nh07JPC0eSOO7SzR45abDBnRdVhT0uO7BNHcS1NVbBDvLm1n87
Xpx2yXdrp3oruFsOdJfm90dV7SLNxLhlhFP2cKmkgtMIIzz+n4fCJQqp7a6g2pEi
HDrXCVoXK+SyopIBdL0AXvjhG/5omdvatu+lXVlHEc0sUd/eC8IpfTMgfrqp5V9i
mdx9SbKdXVW213Bjx3yJSX16LgAylgzrK0dMrJyauLCQ3iwPZx9IenhLHt4BYZfo
GClEysPQSQkblsKhex+e/pHWojVrwoaBJFzXvhpRdS5wnWe2s9+JpL0ExwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJSei6gJFfYCTNqPBmQEaZFsplMGMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvbEo2THFBa1Y5Z0pNMm84R1pBUnBrV3ltVXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLgNWAwQC
LugUAwQDLuhIAwQAlX7EAwQAlX7OAwQAlX7gMA0GCSqGSIb3DQEBCwUAA4IBAQBt
8PLyiq9tFgCfHzKnJFU6mLnj/lHOj80Dc/07OwhPMCMl0710IH52j2anDXjTeQkO
H/E0QrPIKtVTn/eBrn2qB3XVziFPxWlqzo//ysEaY9QkDxOS0INrrL6nWgSAhO9q
P1/6LpxENsYgGi1VWUkF5D7yE0g8avcdZc/6Kef7YpMrA/Dqy2fP2NA5fZSORE7u
eTv4I9fiLoQP+7QV2RVJGbdqBcPIlZEbcWbLQApIzyfSrtgstrPEq9Ljex42Soot
wU7GwJbXKHpl7Y463QResNBqfO7ufmdr07DU1gw2eu2gqoFwA2+UbohOfd+efyQz
lco4JVX6m+TGYk0L9XFl
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:33:12 2024 by rpki-client on console-ams.rpki-client.org