Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/AbtjuF6NpOjp08ay45ZCmMzksto.roa
File: AbtjuF6NpOjp08ay45ZCmMzksto.roa (raw, json)
Hash identifier: DRRkBnfZL52+eFW1/YwKy+2kdF6EfFXu7Kf/6B5hdFE=
Subject key identifier: 01:BB:63:B8:5E:8D:A4:E8:E9:D3:C6:B2:E3:96:42:98:CC:E4:B2:DA
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 0190CEC0C806460F228AC6DF7D2EBA1015D1
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/AbtjuF6NpOjp08ay45ZCmMzksto.roa
Signing time: Sat 20 Jul 2024 06:07:38 +0000
ROA not before: Sat 20 Jul 2024 06:07:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.100.0/24 maxlen: 24
46.37.101.0/24 maxlen: 24
46.37.102.0/24 maxlen: 24
46.37.105.0/24 maxlen: 24
46.37.106.0/24 maxlen: 24
46.37.109.0/24 maxlen: 24
46.37.126.0/24 maxlen: 24
185.92.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ce:c0:c8:06:46:0f:22:8a:c6:df:7d:2e:ba:10:15:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Jul 20 06:07:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01bb63b85e8da4e8e9d3c6b2e3964298cce4b2da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:05:62:d9:fd:58:b7:82:8e:92:88:cd:84:97:
83:2b:1b:5e:c8:20:28:24:d2:2c:0a:c9:61:b3:6f:
95:75:b3:7f:7a:60:9b:2f:86:fc:49:46:0e:30:52:
f3:76:86:9e:c8:68:82:d6:24:bb:89:7c:a7:c0:d1:
7f:4c:f7:ac:5a:9f:d6:4e:13:59:e8:8e:e4:29:15:
0e:bf:71:de:ea:a7:1c:90:db:0a:28:96:c9:ee:07:
10:e3:4f:8d:8b:51:4d:ff:be:26:70:86:e9:1b:4d:
c7:27:90:9e:1d:fc:62:4b:cd:bd:3e:ff:cd:fd:86:
fd:4b:34:fb:05:e8:9c:97:f0:f8:b3:93:58:38:07:
ba:57:18:11:35:30:31:c2:25:52:9c:b1:4a:cb:3f:
30:2e:74:fd:fd:29:a7:50:8c:85:38:11:4b:89:ff:
e5:7f:65:25:6a:a6:a9:a7:d4:c5:85:0a:f4:04:8a:
8d:f4:c4:94:9e:1e:f0:72:81:fc:94:93:c9:c5:ef:
bc:e9:b3:4e:50:fd:83:be:3c:29:14:45:2f:89:6f:
ae:7f:b0:13:bc:49:15:b4:37:6d:f1:8b:a8:21:27:
af:60:79:82:32:57:8b:fc:cc:56:5a:c3:e4:62:0a:
54:0a:fa:57:81:ad:20:c7:b4:70:ad:8a:fc:0f:09:
51:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:BB:63:B8:5E:8D:A4:E8:E9:D3:C6:B2:E3:96:42:98:CC:E4:B2:DA
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/AbtjuF6NpOjp08ay45ZCmMzksto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.100.0-46.37.102.255
46.37.105.0-46.37.106.255
46.37.109.0/24
46.37.126.0/24
185.92.46.0/24
Signature Algorithm: sha256WithRSAEncryption
81:c5:ce:70:b4:a0:e2:76:0d:98:cd:2c:7b:d4:17:97:4e:fb:
13:4b:3c:7f:a3:b2:75:1a:5d:50:23:d3:6a:c1:cc:43:53:ab:
6a:88:9e:88:52:83:9f:b0:45:e7:ea:8a:5d:97:b6:f9:c4:51:
f8:b3:05:8a:79:0b:28:f2:3a:d9:09:45:bc:ec:12:4c:3e:ce:
f7:34:df:d8:de:75:5b:7c:2a:2c:2f:46:5e:d3:49:27:2b:9e:
fa:e6:50:17:f5:5a:26:1c:27:21:a9:fb:b1:3f:5a:72:dc:47:
31:24:a9:2e:aa:ea:6f:06:87:4c:0c:c3:5e:97:7d:05:25:d0:
bd:e9:9b:19:88:07:81:19:19:d8:a9:8d:25:fb:0f:0f:54:82:
04:66:1c:da:5b:41:b4:aa:e4:4a:16:a7:9e:3a:cc:15:b6:e3:
7c:4b:e6:f8:9c:30:51:f7:56:6c:43:f4:8b:21:4a:79:3c:aa:
88:a0:67:7a:6f:4e:9d:67:11:9b:66:22:b1:79:ed:1d:fc:23:
2a:24:04:82:7b:de:c3:f1:86:58:5d:e6:2d:65:31:35:4f:a9:
90:62:23:17:71:27:b7:9e:91:38:f3:f8:4c:bc:cd:ef:01:6a:
49:58:50:fb:04:6b:62:2b:12:e1:fb:81:b6:d1:24:2b:e8:9d:
f2:a0:be:ee
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZDOwMgGRg8iisbffS66EBXRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwNzIwMDYwNzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWJiNjNiODVlOGRhNGU4ZTlkM2M2YjJlMzk2NDI5OGNjZTRiMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwVi2f1Yt4KOkojNhJeDKxteyCAo
JNIsCslhs2+VdbN/emCbL4b8SUYOMFLzdoaeyGiC1iS7iXynwNF/TPesWp/WThNZ
6I7kKRUOv3He6qcckNsKKJbJ7gcQ40+Ni1FN/74mcIbpG03HJ5CeHfxiS829Pv/N
/Yb9SzT7Beicl/D4s5NYOAe6VxgRNTAxwiVSnLFKyz8wLnT9/SmnUIyFOBFLif/l
f2Ulaqapp9TFhQr0BIqN9MSUnh7wcoH8lJPJxe+86bNOUP2DvjwpFEUviW+uf7AT
vEkVtDdt8YuoISevYHmCMleL/MxWWsPkYgpUCvpXga0gx7RwrYr8DwlReQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFAG7Y7hejaTo6dPGsuOWQpjM5LLaMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvQWJ0anVGNk5wT2pwMDhheTQ1WkNtTXprc3RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQALiViMAwD
BAIuJWQDBAAuJWYwDAMEAC4laQMEAC4lagMEAC4lbQMEAC4lfgMEALlcLjANBgkq
hkiG9w0BAQsFAAOCAQEAgcXOcLSg4nYNmM0se9QXl077E0s8f6OydRpdUCPTasHM
Q1OraoieiFKDn7BF5+qKXZe2+cRR+LMFinkLKPI62QlFvOwSTD7O9zTf2N51W3wq
LC9GXtNJJyue+uZQF/VaJhwnIan7sT9actxHMSSpLqrqbwaHTAzDXpd9BSXQvemb
GYgHgRkZ2KmNJfsPD1SCBGYc2ltBtKrkShannjrMFbbjfEvm+JwwUfdWbEP0iyFK
eTyqiKBnem9OnWcRm2YisXntHfwjKiQEgnvew/GGWF3mLWUxNU+pkGIjF3Ent56R
OPP4TLzN7wFqSVhQ+wRrYisS4fuBttEkK+id8qC+7g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:33:18 2024 by rpki-client on console-ams.rpki-client.org