Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/SxQiwl9wBCssmwPLiGBIskaNcHU.roa
File: SxQiwl9wBCssmwPLiGBIskaNcHU.roa (raw, json)
Hash identifier: JHWP1S2txDI9Eyb7YHcVGUvbqcHn/f8GMdaq9f/MpLc=
Subject key identifier: 4B:14:22:C2:5F:70:04:2B:2C:9B:03:CB:88:60:48:B2:46:8D:70:75
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018CC348BAE5DBBE8770614076E031972A18
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/SxQiwl9wBCssmwPLiGBIskaNcHU.roa
Signing time: Mon 01 Jan 2024 04:29:32 +0000
ROA not before: Mon 01 Jan 2024 04:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132244
IP address blocks: 46.37.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ba:e5:db:be:87:70:61:40:76:e0:31:97:2a:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Jan 1 04:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b1422c25f70042b2c9b03cb886048b2468d7075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:22:1c:11:37:0b:ae:b3:55:24:2d:7f:96:45:
b1:a7:0b:1d:f9:a5:27:bc:45:03:14:54:fd:9e:e6:
a9:1a:ab:3d:ff:9f:1d:ca:df:ec:a3:b7:b7:89:56:
2c:0a:16:68:12:f6:d9:38:71:97:f1:e7:85:59:cc:
45:1b:a9:e7:ee:45:a1:25:82:1e:0c:1a:77:5c:79:
d4:af:b2:23:47:eb:21:9d:8f:12:8c:9c:01:e0:d4:
9d:36:98:ec:cf:b5:6c:ab:5b:ef:07:f7:ef:25:67:
3e:0e:74:92:b0:84:5e:9c:81:4b:a0:74:60:32:90:
52:50:f2:a4:fd:1d:3e:f3:14:1f:f4:58:18:d3:58:
10:de:45:0e:09:cb:40:72:12:00:91:35:51:b5:51:
df:ae:4d:5c:02:c8:9b:0a:46:07:ed:17:4a:1c:3e:
05:56:6b:11:4a:e2:af:3e:ee:8a:59:db:d3:c4:49:
8e:26:86:39:3d:3c:1b:30:c0:d1:aa:b3:62:90:db:
5d:20:b5:a6:98:d6:66:a3:b8:ba:48:3b:f7:54:61:
37:e9:e1:62:ce:8a:f5:6e:7f:21:06:42:9a:24:f6:
13:90:86:29:70:71:5b:59:75:70:18:38:e4:0f:37:
82:28:22:99:62:1a:64:dd:66:82:e3:e1:28:20:26:
9e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:14:22:C2:5F:70:04:2B:2C:9B:03:CB:88:60:48:B2:46:8D:70:75
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/SxQiwl9wBCssmwPLiGBIskaNcHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.97.0/24
Signature Algorithm: sha256WithRSAEncryption
85:08:c8:5b:df:2f:4b:19:82:6f:f7:4d:ac:7f:6f:2e:2a:75:
62:04:ec:9c:69:c0:0b:7b:f4:3f:c8:fe:79:6f:ea:ac:d3:e5:
a1:a4:57:f7:61:46:85:3e:90:db:9b:c7:2d:dc:f1:08:ca:6f:
ab:9e:99:70:9a:33:d4:ee:6e:97:33:3b:ce:f2:9c:b9:26:d3:
f4:66:5d:a1:17:2c:e9:f9:a3:58:3b:04:c2:f5:0d:da:aa:09:
58:22:fc:f7:29:d7:09:11:87:38:a5:02:8f:e4:ea:13:fd:ba:
27:c4:0f:98:30:5c:59:05:0b:5a:41:a4:f8:3d:06:b4:bc:ed:
37:2b:4e:6e:b8:a8:4d:86:47:f5:72:10:38:3c:1d:f9:44:9b:
4f:32:c4:da:5b:60:7d:b9:b0:6e:b3:aa:a4:34:26:be:04:da:
0f:15:81:0b:22:b2:c8:29:e3:05:78:a8:65:c1:73:33:1f:a8:
2f:53:70:f0:e1:d2:b5:aa:a5:26:fe:64:b2:54:f2:0a:8c:8d:
d6:49:1c:20:c2:92:45:aa:56:b6:96:89:10:7e:ac:99:e7:f7:
8b:de:d1:e9:3a:c3:2d:15:52:4b:05:d4:19:bf:dd:33:02:99:
e5:da:db:26:7d:b1:c8:af:0d:28:0b:24:67:4c:2e:87:66:38:
33:38:90:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSLrl276HcGFAduAxlyoYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMTAxMDQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjE0MjJjMjVmNzAwNDJiMmM5YjAzY2I4ODYwNDhiMjQ2OGQ3MDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCIcETcLrrNVJC1/lkWxpwsd+aUn
vEUDFFT9nuapGqs9/58dyt/so7e3iVYsChZoEvbZOHGX8eeFWcxFG6nn7kWhJYIe
DBp3XHnUr7IjR+shnY8SjJwB4NSdNpjsz7Vsq1vvB/fvJWc+DnSSsIRenIFLoHRg
MpBSUPKk/R0+8xQf9FgY01gQ3kUOCctAchIAkTVRtVHfrk1cAsibCkYH7RdKHD4F
VmsRSuKvPu6KWdvTxEmOJoY5PTwbMMDRqrNikNtdILWmmNZmo7i6SDv3VGE36eFi
zor1bn8hBkKaJPYTkIYpcHFbWXVwGDjkDzeCKCKZYhpk3WaC4+EoICaemQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEsUIsJfcAQrLJsDy4hgSLJGjXB1MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvU3hRaXdsOXdCQ3NzbXdQTGlHQklza2FOY0hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVhMA0G
CSqGSIb3DQEBCwUAA4IBAQCFCMhb3y9LGYJv902sf28uKnViBOycacALe/Q/yP55
b+qs0+WhpFf3YUaFPpDbm8ct3PEIym+rnplwmjPU7m6XMzvO8py5JtP0Zl2hFyzp
+aNYOwTC9Q3aqglYIvz3KdcJEYc4pQKP5OoT/bonxA+YMFxZBQtaQaT4PQa0vO03
K05uuKhNhkf1chA4PB35RJtPMsTaW2B9ubBus6qkNCa+BNoPFYELIrLIKeMFeKhl
wXMzH6gvU3Dw4dK1qqUm/mSyVPIKjI3WSRwgwpJFqla2lokQfqyZ5/eL3tHpOsMt
FVJLBdQZv90zApnl2tsmfbHIrw0oCyRnTC6HZjgzOJD3
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:11:45 2024 by rpki-client on console-fra.rpki-client.org