Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/ntL3jKvnMHOKBGXB6ZbO79SOY64.roa
File: ntL3jKvnMHOKBGXB6ZbO79SOY64.roa (raw, json)
Hash identifier: 1Px2UKsk3UykVJ1UEj3yWVBSukrYlTEoBVyRIIZ3Djk=
Subject key identifier: 9E:D2:F7:8C:AB:E7:30:73:8A:04:65:C1:E9:96:CE:EF:D4:8E:63:AE
Certificate issuer: /CN=5dedd6b0e36f4bd8f1d57e26cc1c2d18c6993c04
Certificate serial: 018CCA29D56BF06A9E2D9759E5345A1C1163
Authority key identifier: 5D:ED:D6:B0:E3:6F:4B:D8:F1:D5:7E:26:CC:1C:2D:18:C6:99:3C:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/ntL3jKvnMHOKBGXB6ZbO79SOY64.roa
Signing time: Tue 02 Jan 2024 12:33:08 +0000
ROA not before: Tue 02 Jan 2024 12:33:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15987
IP address blocks: 188.246.0.0/23 maxlen: 24
188.246.0.0/19 maxlen: 22
185.112.252.0/22 maxlen: 24
188.246.17.0/24 maxlen: 24
188.246.23.0/24 maxlen: 24
46.41.14.0/24 maxlen: 24
46.41.32.0/24 maxlen: 24
46.41.47.0/24 maxlen: 24
217.144.128.0/24 maxlen: 24
217.144.129.0/24 maxlen: 24
217.144.128.0/20 maxlen: 20
217.144.143.0/24 maxlen: 24
46.41.0.0/18 maxlen: 22
2a02:a00:1009::/48 maxlen: 48
2a02:a00:1049::/48 maxlen: 48
2a02:a00:1f::/48 maxlen: 48
2a02:a00:f::/48 maxlen: 48
2a02:a00:d::/48 maxlen: 48
2a02:a00::/34 maxlen: 34
2a02:a00:3000::/36 maxlen: 36
2a02:a00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:d5:6b:f0:6a:9e:2d:97:59:e5:34:5a:1c:11:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dedd6b0e36f4bd8f1d57e26cc1c2d18c6993c04
Validity
Not Before: Jan 2 12:33:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ed2f78cabe730738a0465c1e996ceefd48e63ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a4:6d:20:ef:86:bb:1b:b6:fc:4b:92:dc:46:
7a:6b:91:2c:af:51:72:ad:e8:c2:77:59:11:c8:ce:
b5:6e:7a:29:9a:9e:fe:6e:6d:3b:0b:cd:1b:bf:93:
89:81:be:b5:72:80:c3:4e:28:c1:ac:74:8f:f7:85:
97:47:84:17:f7:62:3e:65:30:36:08:0a:c4:be:bb:
96:cc:e5:ed:4b:f6:55:5d:f6:52:50:a3:57:2e:69:
73:2b:7f:ed:36:27:37:63:64:6c:8b:1c:78:5f:37:
b3:e2:ee:79:65:16:cd:ab:a9:bd:13:41:12:4e:21:
06:c8:99:bb:a9:b5:d6:63:86:cd:41:95:16:88:3b:
10:f0:45:2f:68:0f:32:93:60:0a:c9:1f:6f:d0:af:
83:f4:56:25:2e:0e:58:80:2e:84:ff:ce:17:69:91:
26:49:69:b1:5a:4c:f3:8b:dd:2d:0b:01:2a:a5:92:
38:bf:8d:b2:52:f1:ef:5d:8b:12:b0:c1:d9:99:7c:
f9:fb:9d:b2:cd:1e:bd:d9:a2:20:16:fe:e5:ec:dc:
9f:a0:f5:d6:e4:b7:a9:03:22:96:e2:12:3c:38:e2:
ba:49:53:fd:22:2c:e9:ba:e2:a9:e5:18:31:9b:d9:
63:88:dd:00:75:af:b3:35:52:95:97:a9:1c:69:03:
1c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D2:F7:8C:AB:E7:30:73:8A:04:65:C1:E9:96:CE:EF:D4:8E:63:AE
X509v3 Authority Key Identifier:
keyid:5D:ED:D6:B0:E3:6F:4B:D8:F1:D5:7E:26:CC:1C:2D:18:C6:99:3C:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/ntL3jKvnMHOKBGXB6ZbO79SOY64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.41.0.0/18
185.112.252.0/22
188.246.0.0/19
217.144.128.0/20
IPv6:
2a02:a00::/32
Signature Algorithm: sha256WithRSAEncryption
0f:e1:a1:dd:b2:74:75:5c:c7:a5:76:a7:ba:bd:88:eb:c0:c4:
4a:34:a7:4e:46:0d:99:37:25:49:4d:07:5c:bc:49:69:2f:bc:
dc:28:95:7f:f9:59:4c:68:d9:88:89:c0:8b:bf:39:d1:b3:52:
71:28:a8:3f:01:6d:4a:3b:cc:a6:ad:84:95:1a:fe:a3:88:d4:
29:7f:36:50:50:32:f1:93:5d:24:39:5e:8a:7d:70:ef:f3:4d:
1e:e2:aa:1f:eb:66:a3:2c:e1:96:29:2f:29:ec:98:1c:d3:6d:
8d:98:82:ae:f7:0e:cc:f2:d0:4e:fb:ab:ca:8a:df:20:df:0e:
42:2e:c9:47:e6:00:1e:b1:6a:85:d9:f7:85:7e:e9:a7:fe:4e:
b9:82:79:15:b9:0b:08:bf:a5:a8:8c:bb:e3:ef:c7:86:50:d9:
a6:25:8e:23:98:71:32:08:82:c6:3f:61:ee:67:0e:8f:5c:7a:
dc:2b:ef:c5:3d:21:86:b8:1a:b9:40:ef:ef:51:0a:7b:48:1e:
aa:ff:7d:cb:be:ca:8c:f9:e9:de:55:ff:16:75:8d:a6:39:b7:
f5:4d:e8:ae:c6:ba:9d:ff:fa:31:58:9d:0b:35:83:10:ff:3b:
07:51:b2:12:2f:63:4d:14:07:66:b7:77:ac:c3:7c:42:96:68:
bd:ea:13:95
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzKKdVr8GqeLZdZ5TRaHBFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZWRkNmIwZTM2ZjRiZDhmMWQ1N2UyNmNjMWMyZDE4YzY5
OTNjMDQwHhcNMjQwMTAyMTIzMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWQyZjc4Y2FiZTczMDczOGEwNDY1YzFlOTk2Y2VlZmQ0OGU2M2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqRtIO+Guxu2/EuS3EZ6a5Esr1Fy
rejCd1kRyM61bnopmp7+bm07C80bv5OJgb61coDDTijBrHSP94WXR4QX92I+ZTA2
CArEvruWzOXtS/ZVXfZSUKNXLmlzK3/tNic3Y2Rsixx4Xzez4u55ZRbNq6m9E0ES
TiEGyJm7qbXWY4bNQZUWiDsQ8EUvaA8yk2AKyR9v0K+D9FYlLg5YgC6E/84XaZEm
SWmxWkzzi90tCwEqpZI4v42yUvHvXYsSsMHZmXz5+52yzR692aIgFv7l7NyfoPXW
5LepAyKW4hI8OOK6SVP9IizpuuKp5Rgxm9ljiN0Ada+zNVKVl6kcaQMcpwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJ7S94yr5zBzigRlwemWzu/UjmOuMB8GA1UdIwQY
MBaAFF3t1rDjb0vY8dV+JswcLRjGmTwEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGUzV3NPTnZTOWp4MVg0bXpCd3RHTWFaUEFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9mMDNjZGMtMjk0NS00MDhjLTg4ODkt
YzY5ODcxZjVkMzA1LzEvbnRMM2pLdm5NSE9LQkdYQjZaYk83OVNPWTY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9mMDNjZGMtMjk0NS00MDhjLTg4ODktYzY5ODcxZjVkMzA1
LzEvWGUzV3NPTnZTOWp4MVg0bXpCd3RHTWFaUEFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGLikAAwQC
uXD8AwQFvPYAAwQE2ZCAMA0EAgACMAcDBQAqAgoAMA0GCSqGSIb3DQEBCwUAA4IB
AQAP4aHdsnR1XMeldqe6vYjrwMRKNKdORg2ZNyVJTQdcvElpL7zcKJV/+VlMaNmI
icCLvznRs1JxKKg/AW1KO8ymrYSVGv6jiNQpfzZQUDLxk10kOV6KfXDv800e4qof
62ajLOGWKS8p7Jgc022NmIKu9w7M8tBO+6vKit8g3w5CLslH5gAesWqF2feFfumn
/k65gnkVuQsIv6WojLvj78eGUNmmJY4jmHEyCILGP2HuZw6PXHrcK+/FPSGGuBq5
QO/vUQp7SB6q/33LvsqM+eneVf8WdY2mObf1Teiuxrqd//oxWJ0LNYMQ/zsHUbIS
L2NNFAdmt3esw3xClmi96hOV
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:51:37 2024 by rpki-client on console-ams.rpki-client.org