Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/1_PDee4wFs-yRl8LJhTYnKxoGXU.roa
File: 1_PDee4wFs-yRl8LJhTYnKxoGXU.roa (raw, json)
Hash identifier: shnb45E6VLdlmPbpDvMp7nFmvyY0hDuyWlY2RohIuqw=
Subject key identifier: D7:F3:C3:79:EE:30:16:CF:B2:46:5F:0B:26:14:D8:9C:AC:68:19:75
Certificate issuer: /CN=3545a7200164912041bb931efb1feac123b43a18
Certificate serial: 018CC9BB93128DB32BE98794AD91406E0DE0
Authority key identifier: 35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/1_PDee4wFs-yRl8LJhTYnKxoGXU.roa
Signing time: Tue 02 Jan 2024 10:32:42 +0000
ROA not before: Tue 02 Jan 2024 10:32:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213277
IP address blocks: 94.46.24.0/24 maxlen: 24
2a00:1651::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.mft
rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:93:12:8d:b3:2b:e9:87:94:ad:91:40:6e:0d:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3545a7200164912041bb931efb1feac123b43a18
Validity
Not Before: Jan 2 10:32:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7f3c379ee3016cfb2465f0b2614d89cac681975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a6:c8:42:41:cb:54:12:16:3a:6b:48:5e:2b:
85:2b:cc:9b:db:ba:62:c3:ad:46:3d:87:c6:7a:37:
f9:df:e1:c1:5d:59:12:16:d2:79:bd:fe:7c:4e:b4:
00:c0:e2:f6:c0:5b:76:ff:aa:75:d3:ab:11:7d:0f:
ab:b0:57:bc:ea:bf:90:2c:ba:54:ae:e8:09:ad:8a:
b1:22:aa:8c:7a:e0:bd:9b:56:25:62:1e:91:62:69:
20:29:01:42:14:cd:86:4e:b3:d2:b6:c1:5e:1d:73:
e7:41:9f:6d:d1:44:15:2c:bc:67:9f:6c:aa:8a:30:
23:ad:d6:08:ff:85:99:4a:93:51:15:52:97:cd:52:
ff:06:c2:12:a3:32:ba:e5:6b:7f:f8:75:03:a5:dd:
20:c1:2e:ea:21:6c:c7:00:46:d8:14:d9:61:fe:9a:
de:26:04:b0:4b:d0:ad:0f:5e:f3:a5:e1:e1:1f:63:
35:d7:ac:61:fb:9e:f7:eb:19:fd:5b:dc:1c:3c:f2:
05:b9:86:b7:7d:d2:70:e5:0f:a2:0e:09:6d:0a:e2:
26:c0:81:e6:0b:20:7f:58:8a:15:ba:53:c7:76:12:
6c:6e:32:15:6e:ec:96:72:79:3c:a2:8e:3e:6e:6f:
b0:66:7d:50:f0:29:5f:cc:6f:fc:70:a4:e4:f6:b6:
98:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:F3:C3:79:EE:30:16:CF:B2:46:5F:0B:26:14:D8:9C:AC:68:19:75
X509v3 Authority Key Identifier:
keyid:35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/1_PDee4wFs-yRl8LJhTYnKxoGXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.46.24.0/24
IPv6:
2a00:1651::/33
Signature Algorithm: sha256WithRSAEncryption
ab:83:f8:bd:88:06:ae:16:b5:bc:bb:f5:1d:a7:7c:f6:f9:c3:
69:39:59:37:02:bd:56:01:5f:dc:4f:0f:86:ff:10:8e:9a:96:
01:f8:a1:87:44:68:1b:a8:6a:07:83:3c:59:f9:0f:8f:82:bf:
50:d1:53:89:2b:37:9f:32:ec:91:6b:49:5f:20:68:d0:cb:33:
fe:60:17:2c:5d:1f:3f:eb:47:61:2f:ec:e9:01:54:b9:19:05:
fa:36:ca:cd:e9:56:29:30:0a:54:f3:3f:a4:4f:50:61:0e:a6:
73:e2:8a:af:a0:47:b5:11:52:46:64:7c:4a:87:42:01:1d:10:
a2:73:86:30:8a:f7:99:b7:3b:e8:80:6b:3e:c0:09:5c:41:a9:
39:a1:bc:ed:08:d0:97:cc:ab:eb:1d:75:14:bd:42:0a:3c:3d:
15:1b:c7:d4:17:32:49:5d:4e:e2:d1:97:a0:be:33:0d:23:99:
77:4f:1f:3d:d4:6b:20:8a:07:a6:1c:a4:1c:e4:2e:10:33:fc:
51:da:67:61:9a:81:f1:d8:4f:8e:b1:2d:db:74:b2:97:39:98:
5c:03:e4:7f:2f:a9:67:19:b3:5e:a3:9e:a5:91:5d:dd:fa:07:
6f:c6:c6:42:b9:cd:01:23:7c:54:16:8c:7f:d9:28:7f:cf:19:
04:d2:6c:ad
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzJu5MSjbMr6YeUrZFAbg3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDVhNzIwMDE2NDkxMjA0MWJiOTMxZWZiMWZlYWMxMjNi
NDNhMTgwHhcNMjQwMTAyMTAzMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2YzYzM3OWVlMzAxNmNmYjI0NjVmMGIyNjE0ZDg5Y2FjNjgxOTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKbIQkHLVBIWOmtIXiuFK8yb27pi
w61GPYfGejf53+HBXVkSFtJ5vf58TrQAwOL2wFt2/6p106sRfQ+rsFe86r+QLLpU
rugJrYqxIqqMeuC9m1YlYh6RYmkgKQFCFM2GTrPStsFeHXPnQZ9t0UQVLLxnn2yq
ijAjrdYI/4WZSpNRFVKXzVL/BsISozK65Wt/+HUDpd0gwS7qIWzHAEbYFNlh/pre
JgSwS9CtD17zpeHhH2M116xh+5736xn9W9wcPPIFuYa3fdJw5Q+iDgltCuImwIHm
CyB/WIoVulPHdhJsbjIVbuyWcnk8oo4+bm+wZn1Q8ClfzG/8cKTk9raYowIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFNfzw3nuMBbPskZfCyYU2JysaBl1MB8GA1UdIwQY
MBaAFDVFpyABZJEgQbuTHvsf6sEjtDoYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVXbklBRmtrU0JCdTVNZS14X3F3U08wT2hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy81OWM0YjgtODdmNC00ZjJmLWE0NDkt
YWFiYjA2MmU0MGRiLzEvMV9QRGVlNHdGcy15Umw4TEpoVFluS3hvR1hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy81OWM0YjgtODdmNC00ZjJmLWE0NDktYWFiYjA2MmU0MGRi
LzEvTlVXbklBRmtrU0JCdTVNZS14X3F3U08wT2hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAXi4YMA4E
AgACMAgDBgcqABZRADANBgkqhkiG9w0BAQsFAAOCAQEAq4P4vYgGrha1vLv1Had8
9vnDaTlZNwK9VgFf3E8Phv8QjpqWAfihh0RoG6hqB4M8WfkPj4K/UNFTiSs3nzLs
kWtJXyBo0Msz/mAXLF0fP+tHYS/s6QFUuRkF+jbKzelWKTAKVPM/pE9QYQ6mc+KK
r6BHtRFSRmR8SodCAR0QonOGMIr3mbc76IBrPsAJXEGpOaG87QjQl8yr6x11FL1C
Cjw9FRvH1BcySV1O4tGXoL4zDSOZd08fPdRrIIoHphykHOQuEDP8UdpnYZqB8dhP
jrEt23SylzmYXAPkfy+pZxmzXqOepZFd3foHb8bGQrnNASN8VBaMf9kof88ZBNJs
rQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:27:32 2024 by rpki-client on console-fra.rpki-client.org