Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/5c3ae6-2934-479e-8c2d-8e8d5b3e5586/1/jNEX79K2OYxsrLX1yn4uTKb1OeU.roa
File: jNEX79K2OYxsrLX1yn4uTKb1OeU.roa (raw, json)
Hash identifier: uylnmkOdUrR1hG40rvB8O5nMkJfDtkdu+5Sm6yzOTlQ=
Subject key identifier: 8C:D1:17:EF:D2:B6:39:8C:6C:AC:B5:F5:CA:7E:2E:4C:A6:F5:39:E5
Certificate issuer: /CN=23130c99ac7aa4086c71757114a4163f80090142
Certificate serial: 018CC3B727CBEC6CBD429F32FBF51BDC2736
Authority key identifier: 23:13:0C:99:AC:7A:A4:08:6C:71:75:71:14:A4:16:3F:80:09:01:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IxMMmax6pAhscXVxFKQWP4AJAUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/5c3ae6-2934-479e-8c2d-8e8d5b3e5586/1/jNEX79K2OYxsrLX1yn4uTKb1OeU.roa
Signing time: Mon 01 Jan 2024 06:30:09 +0000
ROA not before: Mon 01 Jan 2024 06:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56347
IP address blocks: 46.175.64.0/20 maxlen: 20
46.175.80.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/5c3ae6-2934-479e-8c2d-8e8d5b3e5586/1/IxMMmax6pAhscXVxFKQWP4AJAUI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/5c3ae6-2934-479e-8c2d-8e8d5b3e5586/1/IxMMmax6pAhscXVxFKQWP4AJAUI.mft
rsync://rpki.ripe.net/repository/DEFAULT/IxMMmax6pAhscXVxFKQWP4AJAUI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:27:cb:ec:6c:bd:42:9f:32:fb:f5:1b:dc:27:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23130c99ac7aa4086c71757114a4163f80090142
Validity
Not Before: Jan 1 06:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cd117efd2b6398c6cacb5f5ca7e2e4ca6f539e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e1:45:1c:ce:7e:ce:30:53:ed:03:f6:e4:4d:
f3:66:bd:5d:c0:51:7a:23:37:ca:84:27:71:a2:36:
4c:b5:1d:33:90:4d:6f:6d:50:cd:9b:f1:ac:c3:99:
a5:12:be:10:28:80:5a:af:f8:35:b9:99:f2:2e:b2:
75:f7:f0:bf:7d:d9:86:d6:2a:4f:39:36:b1:03:47:
a4:38:74:8e:fe:00:2a:3c:a5:8f:e7:9d:46:6f:69:
ad:89:92:60:42:31:7f:9a:28:c1:59:6f:17:80:53:
51:e7:6c:3b:90:f7:25:d5:f6:ea:1c:a3:cb:4c:81:
fa:8a:65:b8:fe:86:8c:3d:ee:e2:80:bf:0d:99:6f:
ed:fe:e5:9e:b4:a0:4e:8b:9d:28:54:44:f3:71:2d:
7d:f4:e3:ef:d5:af:3d:95:98:03:3f:18:5b:a0:36:
d0:5b:5c:38:f6:51:16:8a:ac:bf:ca:fe:66:73:7c:
98:e2:1c:5c:0f:63:fa:21:81:47:8e:c4:b3:90:ef:
6e:46:89:19:ee:5c:61:5f:1d:d3:28:de:dc:a3:a0:
42:5d:d6:1d:ce:aa:e1:6a:a8:45:e8:9a:09:a8:33:
f4:d7:63:f8:4a:da:28:7c:01:c5:71:fd:70:83:59:
f1:ef:04:34:1a:99:67:c9:d6:d9:64:8f:62:06:09:
35:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:D1:17:EF:D2:B6:39:8C:6C:AC:B5:F5:CA:7E:2E:4C:A6:F5:39:E5
X509v3 Authority Key Identifier:
keyid:23:13:0C:99:AC:7A:A4:08:6C:71:75:71:14:A4:16:3F:80:09:01:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IxMMmax6pAhscXVxFKQWP4AJAUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/5c3ae6-2934-479e-8c2d-8e8d5b3e5586/1/jNEX79K2OYxsrLX1yn4uTKb1OeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/5c3ae6-2934-479e-8c2d-8e8d5b3e5586/1/IxMMmax6pAhscXVxFKQWP4AJAUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.64.0-46.175.87.255
Signature Algorithm: sha256WithRSAEncryption
01:18:eb:75:75:e6:c6:16:7b:bc:2c:c2:7a:ec:3b:ee:c8:35:
9b:70:97:cd:41:1c:bb:79:1f:82:4b:ca:0e:b6:6f:4d:45:49:
1d:5a:f5:0b:56:7a:57:f2:c6:f6:e1:55:9a:f8:96:3f:37:21:
f9:13:23:2f:1c:ac:9e:8c:dc:c1:43:ff:12:cd:de:0b:15:fe:
1d:69:04:82:74:12:62:aa:75:c8:a7:cc:f3:fc:05:62:b5:4e:
b6:d8:60:1a:4e:3f:8d:6d:b8:fd:b7:67:cf:b4:77:b2:71:00:
41:30:33:21:29:2f:79:e8:7a:c7:d9:58:0c:5f:e0:6c:e7:db:
80:06:b6:b0:a6:c7:d6:0f:66:e2:2b:f7:74:7e:a5:7f:7d:32:
af:8f:03:0c:95:8b:c3:03:31:d4:a2:bc:8d:72:07:f3:c8:65:
12:b4:a2:e2:b6:d6:41:e9:0c:7b:3e:5c:69:71:07:7e:4a:31:
e8:ef:e0:9b:a6:b2:55:88:fb:41:02:54:a0:91:96:9d:4f:24:
e5:34:31:1b:1a:86:41:26:d6:6e:8c:81:1e:6e:c9:46:9d:56:
01:08:8a:50:c1:1d:bc:77:08:76:d6:77:34:8c:fa:0d:d7:1c:
25:93:4c:1e:49:78:42:d0:a3:bb:30:b3:72:6f:06:3e:ed:f6:
47:50:37:03
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDtyfL7Gy9Qp8y+/Ub3Cc2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMTMwYzk5YWM3YWE0MDg2YzcxNzU3MTE0YTQxNjNmODAw
OTAxNDIwHhcNMjQwMTAxMDYzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2QxMTdlZmQyYjYzOThjNmNhY2I1ZjVjYTdlMmU0Y2E2ZjUzOWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuFFHM5+zjBT7QP25E3zZr1dwFF6
IzfKhCdxojZMtR0zkE1vbVDNm/Gsw5mlEr4QKIBar/g1uZnyLrJ19/C/fdmG1ipP
OTaxA0ekOHSO/gAqPKWP551Gb2mtiZJgQjF/mijBWW8XgFNR52w7kPcl1fbqHKPL
TIH6imW4/oaMPe7igL8NmW/t/uWetKBOi50oVETzcS199OPv1a89lZgDPxhboDbQ
W1w49lEWiqy/yv5mc3yY4hxcD2P6IYFHjsSzkO9uRokZ7lxhXx3TKN7co6BCXdYd
zqrhaqhF6JoJqDP012P4StoofAHFcf1wg1nx7wQ0GplnydbZZI9iBgk18QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIzRF+/StjmMbKy19cp+Lkym9TnlMB8GA1UdIwQY
MBaAFCMTDJmseqQIbHF1cRSkFj+ACQFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXhNTW1heDZwQWhzY1hWeEZLUVdQNEFKQVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy81YzNhZTYtMjkzNC00NzllLThjMmQt
OGU4ZDViM2U1NTg2LzEvak5FWDc5SzJPWXhzckxYMXluNHVUS2IxT2VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy81YzNhZTYtMjkzNC00NzllLThjMmQtOGU4ZDViM2U1NTg2
LzEvSXhNTW1heDZwQWhzY1hWeEZLUVdQNEFKQVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAYur0AD
BAMur1AwDQYJKoZIhvcNAQELBQADggEBAAEY63V15sYWe7wswnrsO+7INZtwl81B
HLt5H4JLyg62b01FSR1a9QtWelfyxvbhVZr4lj83IfkTIy8crJ6M3MFD/xLN3gsV
/h1pBIJ0EmKqdcinzPP8BWK1TrbYYBpOP41tuP23Z8+0d7JxAEEwMyEpL3noesfZ
WAxf4Gzn24AGtrCmx9YPZuIr93R+pX99Mq+PAwyVi8MDMdSivI1yB/PIZRK0ouK2
1kHpDHs+XGlxB35KMejv4JumslWI+0ECVKCRlp1PJOU0MRsahkEm1m6MgR5uyUad
VgEIilDBHbx3CHbWdzSM+g3XHCWTTB5JeELQo7sws3JvBj7t9kdQNwM=
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:00:13 2024 by rpki-client on console-ams.rpki-client.org