Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/X9JX8hgSmgre_BGWMbh2EKZMeAk.roa
File: X9JX8hgSmgre_BGWMbh2EKZMeAk.roa (raw, json)
Hash identifier: 9mGPiWnkt9NCmiG6wvdjszAXJdqZkMBAW+qpsRGqHhE=
Subject key identifier: 5F:D2:57:F2:18:12:9A:0A:DE:FC:11:96:31:B8:76:10:A6:4C:78:09
Certificate issuer: /CN=d9a988916d51406f9a269f30a02d0086b57f4d5a
Certificate serial: 018CCA2B78F15A356B86C96A0ED6F28FA513
Authority key identifier: D9:A9:88:91:6D:51:40:6F:9A:26:9F:30:A0:2D:00:86:B5:7F:4D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2amIkW1RQG-aJp8woC0AhrV_TVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/X9JX8hgSmgre_BGWMbh2EKZMeAk.roa
Signing time: Tue 02 Jan 2024 12:34:55 +0000
ROA not before: Tue 02 Jan 2024 12:34:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205133
IP address blocks: 46.227.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/2amIkW1RQG-aJp8woC0AhrV_TVo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/2amIkW1RQG-aJp8woC0AhrV_TVo.mft
rsync://rpki.ripe.net/repository/DEFAULT/2amIkW1RQG-aJp8woC0AhrV_TVo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:78:f1:5a:35:6b:86:c9:6a:0e:d6:f2:8f:a5:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9a988916d51406f9a269f30a02d0086b57f4d5a
Validity
Not Before: Jan 2 12:34:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fd257f218129a0adefc119631b87610a64c7809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:38:4a:f3:b8:db:5e:d5:82:c9:d0:b5:ef:8a:
3b:74:59:50:e2:60:6c:f2:b5:17:26:03:19:a9:35:
4e:81:94:85:80:1b:6d:19:24:39:ef:46:a3:6f:73:
e5:53:84:7b:81:5c:df:ed:f7:16:37:91:b8:c4:6c:
15:11:44:bf:f6:53:6c:66:1d:66:83:01:7c:e7:ee:
84:44:bf:1b:32:c4:ee:53:d7:25:d1:1b:46:d1:3c:
5d:f5:48:d5:73:5e:71:bb:29:8c:eb:9d:93:65:2b:
d6:20:1a:6c:f2:d0:12:b8:ac:75:14:d6:49:e7:04:
79:d3:ff:de:3a:e4:53:79:13:4f:b2:85:34:bf:07:
1c:a3:76:8f:75:61:fa:9d:dc:4b:ab:f4:d9:fd:e6:
37:d6:f9:d7:51:fa:44:ff:44:bd:e0:c1:3d:32:dd:
0f:a7:1d:00:2b:4c:6f:27:e5:ad:cc:82:20:a9:8f:
20:b9:1f:12:e1:a9:37:4b:0c:6c:b8:69:75:d1:46:
81:61:33:55:57:d6:8e:29:eb:b2:75:54:84:e0:ec:
cf:12:35:50:bf:f7:5e:ac:ad:51:ac:62:8a:f2:38:
af:a5:96:93:80:33:01:13:8e:e0:37:82:3b:67:2c:
1c:bf:e1:80:e3:84:ff:58:2d:b4:a5:06:3d:17:cf:
ce:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D2:57:F2:18:12:9A:0A:DE:FC:11:96:31:B8:76:10:A6:4C:78:09
X509v3 Authority Key Identifier:
keyid:D9:A9:88:91:6D:51:40:6F:9A:26:9F:30:A0:2D:00:86:B5:7F:4D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2amIkW1RQG-aJp8woC0AhrV_TVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/X9JX8hgSmgre_BGWMbh2EKZMeAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/2amIkW1RQG-aJp8woC0AhrV_TVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.35.0/24
Signature Algorithm: sha256WithRSAEncryption
56:ad:27:47:64:b5:33:e1:58:af:fb:70:7a:57:d4:96:78:83:
0f:9a:74:45:e1:4a:f0:9c:6b:b5:6b:3c:0b:08:33:8b:02:bf:
54:94:27:8f:76:b8:22:d8:f0:93:69:ec:9e:c0:17:20:85:2e:
57:1b:23:6f:46:b9:e9:f1:75:1e:d3:35:50:bd:74:6e:dc:b7:
93:8e:40:04:05:7d:04:c0:f3:02:0f:fe:9f:22:56:15:da:75:
d3:4b:1b:dd:2c:d4:ec:a4:0d:eb:04:c2:c1:a8:1b:08:c3:d9:
aa:d9:fa:ab:f8:a6:31:d6:a6:4f:d1:ec:4a:6a:57:0c:aa:b8:
2f:c4:27:d8:3e:2d:74:76:90:9e:c6:cf:f6:24:00:b6:06:2b:
85:a4:e7:05:18:f8:e8:4a:8a:0d:f0:42:df:dd:f5:71:cd:98:
b1:0c:d7:a2:37:d3:71:88:07:47:10:de:0f:3a:05:24:49:77:
4e:35:89:b1:1e:90:25:a4:cd:69:e6:3f:d0:1b:5a:c0:cf:09:
a3:8e:55:f3:fd:e1:06:84:02:d5:93:2f:8b:8d:a6:3e:cd:84:
b4:e3:b4:51:f2:d6:52:72:48:fe:2d:ca:eb:00:f1:52:bb:b5:
13:7b:18:cd:e6:5f:fd:02:1a:2c:a8:9e:4c:6a:58:16:77:4b:
f6:2d:ab:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK3jxWjVrhslqDtbyj6UTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTk4ODkxNmQ1MTQwNmY5YTI2OWYzMGEwMmQwMDg2YjU3
ZjRkNWEwHhcNMjQwMTAyMTIzNDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmQyNTdmMjE4MTI5YTBhZGVmYzExOTYzMWI4NzYxMGE2NGM3ODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoThK87jbXtWCydC174o7dFlQ4mBs
8rUXJgMZqTVOgZSFgBttGSQ570ajb3PlU4R7gVzf7fcWN5G4xGwVEUS/9lNsZh1m
gwF85+6ERL8bMsTuU9cl0RtG0Txd9UjVc15xuymM652TZSvWIBps8tASuKx1FNZJ
5wR50//eOuRTeRNPsoU0vwcco3aPdWH6ndxLq/TZ/eY31vnXUfpE/0S94ME9Mt0P
px0AK0xvJ+WtzIIgqY8guR8S4ak3SwxsuGl10UaBYTNVV9aOKeuydVSE4OzPEjVQ
v/derK1RrGKK8jivpZaTgDMBE47gN4I7Zywcv+GA44T/WC20pQY9F8/OOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF/SV/IYEpoK3vwRljG4dhCmTHgJMB8GA1UdIwQY
MBaAFNmpiJFtUUBvmiafMKAtAIa1f01aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFtSWtXMVJRRy1hSnA4d29DMEFoclZfVFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy85NjJiM2YtZmMyNi00NTQ5LWFlMDIt
NGQwNDlhMWVhZjJmLzEvWDlKWDhoZ1NtZ3JlX0JHV01iaDJFS1pNZUFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy85NjJiM2YtZmMyNi00NTQ5LWFlMDItNGQwNDlhMWVhZjJm
LzEvMmFtSWtXMVJRRy1hSnA4d29DMEFoclZfVFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALuMjMA0G
CSqGSIb3DQEBCwUAA4IBAQBWrSdHZLUz4Viv+3B6V9SWeIMPmnRF4UrwnGu1azwL
CDOLAr9UlCePdrgi2PCTaeyewBcghS5XGyNvRrnp8XUe0zVQvXRu3LeTjkAEBX0E
wPMCD/6fIlYV2nXTSxvdLNTspA3rBMLBqBsIw9mq2fqr+KYx1qZP0exKalcMqrgv
xCfYPi10dpCexs/2JAC2BiuFpOcFGPjoSooN8ELf3fVxzZixDNeiN9NxiAdHEN4P
OgUkSXdONYmxHpAlpM1p5j/QG1rAzwmjjlXz/eEGhALVky+LjaY+zYS047RR8tZS
ckj+LcrrAPFSu7UTexjN5l/9AhosqJ5MalgWd0v2LauX
-----END CERTIFICATE-----
Generated at Sun May 19 07:18:05 2024 by rpki-client on console-ams.rpki-client.org