Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/dffbc8-b149-46b4-bbb8-31ea2094b557/1/FyL54UsLck7aP3oPoR_8kM81X2M.roa
File: FyL54UsLck7aP3oPoR_8kM81X2M.roa (raw, json)
Hash identifier: wly35zsKawyZQKKwH8i0I75o/Bh7+vfypu54Eg10S8Y=
Subject key identifier: 17:22:F9:E1:4B:0B:72:4E:DA:3F:7A:0F:A1:1F:FC:90:CF:35:5F:63
Certificate issuer: /CN=38837e48aaf598bcab54a5fc8ae43b17be254229
Certificate serial: 018CC8DF86D847916D0E3B030C127108482E
Authority key identifier: 38:83:7E:48:AA:F5:98:BC:AB:54:A5:FC:8A:E4:3B:17:BE:25:42:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OIN-SKr1mLyrVKX8iuQ7F74lQik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/dffbc8-b149-46b4-bbb8-31ea2094b557/1/FyL54UsLck7aP3oPoR_8kM81X2M.roa
Signing time: Tue 02 Jan 2024 06:32:21 +0000
ROA not before: Tue 02 Jan 2024 06:32:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212816
IP address blocks: 46.18.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/dffbc8-b149-46b4-bbb8-31ea2094b557/1/OIN-SKr1mLyrVKX8iuQ7F74lQik.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/dffbc8-b149-46b4-bbb8-31ea2094b557/1/OIN-SKr1mLyrVKX8iuQ7F74lQik.mft
rsync://rpki.ripe.net/repository/DEFAULT/OIN-SKr1mLyrVKX8iuQ7F74lQik.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:86:d8:47:91:6d:0e:3b:03:0c:12:71:08:48:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38837e48aaf598bcab54a5fc8ae43b17be254229
Validity
Not Before: Jan 2 06:32:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1722f9e14b0b724eda3f7a0fa11ffc90cf355f63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:90:a4:69:d4:f3:f7:73:92:5c:5a:1a:34:12:
58:b9:43:d8:85:f7:99:b3:07:ac:fb:12:2d:d4:67:
43:16:65:d9:85:c0:95:42:12:d2:2e:76:01:76:51:
47:12:51:62:07:73:34:50:d1:78:6c:aa:e0:04:6f:
f2:b0:a3:64:16:81:89:db:5b:af:7e:60:bd:20:91:
96:c8:ac:11:28:aa:08:ec:86:6e:d6:c9:8c:29:25:
45:1f:03:e1:73:57:eb:a0:df:d5:5c:3e:63:18:58:
b1:fa:0d:f3:28:42:3f:9c:7c:f5:54:39:db:35:59:
60:5c:09:65:48:40:02:48:10:5b:dc:b3:1f:f4:5b:
d1:dc:8d:6e:99:ce:fa:38:86:f1:ea:66:ae:71:33:
82:ab:5e:31:40:9b:49:27:03:69:f9:2c:81:3b:a4:
26:a9:19:dd:ad:5e:51:fc:a3:b6:09:0d:c8:f4:f9:
38:42:4d:c7:6e:93:ae:7a:64:8a:a1:f0:2c:02:fa:
97:16:94:2e:2b:32:57:ae:4b:ad:26:d8:05:12:84:
1f:1a:cd:5a:82:54:c6:04:33:f5:36:7f:f7:1c:d7:
6b:c0:b6:1d:db:24:01:58:20:38:9e:c7:9d:8b:84:
c5:ec:65:04:ca:d0:40:db:40:ae:f2:76:0a:20:0d:
18:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:22:F9:E1:4B:0B:72:4E:DA:3F:7A:0F:A1:1F:FC:90:CF:35:5F:63
X509v3 Authority Key Identifier:
keyid:38:83:7E:48:AA:F5:98:BC:AB:54:A5:FC:8A:E4:3B:17:BE:25:42:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OIN-SKr1mLyrVKX8iuQ7F74lQik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/dffbc8-b149-46b4-bbb8-31ea2094b557/1/FyL54UsLck7aP3oPoR_8kM81X2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/dffbc8-b149-46b4-bbb8-31ea2094b557/1/OIN-SKr1mLyrVKX8iuQ7F74lQik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.108.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:46:c7:18:44:59:79:23:af:b1:97:b6:7c:f2:af:ed:5a:c7:
79:04:fa:72:a0:ae:a5:d2:48:c4:85:d1:99:13:ce:da:d7:c1:
31:13:12:74:8e:5d:53:3d:ec:f0:58:49:19:c7:cf:c2:d3:cf:
56:f9:28:df:00:83:ee:00:2a:44:60:5e:5c:50:9f:4b:f2:f2:
2f:43:2f:49:f8:a2:d0:06:30:2a:ec:52:32:68:97:b0:95:71:
69:96:e2:96:a2:e1:b4:03:6b:53:2b:a0:9b:f2:74:82:48:5d:
4f:24:75:41:a3:b3:ff:48:49:26:7d:8d:8b:7a:f1:0e:94:9e:
fe:6b:b0:22:fb:ac:17:d2:4d:a3:7e:6f:96:8e:d4:f7:4c:ab:
bb:2c:28:a8:7a:f5:55:ac:fe:49:27:29:cd:36:7f:c9:e7:ab:
49:38:d0:11:da:9d:82:55:a6:47:26:c7:8a:d1:06:db:1f:8f:
6e:82:81:58:0b:4f:a4:e7:ca:60:f7:6c:f6:9f:cf:d0:5b:de:
41:06:71:99:4f:38:7f:c4:1f:8c:a6:7a:08:0d:e8:83:6b:b5:
6a:71:3a:04:e1:3a:67:3b:ac:7d:e8:71:67:10:33:b6:fc:de:
f6:19:ac:98:6e:31:f2:5e:9b:af:31:93:0e:ea:d6:f9:2c:ef:
b5:43:c7:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI34bYR5FtDjsDDBJxCEguMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ODM3ZTQ4YWFmNTk4YmNhYjU0YTVmYzhhZTQzYjE3YmUy
NTQyMjkwHhcNMjQwMTAyMDYzMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzIyZjllMTRiMGI3MjRlZGEzZjdhMGZhMTFmZmM5MGNmMzU1ZjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5CkadTz93OSXFoaNBJYuUPYhfeZ
swes+xIt1GdDFmXZhcCVQhLSLnYBdlFHElFiB3M0UNF4bKrgBG/ysKNkFoGJ21uv
fmC9IJGWyKwRKKoI7IZu1smMKSVFHwPhc1froN/VXD5jGFix+g3zKEI/nHz1VDnb
NVlgXAllSEACSBBb3LMf9FvR3I1umc76OIbx6maucTOCq14xQJtJJwNp+SyBO6Qm
qRndrV5R/KO2CQ3I9Pk4Qk3HbpOuemSKofAsAvqXFpQuKzJXrkutJtgFEoQfGs1a
glTGBDP1Nn/3HNdrwLYd2yQBWCA4nsedi4TF7GUEytBA20Cu8nYKIA0YyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBci+eFLC3JO2j96D6Ef/JDPNV9jMB8GA1UdIwQY
MBaAFDiDfkiq9Zi8q1Sl/IrkOxe+JUIpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0lOLVNLcjFtTHlyVktYOGl1UTdGNzRsUWlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9kZmZiYzgtYjE0OS00NmI0LWJiYjgt
MzFlYTIwOTRiNTU3LzEvRnlMNTRVc0xjazdhUDNvUG9SXzhrTTgxWDJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9kZmZiYzgtYjE0OS00NmI0LWJiYjgtMzFlYTIwOTRiNTU3
LzEvT0lOLVNLcjFtTHlyVktYOGl1UTdGNzRsUWlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhJsMA0G
CSqGSIb3DQEBCwUAA4IBAQC8RscYRFl5I6+xl7Z88q/tWsd5BPpyoK6l0kjEhdGZ
E87a18ExExJ0jl1TPezwWEkZx8/C089W+SjfAIPuACpEYF5cUJ9L8vIvQy9J+KLQ
BjAq7FIyaJewlXFpluKWouG0A2tTK6Cb8nSCSF1PJHVBo7P/SEkmfY2LevEOlJ7+
a7Ai+6wX0k2jfm+WjtT3TKu7LCioevVVrP5JJynNNn/J56tJONAR2p2CVaZHJseK
0QbbH49ugoFYC0+k58pg92z2n8/QW95BBnGZTzh/xB+MpnoIDeiDa7VqcToE4Tpn
O6x96HFnEDO2/N72GayYbjHyXpuvMZMO6tb5LO+1Q8dA
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:54:11 2024 by rpki-client on console-fra.rpki-client.org