Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/OSE6z2Iy8HjQerNGH4U8jEHNn1o.roa
File: OSE6z2Iy8HjQerNGH4U8jEHNn1o.roa (raw, json)
Hash identifier: kZwkpOk1WxYlWqEmCFBP3qtIAbjf5Teg/tdX+b6PcmU=
Subject key identifier: 39:21:3A:CF:62:32:F0:78:D0:7A:B3:46:1F:85:3C:8C:41:CD:9F:5A
Certificate issuer: /CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Certificate serial: 01922F03755945467E8457B4825E1E39C553
Authority key identifier: 5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/OSE6z2Iy8HjQerNGH4U8jEHNn1o.roa
Signing time: Thu 26 Sep 2024 15:46:48 +0000
ROA not before: Thu 26 Sep 2024 15:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43987
IP address blocks: 46.49.132.0/24 maxlen: 24
46.49.135.0/24 maxlen: 24
46.49.140.0/24 maxlen: 24
46.49.143.0/24 maxlen: 24
46.49.144.0/24 maxlen: 24
46.49.173.0/24 maxlen: 24
46.49.210.0/24 maxlen: 24
95.177.148.0/24 maxlen: 24
95.177.149.0/24 maxlen: 24
95.177.156.0/23 maxlen: 23
95.177.192.0/19 maxlen: 19
95.177.192.0/20 maxlen: 20
95.177.224.0/19 maxlen: 19
2a02:df5::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.mft
rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2f:03:75:59:45:46:7e:84:57:b4:82:5e:1e:39:c5:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Validity
Not Before: Sep 26 15:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39213acf6232f078d07ab3461f853c8c41cd9f5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:28:dd:09:d2:8d:e3:25:99:d8:a1:27:c7:ba:
15:bb:70:3d:eb:0e:58:e4:1a:fd:3f:03:d2:7a:85:
b4:72:31:7b:d9:d3:e1:19:02:90:d0:63:25:88:8e:
e8:03:8d:58:c1:d3:dc:69:ae:bd:01:37:ab:53:27:
64:b4:7e:77:98:f4:0a:bd:bf:e9:e5:e4:03:b3:15:
c4:f5:54:56:14:95:34:ab:26:1b:75:cb:5a:e2:33:
02:a7:8a:07:9d:e8:5f:1e:1e:aa:e7:f9:9d:aa:3e:
1b:b7:90:03:a3:69:ae:2b:f4:dc:92:79:c4:b2:3f:
be:31:e8:64:43:ae:f7:bf:71:24:7d:00:f9:6b:e4:
f1:24:ca:7e:eb:2a:47:4e:f0:8b:c6:a2:15:05:b2:
d1:cb:07:67:f0:7b:44:62:54:cb:e5:b6:1e:5f:5a:
7a:65:c6:53:ba:7f:1f:ad:4b:b9:71:20:44:68:0e:
96:2a:4e:0d:16:7d:13:79:23:93:da:23:d5:68:3e:
10:39:0e:f5:be:80:27:6a:ec:7a:8b:71:28:01:b5:
05:0c:d6:ba:58:e3:37:0f:76:af:92:db:4f:b5:96:
db:45:e6:ba:ef:f7:bd:15:9c:4b:32:6a:fd:6f:66:
2c:6c:57:fa:d5:86:65:ef:2a:3f:38:87:13:fa:f4:
35:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:21:3A:CF:62:32:F0:78:D0:7A:B3:46:1F:85:3C:8C:41:CD:9F:5A
X509v3 Authority Key Identifier:
keyid:5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/OSE6z2Iy8HjQerNGH4U8jEHNn1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.49.132.0/24
46.49.135.0/24
46.49.140.0/24
46.49.143.0-46.49.144.255
46.49.173.0/24
46.49.210.0/24
95.177.148.0/23
95.177.156.0/23
95.177.192.0/18
IPv6:
2a02:df5::/32
Signature Algorithm: sha256WithRSAEncryption
b4:50:a6:30:e8:33:dd:65:83:75:b3:66:65:78:ac:a5:9b:ee:
97:90:08:b7:22:b3:f2:ed:ad:6b:ca:dd:e3:84:cd:a1:c1:f9:
fe:d6:be:5a:cd:5d:f3:0a:b4:c1:32:cd:b6:7c:6d:f2:1c:5e:
97:e3:f9:e1:12:c2:d1:75:83:24:4b:f5:47:ee:c2:28:bf:35:
da:6d:c7:3a:05:47:d7:45:e8:39:e5:0d:6c:3a:a6:16:8f:ec:
d3:3e:33:98:ce:99:b5:45:9b:72:8a:7f:a0:f2:27:cf:28:bf:
41:04:73:6b:03:78:d8:31:0d:82:7d:71:6f:59:52:6e:5f:9b:
53:2d:39:9a:38:5d:7c:80:00:8d:42:b6:8b:ae:89:13:e8:81:
eb:57:9a:e4:50:da:bf:2f:0a:ca:e1:ad:8d:12:9b:10:a4:cb:
4f:e0:98:b5:10:a7:9f:3d:54:58:5d:65:5f:4c:95:2b:2f:68:
11:b4:3b:c0:93:b3:bc:00:b7:df:c2:b1:15:b2:39:8b:76:9f:
c7:ac:8f:50:a8:c9:6e:e6:2c:8d:e7:bb:f0:29:5c:22:64:4b:
81:ad:88:fd:e4:23:7c:88:b7:88:43:d9:b2:f5:b4:0a:d1:31:
d1:14:56:d7:91:9c:d7:8b:d5:2f:c6:83:a5:bb:74:95:b5:9f:
7f:00:8c:b3
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZIvA3VZRUZ+hFe0gl4eOcVTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNDNlOWUyNjc5NTZlN2YyNjJjMTdmMDA4OWYwZjYwYmE3
YWJlZmIwHhcNMjQwOTI2MTU0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTIxM2FjZjYyMzJmMDc4ZDA3YWIzNDYxZjg1M2M4YzQxY2Q5ZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmijdCdKN4yWZ2KEnx7oVu3A96w5Y
5Br9PwPSeoW0cjF72dPhGQKQ0GMliI7oA41YwdPcaa69ATerUydktH53mPQKvb/p
5eQDsxXE9VRWFJU0qyYbdcta4jMCp4oHnehfHh6q5/mdqj4bt5ADo2muK/TcknnE
sj++MehkQ673v3EkfQD5a+TxJMp+6ypHTvCLxqIVBbLRywdn8HtEYlTL5bYeX1p6
ZcZTun8frUu5cSBEaA6WKk4NFn0TeSOT2iPVaD4QOQ71voAnaux6i3EoAbUFDNa6
WOM3D3avkttPtZbbRea67/e9FZxLMmr9b2YsbFf61YZl7yo/OIcT+vQ1OwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFDkhOs9iMvB40HqzRh+FPIxBzZ9aMB8GA1UdIwQY
MBaAFFpD6eJnlW5/JiwX8AifD2C6er77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGIt
NzljODk4N2E4YjFjLzEvT1NFNnoySXk4SGpRZXJOR0g0VThqRUhObjFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGItNzljODk4N2E4YjFj
LzEvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQALjGEAwQA
LjGHAwQALjGMMAwDBAAuMY8DBAAuMZADBAAuMa0DBAAuMdIDBAFfsZQDBAFfsZwD
BAZfscAwDQQCAAIwBwMFACoCDfUwDQYJKoZIhvcNAQELBQADggEBALRQpjDoM91l
g3WzZmV4rKWb7peQCLcis/LtrWvK3eOEzaHB+f7WvlrNXfMKtMEyzbZ8bfIcXpfj
+eESwtF1gyRL9Ufuwii/NdptxzoFR9dF6DnlDWw6phaP7NM+M5jOmbVFm3KKf6Dy
J88ov0EEc2sDeNgxDYJ9cW9ZUm5fm1MtOZo4XXyAAI1CtouuiRPogetXmuRQ2r8v
CsrhrY0SmxCky0/gmLUQp589VFhdZV9MlSsvaBG0O8CTs7wAt9/CsRWyOYt2n8es
j1CoyW7mLI3nu/ApXCJkS4GtiP3kI3yIt4hD2bL1tArRMdEUVteRnNeL1S/Gg6W7
dJW1n38AjLM=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:14:42 2024 by rpki-client on console-fra.rpki-client.org