Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/hAYYkBDXym9o6nkyjWu292n6CkI.roa
File: hAYYkBDXym9o6nkyjWu292n6CkI.roa (raw, json)
Hash identifier: 7Lqt/wx1lyMbUzLKwYF+ax8GqXO0gRzh/5hk2khj8eY=
Subject key identifier: 84:06:18:90:10:D7:CA:6F:68:EA:79:32:8D:6B:B6:F7:69:FA:0A:42
Certificate issuer: /CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Certificate serial: 018CC6B7BAF9B5486813A7194F28A7D0DD3F
Authority key identifier: 5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/hAYYkBDXym9o6nkyjWu292n6CkI.roa
Signing time: Mon 01 Jan 2024 20:29:38 +0000
ROA not before: Mon 01 Jan 2024 20:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43987
IP address blocks: 46.49.173.0/24 maxlen: 24
95.177.192.0/19 maxlen: 19
46.49.210.0/24 maxlen: 24
95.177.224.0/19 maxlen: 19
46.49.132.0/24 maxlen: 24
46.49.135.0/24 maxlen: 24
46.49.144.0/24 maxlen: 24
46.49.140.0/24 maxlen: 24
46.49.143.0/24 maxlen: 24
95.177.148.0/24 maxlen: 24
95.177.149.0/24 maxlen: 24
95.177.156.0/23 maxlen: 23
2a02:df5::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.mft
rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 08:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:ba:f9:b5:48:68:13:a7:19:4f:28:a7:d0:dd:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Validity
Not Before: Jan 1 20:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8406189010d7ca6f68ea79328d6bb6f769fa0a42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f5:a9:32:4c:a0:85:af:ac:8d:5b:24:c8:b7:
fa:6e:6c:02:31:9a:0f:c5:e6:82:d9:8a:ce:6e:c9:
21:4e:60:5d:88:70:88:20:05:85:91:71:04:7b:ab:
58:81:e8:9d:cf:92:da:04:25:d4:9e:77:5a:b6:68:
8b:5b:8c:a5:8e:94:8e:ed:06:1e:8e:3e:8d:24:95:
86:7d:1d:e2:6a:2a:6f:4e:fd:37:1a:0c:f9:0f:9a:
2d:cf:5e:a7:1c:8c:f1:2d:42:65:4d:83:0b:fc:be:
1c:9b:ec:c4:24:cc:67:d3:58:38:93:42:58:1f:95:
f2:0d:8d:fe:f4:d1:fe:14:b3:2d:9f:0a:c2:ee:b5:
80:57:4e:50:4d:41:d5:dd:1d:9e:a2:73:93:dd:5b:
54:fa:71:99:8c:1b:75:dc:f7:ab:f8:b7:3f:a0:b5:
32:d8:a7:1d:23:fc:0d:fe:6d:bc:68:98:14:6b:23:
69:8b:56:37:2c:05:1d:71:bf:67:cd:88:ff:2b:11:
35:fe:c3:1f:d1:7f:4b:8f:2b:f4:1a:3b:fb:88:7a:
e0:af:41:bc:6e:b8:0d:89:4c:3c:9a:76:ca:89:1d:
c0:19:88:f9:b8:61:26:bc:5c:6f:fa:5f:a8:23:df:
8f:c4:32:59:f1:47:c1:b8:8b:82:1b:f5:f8:f2:aa:
02:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:06:18:90:10:D7:CA:6F:68:EA:79:32:8D:6B:B6:F7:69:FA:0A:42
X509v3 Authority Key Identifier:
keyid:5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/hAYYkBDXym9o6nkyjWu292n6CkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.49.132.0/24
46.49.135.0/24
46.49.140.0/24
46.49.143.0-46.49.144.255
46.49.173.0/24
46.49.210.0/24
95.177.148.0/23
95.177.156.0/23
95.177.192.0/18
IPv6:
2a02:df5::/32
Signature Algorithm: sha256WithRSAEncryption
79:33:83:51:6a:e4:c5:45:99:87:de:01:79:90:d8:9b:14:d3:
fa:4a:4d:04:cf:85:fa:3d:b9:03:06:52:2e:e6:e4:9f:22:9d:
5b:27:43:e6:9b:a8:b9:61:0b:e4:9b:ff:8e:e7:5d:17:98:4c:
b9:57:4f:15:83:e7:aa:9e:95:16:3b:d2:04:ea:72:05:1f:ff:
1a:45:30:20:f7:ca:e0:17:4d:1f:6d:4e:e2:15:5d:b2:65:5f:
b6:b7:2c:4c:cc:0d:8f:7d:d3:3d:9f:23:80:9f:c3:9a:35:71:
2e:bc:f2:d8:26:c6:2b:26:0a:49:02:0b:f2:ec:07:62:48:94:
31:34:2c:ef:b0:f9:d2:e7:fe:c3:c8:47:10:42:b2:69:88:f3:
e0:ae:97:cc:29:cc:1c:7f:3a:4c:3d:65:70:d8:61:18:a4:a7:
29:cc:42:0f:ad:36:45:f8:b9:1f:8e:49:b6:10:1e:17:c9:4e:
5c:b5:a2:0e:04:8e:ef:d5:cc:5c:6a:5e:cd:9c:61:cc:b9:7e:
77:f2:21:36:d1:81:15:1a:1c:84:c1:5e:09:3c:0e:d4:7f:4d:
66:f7:27:f4:85:c0:24:ef:7a:dd:01:48:0e:91:d4:27:af:c3:
43:9d:6d:0d:a2:7e:f3:47:c3:79:f6:2e:c3:1b:ea:78:71:63:
8f:8c:f2:7a
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYzGt7r5tUhoE6cZTyin0N0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNDNlOWUyNjc5NTZlN2YyNjJjMTdmMDA4OWYwZjYwYmE3
YWJlZmIwHhcNMjQwMTAxMjAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDA2MTg5MDEwZDdjYTZmNjhlYTc5MzI4ZDZiYjZmNzY5ZmEwYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfWpMkygha+sjVskyLf6bmwCMZoP
xeaC2YrObskhTmBdiHCIIAWFkXEEe6tYgeidz5LaBCXUnndatmiLW4yljpSO7QYe
jj6NJJWGfR3iaipvTv03Ggz5D5otz16nHIzxLUJlTYML/L4cm+zEJMxn01g4k0JY
H5XyDY3+9NH+FLMtnwrC7rWAV05QTUHV3R2eonOT3VtU+nGZjBt13Per+Lc/oLUy
2KcdI/wN/m28aJgUayNpi1Y3LAUdcb9nzYj/KxE1/sMf0X9Ljyv0Gjv7iHrgr0G8
brgNiUw8mnbKiR3AGYj5uGEmvFxv+l+oI9+PxDJZ8UfBuIuCG/X48qoCzQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFIQGGJAQ18pvaOp5Mo1rtvdp+gpCMB8GA1UdIwQY
MBaAFFpD6eJnlW5/JiwX8AifD2C6er77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGIt
NzljODk4N2E4YjFjLzEvaEFZWWtCRFh5bTlvNm5reWpXdTI5Mm42Q2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGItNzljODk4N2E4YjFj
LzEvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQALjGEAwQA
LjGHAwQALjGMMAwDBAAuMY8DBAAuMZADBAAuMa0DBAAuMdIDBAFfsZQDBAFfsZwD
BAZfscAwDQQCAAIwBwMFACoCDfUwDQYJKoZIhvcNAQELBQADggEBAHkzg1Fq5MVF
mYfeAXmQ2JsU0/pKTQTPhfo9uQMGUi7m5J8inVsnQ+abqLlhC+Sb/47nXReYTLlX
TxWD56qelRY70gTqcgUf/xpFMCD3yuAXTR9tTuIVXbJlX7a3LEzMDY990z2fI4Cf
w5o1cS688tgmxismCkkCC/LsB2JIlDE0LO+w+dLn/sPIRxBCsmmI8+Cul8wpzBx/
Okw9ZXDYYRikpynMQg+tNkX4uR+OSbYQHhfJTly1og4Eju/VzFxqXs2cYcy5fnfy
ITbRgRUaHITBXgk8DtR/TWb3J/SFwCTvet0BSA6R1Cevw0OdbQ2ifvNHw3n2LsMb
6nhxY4+M8no=
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:46:28 2024 by rpki-client on console-fra.rpki-client.org