Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/0ytV9xZLvzaxQMGemnlf85Mxni4.roa
File: 0ytV9xZLvzaxQMGemnlf85Mxni4.roa (raw, json)
Hash identifier: aoQwnA18U3ohGg9e88bZNZqeZAPdMzCcQpy1gfrd0Oo=
Subject key identifier: D3:2B:55:F7:16:4B:BF:36:B1:40:C1:9E:9A:79:5F:F3:93:31:9E:2E
Certificate issuer: /CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
Certificate serial: 018CC4254BDCB992BC33D41ABC06909E96B4
Authority key identifier: 4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/0ytV9xZLvzaxQMGemnlf85Mxni4.roa
Signing time: Mon 01 Jan 2024 08:30:27 +0000
ROA not before: Mon 01 Jan 2024 08:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21395
IP address blocks: 185.59.88.0/24 maxlen: 24
185.59.88.0/22 maxlen: 22
46.134.192.0/19 maxlen: 19
46.134.192.0/18 maxlen: 18
188.47.192.0/18 maxlen: 18
2a00:f46::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:4b:dc:b9:92:bc:33:d4:1a:bc:06:90:9e:96:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
Validity
Not Before: Jan 1 08:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d32b55f7164bbf36b140c19e9a795ff393319e2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0b:86:2c:cd:75:1e:d4:b1:7c:f1:72:49:eb:
15:85:ba:34:c2:45:31:86:38:fd:27:a9:ea:71:c8:
dc:10:9a:1e:bb:64:60:88:23:37:1b:85:51:77:82:
46:d3:78:d8:fe:1a:30:b5:02:3f:89:98:fd:87:17:
4f:77:ec:b5:a3:6d:fe:b7:6a:ad:18:a9:8b:97:28:
11:03:86:9d:d8:fe:ba:5e:06:b8:27:d1:89:31:92:
20:2d:74:65:3c:fa:12:7c:d1:29:3a:5f:9c:b3:f1:
3f:45:fd:65:45:c2:d5:52:93:6d:90:b2:8a:ff:74:
b5:2a:0a:7e:24:42:5c:86:45:c6:9d:a4:3e:2e:a7:
e7:ac:78:93:2a:1a:67:5c:6e:c5:40:d5:e3:22:b8:
37:cf:a2:14:c5:94:d4:2b:3f:c7:dc:f4:ff:c3:5a:
bd:2b:ab:57:d0:e1:ba:ef:cc:9f:d8:a3:44:fc:3d:
0c:83:68:25:44:2a:df:5c:02:7b:ed:51:a7:b5:94:
6c:ef:8a:e2:2c:e2:f3:a0:61:ae:70:23:ef:d6:e0:
a9:1e:aa:9a:3b:88:7e:ac:25:3a:1d:d4:c9:dd:07:
f0:89:61:07:ea:c7:fd:c0:8d:10:80:c7:29:f6:ed:
09:f3:f0:b2:97:14:75:a2:bc:2e:7a:0b:b9:1f:7e:
f9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:2B:55:F7:16:4B:BF:36:B1:40:C1:9E:9A:79:5F:F3:93:31:9E:2E
X509v3 Authority Key Identifier:
keyid:4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/0ytV9xZLvzaxQMGemnlf85Mxni4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.134.192.0/18
185.59.88.0/22
188.47.192.0/18
IPv6:
2a00:f46::/36
Signature Algorithm: sha256WithRSAEncryption
76:c8:eb:cf:f2:3a:25:0e:b9:8c:e3:54:da:e8:56:81:a4:ff:
85:94:e6:ab:c5:23:2c:86:39:cd:9d:d4:60:ca:ea:bf:3f:5e:
ee:e6:bf:88:f6:d3:0e:04:bb:f3:99:64:14:2d:d5:1c:54:e4:
19:dd:76:54:60:a7:91:39:f0:a8:01:9c:dc:a6:1b:4f:a1:88:
68:f0:4d:26:10:50:63:d6:f6:53:7c:d3:a4:44:9a:b4:da:67:
0b:76:b7:37:bf:ca:24:6c:3a:e9:39:5d:13:2a:e9:76:77:75:
8f:39:98:b3:67:7a:61:a5:99:d6:8d:24:a5:b8:94:11:0e:ef:
90:cf:6a:40:e7:b4:8c:d3:b2:0b:fb:88:92:e7:2a:4d:0d:47:
ad:84:51:fc:6a:b1:54:e9:63:9f:78:94:1e:ce:09:e7:20:7e:
5d:47:4b:b2:b8:08:53:a6:eb:3b:79:66:bd:0f:79:6b:5b:3f:
ce:30:ae:c5:1b:9e:ed:d9:a6:63:61:00:ac:ae:75:7f:28:30:
14:62:5c:a4:04:6f:08:83:af:64:e7:3c:4b:96:7c:93:f8:d7:
da:33:9d:ca:b8:cc:e3:1e:1a:07:31:23:99:f5:da:cb:81:a9:
a3:38:9c:0d:98:2c:8f:81:e2:59:05:d9:eb:a1:92:18:c6:39:
4b:5f:88:5f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzEJUvcuZK8M9QavAaQnpa0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2Y1MzAwN2M3OWNjNWUyZjJkNzM1NmJhOTEyMWE3OGMw
Yzc3MTQwHhcNMjQwMTAxMDgzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzJiNTVmNzE2NGJiZjM2YjE0MGMxOWU5YTc5NWZmMzkzMzE5ZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwuGLM11HtSxfPFySesVhbo0wkUx
hjj9J6nqccjcEJoeu2RgiCM3G4VRd4JG03jY/howtQI/iZj9hxdPd+y1o23+t2qt
GKmLlygRA4ad2P66Xga4J9GJMZIgLXRlPPoSfNEpOl+cs/E/Rf1lRcLVUpNtkLKK
/3S1Kgp+JEJchkXGnaQ+LqfnrHiTKhpnXG7FQNXjIrg3z6IUxZTUKz/H3PT/w1q9
K6tX0OG678yf2KNE/D0Mg2glRCrfXAJ77VGntZRs74riLOLzoGGucCPv1uCpHqqa
O4h+rCU6HdTJ3QfwiWEH6sf9wI0QgMcp9u0J8/CylxR1orwuegu5H3754wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNMrVfcWS782sUDBnpp5X/OTMZ4uMB8GA1UdIwQY
MBaAFE7PUwB8ecxeLy1zVrqRIaeMDHcUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEt
Y2I4YjNhMDk0MjA5LzEvMHl0Vjl4Wkx2emF4UU1HZW1ubGY4NU14bmk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEtY2I4YjNhMDk0MjA5
LzEvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQGLobAAwQC
uTtYAwQGvC/AMA4EAgACMAgDBgQqAA9GADANBgkqhkiG9w0BAQsFAAOCAQEAdsjr
z/I6JQ65jONU2uhWgaT/hZTmq8UjLIY5zZ3UYMrqvz9e7ua/iPbTDgS785lkFC3V
HFTkGd12VGCnkTnwqAGc3KYbT6GIaPBNJhBQY9b2U3zTpESatNpnC3a3N7/KJGw6
6TldEyrpdnd1jzmYs2d6YaWZ1o0kpbiUEQ7vkM9qQOe0jNOyC/uIkucqTQ1HrYRR
/GqxVOljn3iUHs4J5yB+XUdLsrgIU6brO3lmvQ95a1s/zjCuxRue7dmmY2EArK51
fygwFGJcpARvCIOvZOc8S5Z8k/jX2jOdyrjM4x4aBzEjmfXay4GpozicDZgsj4Hi
WQXZ66GSGMY5S1+IXw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:46:33 2024 by rpki-client on console-ams.rpki-client.org