Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/Q_s5-W5c0EszMwd7pZMdxF7AX_k.roa
File: Q_s5-W5c0EszMwd7pZMdxF7AX_k.roa (raw, json)
Hash identifier: EKjhxPxkoX7cR5+akdQlEBGujqSHCJOWGCkovIzsZ+E=
Subject key identifier: 43:FB:39:F9:6E:5C:D0:4B:33:33:07:7B:A5:93:1D:C4:5E:C0:5F:F9
Certificate issuer: /CN=e875464e89816ef00b0369502018a7e59ce2d36c
Certificate serial: 018CCA99AC6C9CFB309F858BA673A999A4D9
Authority key identifier: E8:75:46:4E:89:81:6E:F0:0B:03:69:50:20:18:A7:E5:9C:E2:D3:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6HVGTomBbvALA2lQIBin5Zzi02w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/Q_s5-W5c0EszMwd7pZMdxF7AX_k.roa
Signing time: Tue 02 Jan 2024 14:35:17 +0000
ROA not before: Tue 02 Jan 2024 14:35:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29470
IP address blocks: 46.46.160.0/20 maxlen: 20
46.46.176.0/21 maxlen: 21
46.46.184.0/22 maxlen: 22
46.46.128.0/19 maxlen: 19
46.46.128.0/18 maxlen: 18
2a02:24b0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/6HVGTomBbvALA2lQIBin5Zzi02w.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/6HVGTomBbvALA2lQIBin5Zzi02w.mft
rsync://rpki.ripe.net/repository/DEFAULT/6HVGTomBbvALA2lQIBin5Zzi02w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:ac:6c:9c:fb:30:9f:85:8b:a6:73:a9:99:a4:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e875464e89816ef00b0369502018a7e59ce2d36c
Validity
Not Before: Jan 2 14:35:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43fb39f96e5cd04b3333077ba5931dc45ec05ff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ce:39:bf:02:a9:ff:53:ca:40:b4:03:0b:57:
8f:1c:de:36:04:2b:18:e7:4f:7b:a6:b0:59:6b:97:
47:e7:14:c9:0c:45:12:02:3a:50:37:7c:a5:32:dd:
c7:ec:2a:ed:8e:ea:51:b6:f3:cd:19:d9:42:5c:45:
ae:07:07:46:02:ab:39:04:6b:3a:e8:18:55:a1:d7:
7b:5b:a8:9f:91:6c:7c:39:b8:71:1e:3d:6f:c9:a9:
3e:2b:54:95:ba:49:e6:73:b9:0e:fa:d3:60:0e:a2:
b9:ff:66:90:3a:5c:66:27:1f:d7:49:d6:af:37:28:
10:ee:fe:cb:51:62:ff:03:e2:b1:03:58:ae:5e:33:
c6:70:18:2c:97:8e:fc:5e:10:f8:74:9c:ac:d8:46:
f6:96:48:c3:dd:0d:4d:2f:21:c9:e8:fd:dc:56:cd:
67:a0:28:d3:e6:91:3e:94:0a:3e:38:85:bc:34:ab:
47:a4:22:fe:9d:fd:8b:24:eb:a7:a0:db:9c:b7:24:
44:b6:ee:d9:9b:21:85:74:82:8e:ee:66:dd:5d:18:
8e:b7:5d:c9:1b:da:65:69:e5:83:69:72:91:11:41:
41:8b:fb:51:36:ea:05:93:3a:42:56:2a:24:44:68:
07:14:e3:5c:75:bb:54:5f:63:cb:f8:d3:49:2f:5c:
86:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:FB:39:F9:6E:5C:D0:4B:33:33:07:7B:A5:93:1D:C4:5E:C0:5F:F9
X509v3 Authority Key Identifier:
keyid:E8:75:46:4E:89:81:6E:F0:0B:03:69:50:20:18:A7:E5:9C:E2:D3:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6HVGTomBbvALA2lQIBin5Zzi02w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/Q_s5-W5c0EszMwd7pZMdxF7AX_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/6HVGTomBbvALA2lQIBin5Zzi02w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.46.128.0/18
IPv6:
2a02:24b0::/32
Signature Algorithm: sha256WithRSAEncryption
8b:36:3a:ab:eb:46:c7:05:a0:d7:07:bc:75:36:36:9c:86:f7:
70:e5:df:56:38:39:31:99:92:60:c9:e8:11:0f:9a:40:fe:5e:
eb:1f:22:9b:33:86:37:b6:ee:52:2c:9f:e0:95:4f:a0:7f:0f:
4e:e3:67:73:2f:63:0b:e6:e2:f9:b7:0e:c7:43:68:81:ce:1a:
dd:3b:6e:cd:3b:82:5d:47:8d:26:2b:3b:0d:8c:67:02:9d:01:
4f:4b:95:e8:9b:14:3a:76:10:e1:28:32:7a:3f:cf:b6:e7:d0:
83:5f:10:b9:eb:24:07:29:a1:d1:b7:ce:d5:70:08:a1:85:84:
c8:5f:41:d3:31:38:32:c7:cc:c5:2a:7b:43:a0:f4:ef:6d:35:
aa:38:11:ac:94:41:3c:ec:00:7a:f1:f0:a0:1a:b4:65:9e:9d:
1c:33:57:eb:4a:c9:a5:ae:39:df:2c:9c:2e:3e:2a:ee:17:ec:
6f:7e:4f:8a:1d:4c:d4:af:35:fe:1c:97:4a:5f:ea:53:da:a7:
0b:f4:ec:5d:a5:e3:cd:ee:d8:18:85:df:7b:9b:6a:f8:cd:71:
c3:4f:a1:a3:d1:3a:ca:5d:a4:f4:db:4a:5e:fa:d4:9b:32:57:
5c:94:f8:c6:06:25:c1:2a:73:83:a8:d4:8e:77:f7:12:28:6e:
35:47:b1:50
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKmaxsnPswn4WLpnOpmaTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NzU0NjRlODk4MTZlZjAwYjAzNjk1MDIwMThhN2U1OWNl
MmQzNmMwHhcNMjQwMTAyMTQzNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2ZiMzlmOTZlNWNkMDRiMzMzMzA3N2JhNTkzMWRjNDVlYzA1ZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApc45vwKp/1PKQLQDC1ePHN42BCsY
5097prBZa5dH5xTJDEUSAjpQN3ylMt3H7CrtjupRtvPNGdlCXEWuBwdGAqs5BGs6
6BhVodd7W6ifkWx8ObhxHj1vyak+K1SVuknmc7kO+tNgDqK5/2aQOlxmJx/XSdav
NygQ7v7LUWL/A+KxA1iuXjPGcBgsl478XhD4dJys2Eb2lkjD3Q1NLyHJ6P3cVs1n
oCjT5pE+lAo+OIW8NKtHpCL+nf2LJOunoNuctyREtu7ZmyGFdIKO7mbdXRiOt13J
G9plaeWDaXKREUFBi/tRNuoFkzpCViokRGgHFONcdbtUX2PL+NNJL1yGPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEP7OfluXNBLMzMHe6WTHcRewF/5MB8GA1UdIwQY
MBaAFOh1Rk6JgW7wCwNpUCAYp+Wc4tNsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkhWR1RvbUJidkFMQTJsUUlCaW41WnppMDJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9jMzA2OWUtNWZmYy00YzhjLTkxZGMt
MzFkMTk3ZjEzOWQ4LzEvUV9zNS1XNWMwRXN6TXdkN3BaTWR4RjdBWF9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9jMzA2OWUtNWZmYy00YzhjLTkxZGMtMzFkMTk3ZjEzOWQ4
LzEvNkhWR1RvbUJidkFMQTJsUUlCaW41WnppMDJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGLi6AMA0E
AgACMAcDBQAqAiSwMA0GCSqGSIb3DQEBCwUAA4IBAQCLNjqr60bHBaDXB7x1Njac
hvdw5d9WODkxmZJgyegRD5pA/l7rHyKbM4Y3tu5SLJ/glU+gfw9O42dzL2ML5uL5
tw7HQ2iBzhrdO27NO4JdR40mKzsNjGcCnQFPS5XomxQ6dhDhKDJ6P8+259CDXxC5
6yQHKaHRt87VcAihhYTIX0HTMTgyx8zFKntDoPTvbTWqOBGslEE87AB68fCgGrRl
np0cM1frSsmlrjnfLJwuPiruF+xvfk+KHUzUrzX+HJdKX+pT2qcL9OxdpePN7tgY
hd97m2r4zXHDT6Gj0TrKXaT020pe+tSbMldclPjGBiXBKnODqNSOd/cSKG41R7FQ
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:42:51 2024 by rpki-client on console-fra.rpki-client.org