Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/_uVsRpc94dx_TzwURmJT-QsnP78.roa
File: _uVsRpc94dx_TzwURmJT-QsnP78.roa (raw, json)
Hash identifier: b9tjdq7/bNvXP15ojhfo78QMlZ5SewjpGU1jAUczPfg=
Subject key identifier: FE:E5:6C:46:97:3D:E1:DC:7F:4F:3C:14:46:62:53:F9:0B:27:3F:BF
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018F0A86FB2EC6AAF7010941952D9DA4F6F3
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/_uVsRpc94dx_TzwURmJT-QsnP78.roa
Signing time: Tue 23 Apr 2024 10:36:09 +0000
ROA not before: Tue 23 Apr 2024 10:36:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39374
IP address blocks: 46.237.44.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0a:86:fb:2e:c6:aa:f7:01:09:41:95:2d:9d:a4:f6:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 23 10:36:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fee56c46973de1dc7f4f3c14466253f90b273fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c1:ea:45:f9:35:c8:54:44:13:61:8d:d2:05:
b1:3f:27:61:93:26:20:ab:96:f1:c0:b1:0b:3d:55:
55:fe:06:d9:8d:25:49:b0:87:f9:4c:e0:1e:3e:c7:
2c:a6:28:71:37:70:c5:b9:27:77:5c:de:29:31:dc:
90:31:56:0f:ad:24:ff:e5:95:62:0e:93:e8:5d:f0:
26:e5:87:c4:b1:c8:91:53:7a:27:e0:e9:27:13:3e:
2f:3d:27:67:fa:a3:c0:9b:85:ec:9b:da:99:2c:1b:
0a:81:47:ea:54:5f:ee:b8:f9:54:c0:a9:9a:9b:c9:
66:a5:14:1a:03:98:10:0c:04:27:91:88:ac:13:1a:
be:08:22:dc:ce:6f:29:7d:78:c8:83:e3:10:e9:3d:
30:ba:5c:66:2b:ac:c8:be:3d:da:3e:ee:be:4c:c5:
96:46:2f:42:93:20:bb:07:2f:2a:fa:bf:61:98:c7:
f8:2a:9b:18:c0:29:0d:1c:d1:d7:1c:df:2d:0e:78:
49:f2:fb:ec:11:19:ea:86:c3:b7:06:3f:10:61:1f:
81:d7:ca:16:21:81:a2:89:e3:66:0b:34:16:53:26:
65:e3:9a:5e:30:28:27:00:b2:ef:72:5b:3d:37:5b:
51:33:3a:c5:19:cc:17:cf:73:8c:77:34:5b:b5:c7:
fd:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E5:6C:46:97:3D:E1:DC:7F:4F:3C:14:46:62:53:F9:0B:27:3F:BF
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/_uVsRpc94dx_TzwURmJT-QsnP78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.237.44.0/22
Signature Algorithm: sha256WithRSAEncryption
74:6c:8b:9d:31:a0:c3:c8:8d:3b:53:f5:1c:0d:e2:22:d9:ad:
7f:fc:a8:8f:8d:41:c2:01:bd:3d:5e:d4:e5:d9:2b:cb:e6:f6:
bf:cd:61:9f:c9:5b:00:c2:ab:96:e7:20:81:65:6a:50:2a:a8:
da:59:31:b5:1d:58:a7:8d:15:41:1d:75:27:07:02:b3:c7:15:
4a:5f:ea:19:0d:fe:48:b1:4a:11:ce:27:ad:3b:f4:63:e5:39:
27:e5:b7:60:35:d6:cb:a0:e6:c3:3a:b7:e7:96:18:4a:6e:da:
65:99:53:ce:b4:91:6d:e7:51:c9:19:48:ef:29:c0:39:6e:20:
65:fa:af:06:1a:93:2e:f2:bf:c8:68:c9:f4:47:15:20:58:fb:
c3:f9:b6:e5:85:1f:b8:81:97:c5:10:1e:f6:79:a8:e1:58:e5:
f2:5b:f3:a9:82:61:07:1f:69:36:2e:dd:72:33:4e:3e:35:ef:
aa:9f:fc:e0:4b:70:d8:31:59:65:c7:f3:5c:eb:f8:e5:5c:30:
e1:9a:e1:d4:f9:70:67:31:15:37:4c:34:d2:38:d2:a2:4a:21:
9c:03:b4:de:f9:08:e6:37:ba:7c:4f:d4:e9:32:9a:16:95:e6:
c0:ba:0d:3c:f7:5e:60:fe:59:b8:ed:fd:d3:e9:c6:8e:4f:56:
e7:3f:c0:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8Khvsuxqr3AQlBlS2dpPbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDIzMTAzNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWU1NmM0Njk3M2RlMWRjN2Y0ZjNjMTQ0NjYyNTNmOTBiMjczZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsHqRfk1yFREE2GN0gWxPydhkyYg
q5bxwLELPVVV/gbZjSVJsIf5TOAePscspihxN3DFuSd3XN4pMdyQMVYPrST/5ZVi
DpPoXfAm5YfEsciRU3on4OknEz4vPSdn+qPAm4Xsm9qZLBsKgUfqVF/uuPlUwKma
m8lmpRQaA5gQDAQnkYisExq+CCLczm8pfXjIg+MQ6T0wulxmK6zIvj3aPu6+TMWW
Ri9CkyC7By8q+r9hmMf4KpsYwCkNHNHXHN8tDnhJ8vvsERnqhsO3Bj8QYR+B18oW
IYGiieNmCzQWUyZl45peMCgnALLvcls9N1tRMzrFGcwXz3OMdzRbtcf9vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP7lbEaXPeHcf088FEZiU/kLJz+/MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvX3VWc1JwYzk0ZHhfVHp3VVJtSlQtUXNuUDc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLu0sMA0G
CSqGSIb3DQEBCwUAA4IBAQB0bIudMaDDyI07U/UcDeIi2a1//KiPjUHCAb09XtTl
2SvL5va/zWGfyVsAwquW5yCBZWpQKqjaWTG1HVinjRVBHXUnBwKzxxVKX+oZDf5I
sUoRzietO/Rj5Tkn5bdgNdbLoObDOrfnlhhKbtplmVPOtJFt51HJGUjvKcA5biBl
+q8GGpMu8r/IaMn0RxUgWPvD+bblhR+4gZfFEB72eajhWOXyW/OpgmEHH2k2Lt1y
M04+Ne+qn/zgS3DYMVllx/Nc6/jlXDDhmuHU+XBnMRU3TDTSONKiSiGcA7Te+Qjm
N7p8T9TpMpoWlebAug08915g/lm47f3T6caOT1bnP8DF
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:27:56 2024 by rpki-client on console-ams.rpki-client.org