Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/giBuSFyv8fg3QYc4rlCNEr4m5qU.roa
File: giBuSFyv8fg3QYc4rlCNEr4m5qU.roa (raw, json)
Hash identifier: WdeO9idTcaNPvdn1XtDRax3PbD+YNPAhETS0IrbMCQ8=
Subject key identifier: 82:20:6E:48:5C:AF:F1:F8:37:41:87:38:AE:50:8D:12:BE:26:E6:A5
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EE661B6F3009E7CE463DC88E85E5FD271
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/giBuSFyv8fg3QYc4rlCNEr4m5qU.roa
Signing time: Tue 16 Apr 2024 10:09:07 +0000
ROA not before: Tue 16 Apr 2024 10:09:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42358
IP address blocks: 46.255.96.0/21 maxlen: 21
77.72.136.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e6:61:b6:f3:00:9e:7c:e4:63:dc:88:e8:5e:5f:d2:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 16 10:09:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82206e485caff1f837418738ae508d12be26e6a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:45:79:84:38:da:c5:d9:e6:c6:57:2b:a5:b9:
57:2a:85:9e:2d:e5:5c:52:f6:e7:23:a2:ac:3c:0f:
48:89:50:da:68:5c:45:9d:c7:0c:bd:ac:d9:d7:40:
c9:17:f7:3b:a7:ee:52:ba:6c:b7:10:06:6b:a4:40:
88:ae:c9:e0:93:34:e4:75:f0:e2:e7:4b:e1:c8:d3:
6d:35:dd:d5:75:52:46:5a:48:fe:e2:0a:4b:b8:2e:
cb:4b:77:36:a6:0c:89:2b:99:9e:d2:29:ac:c3:2b:
6b:af:8f:32:90:b8:9a:f7:e5:13:4f:bf:e3:8a:6b:
1b:33:d5:d9:6a:a9:a8:46:78:09:f7:ac:75:dc:f4:
a1:3c:48:13:4a:2b:48:3e:39:d3:3d:45:96:58:89:
07:c6:60:2b:69:9c:ed:e9:ba:4b:e7:b1:b3:bc:bd:
db:47:56:05:9e:aa:b2:06:7d:7f:1c:7b:59:ad:fb:
3b:0a:31:20:53:3e:0f:4a:5e:1e:c2:8e:5c:a7:5c:
f5:0b:70:27:2b:dd:b7:4f:95:a6:eb:c2:72:c5:e7:
3d:bc:14:35:12:7c:f4:fb:dc:3a:ff:9e:da:fc:be:
24:85:3f:b2:0a:72:5c:ca:bb:33:c4:35:48:19:de:
c8:3e:72:9c:ba:1b:25:39:0d:6d:23:cd:50:9c:9d:
7e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:20:6E:48:5C:AF:F1:F8:37:41:87:38:AE:50:8D:12:BE:26:E6:A5
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/giBuSFyv8fg3QYc4rlCNEr4m5qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.96.0/21
77.72.136.0/21
Signature Algorithm: sha256WithRSAEncryption
4e:7c:b0:5e:17:a0:ea:7b:5c:1a:61:dd:56:2c:11:b0:62:ea:
14:d4:2e:ab:e8:90:60:73:6b:be:8d:58:43:22:47:5c:cc:f2:
11:63:9d:25:12:3a:4b:60:02:4a:41:73:d5:75:ca:3e:08:20:
48:3d:27:a7:2f:b0:00:a1:69:44:8f:f5:c0:41:23:64:64:db:
d1:1f:a8:27:92:6b:09:04:74:ed:33:97:f7:77:19:07:99:3d:
86:1d:d9:13:68:08:a4:2b:be:e1:6f:f5:a0:49:77:ef:04:52:
9a:ed:ff:a1:93:b4:7a:aa:11:f2:cc:65:1f:89:1e:9c:7c:7e:
fa:6a:5a:8e:65:08:91:bc:bb:f8:38:b9:58:4e:34:d6:d8:1f:
ba:ae:50:84:8a:c5:aa:6d:0b:fd:3e:f2:2a:6b:3d:44:b7:f8:
fa:44:a0:6f:58:fd:8c:d2:ea:cb:31:c0:12:10:c8:97:a5:c8:
ce:fa:72:92:6e:4d:fe:a2:87:6e:23:12:2b:cc:bf:9f:c0:ef:
97:e4:09:56:9b:c9:42:9e:ca:83:08:ca:a3:89:22:a6:56:aa:
59:13:75:13:8d:a5:1f:dd:5e:25:43:f9:bc:25:1c:fe:32:6f:
88:02:cd:6a:65:4d:2d:2e:0a:c4:29:23:a8:90:74:6e:91:2b:
1f:84:cf:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7mYbbzAJ585GPciOheX9JxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDE2MTAwOTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjIwNmU0ODVjYWZmMWY4Mzc0MTg3MzhhZTUwOGQxMmJlMjZlNmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskV5hDjaxdnmxlcrpblXKoWeLeVc
UvbnI6KsPA9IiVDaaFxFnccMvazZ10DJF/c7p+5Sumy3EAZrpECIrsngkzTkdfDi
50vhyNNtNd3VdVJGWkj+4gpLuC7LS3c2pgyJK5me0imswytrr48ykLia9+UTT7/j
imsbM9XZaqmoRngJ96x13PShPEgTSitIPjnTPUWWWIkHxmAraZzt6bpL57GzvL3b
R1YFnqqyBn1/HHtZrfs7CjEgUz4PSl4ewo5cp1z1C3AnK923T5Wm68Jyxec9vBQ1
Enz0+9w6/57a/L4khT+yCnJcyrszxDVIGd7IPnKcuhslOQ1tI81QnJ1+hQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIIgbkhcr/H4N0GHOK5QjRK+JualMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvZ2lCdVNGeXY4ZmczUVljNHJsQ05FcjRtNXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLv9gAwQD
TUiIMA0GCSqGSIb3DQEBCwUAA4IBAQBOfLBeF6Dqe1waYd1WLBGwYuoU1C6r6JBg
c2u+jVhDIkdczPIRY50lEjpLYAJKQXPVdco+CCBIPSenL7AAoWlEj/XAQSNkZNvR
H6gnkmsJBHTtM5f3dxkHmT2GHdkTaAikK77hb/WgSXfvBFKa7f+hk7R6qhHyzGUf
iR6cfH76alqOZQiRvLv4OLlYTjTW2B+6rlCEisWqbQv9PvIqaz1Et/j6RKBvWP2M
0urLMcASEMiXpcjO+nKSbk3+ooduIxIrzL+fwO+X5AlWm8lCnsqDCMqjiSKmVqpZ
E3UTjaUf3V4lQ/m8JRz+Mm+IAs1qZU0tLgrEKSOokHRukSsfhM8U
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:36:26 2024 by rpki-client on console-fra.rpki-client.org