Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/Tm3hMnXYE-iRqZu03LQOpvjWVfA.roa
File: Tm3hMnXYE-iRqZu03LQOpvjWVfA.roa (raw, json)
Hash identifier: xt3aF/sSc5+aDRdB7ltBpFDgL9A/iXiLarWSLJiEDQM=
Subject key identifier: 4E:6D:E1:32:75:D8:13:E8:91:A9:9B:B4:DC:B4:0E:A6:F8:D6:55:F0
Certificate issuer: /CN=1a0489dc9c0a74c2ed53e1d9e1fbfdd8c8773b94
Certificate serial: 018CC8DCF4A1B564A0EFE1A1BED72DCC4196
Authority key identifier: 1A:04:89:DC:9C:0A:74:C2:ED:53:E1:D9:E1:FB:FD:D8:C8:77:3B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/Tm3hMnXYE-iRqZu03LQOpvjWVfA.roa
Signing time: Tue 02 Jan 2024 06:29:32 +0000
ROA not before: Tue 02 Jan 2024 06:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 185.146.175.0/24 maxlen: 24
185.146.174.0/24 maxlen: 24
185.146.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:f4:a1:b5:64:a0:ef:e1:a1:be:d7:2d:cc:41:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a0489dc9c0a74c2ed53e1d9e1fbfdd8c8773b94
Validity
Not Before: Jan 2 06:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e6de13275d813e891a99bb4dcb40ea6f8d655f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f4:31:fa:5d:33:6d:7e:96:5c:8e:bc:92:d0:
d8:e1:1c:ab:2e:76:e3:0c:c9:9d:8d:1a:05:81:aa:
38:eb:77:21:46:7f:1e:ca:1b:6c:d5:4b:8c:ec:8d:
0f:36:72:b8:e6:95:59:74:fa:d9:1e:64:72:bb:2b:
64:bb:4a:d8:e5:6d:ee:6e:22:b5:18:17:93:7b:45:
0e:3c:6c:c4:97:0e:42:7b:92:b5:43:f7:27:9c:aa:
72:24:b8:5f:7c:ea:7c:ce:81:9e:1f:7a:c8:40:c7:
3c:2e:dc:f2:16:b6:03:d8:9f:ba:3b:19:19:6a:ee:
4e:e2:75:c7:5b:9b:9a:51:cf:7a:12:f5:02:2f:29:
0a:af:ac:eb:20:95:dd:32:52:dc:4b:1d:c9:42:4b:
ee:dc:03:4d:18:0d:1a:27:30:34:e8:6c:c4:f6:d6:
e2:96:a1:35:9b:d7:84:51:3b:69:d0:67:c7:96:54:
33:5d:e3:02:52:65:1b:f3:39:bf:54:83:64:6b:8a:
a3:cd:94:45:17:26:6d:ff:28:9b:5f:4a:46:01:df:
a2:fd:50:75:c9:62:4f:1b:89:c6:cb:eb:8b:81:07:
c8:eb:03:30:14:ed:3f:ac:94:33:d5:78:b6:6c:16:
89:91:e4:0b:a7:78:6e:cf:4a:17:f2:0d:cd:90:ab:
fe:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:6D:E1:32:75:D8:13:E8:91:A9:9B:B4:DC:B4:0E:A6:F8:D6:55:F0
X509v3 Authority Key Identifier:
keyid:1A:04:89:DC:9C:0A:74:C2:ED:53:E1:D9:E1:FB:FD:D8:C8:77:3B:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/Tm3hMnXYE-iRqZu03LQOpvjWVfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.173.0-185.146.175.255
Signature Algorithm: sha256WithRSAEncryption
39:ee:17:c9:63:f6:28:46:40:91:76:17:31:22:6a:5c:dd:85:
dd:8d:5d:84:40:6a:24:33:5b:bb:a6:df:53:d5:b1:ba:88:45:
f8:54:70:20:39:36:06:a5:ba:a2:54:ad:0f:73:a1:49:ad:9f:
83:85:78:60:37:13:9b:11:4c:06:ee:43:bf:fe:82:80:29:fd:
3a:91:54:68:8d:3e:74:41:e0:e3:e7:79:01:af:eb:5d:59:83:
a0:19:d0:df:bb:1e:11:66:be:c9:3a:06:77:e7:8c:21:e8:47:
34:d3:c5:d5:0c:8a:a5:e3:8a:73:a8:f0:9e:4c:6b:23:81:53:
6c:9a:99:1a:be:48:34:fa:4e:b6:f6:74:4a:62:7d:97:a2:f1:
4c:51:da:c7:5a:52:06:a8:d1:7a:26:76:44:75:3c:00:ae:58:
5b:6f:94:2a:55:d1:c1:d5:e4:84:f4:bd:5b:d9:f8:dc:c9:4b:
28:1a:44:ea:1f:28:af:96:ab:50:cb:ef:36:1c:91:42:8a:19:
0a:e6:fb:19:d5:35:6b:24:3f:f9:88:42:5e:4a:f9:08:bd:74:
73:ce:46:74:b4:73:7e:e1:a3:96:fd:16:c9:69:29:a6:08:96:
0f:a3:ef:71:26:b0:77:a5:31:1d:eb:5d:97:ad:0e:64:bb:f6:
7d:00:b2:8c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzI3PShtWSg7+GhvtctzEGWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMDQ4OWRjOWMwYTc0YzJlZDUzZTFkOWUxZmJmZGQ4Yzg3
NzNiOTQwHhcNMjQwMTAyMDYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTZkZTEzMjc1ZDgxM2U4OTFhOTliYjRkY2I0MGVhNmY4ZDY1NWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfQx+l0zbX6WXI68ktDY4RyrLnbj
DMmdjRoFgao463chRn8eyhts1UuM7I0PNnK45pVZdPrZHmRyuytku0rY5W3ubiK1
GBeTe0UOPGzElw5Ce5K1Q/cnnKpyJLhffOp8zoGeH3rIQMc8LtzyFrYD2J+6OxkZ
au5O4nXHW5uaUc96EvUCLykKr6zrIJXdMlLcSx3JQkvu3ANNGA0aJzA06GzE9tbi
lqE1m9eEUTtp0GfHllQzXeMCUmUb8zm/VINka4qjzZRFFyZt/yibX0pGAd+i/VB1
yWJPG4nGy+uLgQfI6wMwFO0/rJQz1Xi2bBaJkeQLp3huz0oX8g3NkKv+NwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFE5t4TJ12BPokambtNy0Dqb41lXwMB8GA1UdIwQY
MBaAFBoEidycCnTC7VPh2eH7/djIdzuUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2dTSjNKd0tkTUx0VS1IWjRmdjkyTWgzTzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8xMWM1MmMtNDFhYS00ZTk1LWFkNjct
YTAyMWE2M2RkZmMzLzEvVG0zaE1uWFlFLWlScVp1MDNMUU9wdmpXVmZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8xMWM1MmMtNDFhYS00ZTk1LWFkNjctYTAyMWE2M2RkZmMz
LzEvR2dTSjNKd0tkTUx0VS1IWjRmdjkyTWgzTzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5kq0D
BAS5kqAwDQYJKoZIhvcNAQELBQADggEBADnuF8lj9ihGQJF2FzEialzdhd2NXYRA
aiQzW7um31PVsbqIRfhUcCA5NgaluqJUrQ9zoUmtn4OFeGA3E5sRTAbuQ7/+goAp
/TqRVGiNPnRB4OPneQGv611Zg6AZ0N+7HhFmvsk6BnfnjCHoRzTTxdUMiqXjinOo
8J5MayOBU2yamRq+SDT6Trb2dEpifZei8UxR2sdaUgao0XomdkR1PACuWFtvlCpV
0cHV5IT0vVvZ+NzJSygaROofKK+Wq1DL7zYckUKKGQrm+xnVNWskP/mIQl5K+Qi9
dHPORnS0c37ho5b9FslpKaYIlg+j73EmsHelMR3rXZetDmS79n0Asow=
-----END CERTIFICATE-----
Generated at Sun May 5 19:41:37 2024 by rpki-client on console-ams.rpki-client.org