Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/ce5ca6-f939-4fd7-b9f8-0a1ef0ec0578/1/xNgbMOLdkCNzKu8W-1YdbUytDd4.roa
File: xNgbMOLdkCNzKu8W-1YdbUytDd4.roa (raw, json)
Hash identifier: k4aFJA2UG8+DpzhU5Hrle/MKeNC6vO5+bG7Bxo8Kvgk=
Subject key identifier: C4:D8:1B:30:E2:DD:90:23:73:2A:EF:16:FB:56:1D:6D:4C:AD:0D:DE
Certificate issuer: /CN=e6688ae96323c1fcfab54b294557397b49b03bc7
Certificate serial: 018CC3B6973308AB78CF5D554727B99D9C09
Authority key identifier: E6:68:8A:E9:63:23:C1:FC:FA:B5:4B:29:45:57:39:7B:49:B0:3B:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5miK6WMjwfz6tUspRVc5e0mwO8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/ce5ca6-f939-4fd7-b9f8-0a1ef0ec0578/1/xNgbMOLdkCNzKu8W-1YdbUytDd4.roa
Signing time: Mon 01 Jan 2024 06:29:32 +0000
ROA not before: Mon 01 Jan 2024 06:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57468
IP address blocks: 185.146.40.0/24 maxlen: 24
185.146.43.0/24 maxlen: 24
185.146.40.0/22 maxlen: 22
2a07:4d40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/ce5ca6-f939-4fd7-b9f8-0a1ef0ec0578/1/5miK6WMjwfz6tUspRVc5e0mwO8c.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/ce5ca6-f939-4fd7-b9f8-0a1ef0ec0578/1/5miK6WMjwfz6tUspRVc5e0mwO8c.mft
rsync://rpki.ripe.net/repository/DEFAULT/5miK6WMjwfz6tUspRVc5e0mwO8c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:97:33:08:ab:78:cf:5d:55:47:27:b9:9d:9c:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6688ae96323c1fcfab54b294557397b49b03bc7
Validity
Not Before: Jan 1 06:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4d81b30e2dd9023732aef16fb561d6d4cad0dde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2b:fc:a8:0c:5c:0f:74:7c:fc:fd:b4:15:28:
bb:e8:d6:08:fa:22:97:9a:74:7f:ac:80:a5:b6:9c:
67:fa:12:97:bc:50:17:4f:07:12:33:bc:69:3c:ed:
b3:64:10:95:5c:92:f4:c6:b8:62:f9:d9:d3:e1:27:
c8:a0:73:08:8a:12:b9:c4:15:4b:e3:06:f1:15:31:
34:36:13:28:d7:9e:8f:91:51:08:b4:5f:65:02:c2:
1d:91:52:ff:cf:98:62:0b:2a:dd:f2:96:03:11:97:
3b:29:ff:fc:aa:83:9f:c7:d8:54:af:58:43:24:65:
24:35:ed:5f:8d:e3:4d:ca:7b:49:09:5f:b6:ab:3b:
29:1b:1e:9b:e6:eb:90:b0:45:26:78:da:3e:c7:2f:
e2:e6:fd:68:41:5f:01:32:02:f7:cc:ba:2f:af:f4:
91:d5:e7:45:a0:6b:1f:d2:6b:d5:85:4d:be:86:a7:
e3:17:45:e2:92:b8:59:36:4e:f0:4f:3a:66:a2:21:
28:5e:6b:f2:b4:4e:54:37:ea:33:b8:30:b2:06:0f:
62:b3:8f:19:80:b2:0b:73:68:ae:bc:03:fa:71:92:
9d:60:74:ad:21:3a:a7:2b:eb:ea:c5:1f:ac:0c:b1:
e7:35:61:0a:d3:45:94:e8:f1:53:5b:d3:76:86:f6:
71:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:D8:1B:30:E2:DD:90:23:73:2A:EF:16:FB:56:1D:6D:4C:AD:0D:DE
X509v3 Authority Key Identifier:
keyid:E6:68:8A:E9:63:23:C1:FC:FA:B5:4B:29:45:57:39:7B:49:B0:3B:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5miK6WMjwfz6tUspRVc5e0mwO8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ce5ca6-f939-4fd7-b9f8-0a1ef0ec0578/1/xNgbMOLdkCNzKu8W-1YdbUytDd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ce5ca6-f939-4fd7-b9f8-0a1ef0ec0578/1/5miK6WMjwfz6tUspRVc5e0mwO8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.40.0/22
IPv6:
2a07:4d40::/29
Signature Algorithm: sha256WithRSAEncryption
a1:98:e7:01:65:74:5d:82:22:fe:d3:5c:e1:d4:a6:01:e9:fd:
a0:57:a7:da:9f:b4:9f:e2:c1:e3:9d:69:ad:99:3b:e4:ab:37:
44:d8:ef:e5:74:86:75:0a:c3:96:23:4b:65:ef:9a:66:12:f2:
c4:53:7d:8c:43:d0:5b:be:2e:1a:a1:54:72:ad:7b:53:50:97:
5a:c2:d1:b3:6c:63:0b:02:2e:e9:2e:c8:ac:d9:dc:32:8e:b1:
fe:bd:cf:87:1e:b5:81:41:b4:c7:14:21:dc:a8:61:e3:f8:67:
7f:11:de:fa:c0:b3:b6:71:22:ec:50:6a:b8:2a:fd:ed:05:76:
a6:a9:82:98:f1:66:0f:f8:5e:51:b9:20:5f:9a:05:9d:7f:eb:
95:15:10:5c:30:14:d4:3a:b0:2b:24:b4:be:96:3c:a9:fc:f0:
80:ea:de:ee:c3:8d:46:ed:2b:b7:11:5c:64:9e:ed:db:0b:34:
ac:a0:da:7f:e0:61:51:2a:f0:2d:26:1d:88:bc:3c:ef:03:4c:
7e:f7:65:38:fa:b7:59:9c:92:9f:1f:5d:dd:44:b9:48:e5:ea:
56:c8:71:74:7c:58:1b:19:bb:8b:82:00:05:58:25:cd:e6:c6:
59:68:11:26:fd:57:15:c7:4b:ff:58:d7:65:0d:92:8f:e9:91:
89:55:f8:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtpczCKt4z11VRye5nZwJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2Njg4YWU5NjMyM2MxZmNmYWI1NGIyOTQ1NTczOTdiNDli
MDNiYzcwHhcNMjQwMTAxMDYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGQ4MWIzMGUyZGQ5MDIzNzMyYWVmMTZmYjU2MWQ2ZDRjYWQwZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSv8qAxcD3R8/P20FSi76NYI+iKX
mnR/rICltpxn+hKXvFAXTwcSM7xpPO2zZBCVXJL0xrhi+dnT4SfIoHMIihK5xBVL
4wbxFTE0NhMo156PkVEItF9lAsIdkVL/z5hiCyrd8pYDEZc7Kf/8qoOfx9hUr1hD
JGUkNe1fjeNNyntJCV+2qzspGx6b5uuQsEUmeNo+xy/i5v1oQV8BMgL3zLovr/SR
1edFoGsf0mvVhU2+hqfjF0XikrhZNk7wTzpmoiEoXmvytE5UN+ozuDCyBg9is48Z
gLILc2iuvAP6cZKdYHStITqnK+vqxR+sDLHnNWEK00WU6PFTW9N2hvZxiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMTYGzDi3ZAjcyrvFvtWHW1MrQ3eMB8GA1UdIwQY
MBaAFOZoiuljI8H8+rVLKUVXOXtJsDvHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNW1pSzZXTWp3Zno2dFVzcFJWYzVlMG13TzhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jZTVjYTYtZjkzOS00ZmQ3LWI5Zjgt
MGExZWYwZWMwNTc4LzEveE5nYk1PTGRrQ056S3U4Vy0xWWRiVXl0RGQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9jZTVjYTYtZjkzOS00ZmQ3LWI5ZjgtMGExZWYwZWMwNTc4
LzEvNW1pSzZXTWp3Zno2dFVzcFJWYzVlMG13TzhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZIoMA0E
AgACMAcDBQMqB01AMA0GCSqGSIb3DQEBCwUAA4IBAQChmOcBZXRdgiL+01zh1KYB
6f2gV6fan7Sf4sHjnWmtmTvkqzdE2O/ldIZ1CsOWI0tl75pmEvLEU32MQ9Bbvi4a
oVRyrXtTUJdawtGzbGMLAi7pLsis2dwyjrH+vc+HHrWBQbTHFCHcqGHj+Gd/Ed76
wLO2cSLsUGq4Kv3tBXamqYKY8WYP+F5RuSBfmgWdf+uVFRBcMBTUOrArJLS+ljyp
/PCA6t7uw41G7Su3EVxknu3bCzSsoNp/4GFRKvAtJh2IvDzvA0x+92U4+rdZnJKf
H13dRLlI5epWyHF0fFgbGbuLggAFWCXN5sZZaBEm/VcVx0v/WNdlDZKP6ZGJVfhz
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:37:15 2024 by rpki-client on console-ams.rpki-client.org