Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/fa65e8-e597-4738-8396-825ec1075de6/1/RtpzokpuX5k5TL4oB7brjQQfit4.roa
File: RtpzokpuX5k5TL4oB7brjQQfit4.roa (raw, json)
Hash identifier: SELcwXua+at+PH5QLEomrFx7S992sMEkik6p1/cKxlQ=
Subject key identifier: 46:DA:73:A2:4A:6E:5F:99:39:4C:BE:28:07:B6:EB:8D:04:1F:8A:DE
Certificate issuer: /CN=fbd25da64b463af38b444ff37311b1566df5fcb2
Certificate serial: 018CC42490755948AEFD8A176ACD5A91745D
Authority key identifier: FB:D2:5D:A6:4B:46:3A:F3:8B:44:4F:F3:73:11:B1:56:6D:F5:FC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-9JdpktGOvOLRE_zcxGxVm31_LI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/fa65e8-e597-4738-8396-825ec1075de6/1/RtpzokpuX5k5TL4oB7brjQQfit4.roa
Signing time: Mon 01 Jan 2024 08:29:39 +0000
ROA not before: Mon 01 Jan 2024 08:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51321
IP address blocks: 185.132.123.0/24 maxlen: 24
185.132.120.0/24 maxlen: 24
185.132.120.0/22 maxlen: 24
185.132.121.0/24 maxlen: 24
185.132.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/fa65e8-e597-4738-8396-825ec1075de6/1/1-9JdpktGOvOLRE_zcxGxVm31_LI.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/fa65e8-e597-4738-8396-825ec1075de6/1/1-9JdpktGOvOLRE_zcxGxVm31_LI.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-9JdpktGOvOLRE_zcxGxVm31_LI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 22:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:90:75:59:48:ae:fd:8a:17:6a:cd:5a:91:74:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbd25da64b463af38b444ff37311b1566df5fcb2
Validity
Not Before: Jan 1 08:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46da73a24a6e5f99394cbe2807b6eb8d041f8ade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:03:9c:92:aa:48:d6:7c:b2:eb:87:d0:73:b9:
07:ab:7d:57:7a:de:96:f9:e0:47:44:15:d1:67:a8:
ae:04:78:00:d0:ee:6f:d2:50:d8:37:e6:0b:dd:6f:
c5:0d:f9:ba:f4:41:01:7d:c0:0f:91:a5:1c:ee:a5:
0b:91:ed:74:7b:26:a2:17:19:f3:11:f2:ce:c5:59:
a7:25:37:cd:c2:bb:91:58:a4:d6:18:1a:56:24:2b:
04:26:02:52:a8:2e:57:01:04:32:b6:8c:47:de:ff:
45:84:fd:4d:c2:28:70:7f:b7:7e:74:19:93:d7:af:
e6:a1:e9:67:3d:7d:1a:1e:e1:f3:4d:ae:99:24:7a:
d8:90:71:3d:3e:5d:41:b9:cb:e7:b0:68:f9:8e:3c:
61:0c:6a:dc:2c:3b:c3:f2:da:ef:ce:17:93:f6:8b:
d5:5e:e8:b9:f5:b8:7b:2a:66:00:30:02:c9:a9:8b:
f3:38:0f:60:a4:bc:14:24:8c:10:53:74:02:65:fe:
1a:cd:26:7d:28:21:a6:e4:49:18:f7:87:45:41:84:
68:2e:29:7e:99:83:d1:0e:d6:a2:e5:73:9d:fd:8f:
fa:98:25:78:e5:d5:73:a6:95:f8:28:a1:75:b6:52:
92:75:05:40:8c:76:fe:43:cf:25:45:56:64:39:8c:
b1:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:DA:73:A2:4A:6E:5F:99:39:4C:BE:28:07:B6:EB:8D:04:1F:8A:DE
X509v3 Authority Key Identifier:
keyid:FB:D2:5D:A6:4B:46:3A:F3:8B:44:4F:F3:73:11:B1:56:6D:F5:FC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-9JdpktGOvOLRE_zcxGxVm31_LI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/fa65e8-e597-4738-8396-825ec1075de6/1/RtpzokpuX5k5TL4oB7brjQQfit4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/fa65e8-e597-4738-8396-825ec1075de6/1/1-9JdpktGOvOLRE_zcxGxVm31_LI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.120.0/22
Signature Algorithm: sha256WithRSAEncryption
86:35:06:0e:7c:0b:54:5b:b9:d1:a1:9b:ac:87:f4:ed:df:91:
1e:65:59:05:31:26:71:5f:ff:3c:f8:cf:a2:9f:97:7f:a5:ee:
b5:5c:69:11:fc:e6:dc:a5:ad:c2:67:a2:db:5f:11:12:fe:82:
26:85:bd:a0:a4:4d:78:d7:9c:5d:d5:4b:5a:68:08:4a:6a:25:
31:b4:5e:c2:89:1e:5b:2b:43:35:b3:06:79:3c:84:6b:8d:0f:
06:62:84:5f:8d:0d:69:53:e8:e0:01:12:64:55:2d:88:41:5b:
81:77:b7:d7:4c:57:bc:29:45:34:b8:15:f0:06:77:8f:71:fa:
35:67:08:ea:ad:3b:51:5d:0c:ae:f2:b0:12:5f:16:b1:d9:8b:
99:73:36:a6:56:e9:98:ca:f7:f9:c6:38:c2:e6:d5:a9:75:40:
d5:cb:66:7b:d4:1a:7c:57:e2:7a:de:da:b5:83:39:a4:6f:83:
46:99:93:a0:55:6d:8c:d1:74:87:f9:ce:0d:89:56:f8:75:44:
8b:ef:15:3d:f1:c1:f4:f5:74:54:82:b9:7b:ff:ee:d9:99:31:
7a:45:5f:f6:8f:71:d6:ed:4c:b4:34:27:10:03:69:e4:62:5d:
0d:c1:05:36:d0:ef:64:95:ef:82:cd:a5:c1:64:d3:4b:af:2e:
c1:39:0e:a0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzEJJB1WUiu/YoXas1akXRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZDI1ZGE2NGI0NjNhZjM4YjQ0NGZmMzczMTFiMTU2NmRm
NWZjYjIwHhcNMjQwMTAxMDgyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmRhNzNhMjRhNmU1Zjk5Mzk0Y2JlMjgwN2I2ZWI4ZDA0MWY4YWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQOckqpI1nyy64fQc7kHq31Xet6W
+eBHRBXRZ6iuBHgA0O5v0lDYN+YL3W/FDfm69EEBfcAPkaUc7qULke10eyaiFxnz
EfLOxVmnJTfNwruRWKTWGBpWJCsEJgJSqC5XAQQytoxH3v9FhP1Nwihwf7d+dBmT
16/moelnPX0aHuHzTa6ZJHrYkHE9Pl1BucvnsGj5jjxhDGrcLDvD8trvzheT9ovV
Xui59bh7KmYAMALJqYvzOA9gpLwUJIwQU3QCZf4azSZ9KCGm5EkY94dFQYRoLil+
mYPRDtai5XOd/Y/6mCV45dVzppX4KKF1tlKSdQVAjHb+Q88lRVZkOYyxTwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFEbac6JKbl+ZOUy+KAe2640EH4reMB8GA1UdIwQY
MBaAFPvSXaZLRjrzi0RP83MRsVZt9fyyMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS05SmRwa3RHT3ZPTFJFX3pjeEd4Vm0zMV9MSS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEvZmE2NWU4LWU1OTctNDczOC04Mzk2
LTgyNWVjMTA3NWRlNi8xL1J0cHpva3B1WDVrNVRMNG9CN2JyalFRZml0NC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDEvZmE2NWU4LWU1OTctNDczOC04Mzk2LTgyNWVjMTA3NWRl
Ni8xLzEtOUpkcGt0R092T0xSRV96Y3hHeFZtMzFfTEkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK5hHgw
DQYJKoZIhvcNAQELBQADggEBAIY1Bg58C1RbudGhm6yH9O3fkR5lWQUxJnFf/zz4
z6Kfl3+l7rVcaRH85tylrcJnottfERL+giaFvaCkTXjXnF3VS1poCEpqJTG0XsKJ
HlsrQzWzBnk8hGuNDwZihF+NDWlT6OABEmRVLYhBW4F3t9dMV7wpRTS4FfAGd49x
+jVnCOqtO1FdDK7ysBJfFrHZi5lzNqZW6ZjK9/nGOMLm1al1QNXLZnvUGnxX4nre
2rWDOaRvg0aZk6BVbYzRdIf5zg2JVvh1RIvvFT3xwfT1dFSCuXv/7tmZMXpFX/aP
cdbtTLQ0JxADaeRiXQ3BBTbQ72SV74LNpcFk00uvLsE5DqA=
-----END CERTIFICATE-----
Generated at Wed May 29 07:53:08 2024 by rpki-client on console-ams.rpki-client.org