Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/o_H60kmtA4ROmJOS6doFcq__dl0.roa
File: o_H60kmtA4ROmJOS6doFcq__dl0.roa (raw, json)
Hash identifier: iKFMqWbghxvDd7WJNVZtpkzIjO+D/2XmN+l5p8xMY/w=
Subject key identifier: A3:F1:FA:D2:49:AD:03:84:4E:98:93:92:E9:DA:05:72:AF:FF:76:5D
Certificate issuer: /CN=8536146119b044539082e326cca903200b8d4b1a
Certificate serial: 019330466421087950CD16D53591A23C6522
Authority key identifier: 85:36:14:61:19:B0:44:53:90:82:E3:26:CC:A9:03:20:0B:8D:4B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/o_H60kmtA4ROmJOS6doFcq__dl0.roa
Signing time: Fri 15 Nov 2024 14:42:19 +0000
ROA not before: Fri 15 Nov 2024 14:42:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212552
IP address blocks: 146.19.130.0/24 maxlen: 24
185.110.191.0/24 maxlen: 24
185.221.237.0/24 maxlen: 24
185.231.59.0/24 maxlen: 24
193.163.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/hTYUYRmwRFOQguMmzKkDIAuNSxo.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/hTYUYRmwRFOQguMmzKkDIAuNSxo.mft
rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:30:46:64:21:08:79:50:cd:16:d5:35:91:a2:3c:65:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8536146119b044539082e326cca903200b8d4b1a
Validity
Not Before: Nov 15 14:42:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3f1fad249ad03844e989392e9da0572afff765d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:3d:c3:3b:54:bd:81:5a:6e:e3:a6:5e:19:a6:
49:50:91:c2:93:05:70:7b:dd:04:f7:1b:00:42:f9:
3d:d4:a8:66:f3:16:35:a0:35:34:d5:ce:04:72:d6:
6c:24:83:82:b8:75:f6:27:f1:4f:53:32:8b:ba:bd:
0e:fe:ee:6a:74:38:c1:b2:43:06:0b:3e:16:77:61:
69:fe:7b:3b:f4:e9:32:39:68:62:f1:19:47:c4:b4:
d4:de:8b:5c:53:1b:ab:c6:f4:01:fa:0f:10:87:78:
f1:8c:f1:f2:9a:27:dd:7b:b8:4c:a4:38:f9:60:60:
63:c9:44:1c:6b:11:23:4a:d5:c0:d3:41:9f:82:eb:
40:61:a2:1f:54:32:36:64:26:3e:c8:98:9e:f9:4b:
11:3a:bf:af:93:a0:a7:55:85:e2:80:e1:45:54:77:
99:e3:f3:92:9a:ff:27:50:74:7d:a4:d4:e3:49:46:
07:52:15:48:61:11:47:38:cb:d3:f8:4c:0c:91:21:
52:7d:70:b3:4c:7f:fb:35:44:0f:3e:22:37:41:53:
4c:d0:5f:2f:16:90:3d:0c:4b:36:d8:93:2b:a9:7d:
21:c3:b8:0f:5a:2d:2b:48:71:f3:b8:5c:ed:e5:8b:
ca:70:01:f9:44:6a:d9:c3:38:0a:38:87:c7:02:5f:
81:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F1:FA:D2:49:AD:03:84:4E:98:93:92:E9:DA:05:72:AF:FF:76:5D
X509v3 Authority Key Identifier:
keyid:85:36:14:61:19:B0:44:53:90:82:E3:26:CC:A9:03:20:0B:8D:4B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/o_H60kmtA4ROmJOS6doFcq__dl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/hTYUYRmwRFOQguMmzKkDIAuNSxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.130.0/24
185.110.191.0/24
185.221.237.0/24
185.231.59.0/24
193.163.201.0/24
Signature Algorithm: sha256WithRSAEncryption
69:e3:5d:8e:0b:b4:d2:60:e5:76:9d:9b:0d:fa:ff:12:d1:a6:
93:88:55:46:92:38:26:2d:80:b1:f1:b3:1e:16:a0:62:f2:ab:
89:6f:ee:7f:9a:b2:ae:0c:a3:f0:38:2e:7e:10:d0:1a:db:10:
3e:2a:9c:5e:4c:1f:be:cd:c8:ad:ac:fc:ee:c9:90:d2:e6:ec:
10:2a:0d:d3:a4:3e:f8:d4:b3:f9:ce:d6:8e:ec:32:f0:c7:e8:
7d:ff:7a:fb:67:0b:d9:b1:7b:f2:2f:bd:71:7b:b5:84:49:5c:
fb:94:d3:2d:92:ca:10:00:35:2c:d3:7e:8e:e4:44:49:9a:96:
2f:c7:ba:ef:41:84:fe:37:7e:95:3d:d0:d3:9e:91:61:33:11:
2a:e8:df:c0:f5:0c:68:5e:ba:5a:f7:3f:b1:39:4f:97:6c:6f:
78:56:06:d8:48:48:e8:a2:4e:b8:1e:0e:14:3f:c6:ff:c3:0c:
de:f4:e9:b7:01:5b:8b:b7:4f:17:87:ec:ca:7b:8d:11:a7:02:
a5:63:04:41:23:4b:29:6b:1b:3b:00:73:dc:60:c6:8c:83:6a:
a0:4b:3e:f4:2b:76:48:25:17:40:18:0a:3b:44:2d:4b:13:ef:
7d:cf:01:62:8c:42:c1:27:5b:12:b9:3a:15:b9:5c:78:d3:08:
cc:ec:3d:d9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZMwRmQhCHlQzRbVNZGiPGUiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzYxNDYxMTliMDQ0NTM5MDgyZTMyNmNjYTkwMzIwMGI4
ZDRiMWEwHhcNMjQxMTE1MTQ0MjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2YxZmFkMjQ5YWQwMzg0NGU5ODkzOTJlOWRhMDU3MmFmZmY3NjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3T3DO1S9gVpu46ZeGaZJUJHCkwVw
e90E9xsAQvk91Khm8xY1oDU01c4EctZsJIOCuHX2J/FPUzKLur0O/u5qdDjBskMG
Cz4Wd2Fp/ns79OkyOWhi8RlHxLTU3otcUxurxvQB+g8Qh3jxjPHymifde7hMpDj5
YGBjyUQcaxEjStXA00GfgutAYaIfVDI2ZCY+yJie+UsROr+vk6CnVYXigOFFVHeZ
4/OSmv8nUHR9pNTjSUYHUhVIYRFHOMvT+EwMkSFSfXCzTH/7NUQPPiI3QVNM0F8v
FpA9DEs22JMrqX0hw7gPWi0rSHHzuFzt5YvKcAH5RGrZwzgKOIfHAl+BkwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKPx+tJJrQOETpiTkunaBXKv/3ZdMB8GA1UdIwQY
MBaAFIU2FGEZsERTkILjJsypAyALjUsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRZVVlSbXdSRk9RZ3VNbXpLa0RJQXVOU3hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDVmOTMtYWM1YS00MWUzLTgwYzMt
MGM2NzIxN2NjOTZiLzEvb19INjBrbXRBNFJPbUpPUzZkb0ZjcV9fZGwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDVmOTMtYWM1YS00MWUzLTgwYzMtMGM2NzIxN2NjOTZi
LzEvaFRZVVlSbXdSRk9RZ3VNbXpLa0RJQXVOU3hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAkhOCAwQA
uW6/AwQAud3tAwQAuec7AwQAwaPJMA0GCSqGSIb3DQEBCwUAA4IBAQBp412OC7TS
YOV2nZsN+v8S0aaTiFVGkjgmLYCx8bMeFqBi8quJb+5/mrKuDKPwOC5+ENAa2xA+
KpxeTB++zcitrPzuyZDS5uwQKg3TpD741LP5ztaO7DLwx+h9/3r7ZwvZsXvyL71x
e7WESVz7lNMtksoQADUs036O5ERJmpYvx7rvQYT+N36VPdDTnpFhMxEq6N/A9Qxo
Xrpa9z+xOU+XbG94VgbYSEjook64Hg4UP8b/wwze9Om3AVuLt08Xh+zKe40RpwKl
YwRBI0spaxs7AHPcYMaMg2qgSz70K3ZIJRdAGAo7RC1LE+99zwFijELBJ1sSuToV
uVx40wjM7D3Z
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:31:41 2024 by rpki-client on console-fra.rpki-client.org