Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-6XitDyhaemrDafpk_WNzvad9h0.roa
File: 1-6XitDyhaemrDafpk_WNzvad9h0.roa (raw, json)
Hash identifier: wGx2H9VNFqzw5ByNKOZNNhaSGleLqs8yh4dp3e6O34s=
Subject key identifier: FB:A5:E2:B4:3C:A1:69:E9:AB:0D:A7:E9:93:F5:8D:CE:F6:9D:F6:1D
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA29F1E2D56D139CE11CB8F130FA271F
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-6XitDyhaemrDafpk_WNzvad9h0.roa
Signing time: Tue 02 Jan 2024 12:33:15 +0000
ROA not before: Tue 02 Jan 2024 12:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43234
IP address blocks: 146.120.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:f1:e2:d5:6d:13:9c:e1:1c:b8:f1:30:fa:27:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fba5e2b43ca169e9ab0da7e993f58dcef69df61d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:32:26:4c:43:f9:37:65:85:e8:81:b7:3e:ab:
e5:f3:7a:09:e8:4a:18:5f:98:b4:67:5a:67:74:40:
ae:11:46:a0:5f:dc:78:ac:d9:3c:73:a5:a9:82:f2:
17:6d:04:11:8e:cf:5c:4a:66:0c:37:5b:ff:f1:68:
64:e3:6b:81:3a:5e:3c:f0:ca:6a:4f:1c:24:f4:19:
3d:b8:1e:6c:ab:c3:07:4b:46:33:16:58:33:43:46:
3c:38:28:da:37:ee:6b:51:34:22:48:04:0c:58:6b:
af:0a:c8:1f:5e:37:53:76:db:09:c7:89:ff:5a:de:
ac:cb:83:3b:c0:97:28:25:4f:02:00:b4:0b:7f:34:
70:c6:ea:f7:da:30:5c:f3:46:a1:58:c6:42:f2:4f:
ea:d3:46:d3:f3:44:16:07:d2:27:b5:5f:69:ee:a8:
8e:42:70:0a:43:69:e7:09:dc:42:5f:eb:e2:14:88:
88:e1:0c:69:fe:90:3b:05:8d:20:4a:66:d7:bd:7b:
fb:ee:7b:1e:60:2d:fa:4c:01:04:d3:64:45:48:f4:
fa:7a:07:9e:df:ef:7d:75:46:4e:a3:e7:f5:d8:92:
92:37:fc:ad:cc:a1:e9:3f:05:88:17:69:0b:79:f4:
d7:8a:a9:b0:c9:df:e2:d9:1d:2e:46:28:a0:d7:d0:
7f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:A5:E2:B4:3C:A1:69:E9:AB:0D:A7:E9:93:F5:8D:CE:F6:9D:F6:1D
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-6XitDyhaemrDafpk_WNzvad9h0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.113.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:8d:17:64:8c:6a:20:7d:b8:ab:33:81:d0:d5:fd:b7:cb:6e:
8a:0d:56:b8:38:5a:83:4b:53:a2:43:09:b0:f3:3b:a4:b9:e7:
41:02:ff:55:41:d1:01:c5:71:01:57:b4:c6:4a:b1:83:c0:51:
af:f7:44:a7:02:26:4d:f0:d0:0d:87:ad:b0:12:c6:62:9a:da:
39:80:49:4b:ad:0a:78:69:fb:de:5a:3e:70:bb:27:9f:e7:01:
92:67:91:75:42:32:46:0f:5e:a4:dc:41:7c:ab:7e:44:4b:f2:
6b:83:88:bf:26:c9:6a:f3:0a:3d:8c:81:32:83:6f:c0:d2:aa:
ff:83:43:0f:0c:4f:75:4f:14:1b:e4:83:e7:d4:71:2c:94:73:
db:ee:9e:8a:7b:d0:e9:84:ee:94:f7:c4:36:e1:cf:98:fc:02:
90:ec:4e:2b:cf:e0:36:ca:d6:7e:f6:62:d3:af:93:16:3c:1c:
57:01:62:a3:b7:21:45:09:3c:c2:b9:a5:c3:20:71:81:82:7e:
6b:b6:75:c0:24:9c:3e:18:eb:98:36:24:8b:e4:a1:e9:cb:42:
7f:04:4d:41:99:d4:6b:77:5d:b9:85:7f:58:89:f5:21:86:ed:
19:0d:6d:9d:d3:8a:89:d0:de:5b:82:39:c0:5c:c4:07:6e:13:
e6:60:a0:6b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzKKfHi1W0TnOEcuPEw+icfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmE1ZTJiNDNjYTE2OWU5YWIwZGE3ZTk5M2Y1OGRjZWY2OWRmNjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjImTEP5N2WF6IG3Pqvl83oJ6EoY
X5i0Z1pndECuEUagX9x4rNk8c6WpgvIXbQQRjs9cSmYMN1v/8Whk42uBOl488Mpq
Txwk9Bk9uB5sq8MHS0YzFlgzQ0Y8OCjaN+5rUTQiSAQMWGuvCsgfXjdTdtsJx4n/
Wt6sy4M7wJcoJU8CALQLfzRwxur32jBc80ahWMZC8k/q00bT80QWB9IntV9p7qiO
QnAKQ2nnCdxCX+viFIiI4Qxp/pA7BY0gSmbXvXv77nseYC36TAEE02RFSPT6egee
3+99dUZOo+f12JKSN/ytzKHpPwWIF2kLefTXiqmwyd/i2R0uRiig19B/ewIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPul4rQ8oWnpqw2n6ZP1jc72nfYdMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMS02WGl0RHloYWVtckRhZnBrX1dOenZhZDloMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJl
ZC8xL2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJJ4cTAN
BgkqhkiG9w0BAQsFAAOCAQEApI0XZIxqIH24qzOB0NX9t8tuig1WuDhag0tTokMJ
sPM7pLnnQQL/VUHRAcVxAVe0xkqxg8BRr/dEpwImTfDQDYetsBLGYpraOYBJS60K
eGn73lo+cLsnn+cBkmeRdUIyRg9epNxBfKt+REvya4OIvybJavMKPYyBMoNvwNKq
/4NDDwxPdU8UG+SD59RxLJRz2+6einvQ6YTulPfENuHPmPwCkOxOK8/gNsrWfvZi
06+TFjwcVwFio7chRQk8wrmlwyBxgYJ+a7Z1wCScPhjrmDYki+Sh6ctCfwRNQZnU
a3dduYV/WIn1IYbtGQ1tndOKidDeW4I5wFzEB24T5mCgaw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:30:08 2024 by rpki-client on console-fra.rpki-client.org