Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-Zr1ySPX79fI-6hlnefwypz2bmA.roa
File: 1-Zr1ySPX79fI-6hlnefwypz2bmA.roa (raw, json)
Hash identifier: hxFYpdFgkNWFORaWPYDAermBiFeyWuWVQ/z/BCWatxc=
Subject key identifier: F9:9A:F5:C9:23:D7:EF:D7:C8:FB:A8:65:9D:E7:F0:CA:9C:F6:6E:60
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018F0F958839EEB8CD3DE74CEDDCF4DAC62C
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-Zr1ySPX79fI-6hlnefwypz2bmA.roa
Signing time: Wed 24 Apr 2024 10:10:08 +0000
ROA not before: Wed 24 Apr 2024 10:10:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44321
IP address blocks: 146.120.12.0/24 maxlen: 24
146.120.40.0/21 maxlen: 24
146.120.56.0/21 maxlen: 24
146.120.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0f:95:88:39:ee:b8:cd:3d:e7:4c:ed:dc:f4:da:c6:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Apr 24 10:10:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f99af5c923d7efd7c8fba8659de7f0ca9cf66e60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0e:57:f7:de:0d:6e:c6:33:8e:1b:31:66:04:
bf:63:5d:82:0a:78:f0:e7:2b:ae:67:04:99:79:35:
86:85:12:20:7b:ec:45:71:11:5a:b7:e8:32:cb:ff:
4a:e4:c1:4e:d2:17:19:ee:f0:29:69:c4:60:1a:69:
09:82:ca:15:01:bd:03:f2:55:8a:56:4d:bd:4e:6c:
a1:c3:36:32:fe:ad:09:a0:c2:47:27:7f:a7:68:01:
6a:e0:10:5d:aa:63:d4:f9:02:32:82:2c:fd:e4:8e:
38:7a:f7:ab:df:30:5b:44:12:f1:d3:22:e4:dd:ba:
ad:a1:6b:da:99:fd:09:f2:e2:7e:70:3f:1b:82:29:
19:9d:71:d4:f7:ab:25:68:94:3c:c3:96:79:22:2b:
a1:c3:a8:ed:c8:e3:17:69:63:ce:d9:ef:7c:35:da:
31:c2:dd:b8:48:3a:19:b7:d1:ab:bb:e8:1c:13:32:
5c:88:1e:3b:58:f4:e3:0d:ea:f2:1f:a6:9a:2e:38:
22:2b:4e:56:6c:d6:44:05:d5:fd:af:3f:9b:8d:26:
d3:00:65:a1:ef:76:07:a5:26:e9:71:7b:5d:67:91:
11:d7:5f:0b:b7:c8:7a:d3:5c:95:83:44:5a:e7:03:
9e:5c:48:af:e9:dc:54:91:20:8e:05:ae:81:62:9c:
49:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:9A:F5:C9:23:D7:EF:D7:C8:FB:A8:65:9D:E7:F0:CA:9C:F6:6E:60
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-Zr1ySPX79fI-6hlnefwypz2bmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.12.0/24
146.120.40.0/21
146.120.56.0/21
146.120.97.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:d1:d6:18:b0:85:59:24:03:91:3f:76:6e:f9:b7:d6:65:0c:
ee:00:01:f9:99:46:0d:06:95:4a:66:5b:28:dd:5f:ca:94:a2:
f3:fc:6d:a4:6b:92:87:0e:8d:3d:d1:46:57:8b:11:59:67:6a:
8b:35:69:9c:dd:3d:7a:64:44:85:00:36:8d:36:79:a3:d9:49:
51:16:ca:ee:a6:50:fe:32:e3:13:b5:a4:91:ed:60:69:99:ce:
89:8a:6f:3f:16:46:70:96:f7:66:8b:c6:a6:82:43:ef:c8:fd:
b8:c7:b1:9a:f0:ef:60:bd:cc:68:1a:06:fe:a6:d1:4b:2e:6b:
3a:25:86:6f:fd:4e:4e:6a:3f:ca:d2:48:aa:a3:44:c2:60:3d:
be:c0:3f:1d:f2:10:86:37:96:90:73:37:9e:1d:65:a2:d3:b2:
76:cd:3b:9f:9a:6c:ff:e0:55:a4:9c:a7:76:b9:b6:e1:11:94:
60:93:c7:31:4a:05:af:46:b2:9e:e9:e8:e8:2c:0f:c8:49:db:
d0:74:20:85:86:34:cd:9c:68:a6:e5:a5:d1:bc:ee:a4:c4:a8:
c3:13:73:d0:96:c2:cc:12:28:f4:13:7b:6f:7c:cf:d1:54:c2:
41:36:f3:10:04:36:7f:f0:ba:b3:35:e9:cf:42:7f:51:84:17:
2c:21:d6:d8
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAY8PlYg57rjNPedM7dz02sYsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwNDI0MTAxMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTlhZjVjOTIzZDdlZmQ3YzhmYmE4NjU5ZGU3ZjBjYTljZjY2ZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1g5X994NbsYzjhsxZgS/Y12CCnjw
5yuuZwSZeTWGhRIge+xFcRFat+gyy/9K5MFO0hcZ7vApacRgGmkJgsoVAb0D8lWK
Vk29TmyhwzYy/q0JoMJHJ3+naAFq4BBdqmPU+QIygiz95I44ever3zBbRBLx0yLk
3bqtoWvamf0J8uJ+cD8bgikZnXHU96slaJQ8w5Z5Iiuhw6jtyOMXaWPO2e98Ndox
wt24SDoZt9Gru+gcEzJciB47WPTjDeryH6aaLjgiK05WbNZEBdX9rz+bjSbTAGWh
73YHpSbpcXtdZ5ER118Lt8h601yVg0Ra5wOeXEiv6dxUkSCOBa6BYpxJzwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPma9ckj1+/XyPuoZZ3n8Mqc9m5gMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMS1acjF5U1BYNzlmSS02aGxuZWZ3eXB6MmJtQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJl
ZC8xL2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAJJ4DAME
A5J4KAMEA5J4OAMEAJJ4YTANBgkqhkiG9w0BAQsFAAOCAQEAbdHWGLCFWSQDkT92
bvm31mUM7gAB+ZlGDQaVSmZbKN1fypSi8/xtpGuShw6NPdFGV4sRWWdqizVpnN09
emREhQA2jTZ5o9lJURbK7qZQ/jLjE7Wkke1gaZnOiYpvPxZGcJb3ZovGpoJD78j9
uMexmvDvYL3MaBoG/qbRSy5rOiWGb/1OTmo/ytJIqqNEwmA9vsA/HfIQhjeWkHM3
nh1lotOyds07n5ps/+BVpJyndrm24RGUYJPHMUoFr0aynuno6CwPyEnb0HQghYY0
zZxopuWl0bzupMSowxNz0JbCzBIo9BN7b3zP0VTCQTbzEAQ2f/C6szXpz0J/UYQX
LCHW2A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:25:41 2024 by rpki-client on console-ams.rpki-client.org