Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-ti5zc_v1JpVFe4OAn3tzjLrU3Y.roa
File: 1-ti5zc_v1JpVFe4OAn3tzjLrU3Y.roa (raw, json)
Hash identifier: w34liKDb80uk42wdrUBeJQgSa968j4b+FmIoCjMyyaM=
Subject key identifier: FA:D8:B9:CD:CF:EF:D4:9A:55:15:EE:0E:02:7D:ED:CE:32:EB:53:76
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA29F5C0F5E5DD85E6CB6137C0200DA7
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-ti5zc_v1JpVFe4OAn3tzjLrU3Y.roa
Signing time: Tue 02 Jan 2024 12:33:16 +0000
ROA not before: Tue 02 Jan 2024 12:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44340
IP address blocks: 146.120.174.0/24 maxlen: 24
146.120.174.0/23 maxlen: 24
146.120.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:12:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:f5:c0:f5:e5:dd:85:e6:cb:61:37:c0:20:0d:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fad8b9cdcfefd49a5515ee0e027dedce32eb5376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:88:e3:45:69:b0:01:82:bb:45:07:3f:0d:4d:
4b:c4:bd:b3:27:43:97:40:16:cc:b0:b0:87:21:dc:
15:25:8b:66:cd:83:6a:21:65:77:5f:71:e1:4a:58:
51:2a:3d:1b:34:50:6b:08:aa:54:60:4f:44:a1:36:
de:65:a3:2c:9d:09:19:14:22:ff:d0:42:d5:88:a0:
89:4d:06:94:9e:09:16:ba:4c:71:53:ce:1b:35:c2:
e9:ff:e4:04:be:8c:52:e1:f4:f3:f2:b0:52:b3:df:
eb:c4:d0:93:7f:9c:59:2e:e6:86:37:2c:c1:fe:d6:
40:59:ed:4c:69:f8:b5:b9:d3:08:79:59:b9:7f:08:
9b:86:77:cc:6c:7a:f6:b8:e6:0b:30:1a:92:1f:3b:
20:8a:6f:8f:bf:ff:f4:90:2b:62:71:0e:6c:5d:42:
67:3c:6c:52:db:84:2c:d6:a0:d9:6d:15:f0:58:c3:
b1:86:c3:af:30:9e:92:f3:1b:63:81:5a:c9:c9:7c:
94:d4:f5:0a:c1:89:92:ab:19:dc:bf:6d:f4:55:3a:
cb:dd:ba:82:7b:a9:61:4f:1d:b2:c0:d0:9d:6c:80:
92:66:89:18:13:f1:ac:54:b9:9c:62:9c:0e:88:b4:
d7:06:dd:56:17:81:f6:8b:3e:df:b3:8f:60:a6:b1:
4a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D8:B9:CD:CF:EF:D4:9A:55:15:EE:0E:02:7D:ED:CE:32:EB:53:76
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-ti5zc_v1JpVFe4OAn3tzjLrU3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.174.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:3e:08:b1:66:29:da:94:4a:0e:b6:fa:c0:25:ce:4f:1b:aa:
47:18:54:13:e2:86:7d:58:49:f1:1f:27:df:45:63:13:f7:d3:
ac:34:55:8e:3d:9b:eb:b5:c0:69:64:d5:b2:76:ae:4c:55:17:
2b:13:6a:0c:7e:57:c5:77:24:24:4c:fb:ab:f4:f8:1d:10:05:
1f:02:68:b1:4d:fc:7c:32:61:35:96:9c:62:52:c7:5d:31:55:
b7:a9:b7:e9:a7:5f:08:60:c1:f5:fe:de:eb:6e:bd:8f:45:d1:
d9:3e:29:2a:df:73:5c:fd:11:47:c0:d2:66:65:9a:8f:db:d6:
a4:ea:ea:10:09:9b:e9:ee:34:e2:4a:f2:af:df:c2:1d:b9:cd:
ed:68:e8:61:f6:d4:7f:72:97:20:6b:5f:0d:d5:d5:fc:26:a2:
79:a9:f6:8b:34:b0:f7:13:38:6f:cc:41:2e:b8:3b:6c:b2:80:
37:39:fd:c6:3a:a7:48:ab:ce:b9:5f:e5:b8:3d:10:f3:14:bd:
8b:bf:09:01:51:46:e8:41:a3:06:ac:11:c3:f5:a6:2b:1d:d1:
59:73:55:42:4a:38:d2:f3:d1:0d:58:27:9e:a5:cf:7c:d4:1f:
92:f5:df:a6:39:e0:8c:8b:14:48:c1:93:af:8e:a2:4d:4a:01:
39:54:cf:5b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzKKfXA9eXdhebLYTfAIA2nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQ4YjljZGNmZWZkNDlhNTUxNWVlMGUwMjdkZWRjZTMyZWI1Mzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApojjRWmwAYK7RQc/DU1LxL2zJ0OX
QBbMsLCHIdwVJYtmzYNqIWV3X3HhSlhRKj0bNFBrCKpUYE9EoTbeZaMsnQkZFCL/
0ELViKCJTQaUngkWukxxU84bNcLp/+QEvoxS4fTz8rBSs9/rxNCTf5xZLuaGNyzB
/tZAWe1Mafi1udMIeVm5fwibhnfMbHr2uOYLMBqSHzsgim+Pv//0kCticQ5sXUJn
PGxS24Qs1qDZbRXwWMOxhsOvMJ6S8xtjgVrJyXyU1PUKwYmSqxncv230VTrL3bqC
e6lhTx2ywNCdbICSZokYE/GsVLmcYpwOiLTXBt1WF4H2iz7fs49gprFKDQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPrYuc3P79SaVRXuDgJ97c4y61N2MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMS10aTV6Y192MUpwVkZlNE9BbjN0empMclUzWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJl
ZC8xL2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZJ4rjAN
BgkqhkiG9w0BAQsFAAOCAQEAsT4IsWYp2pRKDrb6wCXOTxuqRxhUE+KGfVhJ8R8n
30VjE/fTrDRVjj2b67XAaWTVsnauTFUXKxNqDH5XxXckJEz7q/T4HRAFHwJosU38
fDJhNZacYlLHXTFVt6m36adfCGDB9f7e6269j0XR2T4pKt9zXP0RR8DSZmWaj9vW
pOrqEAmb6e404kryr9/CHbnN7WjoYfbUf3KXIGtfDdXV/Caiean2izSw9xM4b8xB
Lrg7bLKANzn9xjqnSKvOuV/luD0Q8xS9i78JAVFG6EGjBqwRw/WmKx3RWXNVQko4
0vPRDVgnnqXPfNQfkvXfpjngjIsUSMGTr46iTUoBOVTPWw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:46:09 2024 by rpki-client on console-fra.rpki-client.org